13241300x8000000000000000896453Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\KAVReport\AutoStartDWORD (0x00000000)ATTACKRANGE\Administrator 13241300x8000000000000000896452Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\KSetting\kxescDWORD (0x00000000)ATTACKRANGE\Administrator 13241300x8000000000000000896451Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\Windhunter\WindhunterSwitchDWORD (0x00000000)ATTACKRANGE\Administrator 13241300x8000000000000000896450Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\Windhunter\WindhunterLevelDWORD (0x00000004)ATTACKRANGE\Administrator 13241300x8000000000000000896448Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\KAVReport\AutoStartDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000896447Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\KSetting\kxescDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000896446Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\Windhunter\WindhunterSwitchDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000896445Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:30:10.193{35cd7c13-1480-66df-7405-000000009402}6492C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\Windhunter\WindhunterLevelDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000890054Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:10:17.236{35cd7c13-0fd7-66df-0905-000000009402}6000C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\KAVReport\AutoStartDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000890053Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:10:17.236{35cd7c13-0fd7-66df-0905-000000009402}6000C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\KSetting\kxescDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000890052Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:10:17.236{35cd7c13-0fd7-66df-0905-000000009402}6000C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\Windhunter\WindhunterSwitchDWORD (0x00000001)ATTACKRANGE\Administrator 13241300x8000000000000000890051Microsoft-Windows-Sysmon/Operationaltestlab-win-dc.attackrange.local-SetValue2024-09-09 15:10:17.236{35cd7c13-0fd7-66df-0905-000000009402}6000C:\Windows\regedit.exeHKLM\SOFTWARE\WOW6432Node\kingsoft\antivirus\Windhunter\WindhunterLevelDWORD (0x00000001)ATTACKRANGE\Administrator