354300x80000000000000004885Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:38.195{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53140-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004871Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:28.842{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53134-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004869Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:26.176{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53133-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004868Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:15.789{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53132-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004867Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:13.460{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53130-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004866Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:12.117{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53129-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004865Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:11.162{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53128-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004864Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:08.808{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53125-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004863Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:04.343{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53123-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004862Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:02.836{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53122-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004861Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:38:00.078{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53121-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004860Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:37:55.274{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53118-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004859Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:37:46.442{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53116-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004858Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:37:42.443{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53115-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004853Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:37:27.722{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53108-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004851Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:37:13.961{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53104-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004840Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:35:19.328{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53049-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004831Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:34:00.891{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-53010-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004830Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:33:50.936{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-52999-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004829Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:33:42.375{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-52996-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004828Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:33:40.762{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-52995-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004827Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:33:36.657{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-52994-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server 354300x80000000000000004816Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.localRDP2025-01-10 19:33:03.678{cc0ec799-66e1-6781-1300-000000000202}712C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse23.93.242.200-52977-false10.0.1.14ar-win-dc.attackrange.local3389ms-wbt-server