22542200x800000000000000021334Microsoft-Windows-Sysmon/Operationalar-win-2.attackrange.local-2023-09-20 10:54:32.561{78EA5E2B-CE28-650A-1E02-000000000F03}42082.tcp.eu.ngrok.io0::ffff:3.127.138.57;C:\Users\ADMINI~1\AppData\Local\Temp\2\svchost.exeAR-WIN-2\Administrator 22542200x800000000000000021202Microsoft-Windows-Sysmon/Operationalar-win-2.attackrange.local-2023-09-20 10:53:29.330{78EA5E2B-CE28-650A-1E02-000000000F03}42082.tcp.eu.ngrok.io0::ffff:18.197.239.5;C:\Users\ADMINI~1\AppData\Local\Temp\2\svchost.exeAR-WIN-2\Administrator 22542200x800000000000000021078Microsoft-Windows-Sysmon/Operationalar-win-2.attackrange.local-2023-09-20 10:52:29.404{78EA5E2B-CE28-650A-1E02-000000000F03}42082.tcp.eu.ngrok.io0::ffff:18.156.13.209;C:\Users\ADMINI~1\AppData\Local\Temp\2\svchost.exeAR-WIN-2\Administrator 22542200x800000000000000020817Microsoft-Windows-Sysmon/Operationalar-win-2.attackrange.local-2023-09-20 10:50:22.945{78EA5E2B-CE28-650A-1E02-000000000F03}42082.tcp.eu.ngrok.io0::ffff:3.126.37.18;C:\Users\ADMINI~1\AppData\Local\Temp\2\svchost.exeAR-WIN-2\Administrator 22542200x800000000000000020685Microsoft-Windows-Sysmon/Operationalar-win-2.attackrange.local-2023-09-20 10:49:19.713{78EA5E2B-CE28-650A-1E02-000000000F03}42082.tcp.eu.ngrok.io0::ffff:18.157.68.73;C:\Users\ADMINI~1\AppData\Local\Temp\2\svchost.exeAR-WIN-2\Administrator