10341000x8000000000000000145514Microsoft-Windows-Sysmon/Operationalar-win-dc-2025-10-31 12:34:47.757{CA8A6768-AC6C-6904-0C08-00000000FB03}39324456C:\Temp\castlerat_SEMIFIX.exe{CA8A6768-ACDB-6904-1C08-00000000FB03}6004C:\Windows\System32\ComputerDefaults.exe0x12367bC:\Windows\SYSTEM32\ntdll.dll+a9824|C:\Windows\System32\KERNELBASE.dll+c4405|C:\Temp\castlerat_SEMIFIX.exe+1575|C:\Temp\castlerat_SEMIFIX.exe+1f4b|C:\Temp\castlerat_SEMIFIX.exe+217de|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51a11AR-WIN-DC\AdministratorAR-WIN-DC\Administrator 10341000x8000000000000000142533Microsoft-Windows-Sysmon/Operationalar-win-dc-2025-10-31 12:30:47.567{CA8A6768-AAC8-6904-D107-00000000FB03}71365404C:\Temp\castlerat_SEMIFIX.exe{CA8A6768-ABF7-6904-FA07-00000000FB03}6780C:\Windows\System32\ComputerDefaults.exe0x12367bC:\Windows\SYSTEM32\ntdll.dll+a9824|C:\Windows\System32\KERNELBASE.dll+c4405|C:\Temp\castlerat_SEMIFIX.exe+1575|C:\Temp\castlerat_SEMIFIX.exe+1f4b|C:\Temp\castlerat_SEMIFIX.exe+217de|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51a11AR-WIN-DC\AdministratorAR-WIN-DC\Administrator