112204000x80000000000000003701Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.2009E6DB77E5-3DF2-4CF1-B95A-636979351E5B2023-11-26T23:43:08.709Z(unknown user)C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe1.401.1247.01.1.23100.2009ENT\ConsRC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe0x00000000 112204000x80000000000000003669Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.20099E6C4E1F-7D60-472F-BA1A-A39EF669E4B22023-11-26T18:29:19.657Zresearchvmhaa\researchC:\Users\research\Desktop\lsass_ASR_test.exeC:\Windows\System32\lsass.exe1.401.1219.01.1.23100.2009ENT\ConsR"C:\Users\research\Desktop\lsass_ASR_test.exe"0x00000000 112204000x80000000000000003419Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.20099E6C4E1F-7D60-472F-BA1A-A39EF669E4B22023-11-22T23:17:17.044Zresearchvmhaa\researchC:\Users\research\source\repos\asrtest\x64\Debug\asrtest.exeC:\Windows\System32\lsass.exe1.401.1023.01.1.23100.2009ENT\ConsR"C:\Users\research\source\repos\asrtest\x64\Debug\asrtest.exe"0x00000000 112204000x80000000000000003054Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.2009D1E49AAC-8F56-4280-B9BA-993A6D77406C2023-11-20T20:28:20.740Zresearchvmhaa\researchC:\Windows\System32\conhost.exeC:\Windows\cmd.exe1.401.912.01.1.23100.2009ENT\ConsR\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1"cmd" 0x00000001 112204000x80000000000000003053Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.2009D1E49AAC-8F56-4280-B9BA-993A6D77406C2023-11-20T20:28:20.710ZNT AUTHORITY\SYSTEMC:\Windows\cmd.exeC:\Windows\PSEXESVC.exe1.401.912.01.1.23100.2009ENT\ConsR"cmd" C:\Windows\PSEXESVC.exe0x00000000 112204000x80000000000000003052Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.2009D1E49AAC-8F56-4280-B9BA-993A6D77406C2023-11-20T20:24:37.571Zresearchvmhaa\researchC:\Windows\System32\conhost.exeC:\Windows\cmd.exe1.401.912.01.1.23100.2009ENT\ConsR\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1"cmd" 0x00000001 112204000x80000000000000003051Microsoft-Windows-Windows Defender/OperationalresearchvmhaaMicrosoft Defender Antivirus4.18.23100.2009D1E49AAC-8F56-4280-B9BA-993A6D77406C2023-11-20T20:24:37.533ZNT AUTHORITY\SYSTEMC:\Windows\cmd.exeC:\Windows\PSEXESVC.exe1.401.912.01.1.23100.2009ENT\ConsR"cmd" C:\Windows\PSEXESVC.exe0x00000000