154100x800000000000000011637828Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-14 06:57:43.818{ec2d210e-4067-61b8-7033-440825560000}18713/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/classes.jsa/root{ec2d210e-0000-0000-0000-000000000000}04294967295no level-{ec2d210e-4067-61b8-6822-dc2536560000}18711/bin/dash/bin/shroot 154100x800000000000000011637802Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-14 06:57:43.811{ec2d210e-4067-61b8-7003-e2f24d560000}18712/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/client/classes.jsa/root{ec2d210e-0000-0000-0000-000000000000}04294967295no level-{ec2d210e-4067-61b8-6822-dc2536560000}18711/bin/dash/bin/shroot 154100x800000000000000010270536Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-13 20:00:17.182{ec2d210e-a651-61b7-c089-33fc14560000}15952/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java-----/usr/lib/jvm/java-8-openjdk-amd64/bin/java -server -Xshare:dump/root{ec2d210e-0000-0000-0000-000002000000}099no level-{ec2d210e-a651-61b7-6852-917aa1550000}15887/bin/dash/bin/shroot 154100x800000000000000010270530Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-13 20:00:17.180{ec2d210e-a651-61b7-70a3-953013560000}15950/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/classes.jsa/root{ec2d210e-0000-0000-0000-000002000000}099no level-{ec2d210e-a651-61b7-6852-917aa1550000}15887/bin/dash/bin/shroot 154100x80000000000000004507799Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:25.335{ec2d210e-5b3d-61b5-c099-16a3ad550000}3571/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java-----/usr/lib/jvm/java-8-openjdk-amd64/bin/java -server -Xshare:dump/root{ec2d210e-0000-0000-0000-000000000000}049no level-{ec2d210e-5b3d-61b5-68b2-506e55550000}3506/bin/dash/bin/shroot 154100x80000000000000004507793Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:25.333{ec2d210e-5b3d-61b5-7083-b2598f550000}3569/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/classes.jsa/root{ec2d210e-0000-0000-0000-000000000000}049no level-{ec2d210e-5b3d-61b5-68b2-506e55550000}3506/bin/dash/bin/shroot 154100x80000000000000004506499Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:22.323{ec2d210e-5b3a-61b5-7023-c89f24560000}3468/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/classes.jsa/root{ec2d210e-0000-0000-0000-000000000000}049no level-{ec2d210e-5b3a-61b5-6802-c99a24560000}3466/bin/dash/bin/shroot 154100x80000000000000004506497Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:22.322{ec2d210e-5b3a-61b5-7083-75df3f560000}3467/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/client/classes.jsa/root{ec2d210e-0000-0000-0000-000000000000}049no level-{ec2d210e-5b3a-61b5-6802-c99a24560000}3466/bin/dash/bin/shroot 154100x80000000000000004502557Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.599{ec2d210e-5b31-61b5-c099-5a44c2550000}2045/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java-----/usr/lib/jvm/java-8-openjdk-amd64/bin/java -server -Xshare:dump/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502551Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.597{ec2d210e-5b31-61b5-70d3-20daec550000}2043/bin/rm-----rm -f /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/classes.jsa/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502546Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.592{ec2d210e-5b31-61b5-c833-b44a1c560000}2041/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/jexec jexec /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/jexec 1081 --slave /usr/share/binfmts/jar jexec-binfmt /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/jar.binfmt/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502543Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.587{ec2d210e-5b31-61b5-c893-b12b55560000}2040/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/tnameserv tnameserv /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/tnameserv 1081 --slave /usr/share/man/man1/tnameserv.1.gz tnameserv.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/tnameserv.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502540Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.582{ec2d210e-5b31-61b5-c813-964cd8550000}2039/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/servertool servertool /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/servertool 1081 --slave /usr/share/man/man1/servertool.1.gz servertool.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/servertool.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502537Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.577{ec2d210e-5b31-61b5-c8a3-dff8c0550000}2038/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/orbd orbd /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/orbd 1081 --slave /usr/share/man/man1/orbd.1.gz orbd.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/orbd.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502534Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.572{ec2d210e-5b31-61b5-c873-5137a9550000}2037/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/unpack200 unpack200 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/unpack200 1081 --slave /usr/share/man/man1/unpack200.1.gz unpack200.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/unpack200.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502531Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.567{ec2d210e-5b31-61b5-c8a3-e831cc550000}2036/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/rmiregistry rmiregistry /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmiregistry 1081 --slave /usr/share/man/man1/rmiregistry.1.gz rmiregistry.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/rmiregistry.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502528Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.563{ec2d210e-5b31-61b5-c863-991e11560000}2035/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/pack200 pack200 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/pack200 1081 --slave /usr/share/man/man1/pack200.1.gz pack200.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/pack200.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502525Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.558{ec2d210e-5b31-61b5-c893-dc8cd7550000}2034/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/jjs jjs /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/jjs 1081 --slave /usr/share/man/man1/jjs.1.gz jjs.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/jjs.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502522Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.553{ec2d210e-5b31-61b5-c8b3-2b4b58550000}2033/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/keytool keytool /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/keytool 1081 --slave /usr/share/man/man1/keytool.1.gz keytool.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/keytool.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502519Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.548{ec2d210e-5b31-61b5-c853-dd2a08560000}2032/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/java java /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java 1081 --slave /usr/share/man/man1/java.1.gz java.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/java.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004502516Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:15:13.544{ec2d210e-5b31-61b5-c893-81bc7f550000}2031/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/rmid rmid /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmid 1081 --slave /usr/share/man/man1/rmid.1.gz rmid.1.gz /usr/lib/jvm/java-8-openjdk-amd64/jre/man/man1/rmid.1.gz/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-5b31-61b5-68b2-3429d4550000}2028/bin/dash/bin/shroot 154100x80000000000000004421930Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-12 02:02:20.600{ec2d210e-582c-61b5-c833-e87e2c560000}490/usr/bin/update-alternatives-----update-alternatives --remove policytool /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/policytool/root{ec2d210e-0000-0000-0000-000001000000}049no level-{ec2d210e-582c-61b5-68d2-9cc0ea550000}489/bin/dash/bin/shroot 154100x8000000000000000382771Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 20:33:11.262{ec2d210e-b987-61b3-68d2-e6906d550000}21180/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-b337-61b3-e803-000003000000}10009no level-{ec2d210e-b987-61b3-6812-1a9c25560000}21169/bin/dash/bin/shubuntu 154100x8000000000000000332197Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 20:18:31.250{ec2d210e-b617-61b3-6842-ac6dc6550000}20903/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/log4jubuntu{ec2d210e-b337-61b3-e803-000003000000}10009no level-{ec2d210e-b617-61b3-6882-4b7307560000}20892/bin/dash/bin/shubuntu 154100x8000000000000000268327Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 20:02:10.927{ec2d210e-b242-61b3-6842-676a27560000}20216/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-b242-61b3-6822-e5baf3550000}20205/bin/dash/bin/shubuntu 154100x8000000000000000250449Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:58:01.213{ec2d210e-b149-61b3-68a2-59da4c560000}19913/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-poc/targetubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-b149-61b3-6822-cae05b550000}19902/bin/dash/bin/shubuntu 154100x8000000000000000243770Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:56:01.070{ec2d210e-b0d1-61b3-6852-6a331f560000}19864/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-b0d1-61b3-6832-85f21b560000}19853/bin/dash/bin/shubuntu 154100x8000000000000000239926Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:55:25.549{ec2d210e-b0ad-61b3-6822-7cb7f0550000}19734/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-b0ad-61b3-6862-f3f888550000}19723/bin/dash/bin/shubuntu 154100x8000000000000000236885Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:54:58.123{ec2d210e-b092-61b3-68c2-745e63550000}19648/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-b092-61b3-6832-8db4a9550000}19637/bin/dash/bin/shubuntu 154100x8000000000000000192035Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:45:36.031{ec2d210e-ae60-61b3-6822-4400c0550000}19096/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-ae60-61b3-6842-f622a5550000}19085/bin/dash/bin/shubuntu 154100x8000000000000000190171Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:45:02.596{ec2d210e-ae3e-61b3-6832-3f8df7550000}18997/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-ae3e-61b3-6882-0b0f2b560000}18986/bin/dash/bin/shubuntu 154100x8000000000000000176400Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:42:18.896{ec2d210e-ad9a-61b3-6812-965edd550000}18805/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/apache-log4j-pocubuntu{ec2d210e-abc1-61b3-e803-000002000000}10008no level-{ec2d210e-ad9a-61b3-6802-9ef970550000}18794/bin/dash/bin/shubuntu 154100x800000000000000071542Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:21:25.454{ec2d210e-a8b5-61b3-6802-cd387f550000}11463/bin/dash-----/bin/sh -c ls -1laR /home/ubuntu/marshalsec/target/classes/home/ubuntu/marshalsecubuntu{ec2d210e-a7db-61b3-e803-000000000000}10005no level-{ec2d210e-a89f-61b3-b879-cb067b550000}11289/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java/usr/bin/java -classpath /usr/share/maven/boot/plexus-classworlds-2.x.jar -Dclassworlds.conf=/usr/share/maven/bin/m2.conf -Dmaven.home=/usr/share/maven -Dlibrary.jansi.path=/usr/share/maven/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/ubuntu/marshalsec org.codehaus.plexus.classworlds.launcher.Launcher clean package -DskipTestsubuntu 154100x800000000000000071230Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:21:19.025{ec2d210e-a8af-61b3-68f2-7e7f7e550000}11452/bin/dash-----/bin/sh -c ls -1laR /home/ubuntu/marshalsec/target/classes/home/ubuntu/marshalsecubuntu{ec2d210e-a7db-61b3-e803-000000000000}10005no level-{ec2d210e-a89f-61b3-b879-cb067b550000}11289/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java/usr/bin/java -classpath /usr/share/maven/boot/plexus-classworlds-2.x.jar -Dclassworlds.conf=/usr/share/maven/bin/m2.conf -Dmaven.home=/usr/share/maven -Dlibrary.jansi.path=/usr/share/maven/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/ubuntu/marshalsec org.codehaus.plexus.classworlds.launcher.Launcher clean package -DskipTestsubuntu 154100x800000000000000064056Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:21:03.263{ec2d210e-a89f-61b3-68f2-f10440560000}11300/bin/dash-----/bin/sh /usr/bin/which java/home/ubuntu/marshalsecubuntu{ec2d210e-a7db-61b3-e803-000000000000}10005no level-{ec2d210e-a89f-61b3-6842-fc8236560000}11289/bin/dash/bin/shubuntu 154100x800000000000000047000Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.302{ec2d210e-a833-61b3-e081-7a8c76550000}7000/bin/chmod-----chmod 644 /etc/.java/.systemPrefs/.systemRootModFile/root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash/bin/shroot 154100x800000000000000046965Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.299{ec2d210e-a833-61b3-e0e1-efc72f560000}6998/bin/chmod-----chmod 644 /etc/.java/.systemPrefs/.system.lock/root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash/bin/shroot 154100x800000000000000046964Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.300{ec2d210e-a833-61b3-10c0-5fcf87550000}6999/bin/touch-----touch /etc/.java/.systemPrefs/.systemRootModFile/root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash/bin/shroot 154100x800000000000000046924Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.296{ec2d210e-a833-61b3-1080-a09140560000}6997/bin/touch-----touch /etc/.java/.systemPrefs/.system.lock/root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash/bin/shroot 154100x800000000000000046908Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.294{ec2d210e-a833-61b3-782f-4a9d60550000}6996/bin/mkdir-----mkdir -m 755 /etc/.java/.systemPrefs/root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash/bin/shroot 154100x800000000000000046882Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.292{ec2d210e-a833-61b3-782f-11dd18560000}6995/bin/mkdir-----mkdir -m 755 /etc/.java/root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash/bin/shroot 154100x800000000000000046872Linux-Sysmon/Operationalsysmonlinux-jhernandez-62420-4087-2021-12-10 19:19:15.291{ec2d210e-a833-61b3-6892-49ba53560000}6994/bin/dash-----/bin/sh /var/lib/dpkg/info/java-common.postinst configure /root{ec2d210e-0000-0000-0000-000001000000}05no level-{ec2d210e-a832-61b3-7081-91d347560000}6989/usr/bin/dpkg/usr/bin/dpkgroot