534500x8000000000000000588800Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:23.467{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeNT AUTHORITY\SYSTEM 11241100x8000000000000000588799Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:23.452{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log2024-03-04 21:03:23.452NT AUTHORITY\SYSTEM 11241100x8000000000000000588798Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:23.452{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive2024-03-04 21:03:23.452NT AUTHORITY\SYSTEM 11241100x8000000000000000588795Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:22.655{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache2024-03-04 21:03:22.655NT AUTHORITY\SYSTEM 26542600x8000000000000000588783Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-9FF3EC34E84FD35BDE98CACAA518B4B841899F76.binSHA1=F380C5BD99DC001980E90532BB0D80F9E220F4F7,MD5=72C05088B7BA2B90C58F5C556AF8BB98,SHA256=4FD3AAAD9E295024245162BDB89211A1AC8C5BD3C8F70938295CE3118DAF7A9B,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588780Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\Scans\History\CacheManager\7A012CB2-69ED-4AFD-BEF6-F12032FAA46ESHA1=CC926CE4A60BFA59CF30F927EC65705A6441069D,MD5=7D716E4ED5D485E02685699801E99716,SHA256=3BA573EB3D969D26BDC687B38D354DABFCB7E32AB88EF6F1EA31ECB5B2A54A6F,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588779Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\febc135bd0c67bdf9a7a87e867f6d63346503e44SHA1=7694D67A33A4C4FEBB20604C88BA05DD1A9E463F,MD5=3B53DBCEC32CBD86072934B0226DEA85,SHA256=7250A4213EFA81D963DD562B26CC332ED98E46D6F3EAAD191F7BC509D89DEE59,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588778Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\eff936be315a6e194c752c9044e82e574ceecbacSHA1=F64A3756AC0FCF58A73EA20189F3F227F1FDDD1A,MD5=4B7AB81A2DB3DC2CB6D1CB889790CE6C,SHA256=F9A9AC3A93D640705F37A6C3A2947F0EB98C28DCE0A1044EB95F49EE0E475A2E,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588777Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\ef551193dee312abb5cd5317fb8230b1d982a04dSHA1=CFE754617D6B94E43D6DE4F926DD75FDD6B85708,MD5=AEDB972AEF4EC511C4A072C95BD70AE9,SHA256=57723816871DBC6329F76924AB1454370FADA3D983F92DDCF68550E94764C3C6,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588776Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\d18ccadf45110101cfa97939ea8e97a55b4a0e64SHA1=C8DFF9A3DBA4934F0CA032BB92A296EB70755036,MD5=8A7C21192DBAB6ED489F3B086271AC61,SHA256=3CDABF0DDF924EA13DFDE3791FE2764F1A52CF480D7E77FE3EC90F0D9C9D0D46,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588775Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\d17feb872a5a18419675028601a5aa933bea014fSHA1=CF73CE299AE396B1BC52F65887FED2FBF5B5648F,MD5=D75DCCF8DD6C79492E72B8CC3EEF6146,SHA256=C5BC0C59381583056CAE028966824BBCEF6B99F86D207E3734B54F4E71BBC3EA,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588774Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\8a7534df03d5067985d35de9c4b2227a7302856bSHA1=582199BE7763ECAA4C26BA274F60E99B4C3C6A17,MD5=8BB6C8ECF17E05BDAAF5F0D6342DAA9A,SHA256=28AF98A00CA09F14A5C2CA52326075B146C2A974E1987067D1EF24F6FAE2F49A,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588773Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\6e8513041450fa9b77c7604d869d3892f52a03a6SHA1=92DB4B1B14A8DCDD97362E66F04077BECE5F974C,MD5=8BFCB55B360C713B065ED1A39BDA61CE,SHA256=8287ECE2BC6A77AA1E90E35B7DA21A17168BF4B57CE937C9DB9B2CA24C869DCB,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588772Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\44ceca41cda054e6dec8cc7f09611a22f898918bSHA1=B98D5062A721D076B8282531581D1FCA7A79E395,MD5=800CF3DF520D6D817CFFD3A998D07257,SHA256=FD7738319469DA593F78E09C7312228272A370AA692D775315352FE7ACE7ACA3,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588771Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\12e2760d850cb12f45afda2857caafe7ee37b996SHA1=D3D789492A98CC8EA0E93A9BCAAEAD8315BA9485,MD5=4217204B14B0682B497BD85FC67D9BE7,SHA256=3EC031904F29A25DC949B55A840E3E92C775C45BAA596B690C67F3F4C992E9FA,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588770Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\126a636f8c72523561091586d9971541efa5a0a2SHA1=6399168D9576D26A4A2BD6C90D654A426CDDDE37,MD5=BC08E9BA44F33C7D3889CAA6610DB45A,SHA256=DFE161F778C4B3276DCD7FA348ABDE4EBF2FE1362E29F4C65C8A7E37CE30941B,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588769Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\1144f4b87197457956b4eb7febceb04bfb730c8dSHA1=40BCDC14FC2CC7129FC8532AE1D9EE7679766350,MD5=9BE29A6D968ECE757A009CF939C84664,SHA256=AAB76DD1D43590EC42C38886601A708BCAA124FC56EEF59101B99D8C15CD4BEA,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588768Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.248{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\01b176dd59b666d6b38284947c3d38b57b66ecb8SHA1=95B744977BACD45578548456183162B2C3E3CA00,MD5=F6FD9A22C174E427A9CFDC003D133DA7,SHA256=C97532CFE7699E542402DE8612D929F14493FE705D2E3A32A913D4D3AAD120FF,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588767Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.061{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.LogSHA1=E514C16E0B0216A29A173E2379BAE30BDC14FABF,MD5=45D1CC05ABE862EFB6E5CB283B340009,SHA256=038C77D7BEC02EE8E847C43A41142396EB02B2E392020AE21EB65B253B4D1C19,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588766Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:20.061{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.LogSHA1=D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB,MD5=F3B25701FE362EC84616A93A45CE9998,SHA256=B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588765Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\BDB74174-B924-42FD-94BC-61A032E8F6AASHA1=8D505847A7663C24625602001D577F99F1BDB0B1,MD5=51C222B258D5496256180ACC9961E9DC,SHA256=1B3A8792915AA60B94F770F96555C807FF000BCD615B689753B26832C787540A,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588764Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{F0BDB0AE-3589-46D0-85EE-E91C863991A2}SHA1=D44B461069DF5295D4788BBB90E18EC761CBEE33,MD5=476654A5F5857D9E9E42637DC638B14D,SHA256=5ADAACBF6D533FC19943DE50666E6B2EF550486EB3B63CCCC9B629CF48306B0B,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588763Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E8744FDF-1A7A-4440-8EA4-3C7C75BB1F4B}SHA1=3B497E7DEE80B3C5E9E327167FE6C790A938A8B0,MD5=EA119A262E2928923D64AACDB5EECD4F,SHA256=BA75B2F862CFE8AA6212E2851D95862AA4D5F2EE90A9A4566035CF0966346EC1,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588762Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E71431D8-B44F-47CA-9F0D-BD4408A80FC5}SHA1=3F598DF85711480A2A6F271BB4E40086A382FE8E,MD5=2E63077C6E693B24FB32D418B81F3080,SHA256=05C2B0937E9503F9C0DE106216C8B2231A94DDB0C27FA94B4ADD9AED19C94725,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588761Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{81E47BA1-BB19-4F17-B143-0BD61A8B850A}SHA1=4C5BDB9D5A6EA4E0CEC4FDF5400B2319BDC32440,MD5=26E81842C5AC323E6AACE227CA510A05,SHA256=82BF8CBAACA819D60F5D1C6E855C5030F3C4FDC18E1C8B0011F565EDFA4345B5,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588760Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{3AEB9754-7669-4C4C-B7CE-F9A9B3D11916}SHA1=54D3F044FE6A73C9B630A12B4B94FF1CBD9A03D1,MD5=B36315D944D08F1F50E7707AEF02CDE7,SHA256=14508F448AB77F414694F55478C479078C86BE5C84B253D57C302338A41B326F,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588759Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{32D1F1DC-2B8F-4DE5-81D8-5D4786D7A3EC}SHA1=5AF65D58D31C6FAB01D328D40714433DC09D1875,MD5=A76D3E8C083253352BDE754FFE8D0DAD,SHA256=9C3CC482BF07121F3D97164C040125C4987356D5E1CBDF3EC9355019C0A0D2F0,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588758Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{2DEB5E11-E06C-46C8-BD21-CD33199B61D9}SHA1=4C4C1B6F4F7C724644D0EE27E4589C316005D1D9,MD5=55F503C8ABAD94B0E3FFABF89C159644,SHA256=5A8ADC4D144DF24F02EB3103D624B89ADFC874A61A78E7CAE46FC8AB68FEA1CC,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588757Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Quick\{CFB7021A-FDBB-4AD4-AFA4-387E81D80E70}SHA1=D8EC090731AE0D21D55FE4541B2439AC1038C702,MD5=8ED76550A6C97410F15E97B6936FCE5C,SHA256=4C53EC76426A69B92D1428412F20FDD78AF1C4F75D536141238283FE7D10C48C,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588754Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.499{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ThirdPartyNotices.txtSHA1=F969931AC45991F7ECB6767A69433A7082ECCA2F,MD5=CE7313760386B6ABDE405F9B9E6EA51D,SHA256=73E26404B3571A9E859B3A1144F54C353172479586E0A23C3A7DDA0C1C0AE919,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588753Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.499{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ProtectionManagement_Uninstall.mofSHA1=5CB3AD07CF6DFF3DB5BAAD55488A769A664BC093,MD5=C4E26C53F76774E091FEE17FFFF64414,SHA256=5172863C41E84024799B2034D42F10E9720FC53171A4F6C1CA2FDB2C6F71DFE9,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588752Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.499{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ProtectionManagement.mofSHA1=24FFC508EC2AE269985CD6CD63D873060EF4B1D2,MD5=B9562ADAD44B395A0633E3B9F26894C5,SHA256=093148D14841F5034CE66574FFB43061931384773F7A07A18083DA243360A1F8,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588751Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.499{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ProtectionManagement.dllSHA1=DD6369DB7560D87CDD3C7A7D9DAC5687CBCC9A43,MD5=1A8FF1B68DAD2B5DD2164CC4373DFAFB,SHA256=4CFCAC95D2D3EFBECAA29DE693F40C201787704F3F86DBBFFA7C5DF39D9DEB4C,IMPHASH=A76BFF4687C0E1559E35DA4E213B4B92true 26542600x8000000000000000588750Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exeSHA1=7FAFC37E865A0F1AE95206EF540740C7F7A2A0A8,MD5=8DF231B23C96FFDC35865DEEF00D117A,SHA256=AF92673F0C25E1C5D8E2919B84BB52B67E1AAEE360F4E9950701924D82B40FAD,IMPHASH=B2CF270DD30617D242703BF264932A90true 26542600x8000000000000000588749Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpLics.dllSHA1=BAD80598539A74E7BC3A923D117C433A77341558,MD5=797731C4384CA780824835423A3C1BD0,SHA256=9B7CAA9615679EA04AF4594F1F4D5F09400960913E93C04A5E6913026082A175,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588746Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpUxAgent.dllSHA1=FE60264B92355A3B2221F3643DFDD2C3C0DF6996,MD5=EDA32503F33B4E04AC9E708F04978651,SHA256=6DBF4C0A8DA855506F5F76AF9FB686D2D44A12D5FB6BA36280C9FE298F678E5A,IMPHASH=8E71AAB314BFC70EEC0B1A22533EFA2Dtrue 26542600x8000000000000000588745Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpUpdate.dllSHA1=DC943AD11FF15C575524D8D6D66C3F8F02286002,MD5=7FBEF4A542BC4E99B16B014EDCA064ED,SHA256=DA653E4EB9A197948D3B6FB0645224644D24D92BB7148D652219AA94459E1E13,IMPHASH=643C3273BD359D079EF68C411527FEF7true 26542600x8000000000000000588744Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpSenseComm.dllSHA1=00532F2B1E2336BC14CEE08AB31CACB6FBFEF156,MD5=6B54675026726DF1F03D8846F0FEE1B8,SHA256=F9F7945AC007F648F5707FA12D4032686B33A661BB44F39F6FACB43915070B1B,IMPHASH=862E746102BE3A8FC5C27A5CE86507A6true 26542600x8000000000000000588743Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:19.014{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mpextms.exeSHA1=94F807589FA09C4E728E2613F2472ABBBC604BB0,MD5=FB11046B43A435A582B0C222EDD7F184,SHA256=DD20EA449CC4214762D38CA1F8B9551E22A743C62DBD65F13F8FAA027C393808,IMPHASH=BCC38FEB02785A4856185CBCECBA4B70true 26542600x8000000000000000588742Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.999{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpEvMsg.dllSHA1=6DBAA44587BACC80F22D5E8EDCB742D7A25CC740,MD5=AFBC4EA22548070B7BD5B76E66774DC6,SHA256=0C6DDAE52AFBBE853D542721E80CC2A8EB356AEFF2CB83CEF1C586FD44A55BA3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588741Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.999{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDlpCmd.exeSHA1=58B90ABDF08F3A09E6932FCFC865AD6690B26EDD,MD5=970D1E3480F3F0D1D221BE8DB158DE3F,SHA256=82013630CEBC57802D27454F64955E4B6EA0F948E1060A5BA92C7ED573A12B51,IMPHASH=9273F91C797CD5C40E5E956EEC1FD849true 26542600x8000000000000000588740Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDlp.dllSHA1=B4670EC1C1658189E6E39E557BC9C961DEC0FDBD,MD5=F7B03F0109440DFE89A9759C5F0C9C54,SHA256=7A8BA6AF2A3209176D1D798E8D318E8E3A169D882905E3D2C761545A575AC93B,IMPHASH=ED3F289CB36976A283987C9F1CF4A280true 26542600x8000000000000000588739Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.968{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDetoursCopyAccelerator.dllSHA1=62656FDB5F409C233443C88240A74FFC8C245C43,MD5=9B6579177CEB20840F8CCA83CD1EBE5E,SHA256=4772F5F19B389DD7AA34E931CE0C9F8CE1C4A44BB46A8818EE331F42659FFFF0,IMPHASH=8134FB421E1A724B4B4991256B828B42true 26542600x8000000000000000588738Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.968{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDetours.dllSHA1=BD2A8EEECFDCFD5A7B39F96DD82A24DCF8D009B1,MD5=5CC0EA5E1F90DADD42AFEE3882F0C0C6,SHA256=40D09791B5D5C03E41427F5B0C0FBC0F0F33D8D1EF59F817F1ABA1EFDEBCB6C1,IMPHASH=E7CD5D60382F6730AC72D09484F903EBtrue 26542600x8000000000000000588737Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.968{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDefenderCoreService.exeSHA1=FFE8D7826A15DB95D2B76DF920DDC93E0799A9A0,MD5=85EE97970435BC93D49FE1D9C8EC232D,SHA256=B8EB22BA21C3B22BF1B0EDA198BBCDD0C44116C9E6655956648B3DC872D500B6,IMPHASH=641D8ACA0D62E5A11BD76BE6968F175Ctrue 26542600x8000000000000000588736Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.936{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCopyAccelerator.exeSHA1=60047F2EC7FB8D1173764179D70DDDBA5B91E638,MD5=73A5D3846252A3E197FDC5CB34D1D600,SHA256=D66CBC9C6729477B091ED3997C1E4B80EE27F23D28663374872DF44D8994AB0B,IMPHASH=94316E3271598CFCB7F9A6A96CFED214true 26542600x8000000000000000588735Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.843{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exeSHA1=A18E6C5EDA86FC3564DF37BDC8D6BF4EF23CCE19,MD5=0E02F8BFC21339B03A2A252FCB9F6CBD,SHA256=ED614BB9149FCE681D5348DE2B50C92D07FD23A7891F518E876B3E1570FB79DE,IMPHASH=B286F695393D113C848879DFB1B444BEtrue 26542600x8000000000000000588732Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpAzSubmit.dllSHA1=261219CF1DF2A3E4D3E873D8512B7F13394C370F,MD5=A83B5A5C18E29A8E4D373F4703E7AB5D,SHA256=B7F0FE6FF23983405B20FEA013A40634AD1E765C8503C2BF1DAAB206454E5A43,IMPHASH=EB7C065A5795F9B75CF01CE1DAC3CC99true 26542600x8000000000000000588731Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpAsDesc.dllSHA1=C7B7C096956D3471EFA4F3A01943D1441A1FE1EF,MD5=28BE66E5631179D3C4F5B2289D88B807,SHA256=AE6F0F0DFCCAF5D519FAFD404C79A6C8DA56A2F4BE398869E070CD18E3D48408,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588730Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Windows-Windows Defender.manSHA1=6A9ADFD47BAD44DF42E3BDDA37D563FDCCC4DD29,MD5=018276802DB93EB0D750D0E83E50D771,SHA256=F6267FCAD9C25F4288914CA920BA0DC06277ED71BA688803B56E458823CC74AA,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588729Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-Service.manSHA1=F11FA3289AD921E1029BEF34E88870910D5D8C32,MD5=529043A62ED87EB797B2BB5FE1A90C3F,SHA256=3982E3620282A820412C825C0F3C9451CF697F11A83AEE527C48E10B06E95B17,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588728Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-RTP.manSHA1=3E5CF0627D76A682D40B8775D880BD20B90B5E69,MD5=0254A51E922D467661D5D39C886AC9BC,SHA256=FAD08683B176DFC27FF428A6F05D10982FCF20AFC59DAAB21539296FF50F5002,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588727Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-Protection.manSHA1=B7DC3C04C67D7903E04B0EBF2AB7840AAA717EE0,MD5=E4AD891E7B62475FCA109C0DF4DEF16E,SHA256=DF9AD93CDB61587A35FCDCE996955A64413439A474D85C86133A9E9C185D1966,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588726Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-NIS.manSHA1=6E5AD734AB6A9F8B82B19024E21007AC2CAD2540,MD5=5562965C32F03AE0DF8B9DEF950F8651,SHA256=EA64BE59286B67AE930729FA92B2B08DCE5C2EAEB70FEABE2320C47FB6DDAC6C,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588725Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-AMFilter.manSHA1=8E006DAC462C9AD9D2C0FA1C8BA95E6D1D94382F,MD5=FA41CDEB03243C5F0341301FDB95206A,SHA256=B783898BD2C680A58F4E41D899ADF7C3438B06E426FDACCBEAA68E7A720171D0,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588724Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\endpointdlp.dllSHA1=3796543B71F2385FAE5BD83454C86F2700DC2862,MD5=D557F528F04EB59761301F3D4CA887EC,SHA256=50EF3EE1AE5B13FB394853F2299D806F52B7797D01FCDDFFB6886C42231B568B,IMPHASH=A451518025186A5E48F0CF5E423958E4true 26542600x8000000000000000588723Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\DlpUserAgent.exeSHA1=3BD09D907B44F76DC6CFC1AE4C32F3373ED6EDC8,MD5=11AF0F7CB2F91CF0048715DE641D682E,SHA256=728CBA2A026FB5C72C57A98741D5B89324114BC453A6E9DC60686802957AEE66,IMPHASH=9AA23113C0B0161962B65F943657BE8Dtrue 26542600x8000000000000000588720Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\DefenderCSP.dllSHA1=1602D6A4A887420D935A63653B90F4FA64C7461A,MD5=A604D64D6F13DE83932A4F31110991B1,SHA256=491DAB39985663BD79FEC4D2A27A07F85A3487E0237D766199FCAB8872787757,IMPHASH=E26CF5840AD105DAD7F9F7DF926D6A80true 26542600x8000000000000000588719Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ConfigSecurityPolicy.exeSHA1=C71F42108AD935E8377BEB673FBDD435FCDFEC99,MD5=6EDFAAF773C6BD7D2696820694B699F3,SHA256=331695EDE87EC218E9A3337886E0E90CD4AFBFB0B37C71C5A1E1B54F9C09C4C5,IMPHASH=0167833356936E8B9601140CFFFDBE1Dtrue 26542600x8000000000000000588718Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\com.microsoft.defender.be.firefox.jsonSHA1=241F5E9FCE639E713E50FE748B5865F6EC2880C0,MD5=7797BB3399C837EDB0F7564D6E3C6217,SHA256=E2A0B5B4F64653C86B71231EB3FF5ABED56B4180C90234DE2C008456E270F8E3,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588717Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\com.microsoft.defender.be.chrome.jsonSHA1=CD82C099B0ADB4496E7D30951F249EB7CEBE7570,MD5=36CA2812EE9B49E0785121434B7DD136,SHA256=8602FABA22D8E06CCB146707B4A10F6256799FFE854D37781156A5A6D6120369,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588716Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\ProtectionManagement.dll.muiSHA1=780D00B1EDAB22A717C839558685C622C6187EA6,MD5=1DBB902159F2F0BF41D52718142D54AE,SHA256=B5C94D9741719B1CD6AB3870365868E040CAA68DAB73815ED2D4A7ECF2B37E32,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588715Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\mpuxagent.dll.muiSHA1=B215F5640129CB9B4A7FA8B3043D6E8E4C590E7A,MD5=56700A4F968F624C30EB4FD7685F6FF0,SHA256=FFA7539E1F322CFE6B9E3ED56836AC1EB0DCB1FA5BA03607E957D19BC02719A0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588714Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\MpEvMsg.dll.muiSHA1=8F97F6A5A5C7A1D1A8343BA56CC0AF7120651F4D,MD5=A731485DF9448D29210DAAC8849C50C6,SHA256=133E4C0C082A5F09F1A0DC1385579B74CC2148B769D32CAFD939BEDC75A1008E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588713Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\MpAsDesc.dll.muiSHA1=3F6F76D8A3E4908E8C88A39CA628DF59A7094F9A,MD5=429AE320D108534680A6874C7D2292FC,SHA256=207F5F6503A9B4E6FD47E3521ADC4BEB452BC6F4423F9A2EFE878F2C8F948B6D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588712Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\ProtectionManagement.dll.muiSHA1=F9EBF5A583B33C4584090CDE010176F482A3E5DF,MD5=FE22A81A1002E686B64F2CEA96F8EF1F,SHA256=4151AA5EE416AE5E869F6B291766F25C046FBA11B0B0B615F381A0A3E38B826A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588711Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\mpuxagent.dll.muiSHA1=A4F1977808255B138C53F9E7BAA058E7D6DAB800,MD5=32E3D3AA2E69725155BD8323A9A9812F,SHA256=9CD036E1C71EBAB86457D9B0D5806CC12DA45C2B19D8702FB462585F8A803589,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588710Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\MpEvMsg.dll.muiSHA1=6AC1EFB856CBB796D6760E950AEB6D22F9B62DC3,MD5=FB8694092BA2AF6E9DF02CB8E564921A,SHA256=7587AF31BC243AF524B2FE1E4B0F7998ECBB469E1E764B064B232AA7C4E51677,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588709Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\MpAsDesc.dll.muiSHA1=7FEEC5EB7152E21AEF952CE377E4ABF78F369E24,MD5=D85B2A4FF1E818F1AB818CB4FAEB49AA,SHA256=0F402DE5E6129E70A002EEDC0995BDF50078F3B0D1D5FAA13C4C0CCC146841B1,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588708Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MsMpLics.dllSHA1=B882F530A82EBC71AB8EE0A5C38F7ACFBFDE54F1,MD5=4CB0EDAE9091E9380F5C7A019481AE9E,SHA256=4FDAD3A2825944276BE8E53F72CE06EE5660F6AF715A96521994AF0AA09495DE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588707Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpOAV.dllSHA1=42A0CF9471109AE443A649C1319323B12233AE5C,MD5=EF6940CC39A8B06E07BC951B2C3F96E7,SHA256=2224186127E776143E7D6E1FF9FB8E883997D63F3AEE5C271D02D339A71A7C4C,IMPHASH=025AB2C27D98D8168DECD24548EBF963true 26542600x8000000000000000588706Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpDetoursCopyAccelerator.dllSHA1=0672E8C7F0C9BEC4207229B9A09F20BD9AF45899,MD5=4E929A4B1CE0ABE8F9EC62096476EBFC,SHA256=60B65819D96BEC09DAC08272645F68A8DE768FB76FA81F79CCDC85A65288C13F,IMPHASH=A72716399E8D068CB87E32A578AB12B7true 26542600x8000000000000000588705Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpDetours.dllSHA1=965188CF2810580165D0AC353C6BFCA4AD6F1763,MD5=6671F6CE19F3D5A7B84712B2CBAED469,SHA256=F2C80DF3420B47CBF9FE1EA96641D1454C7BB4DBD05BDC04D386E6EB9C9DDE91,IMPHASH=77F41CAB0B63DA8187C849A85C1DB60Atrue 26542600x8000000000000000588704Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpCmdRun.exeSHA1=FBBFD6DE5B9F42A3AD06D3E908FAA5E8953B423E,MD5=CDE1A8B380255FDD24FF10BD0EBF1697,SHA256=A6E45BA93AADA1FAE908A5E6D734813A7ED8B8957016D168CE9DB7D034B0D7A6,IMPHASH=C402F48F2AEA69E391D6D0D1282A2D19true 26542600x8000000000000000588703Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.499{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpClient.dllSHA1=AA44B5447788DED6608183E39F4EB82A9F8F9B66,MD5=0D0165835A2355CECA967078099F1CEC,SHA256=0CB2D04D87DE115BA8E81782450A1F7CA43A93000348B36FC34A7FE44CEBB086,IMPHASH=3575AF749B8C94EFF471A3C15299C5D9true 26542600x8000000000000000588702Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.499{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpAsDesc.dllSHA1=56D7FCC85E6B0951850BA90FA4DC81DFE748B85B,MD5=49431C3231FE57EA77C316D12A5397C9,SHA256=EE5CF05BFE5D696BB38ACD79BB83FFDF24482CB5F763B72448E11901CB127EB0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588701Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\endpointdlp.dllSHA1=A828152C4233BBDE6E07A5108DB3007BC20631AC,MD5=4A975EC059F4ABFF073CD9F3D9ECF16E,SHA256=E3005C1CE041176E45AAD712DE11F5AB2973F8508E2A26A4C6816EF4C30EEDB4,IMPHASH=5EEBBABEBEF35F272F2A87CA59FE84A1true 26542600x8000000000000000588700Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\en-US\MpAsDesc.dll.muiSHA1=ABEC90FDD622081EFB6D44BAAE38A01C46C52184,MD5=28D1D51F60FD3B8F37BB838C2D95C6EB,SHA256=065CC41AE11572A42239321952A674ED4FDE057A0A841679D5518143B7BF65F9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588699Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\vi-VN\mpuxagent.dll.muiSHA1=B4B8088A142215ABF50251451B454120D3CB8CD9,MD5=67469060476A5FC27A6AD5F8391B3BE2,SHA256=763376A10E7BF10F515F3C899CFF611C9CF00E15F7B8E18881292931BAB3A492,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588698Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\vi-VN\MpAsDesc.dll.muiSHA1=06BF4B41F616F795B013013622AE3B4F1533F13D,MD5=96C5F6B619C33AD55DD4ADE337F9C660,SHA256=58F0525FE78431C337528A33E7CF20E242EECB1A83FC094168B016F4867BAEFB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588697Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ur-PK\mpuxagent.dll.muiSHA1=9E18DDEF047D666E0AB806F6B02B097CEFC3CB5C,MD5=3B84DEA23D3D76F236F7B590995F0266,SHA256=3BDDFEC1193803F35A96C9E83D4D0E00C8BA64544C0DEFDFF68A03073AE2FAEA,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588696Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\uk-UA\mpuxagent.dll.muiSHA1=3D347C2ECE117B15F94E536A5D462F1A5403A1FC,MD5=0AC07BD0748642A4527662BD508CE58F,SHA256=4E353FE02AF2364C31F5CDE3145F5C540E487C22B7A0DD67E6D3C6B19978F35D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588695Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\uk-UA\MpAsDesc.dll.muiSHA1=FB92A1EB8A349C0B975A4903BFAB360D2F5E3611,MD5=312963B1882C2AB335A018BDAD40F4FE,SHA256=0DBD8D2DF8708D7536C55852B7EE4B8635EB94E745A3E199A97581172CF09590,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588694Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ug-CN\mpuxagent.dll.muiSHA1=62BDFE63BC47F481225C4D24CD008227EBE83E11,MD5=4DA481789E7B4E26943465FE63EA5985,SHA256=CA7DD4A1E54832CF2368FE94BCE39A40A50D82A399A1D7FAB815E2DDEEBA7A05,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588693Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tt-RU\mpuxagent.dll.muiSHA1=FF4B059A985E906A25BD1BA28BE9530C14E017B1,MD5=1FB538519DFC6ABEC689659B5CC51B9A,SHA256=1A06747D14D1CE82C2D6AF7B825719C8F7862C139471AD071965FABAD1D108DB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588692Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tr-TR\mpuxagent.dll.muiSHA1=5E2AFD54C33E441D6A535CF458EB53109AE0A988,MD5=8A7D8B28665CCF5858A486679B1EE21E,SHA256=F8C96A56F501A914A653BE2AE4E834F1B809185971DBF3904ABCB5454D8E554C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588691Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tr-TR\MpEvMsg.dll.muiSHA1=E3FDF85B282FC761A149B77A60875850C17423A7,MD5=87DFB296E668DEC9D9202FE37C1FADCD,SHA256=37D21D284FB664753033008503142145D35F0C35FB043CF0DA57F95C5769C83F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588690Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tr-TR\MpAsDesc.dll.muiSHA1=88925F1A33857FA627200E656DE1359D4B735FA8,MD5=AF9A04AD4AC26F6A65791A543C5E312F,SHA256=5717C9C0AAD2E80B9F7971E6DD1D94C7124B81D95B2F7919403F96434B89463C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588689Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\th-TH\mpuxagent.dll.muiSHA1=40F1CC2656BBD8A890747C1EB16B951405E3AF10,MD5=A52F869FAB693269CB16E61EDF1AEDD4,SHA256=759A26D464F4F57D486976FCC8F81FFCF13F92CEC77F52CE0D981942E3D1B919,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588688Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\th-TH\MpAsDesc.dll.muiSHA1=3FB6C2B489247797BB900EA881376A50DD22405C,MD5=9506C98E77C4ACE5F9D9B90E6F90D593,SHA256=CBB72F18956D6EF1FAD78805C504731B45B8C179A5F22F8C974B061FE9769A80,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588687Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\te-IN\mpuxagent.dll.muiSHA1=89451007C06FCCFA1ABA781DE6951CB7DF26552B,MD5=EB021CFF9345BCBB90CC7AE9EB2F791C,SHA256=8977ADEFCEAB46772C94FDA92E18A94EDFEBFA729F449C99C59D7CDE6CEB5762,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588686Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ta-IN\mpuxagent.dll.muiSHA1=54A7AAD2BB03AA57D22B36B14A702629AFB2B799,MD5=C6E6B7DE84AEA45BF679379D42DA8173,SHA256=F9FD28DA4A315BEBDABA2FC56F47721431F94C1FC426FC5E5A898633B1C653A2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588685Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sv-SE\mpuxagent.dll.muiSHA1=C3229079F8722BEA76DF523423D8BF65FFABA844,MD5=93B6B4DB1A6B7A198F593B5A9C2B0F31,SHA256=309B721AD343E81F5BD8EF44E8245D958E611E4EF101180BDA15D9B08E46668F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588684Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sv-SE\MpEvMsg.dll.muiSHA1=097257DCB9A1734580C3BBCC09852B5AF82EDD46,MD5=9E8F892E8EE49E3A20FA94F9269AED9D,SHA256=CE4830E4F61A90C47D8E6B0748E83CB609BF029C95D4070AF52CCF9266ADBA9B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588683Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sv-SE\MpAsDesc.dll.muiSHA1=38558EBAEDB4353541600E1EA81338A3A8BA5AF4,MD5=F605919E25E96F4050B3C53F8220A3DF,SHA256=5B17CE0AC6B1A62EC54E9BEB8DED21F22E79398591D3934C601E9C06DB38F419,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588682Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Latn-RS\mpuxagent.dll.muiSHA1=EFC72478502319AF685581C678E5CE116A828E8E,MD5=F03AA610FB7FEE669658DBE470180A02,SHA256=7BD4EBA3D5E453CF8ED8C308FACFBD3119888D34ABD988CB824A923DCF33D8B5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588681Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Latn-RS\MpAsDesc.dll.muiSHA1=8CF83B3FA5D568113D665D2D5D7FB00A2505931C,MD5=34CD4C0ED273C444608C0730DF6292D2,SHA256=E23F0FDF0A84079CF39D7232E55AA5D4F822E946EC80920E014D5ACF3AFA118D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588680Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Cyrl-RS\mpuxagent.dll.muiSHA1=D15CABB0DD9E44C9F5A0138B86615633D35B80B7,MD5=52D37C70221556835AE2045084512CB7,SHA256=8267D140FD42037CDED81C15A5F4D97FF9E22BEBD31F78BB981B69CCF6B275E5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588679Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Cyrl-BA\mpuxagent.dll.muiSHA1=CDBCB959D59FBEB1A5F00315F40EFAEC2B597414,MD5=B1700357013E44BB77E3DB9C5529C790,SHA256=37E643A87C64894DC4EB762DB79A0C0969477F08E626E833C87491DE683E4700,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588678Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sq-AL\mpuxagent.dll.muiSHA1=0EA4DCEFEE940B875EB49B59D4E148E1C5C3D6B3,MD5=E6B1782EE0ED8496990670A0D8D792E6,SHA256=2548A04CB932B5887193AD4322A609CCDF1EC04F3F97BEE8E0D96D9931606B63,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588677Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sl-SI\mpuxagent.dll.muiSHA1=47867D27096CC4A2BEF83BED20489720BB8350F7,MD5=AD157EDABA90D5A6A59B8F5BA149EB5E,SHA256=2C1B7C0572602CD9B9E0EED6B1C8EF3D02FEE266806271B5F62BAC2010A52128,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588676Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sl-SI\MpAsDesc.dll.muiSHA1=A5B19B6220935C593195559208A3233BC98602BE,MD5=F87D5F96550A109DA887C18BC604483E,SHA256=F369C64D9CC6C79341E90060EBE623E27E13EC1B9080D3D7544906A9C7FB3644,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588675Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sk-SK\mpuxagent.dll.muiSHA1=F323F44B605899CC57F0B22D5BC55ED5A26DA2E7,MD5=F90FF04B35BC8C25BEFBC6E65050894F,SHA256=444D4C49FD74F9E11A3F915DFE9E93F44790658D5C11F0F12DDC159CFCD0F898,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588674Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sk-SK\MpAsDesc.dll.muiSHA1=B7C4FCE8D5FE69242F112EC7A9D5BC5973E80044,MD5=615742CE9D7E88A675DDB46634A64F57,SHA256=A1F4822D96341B0387E52FC107ED8D777F79263321A512F957081E5B260CBD3A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588673Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\ProtectionManagement.dll.muiSHA1=B561F26BDD62E9BAF696FD6D8C588CBD6CA28BC9,MD5=7C74703A1EBD8D9D32789D1BE1D37F7C,SHA256=3FFDB1BBA1A26A6314744A7F9CA2CC034D9190012C72FAA656CB4AFB60CD10D3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588672Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\mpuxagent.dll.muiSHA1=16836883FD87D13D1792E30DB3940E0A457B1EB8,MD5=B1C9BF06FAE80FD32015910F30C96FAE,SHA256=0CB266308AA2895E666A95008C7E4F64417F3CE000FF486A15FF3A160246CA2A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588671Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\MpEvMsg.dll.muiSHA1=A3D4213C1314059878F352B4C2160819A8EE3CF3,MD5=243B89694AF2FA635338A9390F988092,SHA256=88391DB3AD4E0672D07ACD40808117BCF47F26256046715E8D055928CDD9DBE8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588670Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\MpAsDesc.dll.muiSHA1=7722EDC17BF52669A835A90E34911392550399E0,MD5=51EBD3727EFBA5442DF7528E4EBABD72,SHA256=C2860097980CBC68B5D82AF5D9B9C3D926DDBACC457B283F6369970FCD52AE73,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588669Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ro-RO\mpuxagent.dll.muiSHA1=0C2287EB524E4DC5DA0907B73C8E3F35F16B8291,MD5=DDC79E743EA55AEBA0A5A714FDB13C90,SHA256=A906FEAA4295D34EBFCFCB784B9D0C3501D47451BA9ECD4211B4FBED14EFABAF,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588668Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ro-RO\MpAsDesc.dll.muiSHA1=90AD5606824F223FFA8A896248BE2B8FB80A746E,MD5=453B308ACD204E467286B60891F54213,SHA256=6AC8838A82FBD2841CF5482EF03C60BA879B3C03BF82D445CE9FF9DCF101EF23,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588667Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\quz-PE\mpuxagent.dll.muiSHA1=FF6847DE7EE7056D261A22F2035CB6A897D10021,MD5=26E710CF70B48F9CC930AB12AC96949F,SHA256=461C32870AC3191E4CB2F8E662685DDE60350B743C9C2E0FF9B74514EAB344B0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588666Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-PT\mpuxagent.dll.muiSHA1=51BDD668F8C7999529278D9904EC05E19A433348,MD5=4905BEC34A7531D4F766408A0976AE52,SHA256=2FC574175766F7100D56FADE591BB96D00120233AC43A186AF8C98929DCC5428,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588665Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-PT\MpEvMsg.dll.muiSHA1=C09854C3540E3EC5652F33E677986D957998633E,MD5=DA24A24142D75DCD16D08E633B219FA1,SHA256=8A4092F87D1B650DB47E433829691AA502F00D7F7585E383B0DB60EB9B2585F4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588664Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.373{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-PT\MpAsDesc.dll.muiSHA1=62ED712C299710B3D0EA807B75FC6BBFBA95FCD4,MD5=79FE005B9B0599255E0B7E2B34202900,SHA256=B2F190FAE43356656A7B1D8F9CD560F64173D9732ECD5D940F47035E0D6E0074,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588663Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.373{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\ProtectionManagement.dll.muiSHA1=F59AE0AFBC28E45E39C75E2A424E1033FA79CE25,MD5=D25E27CF17CF273F5315B05DC1547B84,SHA256=BE0AAD35F18EC0EA010AAAB6B0BB777A735FEC8D34942A7A771A140960DA7603,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588662Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.373{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\mpuxagent.dll.muiSHA1=94D2225DA455157ED46F34C6869B71AF83032634,MD5=1E76B595330297BE2E8EA1932726046F,SHA256=05086A8DA062316F814744A29BB6FBAFE8935D5ED028AA7B69C7469B0A9C0117,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588661Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.373{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\MpEvMsg.dll.muiSHA1=BF12E9DCD1A0A422D97646C67A21C4C82EEE29BA,MD5=A70DFFA26E5BC2EBB123146EADBA6177,SHA256=511398C1631A1CCD3DCB96553273F1EB26DA558C0FDAB12466FB52196627A0D6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588660Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.373{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\MpAsDesc.dll.muiSHA1=5B38209F691FCAE323BA1055F437EEB35B7D6357,MD5=E8736DCC61E4138A5BF9D4BF73E1B641,SHA256=2922CBF91D20865677537B733DFE07D4E4E64F86FFCD0E499B2A980FF53137FC,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588659Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.373{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpWDOScan.cdxmlSHA1=EC624D5ED202A0DC2464CC14A96DD9792B8A6D15,MD5=713CAE1384E4C0C3E979595D44419478,SHA256=57D0EA6F7DD365DD206C2FC965A3C2395B5F40B51AAAA645F7953A527D0CCA0B,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588658Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpThreatDetection.cdxmlSHA1=612C2E7AA2F6B6ED46B5DF9F78072C4DA2D94FF7,MD5=BCBC9279D587A6F972F13A4A7D7FB74E,SHA256=552638DFE7722F884A35CCE96D9F4943754E727225B80DD1FFCE29D364C6B246,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588657Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpThreatCatalog.cdxmlSHA1=CC0D31DB8A186EE2E23A0C4F841BE512019060B2,MD5=DA7528544E7DCDA0825C88CA79608796,SHA256=DE25D55B8B6C7CFBF6115AD41F31E23F6A881DEA4284261B6A9540DE8E258950,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588656Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpThreat.cdxmlSHA1=722744EE1E2BB557153679446ACC75AC68B92448,MD5=B44BAE6D6869CD16A2C93455AECB0DA4,SHA256=810A3B3F0EF9650A4409D493161435CF7B2637FD5DCE44FA97F92CD9AC3BC0F7,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588655Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpSignature.cdxmlSHA1=7E21BFEC06AADD900B899AF66151EA098A437F32,MD5=DB592644B4B970A3E38A9F8F824381CA,SHA256=FABE403C3B41D03DF4E3061261935FB0362CD5E1252E0EF72012DE4A2FF02EF4,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588654Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpScan.cdxmlSHA1=E01FEBBA599F246613CFCB8C42B20A95AE900F33,MD5=38B0046D83866E20A6F7F43C3AA4BBDB,SHA256=8DD0DAF6242DB2FB514662071A9A206A7FFF69648C3DD518D76702CD6836E0F1,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588653Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpRollback.cdxmlSHA1=9655F6AF120CE8F2FDFF549B79162F1BEE2B19DE,MD5=DF27F4EAF6B1C30D7DF4904D37870012,SHA256=409E1B94B5E69E6F3335B3C46F53BDFEFDB59E74027EE349E16234DB5C6EB1FE,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588652Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPreference.cdxmlSHA1=F30DA4948605B22AE16464F51CBCE8278BF34AB8,MD5=5C4D45B8958AE16D81E51373530EAC90,SHA256=0823E66C1EAA8D8A0A740C53DF2AD8E6F78CEFB41967758C35C3D4570F2EBDBD,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588651Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.358{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPerformanceReport.Format.ps1xmlSHA1=5AC038BDE8B6E3C52759EA88D2AF6F55EFE33CB3,MD5=07BE5F50CC3AA5054F23EB4AC264967C,SHA256=E8C5E5953B34149D753DBACEF65875BDC15459D3345E8932F2F08D7058B4BE08,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588650Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPerformanceRecording.wprpSHA1=1CDBE901753CCE8D933DF8D50507CE16A25AA428,MD5=990729AD92C1325C42B04BC975ECBD57,SHA256=E796454FEE4CF17EFDC25DB5FEEF00A5D7C1B335E6C4B4FE996E8AD7CAB01BC8,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588649Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPerformanceRecording.psm1SHA1=E121C82F1D97349A12DE3A13AC96B84C13D48A13,MD5=C7B102D4F8EFC2C60E9E2BC1B83C8DCF,SHA256=554AF8A6F8B95DD838D21A74CFB7FC2A58F2004B5E427D01C2410E391CF0BF0E,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588648Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpComputerStatus.cdxmlSHA1=8794A19E21734C5D5CB71C5FF62203A1D6CBCA19,MD5=DFE920B8C6E6B6AD4B7E83F8E2A2BD42,SHA256=BB2A895F549B5EB2F4344411B2B4B4DB0546D12BC26459F6CBDA22A43716228E,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588647Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\DefenderPerformance.psd1SHA1=B043EAC2EF1BFC950C30B832D403EF297426E236,MD5=92764A49395B7D6D7BD162BDF92F18D6,SHA256=3D63DE5BA71908EDF648DF5F8CD3EACA3086E40F9DBC7D22225222E33B7FF692,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588646Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\Defender.psd1SHA1=57A3465BF4E815E9B73C885DFCC0FEEB452F8020,MD5=960EE2DF82D362120BD66E0D8743F3E4,SHA256=42BCD8FC27C7F32BE6F238B978FB02035F906A9C68E84A7C0AB221BA2D6C533D,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588645Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pl-PL\mpuxagent.dll.muiSHA1=06F3CC79290992BBA4A8478828721EFEF57D06D7,MD5=44E718C6BF3C5D3FCB97B8093EB3DEFE,SHA256=2567D032E0F8811DE28C881BAB16C91A4685C5CAC41B8B3EC3C85E0039FAF17B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588644Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pl-PL\MpEvMsg.dll.muiSHA1=0C882425A0E7A5F2B3D9A8294A897BCD21A23081,MD5=98B03B227C23200D1119A7E3026435D9,SHA256=C5CD8FC745084D1CD11B5FEDCD459567649D25D14315BB67AA153E4EF0B1CFFC,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588643Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pl-PL\MpAsDesc.dll.muiSHA1=F0BC857D183A2C4E4E3C05B25B31CFFD07405DFA,MD5=E099683641E1F16AEEF758CDF9886DD9,SHA256=054BC29F129E9DABDFDA29CD854F50BA96678ED85B79052CF04312553F20F519,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588642Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pa-IN\mpuxagent.dll.muiSHA1=037FAAF229E53C53880F4C1BEB97A22AF71B3C9A,MD5=DE487DAE68DE1A032B0AC54D5D6055A9,SHA256=100DD06DC4620CBD6EF272B9563B338FF4CB8BF61B666CA9336999581DE58FD3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588641Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\or-IN\mpuxagent.dll.muiSHA1=267329641EEE003997453781349A6A941E722910,MD5=2163B17887A8A06EBB4B1D01C1D1F0EF,SHA256=6D509162469F0435666D26315356E5347AE4AC16EAB3CC2113A753757DBBCA12,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588640Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nn-NO\mpuxagent.dll.muiSHA1=C836165AEFF54804E49E79B7085A92FAAF4ECF73,MD5=ECC86F1B1329EA5AD58E2A7D083DB75E,SHA256=30DCD0B59FE79AB344FC7D3EA860E0F4A70569C0A0254188AD12EA4B9A770163,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588639Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nl-NL\mpuxagent.dll.muiSHA1=1949E685A1A20698E39F88CC937EEE450FB553DB,MD5=C34A9B42AD8AE4FD6EF9E950DE36B211,SHA256=6929203232EEE1135C8F3701E066B67A98B0A1C32D78C4EB764DD375FCBE0D82,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588638Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nl-NL\MpEvMsg.dll.muiSHA1=5451EA94E3B86CCCFF0653F219187AEFEF33C19C,MD5=1FEC1BFEAE6EBF5FC0723758896FDF6B,SHA256=5A16EEF5216C7B7853B3062D2236C5D211C11ECB79FC47078876EB774864C7A9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588637Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nl-NL\MpAsDesc.dll.muiSHA1=04EBA85741CACE58756A64E79055113F5F614817,MD5=7FC1171DEBD850493D35D2C413EAF656,SHA256=CCA727AE792B92F104208B451B88E0FA60BCCAA02DC81538C836BF21AD0F43DB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588636Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ne-NP\mpuxagent.dll.muiSHA1=44BF9F99CC8A6D10248092B1359872C4C18BA809,MD5=3FAE774A4BD86574878EFF3CFAA5137E,SHA256=F4C6E1FC0490735D66DE7FE1A69C36E5DA13BDBCB789F80DE3B3301FC1FB6EDE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588635Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nb-NO\mpuxagent.dll.muiSHA1=3AD093F8AC010E572AEE1E8874E8F68674DE90FA,MD5=ED91A95FA09F60E795FE32E5A2CFE138,SHA256=E97EA58EEA576A3BD7B393115F3B2A0BEA34D28D8DD5FBF4D1D31FD9CC596225,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588634Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nb-NO\MpEvMsg.dll.muiSHA1=C376554FC38DB432CCEAF7513ABD3B902F1C4E38,MD5=3DA6254C836A7475F0FD358C7BE5D7DC,SHA256=19394831053DE4272BD21F7DC356C6C1E7838EB37A4479D95B41B0D086F90E10,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588633Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nb-NO\MpAsDesc.dll.muiSHA1=3F68816382C71023E227858171A64CF0C436E2A7,MD5=111FC21AA2A317372AE4BDA8C59BCBB9,SHA256=D8DBA9F237790E53188211636B5347BDEAD21E35F3DBD4AB6371DD4AEE94C18C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588632Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mt-MT\mpuxagent.dll.muiSHA1=97D5F2F4459E413A2B1306639ADF4083F548DA34,MD5=5AA511D054F4BFD2FF3F17112BE46CA1,SHA256=430E232355027966F50C02CE54EE885F4B225F0DC5ADFDA7C97562A5391F7907,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588631Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ms-MY\mpuxagent.dll.muiSHA1=39D9E11810A6D26F1413467B8C206DA15BD134FF,MD5=035587D0567CF0F75C948757CF573520,SHA256=9769DCD0E04BBD2D0FF9D14A11FF95EEEADBD6257250936B6F6117BEA4428356,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588630Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mr-IN\mpuxagent.dll.muiSHA1=578E8BBB649BD895898B369004224A412BFFCB20,MD5=9FA164EA0821876AFEB988B27B9291F9,SHA256=CE837E2F2411F4741C6F1159C4B9044292F73AC7A522C65716782DBE6C27E2C0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588629Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ml-IN\mpuxagent.dll.muiSHA1=89605E573560CD4533ABB2D50C7A906059366EFC,MD5=9EB92F32917C53E8B27808C905DA6493,SHA256=C75E326F3CD88C2F07FE8AE05DB536E87DF885CBD48DC9E1636B2B96822B67CB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588628Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mk-MK\mpuxagent.dll.muiSHA1=053A72CFF3A7B47F3AFBB5EA45996A0639322959,MD5=BE567302649B04027AD42A652D40210E,SHA256=B73DAA9A3AB59A93AEC587D5FE1C00C008DBDBC7370A4B993437A0CE74C75BA4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588627Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mi-NZ\mpuxagent.dll.muiSHA1=A1FAAFA05A76283F2477BA5F54CC7CE2818C5859,MD5=1AAA4289274480D6B135C21FC99490B6,SHA256=CB82AD430B2183BCC9007E1314B1014256F23910F60CDA063406683BD403DA39,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588626Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lv-LV\mpuxagent.dll.muiSHA1=3F1986E30D80D2C90EB5A8FBB45E863357396FD7,MD5=C059CC3977C5E41898C30037832DA4F0,SHA256=FF1D2BA95E64A975BBF21C2CF7FA36F718C37253D280FF196489D6EF9989C8A4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588625Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lv-LV\MpAsDesc.dll.muiSHA1=F703309F4D34C88577630F5464F3E3C6F17FC303,MD5=067051E224678577D577506375838644,SHA256=759498FE7EA95E3C792B329B4D5A3DA36CEA9C9C5D7549714CBD595E1B9058BD,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588624Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lt-LT\mpuxagent.dll.muiSHA1=1392721033B59F501034E0A6178915904E36F47E,MD5=61019351DEE688F792E3EB797DAF7ABC,SHA256=32FEC3709D40FFB492D88087FC6A3D2546EA7283FE7AE79D3B6EB835EF8DB576,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588623Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lt-LT\MpAsDesc.dll.muiSHA1=DD1729DDC9E3B9D80FB43BD31FA247733F242454,MD5=DE478BDBD21AFFFE4534186A56649A50,SHA256=FDB358DD2A0F0E88347598D64E84A8AB1C6EF7270D85ED3398F874648E413A77,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588622Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lo-LA\mpuxagent.dll.muiSHA1=5F852609201124A9DFDFF1CB1AE25D1ADAB6A965,MD5=150A28261ADA7DECB5802DD54B64F024,SHA256=CD8238C7D66B7AE5B5E5180AD13D778DA612A336B420205F81B8B8A4F05AD769,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588621Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lb-LU\mpuxagent.dll.muiSHA1=B9AF22AC3AFF08A275261C2CEC44021876B58FED,MD5=C179730333E5867678735536B865E5C9,SHA256=B8EE65679E7ABF410184AD6F6DD2AA9B5E84D7D1F2CA9BC9320AC8A15B9FC7EE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588620Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\kok-IN\mpuxagent.dll.muiSHA1=D10A31D6AC4FF554C45679B11D6A0BF1EE56CB7C,MD5=3762CFCC7C43336E0A267B8CC2FB5A10,SHA256=EE908C1E55F82F324CF687BD840A91FDE2308C99EF3AB2B7EA3D89820705B893,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588619Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\ProtectionManagement.dll.muiSHA1=84E9AD18C18ACD1B8B48D0F747180EEDE318221B,MD5=99738147A360017F2A76BD1C5BA5DE24,SHA256=C974676A733EC091C6F19851218892FE0A257C0F9F2B97DC5D60D2B0A4863BF6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588618Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\mpuxagent.dll.muiSHA1=D620F843EBABA8A909143B87A9E9144E91AE757B,MD5=802F0FC32D3E54BCFFD168E1DE3C6027,SHA256=C8864B181B266BB01E14945B12AB88BAF601F630F29BC308078B891D79A19E98,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588617Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\MpEvMsg.dll.muiSHA1=8245A9773FA2E9F2B9DF52DA07F08277721B96A6,MD5=4F778A57DCB22BFC4EB9377F5E268DC1,SHA256=4F2FD7D5ADF6C4EF1A757B16FCBD2D9BDB80248FA7F9A6845F2572587029B040,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588616Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\MpAsDesc.dll.muiSHA1=8DA87B93149FA50DF8DE117B8C66D81DF24B92B5,MD5=54872A9910E17F4B1D80EB94BCA69994,SHA256=546EDF2268B466B3B03958D92095629F6BF9CF0263135B608D32B2D9408F67FC,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588615Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\kn-IN\mpuxagent.dll.muiSHA1=137C57494D031AB5243E4E71E9774ADACEBAF487,MD5=25F123D45760803E216106371040A316,SHA256=AB5D86D9007F77D442A494F629EAF985E6DDFC87A7EEDEB9B3EDFEB17D5AA2EC,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588614Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\km-KH\mpuxagent.dll.muiSHA1=5AF0EDDBFA7E28DAABE19E6426CEC40E35CFB1CA,MD5=EEFA8D643D9EBFCCED73A0E213B78A97,SHA256=B13C6C38FF1FB8965AD4290F545EAA636819693BE5B74BE57067B7B5A37F379F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588613Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\kk-KZ\mpuxagent.dll.muiSHA1=354ECB15CB7126D399DF721F5938F13C28E12C13,MD5=79B6B76320B58587C641478D843AB825,SHA256=90BECDD2752EC88981160DCD745F2DA08DDC84336C8273525694821B22620AD0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588612Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ka-GE\mpuxagent.dll.muiSHA1=94D42BEC0508D2710C453A4C4EFC6428FFC825F7,MD5=116F3CEE170BD03ED7C8532D25A4F8A2,SHA256=54AFDAAFAB9C6324ACACCC0260E914B07C32C5FD58A89A12426D1E16F8710765,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588611Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\ProtectionManagement.dll.muiSHA1=3098657A03BAC4A094F9030BE687FF408222FEDC,MD5=DA4542797452600D08AB5EA528BB46A3,SHA256=3E1DDCE7DE5C6A66C7BD9273DB480A3D637B13D0571DDEE0647EBE4687F2E6B5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588610Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\mpuxagent.dll.muiSHA1=3B29312FBA3E47E2B647917D50D16D7BCE0FA7B7,MD5=ECF717049BF49DDDF631514BC46867EF,SHA256=74A74A8A0B1F50A0AB1DA6BA64F94F248448204117D34F3397FE48B6D4B15934,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588609Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\MpEvMsg.dll.muiSHA1=5F01627FC09D1CE9771A996209584E2B3AAFB7E9,MD5=EBBF46AEACCEF5981E0995D7FC03CC8A,SHA256=264C617D7F90284A3E1A362411567BC89C0ACFBC1CC58A6D284AFD21EDC855A2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588608Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\MpAsDesc.dll.muiSHA1=77138EFC6E4070F15B48E3851B0CD584B00FD8C0,MD5=8A07E52485B5126F36669D931EB1FB93,SHA256=7DE52413BD1DF1010B655C26DB8BF51B87B10CAB14D1D687DCD8ED38E913DAB9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588605Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\ProtectionManagement.dll.muiSHA1=16C4084AC7BF87746568F0CC62C94C48C00AAD71,MD5=203E8324BE33312FD40E17BB3A68B900,SHA256=D537A53C99DC293CAD01341D3C8EBF57EB53DEE3051D467D85DBA59A099E2F2A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588604Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.233{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\mpuxagent.dll.muiSHA1=CE09057AEEF18AA0DD75E4BFB4EFDD117C7AC089,MD5=4C0C8D953902F86ACB1B2FA5F1E4B495,SHA256=ACAF4A36AB07438D98CCC480EB8664226A35BC922E2FBD30DA6D73BF6E257B2F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588603Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.233{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\MpEvMsg.dll.muiSHA1=3D7C88700533D4739FE1BAAB1A1E6FBA3DED626E,MD5=C0565424B51564314D258D4BE76A9D04,SHA256=EE2C9815268CD7A6C4398943A033D268D60EDBA8658830CFF0F90DB1A65BAB80,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588602Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.233{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\MpAsDesc.dll.muiSHA1=B5106BFE3C17E614B087863CB8949C4288C679CC,MD5=E09378702158E60F833DE897F23C2AC2,SHA256=F42C66B861B90FAEA604A411098C6A0DF4BD7DD50C03032EA0F1B0DBFBDD128A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588601Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.233{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\is-IS\mpuxagent.dll.muiSHA1=A53756F8A4F645F409CAC64AB717C53EAA805F41,MD5=C0E523E62EC810220D7B11D50FF337B4,SHA256=B8CCAC40878FC64D343038C93F73C808CD38C23ADB45C784B818DA8A4A5EB9B5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588600Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.233{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\id-ID\mpuxagent.dll.muiSHA1=E701E42EA4FF94F8092EA7D328E9CAB7CE1AA8A9,MD5=6533125E52E3E84E10D2D27322150F0C,SHA256=6E817114C6741E27833B6236E681BC1F9D3E2F109E39997D0285065861EDA153,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588599Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.233{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\id-ID\MpAsDesc.dll.muiSHA1=054CB9C37D25BDF325F3541A1838CC401EAF9E4D,MD5=F9D3ED415CF773A090530E789BE3C1C7,SHA256=D27859733DD07D1FC1858A788AC50E257C3FF8428C970FB541EA6E093DA5CB9F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588598Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hu-HU\mpuxagent.dll.muiSHA1=7823BC687A767920E33848A470237D00474B9CA5,MD5=D1492D28FE8BBC6D564A67BDF9A52A77,SHA256=59A1BB8AB33C84C4978E9C362E72F1EB7E5425BABDA8A0C6C0CDE32C8F875A17,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588597Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hu-HU\MpEvMsg.dll.muiSHA1=C6E2229BE89F521161AE7ED345F9AB1E7F1D9429,MD5=7982D1EE8FE609A20D04F9BFBB42AB2D,SHA256=8FD7F73B7FB82C79E91B48730B6426FBDF6021941EC7FB840D165442DD8809A5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588596Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hu-HU\MpAsDesc.dll.muiSHA1=62BB6B12B92BC8135A8FD4A186126C2BC959000B,MD5=B207BC37729FC5027FE7B69A0E0BE798,SHA256=7243DD52C3D9C211985162342C4D8EC2B2DC1659D8CDC665419991BAC1E10151,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588595Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hr-HR\mpuxagent.dll.muiSHA1=3D72E7100E02343B8A74B5B9108DF60325122DE9,MD5=A5E087763B32C42CAA960FBCE96D7656,SHA256=EAFEBCD1E39C060AE0765CEF3C15DF857E51FC33DF3A8C338B10D860CF0D134C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588594Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hr-HR\MpAsDesc.dll.muiSHA1=6354C6088207E74EB43C90963099C29EBB2C8652,MD5=E1754EB0E9EA3CC65F09DE46B3C42682,SHA256=6B68AA54D0EF1EA56078925E928097268EB3049F8284F2F973EF9D794ABC5899,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588593Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hi-IN\mpuxagent.dll.muiSHA1=47B34FF1A11A86A6CAAEBA4B100358AD50A311EA,MD5=F18E07E1C12A5DD55F5E3FFAC3D4B59A,SHA256=0CB921059089617AC56299E233508DAF0F3EFB5B58099559ADE252BB76938866,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588592Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\he-IL\mpuxagent.dll.muiSHA1=2C9B042B3D9A5FDA582D32B794041F55078F5402,MD5=0610442D7736BD4B84B06AC7DFC4E168,SHA256=FA1330DFEED540CB2CE2AAE08AB3202FEC3318392B64DF767F8612D35B214A94,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588591Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\he-IL\MpAsDesc.dll.muiSHA1=426661E3C16370A2DD1EEC8375875EF8AB896077,MD5=6858F4CFD50B33A4946F53B9CD6ED9C2,SHA256=EFE64AC6C612F0BBCCE54D2A5A3FF22F3293B10D8130F6A38049DC60D71692CE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588590Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\gu-IN\mpuxagent.dll.muiSHA1=3AF305BE87F9E58CB2D6FCA2E95FCB0CE8661E9E,MD5=0E659A3B584F6378B2BBEC402486092D,SHA256=7F68399BDC5E5375580073F45269B3620A6C424098C5C16A2B8B1E0C44E24F5C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588589Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\gl-ES\mpuxagent.dll.muiSHA1=00A759419D6E17B59C297B12E00A470FA95ADF24,MD5=30994CEBCB5098919123EC67EFA237F9,SHA256=2A0C479D4507F6A8DF6179D933D6A0341511D4F938E955FDA2AE002973EC336A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588588Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\gd-GB\mpuxagent.dll.muiSHA1=3D310B0E49611DB62BD2D5789E0B2E5755600648,MD5=18991E9EDF6B0CD4148DFADF0A68172F,SHA256=6C42395E63C677EC8BFE93C7EB1EEE0A1D2A51BC733B4676440E5B23AC1008C5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588587Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ga-IE\mpuxagent.dll.muiSHA1=9A50E257AC0BE37EDB2674FCBD4310BC02AF412A,MD5=60A2A7AE0837834F41D41A1C52515E6C,SHA256=C27AA2FE3D696E4423DFE41CF1544A7619C5B3EDCA105BAE34A299FBFA2EB8ED,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588586Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\ProtectionManagement.dll.muiSHA1=0F1B42B71E131F0B657BEC1DDC71C81D9892E554,MD5=784F4BF195568A9E70973B30C819E323,SHA256=8452E9F54D4163A5B93A23924BCFAAAA373F509CE0E5349E9EF8ECFE380CE7C4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588585Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\mpuxagent.dll.muiSHA1=4596269BB52AC423E5FC5C8D92DCC493DE1F7A8D,MD5=9914B819FFB5012CFB1C17AAD219C1F5,SHA256=AB49FF583B55B78A394BB4D84F6B41A938B04663BF680EBEA00A54CA29B9B4C4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588584Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\MpEvMsg.dll.muiSHA1=499B5C093CDB78F0363ABD059105F961E0A591A0,MD5=C56F08A9C984483BD349D5E2E516CFA4,SHA256=DE3883F561E11C5BEC40DC3833C01AE57C14846C55D49906AA50A88AC955472C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588583Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\MpAsDesc.dll.muiSHA1=AB82690A1F596694AB09CB6A4E5418D1B0A059D5,MD5=91E884CA4E43BF58CA3FA26CB31D4728,SHA256=8FE9B179CB9731D75BB862D1D39E658A94132F8FD52BB00AA4A3BD9A60644E78,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588582Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-CA\mpuxagent.dll.muiSHA1=70E04F73A03C46302288F73FE131212EBC79620E,MD5=A13668F2E594ABEF40EC23CCC2CBB6B5,SHA256=61F26D9E1B557797B75D1BE6A16162086F19242E88DCF287DF02ED67D8847BB2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588581Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-CA\MpAsDesc.dll.muiSHA1=97D46929F9C2AFCC6BBF270EFDF0A14D2BF80AA2,MD5=790CED754ED840D4E4C335F4FC3B6EB4,SHA256=BAD70706AD051FBC92AEDED082FB866F8825DF3AD3AFC97500B08479315DC101,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588580Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.171{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fil-PH\mpuxagent.dll.muiSHA1=B1DDFA43E7A8621C27AA205A3C5EC57CC28F92E8,MD5=C674ECFB2E88B11A05EC620AF7760808,SHA256=BEA484C11C8134C40E4CE41BB921BBA6F5901D6865C64227919AC1160AB71083,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588579Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:18.171{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fi-FI\mpuxagent.dll.muiSHA1=BC7BE5B5E3C1B4D3FE595F56DC51F695932A5906,MD5=2EBB18CA9E032D5E93F6BD2F0A0CFA4B,SHA256=758D26E14D51C29BD84A7ED00A0DC640D1A72E1DD58F16097F8DC73A25DAF69B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588576Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fi-FI\MpEvMsg.dll.muiSHA1=B114B18A64678566513EAF4ABC7B9C1B8A4378EF,MD5=8F8ACB273FBB064BFB89C8C885EEA162,SHA256=FD52200363C72AA86A9B16BF805917B13C7DA8581CF79BEEFA9AE4C959402D2F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588575Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fi-FI\MpAsDesc.dll.muiSHA1=33EB8C034877D4CCE126CD24C6D66B0EDED67977,MD5=C124F63C88A789E7FCD59213530AF8D5,SHA256=1C1FFD02B504092851E7AA921BB1C3C21465475E0247C346CC6959C6FBCD04EA,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588574Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fa-IR\mpuxagent.dll.muiSHA1=C32890FAC3D7777872674E4C411DC05B063F97E7,MD5=D820B8DA27FCEF038A0F418005422075,SHA256=D7C6EC9D021D3AD099129D91C275E907655F92609448DD2A1A3FE890D7C75BDB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588573Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\eu-ES\mpuxagent.dll.muiSHA1=F5CCCDFF2F813C289D6EA3814D1B7DF637C8F998,MD5=4467AE596AECBDC051A3891662DF7B06,SHA256=10366F323DFD4F8B790B761A54E8AB71FEA1CBFB76A94F86422C2F3BF11EB71B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588572Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\et-EE\mpuxagent.dll.muiSHA1=4AB0BF3BB7294044071ABD6DB614D957888FA0E1,MD5=001E088C953D05FD44A3BFC5A2AFB4CE,SHA256=4AB9563EB2F0AAF29D589695BC8F9DB43EC259DDC94CBADCF866ABFEEEE839BE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588571Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\et-EE\MpAsDesc.dll.muiSHA1=789A0001A4A63A5BE4D0B593B1AE75D4EE3FE237,MD5=BD88C21EFC303E2E878A9B1F227AA9AB,SHA256=38891844908F87F4D8DD96422ACDA51AAFF65D585E5A514EFADBB2367B59D9C4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588570Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-MX\mpuxagent.dll.muiSHA1=4A8355EE2A44DA69E395A8FEA977A956012E309C,MD5=784BC305DF2F511048C5562144779A32,SHA256=6EFC75E3412761C2FD38F06E43E123EBA64B28E6963004941994784322349FAF,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588569Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-MX\MpAsDesc.dll.muiSHA1=BFE353F149021F405355623091F82B8D6A7EB1F6,MD5=BACB16A167DACF6450672D1B5CF8B2AA,SHA256=E389BAD2B2E6EB3CD470A0D3F50EF00457D24D8BC315B8677D8C1B9B58F7C252,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588568Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\ProtectionManagement.dll.muiSHA1=23521801B68CF36D66D0EC7AD8BE3B7233A5CEBF,MD5=6CDFA1BCC75AA4C549E973B33D4C9D5B,SHA256=E518A42E6298A4F795EDB69A17214E194193AAC47380684496E80F4549C3CB68,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588567Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\mpuxagent.dll.muiSHA1=BD5353428AC45B19B736F793AC2F30BB8B58877E,MD5=793FA3D40D0A94765F9B9FC4E8E989FD,SHA256=4519C0B152C5B1411A01049224B0813FEFC3C11A72C960B858FEBDD3DECECDEC,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588566Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\MpEvMsg.dll.muiSHA1=6ED4A83C0A42DCAC80DABD055BB1B5051B696AED,MD5=BC33C4FE1C22C423D24E30EB8338D827,SHA256=7308126D43A4EDD20C15E435685DDE2CE778DE5DBF00195F52E81098478D431F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588565Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\MpAsDesc.dll.muiSHA1=4CE478425BF812172F06A0FF140FF38A672D025E,MD5=2183185A3D1990BB813AC9FA0A87162D,SHA256=6D8A695F64986356B97A7CBD8823DE36188F9D94922B76055B20378C01530ED5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588564Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\ProtectionManagement.dll.muiSHA1=582D115915D34A0F45160B87C41733B82C960C83,MD5=3A040A135D1324DECD9D9D52AD01CA4A,SHA256=CB275B125252B70E3225FA2BC3FDEC4C5D19418DDD1C97EACD6E4B86B2891DEE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588563Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\mpuxagent.dll.muiSHA1=4E0C7438F0CF118EBC112ABCFD0DD490762786AA,MD5=BF455B47A23BCCEEE2FB3EF185730AA9,SHA256=688F3C07DE1915FA3A79E5B4D05F081602FC3BE3F3DC98765144AFC126C6AD52,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588562Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\MpEvMsg.dll.muiSHA1=72F0A502E969E37B335BF1D3C4E562D14F30169D,MD5=8A9647E0CDB6D07B50747D421BB65BD6,SHA256=9EE50693A95F08AFE3C0F492C61DF6B38E0F4ADAE6D9A22C72DD55966E3CD771,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588561Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\MpAsDesc.dll.muiSHA1=FD857483657A7409AAAE8780E78B94D5B968E00E,MD5=7A585E3CAC8DCC61F6809659DB50741F,SHA256=A205F07A0A62720C4CD2FB29642D43958888FDDD91FCAD31FFE5320F7C1CE239,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588560Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-GB\mpuxagent.dll.muiSHA1=29FAD2B3208DDF35CBA08CEB15FBCCD24FDECBFF,MD5=72FE2E3E1A56B82A3EF3DF7733708B76,SHA256=8DC860BB4676B8E8AB851E635343934F88E0E2F3401F50F9534F226AEF69C6D9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588559Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-GB\MpAsDesc.dll.muiSHA1=5F505C6A7F1E216C5F730CD5892BBB17239E6E1A,MD5=7951EBE420359FE3B96B20019F61CC0E,SHA256=DC6662AD4797D4C218F8C6837FF8CDF561A9D7D31ED30373CB3B755BB22CB90D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588558Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\el-GR\mpuxagent.dll.muiSHA1=E19F5B5B6640F7F336E48BA4992EC9CB2175F30E,MD5=EB33D69ED9620E109E69B61B973E9F1D,SHA256=B4EB4185D9230E375A3C2716C7DFFC7731CCA0641DAFD550786CFF15ACBED079,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588557Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\el-GR\MpEvMsg.dll.muiSHA1=A361DA1CB99CA888E96E02A97E6D7B403B037B22,MD5=254655CAB0B961A8CE3D188D5AA81864,SHA256=0C13DEFF461AF42DCAA54E06BD53FB772AD11D5DA86374F2290D14F97BD683BE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588556Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\el-GR\MpAsDesc.dll.muiSHA1=5531225BEF37B67BD8D2AF5F31887E807168C730,MD5=ADB142F2662B036AF10D9D3B5FB03856,SHA256=D7203E4B5C6F0786BFCFDBABB17D36FD41AB6CD9785C2F8291EC49E55B6869FD,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588555Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdNisDrv.sysSHA1=9B16744F49B9FECDCB8B21071889A6FE97B94257,MD5=87BD9EF526BDAB09DB00D678B464DBB8,SHA256=4B7BA644B135484FEA1CABCD93567A0C68D1063BDDC4AD43A2F692345BD870A9,IMPHASH=3B35A09D4E1C8B9673E78ECED60728CAtrue 26542600x8000000000000000588554Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdDevFlt.sysSHA1=93D7A10BC068759D1E8D8306BD35AE05FD6A9317,MD5=4D6817E7E835A6E0BD313FA85B97A682,SHA256=49940425184487C2DD6DBC79F7B503FCD9C5BBE262D7B559D37BC9340AF463BF,IMPHASH=890C088F7D4A3E82BADEAE88FFE6915Ftrue 26542600x8000000000000000588553Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdBoot.sysSHA1=3AC4FFA62C03095F8EB0A3A38EB5412C976EB35B,MD5=2EA35389A9D1D63FBA379FBE8F23EA28,SHA256=38A1B29647AA53D72674C2A5267AC1ED065643FB4B81547ACD1A19D08F24A8B0,IMPHASH=5FEE9881DECBCD99AFE063C90FD54A26true 26542600x8000000000000000588552Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\ProtectionManagement.dll.muiSHA1=AEBF33C0254EB959C0C333E1186053EB068C5570,MD5=E5CC79360615CAD8F304981779F04FFD,SHA256=F180340017BCC3513676BD563CF43670E9C0D99242F577D28E5A02D906F03471,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588551Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\mpuxagent.dll.muiSHA1=881B9D3C1182FE2166E450676FB94766AD7BAF02,MD5=B2AAEE829AF970C744D907490FEAB678,SHA256=331860B3A5A19D24C7C808B4A07B75F6E211BF0BA23A1F8B6CF0661D14C4E1C8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588550Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\MpEvMsg.dll.muiSHA1=F6E60F04817217DB8B68379621F6EA43D21FA42F,MD5=72F52C0F38F7DA1DE4966FA892E3E1E3,SHA256=A145770D6B5299F5C8B9E9D3EB7FFB7073D2D4B6104E83E176492B49C95AA2E2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588549Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.624{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\MpAsDesc.dll.muiSHA1=00EBD41A31120476634CACE947E471D707F34414,MD5=CEF6410FC3748BFC40A853F48C9AB69D,SHA256=CF5F590F0D6C8293930131B8C8E508D0F2D6DC7E6A675EDC8F4C9AF55A2A45ED,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588548Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.624{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\da-DK\mpuxagent.dll.muiSHA1=2646091E39CFFFBC846EB888A6702B8542113B81,MD5=6A69D247851408FB0E19BFAD1C1C7C60,SHA256=C84215ADE9D2FD6C59404AED8603FAAFA6303375A3250DD62BE6F5BFE58D7D4A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588547Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.624{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\da-DK\MpEvMsg.dll.muiSHA1=E410CB00CC7483F2FFDBDBCE9F30D578DCEB1173,MD5=AE16A347D1FE591E41F7F31A8DF43EA2,SHA256=D8CBE89C7C3A72FAB865B4D4926B1832FA145C1C5DFF211C65C9316EA7CF12C2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588546Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.624{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\da-DK\MpAsDesc.dll.muiSHA1=9574D2655EB967F9C504C59D6E8D9B303E3FC157,MD5=7D9295F9975C43D3B14B4B5AA60EC2EC,SHA256=8DDBDD655B0C6F0EA52F8855C88172E96DDDD8A620F278383023E66BBF590D60,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588545Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.624{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cy-GB\mpuxagent.dll.muiSHA1=6F5E41016DEC6C42D791D0AF0531DD314056AED2,MD5=81E92BF8011FCD7680464DC9120425A2,SHA256=04FE456173708F86983932F0C02304DA648D4DE8142A20FAF814C988D8D62891,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588544Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cs-CZ\mpuxagent.dll.muiSHA1=4E727BA96495A88D74240D5E30F8DD8DF1BB0115,MD5=727F734379A99AE973274976197B48AC,SHA256=47E1014942C17C76ADAAFE742B0B7B307E833F3E75BE03A830CB0C2450277B3B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588543Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cs-CZ\MpEvMsg.dll.muiSHA1=3E02756F491257E2285B544EA54116D5179CFFA2,MD5=472BFAA5D78D04CDEC87A31D9D35DCEF,SHA256=BE5C6F3348723DE4D86860B59193FE0D33D6B908AA555BDAFBB927CFA584D7F8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588542Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cs-CZ\MpAsDesc.dll.muiSHA1=44A4C5A87875835295B0E195D7D7F6A16300031C,MD5=41FE3C5FABC7C925FA5F56BFFA15EE4E,SHA256=4502C67E78D9EDA07C0C22829C7358C90644B3879F4CFEBB2C540A7421C1B3DA,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588541Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Catalogs\IGD.CATSHA1=76D558CB63295902883C01D90201BB04A8561571,MD5=3548AF94D70C01DE9A93F4B6BBEC14AB,SHA256=54FF9808A965E71DD0A7E6F0A1CD410B967E357E2FCFD09D6E6A28A0DCD1DC54,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588540Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ca-ES-valencia\mpuxagent.dll.muiSHA1=C5F867D60C9D3A967E8F1907604B9A93C2D7346B,MD5=9AA7079EB7D818A60E56E81198842FDD,SHA256=9C14DBB14536B240DB74C2B96FCA1FB56320489FFC2E75C7310603FDF1E31B4A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588539Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ca-ES\mpuxagent.dll.muiSHA1=31E0268164BD977963DAAFB50BCD499F4A5E1E5D,MD5=661310D06F0A11F64C3A3E6E6F9B9279,SHA256=E0DBB794C31000CA18550FEE8E47B2EEC446EA31219B2069AE6617CBBAB9CFD4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588538Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ca-ES\MpAsDesc.dll.muiSHA1=A0A695A9C04CC3CCE709D961E40E292DAD6EAC18,MD5=4800E9F13CD088F558831581B7AB8768,SHA256=4A281A2C0860D9A84A14DA18F7ACC86B0EAC47482115E21050BD1D189C57C715,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588537Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bs-Latn-BA\mpuxagent.dll.muiSHA1=F0D5184B6497D784D8141BF055AC1CD96413F0E4,MD5=049861B31AB2CB1C7A09C90D873454C7,SHA256=C6F840B486508F80D79835AC79723EEF7825C82018D72B8A70DD723AA1B7A4B6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588536Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bn-IN\mpuxagent.dll.muiSHA1=800D86EA76F81AD3A8943EEB0E98EE5B1D19BBFC,MD5=B0995091A735E168193347BD7A774FB7,SHA256=5BD34C8231834B9BE110239104245E38C56326AE75BA349D2E0F597F2BCAB60C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588535Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bg-BG\mpuxagent.dll.muiSHA1=1A0F52720B22886009263F3D6A242BA5B17D12CC,MD5=D98BAB6197B08747A94CF68313CCC3F5,SHA256=34147E68357F553D0F386A0A18CB5952C681A276DD2CD2D4ECE38EBAD5131BC4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588534Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bg-BG\MpAsDesc.dll.muiSHA1=7C7152FAED82C78F6EB41198D16AA1DA4C2ED663,MD5=85B953B08F8AA94E01390BD8036B313C,SHA256=D053BF46C85C254D109C0B2405B0FD536AA6C60D510360EFAEE6686CAA435014,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588533Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\az-Latn-AZ\mpuxagent.dll.muiSHA1=E692551A766E51FAED4DB24C60B3885A70A1783A,MD5=FACFDC8A4DC6C06EDF555EE0FDECA5C6,SHA256=EA6793C69AF0D4346A00A52142922F7CD1C48CEE0AA68096BA4A29C26536B03A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588532Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\as-IN\mpuxagent.dll.muiSHA1=37F89C743D821FEF8531F292BB2D399BF7081811,MD5=33D82E598A52372E904F1E18D6957C1A,SHA256=D3068AFE198FED6089EF7A2FC79C2DE6D0B003CAFF61806D1480D0F37B689CD3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588531Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ar-SA\mpuxagent.dll.muiSHA1=482A68D428A1A8CD06B3595B146CA94252DA2843,MD5=99BD8F5B9075815B20264741B203E40A,SHA256=3C048EEEAB4414E3C818F43B1AC91F92E5515E5509342A4DBF2319A037155BAE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588530Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ar-SA\MpAsDesc.dll.muiSHA1=4C33A24D768EBC0E3DB022DA6D2D60B516A3CBA6,MD5=A5F1B9E28E9EDC354EE806EE1AE67151,SHA256=61920688C20D57997696C8D0DDE099A21B8453325AF6BC888C5D740ADC9FF9DF,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588529Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\am-ET\mpuxagent.dll.muiSHA1=D35DE66A99039505E949CAD8C8B0D4BC0945461A,MD5=8103208986850FC602C1105CACBE44ED,SHA256=FEFAF89D5C6105152F2B1FE305D8531E6B27B4B00622608B342BE8FB66C13098,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588528Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\af-ZA\mpuxagent.dll.muiSHA1=1A1F24896490462A4770AAE2D203F98536AE5319,MD5=3E84F8CD3E421FC382FD6024E09729DB,SHA256=81F25787754E8AD62A82E796EC471B095BF76A4583D68232DCB745AE347B5404,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588527Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ThirdPartyNotices.txtSHA1=F969931AC45991F7ECB6767A69433A7082ECCA2F,MD5=CE7313760386B6ABDE405F9B9E6EA51D,SHA256=73E26404B3571A9E859B3A1144F54C353172479586E0A23C3A7DDA0C1C0AE919,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588526Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ProtectionManagement_Uninstall.mofSHA1=5CB3AD07CF6DFF3DB5BAAD55488A769A664BC093,MD5=C4E26C53F76774E091FEE17FFFF64414,SHA256=5172863C41E84024799B2034D42F10E9720FC53171A4F6C1CA2FDB2C6F71DFE9,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588525Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ProtectionManagement.mofSHA1=40591520D5459CD068F798B0E330DDC2B072557F,MD5=510A7A8AF72668788C27FE22CE1B11F2,SHA256=A54237F0686223511A7ABE06E6DBE1C16A9EFA86C5FA7D321AFF62EF7A96EE2D,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588524Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ProtectionManagement.dllSHA1=C0973629F3D037767DC5259239C832DF129ED531,MD5=3092E66F9E4F9B6BE2D592DCFA5CBCB7,SHA256=79802C213E7928468FFF93D72CED605D8012322E46C3BCC52191353132FEE144,IMPHASH=A76BFF4687C0E1559E35DA4E213B4B92true 26542600x8000000000000000588523Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exeSHA1=35DD89461E9406CA9820061F055A6725FF081BC8,MD5=FA040CFFF6B032C226C6B82A826D5024,SHA256=5B97B5ED8EBD795F9667A2CCAAB76E0A413D4D07F76488B51B4AC0485DD69090,IMPHASH=B2CF270DD30617D242703BF264932A90true 26542600x8000000000000000588522Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpLics.dllSHA1=85A264C0D88E0F6C12D447FF560C1A67D147BE81,MD5=63B430EC9335673E713C34C4E9473967,SHA256=6543B9FE1BE62ED9B3967E94445F63349A69D3DF41F2DE78E5DF99E87D1D3C4C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588521Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exeSHA1=003F4160FC1BC322F0E3BA95B1D540AC955D081E,MD5=CAC984BF356ED7761912C1D81232495D,SHA256=D5BAD8FD7460DC44C94CC0E9639274A9A69B0ED631D15C86986324901B5044AA,IMPHASH=F189C7B818D0AA5FF3015F856E3C3A13true 26542600x8000000000000000588520Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.421{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpUxAgent.dllSHA1=94B9491481A2FC80A5AEEF9FA790B7AF7D07C043,MD5=B5CFF0AD8DDAA87C4D8B3BEB3E253ADC,SHA256=A5229B7FE59239A336573CA5422756741E5E89178670771CE8D7CBDBFADB12D3,IMPHASH=8E71AAB314BFC70EEC0B1A22533EFA2Dtrue 26542600x8000000000000000588519Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpUpdate.dllSHA1=C249FFFF939C08DDDFB21E2CAAD6D9C41B9C7F62,MD5=F0F032D1CCD53831B660ABE243CCFFFC,SHA256=CEAE72B0A21CC2E11C8DF65B06116F31B7171E5BB769D247E8062FA474166901,IMPHASH=643C3273BD359D079EF68C411527FEF7true 26542600x8000000000000000588518Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpSvc.dllSHA1=EF231CBC963459E9946D7CA361FFA941C9DD4976,MD5=46DCFD688D29412100369397220E921C,SHA256=5A8417E867BF5DEF1AB585F3A707AC8263B1F2B9337581E0BC5C96E420C6C09E,IMPHASH=287248F04AD0B1F8A3201005F54094A3true 26542600x8000000000000000588515Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.343{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpSenseComm.dllSHA1=E0DCEA0A9D20C50BB9678FD8A18B036F8B738F74,MD5=01E552C0F9C0A741E97C451FC95E0608,SHA256=6D255A767F20A208B09201C477F28FE1848C7715BD3719A5D9E3A61FDC2AC34A,IMPHASH=862E746102BE3A8FC5C27A5CE86507A6true 26542600x8000000000000000588514Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.343{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpRtp.dllSHA1=186F885910EB59E85B2DDA80786FACDA3B37D01D,MD5=5C5A29ABC01732E8E7EF6FEFA172CD7C,SHA256=0A4A02AFE6A103ABC841F14C996F5186F3C3F94A882A7750F3B0A7D8DE14B052,IMPHASH=3A39FD9B8C74EF0F23C7DA1A0831902Atrue 26542600x8000000000000000588513Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.311{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpOAV.dllSHA1=7DFAC5D09B1A71C9983D8AC8ADCE8FA1B2AA3DEC,MD5=1A0455FBA14B935C088ED20C3E7D9E3F,SHA256=5EA49B6E291C6CBCE4CE18B276B0AE2BF63CFE405021FB503EF8CE8970683BF7,IMPHASH=28D3DE166C9E9C46DC0EA2089E2AC74Etrue 26542600x8000000000000000588512Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mpextms.exeSHA1=E8A1FC5FD64FB358EC4643FB295F2BE043C94B14,MD5=7736526787F59C09C81AE3751AA9907B,SHA256=72CA54B9833888F2AC050E0A90BD4D798E52CFB78FA5403BCFD317793AAD9FC1,IMPHASH=BCC38FEB02785A4856185CBCECBA4B70true 26542600x8000000000000000588511Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpEvMsg.dllSHA1=92C40BB7802B96A06C4EA4DEB261E0B919CDD75E,MD5=8370D709CD1BDECC498D525AEC71E4A5,SHA256=474830421FF3595B06B0A5DBA2A1B51C2D548F4E9BCB832DCF096093393B7705,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588510Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDlpCmd.exeSHA1=0EC800CF1D38F4F32E16E0831413F285F3693B1E,MD5=A3E5F95A27BB35D495347BCB591E1B0C,SHA256=14D00BD63CAD6E7CC712A4C3842C83A9D5EB6B3DBCED8A5337115F67CA98640E,IMPHASH=9273F91C797CD5C40E5E956EEC1FD849true 26542600x8000000000000000588509Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDlp.dllSHA1=EF48E4788D3D948B504C233C2E279BF801A02EC6,MD5=8685D5F263EB10114DF47A56F58CF411,SHA256=1D23B1D7E3E04F9A07296D2E13E1619564C6D21E922DE0117C22CC498F7EA20B,IMPHASH=B0EF5EC0E2095D73AE16394A352C3885true 26542600x8000000000000000588507Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDetoursCopyAccelerator.dllSHA1=6201C598AC965F5108C2394A3DC6C0DC8BA440A4,MD5=E3D81894936F3428A60B3EF6670F5B37,SHA256=DCC7377E82AD2F3F4C31350ECE61625EBEB143AA126E2B076B4E385CE158ACC1,IMPHASH=8134FB421E1A724B4B4991256B828B42true 26542600x8000000000000000588506Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDetours.dllSHA1=9D92E3A04F222C94FFBF84C0999EB09F9C462F2F,MD5=FC8C4A87A430C5A6D8A41234D4D2C663,SHA256=0B2513281E94F4DB3EE8F82C419EE4B19D6ECA66DDA49477C88C959807E8B93D,IMPHASH=E7CD5D60382F6730AC72D09484F903EBtrue 26542600x8000000000000000588505Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDefenderCoreService.exeSHA1=A430980862417185708C58CD25A3BDB3A156A110,MD5=7A0D2E3C4DE587C4554E055931A7E201,SHA256=52E3A8287FC53503D1D9532E608305B8901308171D947960C85CB893EF7F0AB9,IMPHASH=C815E54C35D1A40CBE18D6E3B92829A6true 26542600x8000000000000000588504Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.218{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCopyAccelerator.exeSHA1=D593DB1D25BD601CF15E99F0097AEF99E65D455F,MD5=68E37488BDB2A10A6974B286963A8E77,SHA256=94D7F4615965CE9D5DDDB0DCE1C5B1DE27A171BC13B2B464E615A66C8C695A9C,IMPHASH=94316E3271598CFCB7F9A6A96CFED214true 26542600x8000000000000000588503Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.218{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCommu.dllSHA1=CA31F34DDB523EC97DF6CE09A464B67816044617,MD5=4E4493F7CBC1F81CC58AD5623414EE24,SHA256=DE30EE123EB86D7511407C0D49F093030E4A6384F7C3C2BE572CDF91DEA2F848,IMPHASH=55239B1ECC1874DB2529B570747F1D53true 26542600x8000000000000000588502Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.218{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exeSHA1=9F434B65DB9A9D06D813044D283C76BF40763594,MD5=C40DFEFCD88E769B5D5C6BFBE8FE2B25,SHA256=D922D68886B7EFDBFDD9E9E447A4B588FC17F09644C08F4CB7AFA3BE4C5F7C6D,IMPHASH=0A36B438EE32C23E9D94EF258EF41AABtrue 26542600x8000000000000000588499Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.061{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpAzSubmit.dllSHA1=10DBBC3C6E26C63396B0A18FCC99A4B2B6BB9C85,MD5=5DBAB5213838FFCDF1D38A2088D296A4,SHA256=7288F380A89F440D09591B03A0839C5F11B3FD3D11DAC471CAD414A04BEB3302,IMPHASH=EB7C065A5795F9B75CF01CE1DAC3CC99true 26542600x8000000000000000588498Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.045{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpAsDesc.dllSHA1=6EC6E6A9A1E46B6B887DCE9B8BB49E591480DCD3,MD5=1D59229CA7024A6D5E4392D6C047E77F,SHA256=FB49274BC7331D973133CF803791C86B216A0F1F4B68059D2004FE7172FFCE1C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588497Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.045{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Windows-Windows Defender.manSHA1=6A9ADFD47BAD44DF42E3BDDA37D563FDCCC4DD29,MD5=018276802DB93EB0D750D0E83E50D771,SHA256=F6267FCAD9C25F4288914CA920BA0DC06277ED71BA688803B56E458823CC74AA,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588496Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.030{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-Service.manSHA1=F11FA3289AD921E1029BEF34E88870910D5D8C32,MD5=529043A62ED87EB797B2BB5FE1A90C3F,SHA256=3982E3620282A820412C825C0F3C9451CF697F11A83AEE527C48E10B06E95B17,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588495Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.030{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-RTP.manSHA1=3E5CF0627D76A682D40B8775D880BD20B90B5E69,MD5=0254A51E922D467661D5D39C886AC9BC,SHA256=FAD08683B176DFC27FF428A6F05D10982FCF20AFC59DAAB21539296FF50F5002,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588494Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.030{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-Protection.manSHA1=B7DC3C04C67D7903E04B0EBF2AB7840AAA717EE0,MD5=E4AD891E7B62475FCA109C0DF4DEF16E,SHA256=DF9AD93CDB61587A35FCDCE996955A64413439A474D85C86133A9E9C185D1966,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588493Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.030{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-NIS.manSHA1=6E5AD734AB6A9F8B82B19024E21007AC2CAD2540,MD5=5562965C32F03AE0DF8B9DEF950F8651,SHA256=EA64BE59286B67AE930729FA92B2B08DCE5C2EAEB70FEABE2320C47FB6DDAC6C,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588492Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.030{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-AMFilter.manSHA1=8E006DAC462C9AD9D2C0FA1C8BA95E6D1D94382F,MD5=FA41CDEB03243C5F0341301FDB95206A,SHA256=B783898BD2C680A58F4E41D899ADF7C3438B06E426FDACCBEAA68E7A720171D0,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588491Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.030{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\endpointdlp.dllSHA1=0EC484EEEF57CE8B788B7AE50EEE1189A6EC111C,MD5=050374B202488E951585AD11E1D56BA5,SHA256=AF73A1E5A97820150C8B2329AB4D84213507EA4385B7238A648E141D36D160C9,IMPHASH=A451518025186A5E48F0CF5E423958E4true 26542600x8000000000000000588490Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:17.014{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\DefenderCSP.dllSHA1=648161105DE9353B93836486231D15593B095AE9,MD5=F7D5FF20F5EB84E528EE21F28A9670E7,SHA256=CA09ADB264E69254161AEF4B1BDBB8B5A895D826A4FF802CCA233A77B651FBD3,IMPHASH=E26CF5840AD105DAD7F9F7DF926D6A80true 26542600x8000000000000000588489Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.998{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ConfigSecurityPolicy.exeSHA1=3019726F9DAB8538E01226ECFD76C158616A6A63,MD5=438F984F625500716F2653F117FFCEA5,SHA256=6153EC46489E2C6FEE12ED71967DA4E62096BD4D801DCBD3B0501E6C4AB2C334,IMPHASH=0167833356936E8B9601140CFFFDBE1Dtrue 26542600x8000000000000000588488Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.998{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\com.microsoft.defender.be.firefox.jsonSHA1=241F5E9FCE639E713E50FE748B5865F6EC2880C0,MD5=7797BB3399C837EDB0F7564D6E3C6217,SHA256=E2A0B5B4F64653C86B71231EB3FF5ABED56B4180C90234DE2C008456E270F8E3,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588487Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.998{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\com.microsoft.defender.be.chrome.jsonSHA1=CD82C099B0ADB4496E7D30951F249EB7CEBE7570,MD5=36CA2812EE9B49E0785121434B7DD136,SHA256=8602FABA22D8E06CCB146707B4A10F6256799FFE854D37781156A5A6D6120369,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588486Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\ProtectionManagement.dll.muiSHA1=C1B418F076F5A674F06A7D6CD545698B74CAC22C,MD5=9B8BCDE24749228A9F42971A3D50E4F4,SHA256=608EAF982435FA005D0131E2FB978E78CA4A9C1AEA4D2475917172E4B6F49910,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588485Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\mpuxagent.dll.muiSHA1=CD2586975F74BB94F58D12F83B9F7C40D1E98652,MD5=9DCFEE706059C39976203255FFD30229,SHA256=6FB1E615B12BACA3CE45C2A9B344A5B3140B99A2A566AAE8AD0E3E9788EBB1F0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588484Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\MpEvMsg.dll.muiSHA1=6C1A187EE2FC64A8DCF44BB57329B7295E70DF4B,MD5=371E2EF936605A956B5CA800FE69921F,SHA256=49816B20BFB2E92203B810139687B9D773372D5335FF2552F488B1910EB88E83,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588483Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\MpAsDesc.dll.muiSHA1=CAE7B811533108A623FF81BBEFDDA0334D405305,MD5=C388BD223498554BD93BCA1D9F4A5047,SHA256=F3DA9450C6954BA64BEAC4DB5F39D3C0C9DBB138FAFFAA57940978F9153D62DE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588482Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\ProtectionManagement.dll.muiSHA1=9CBEBD7524C07AED5CD1A42677D6957825762535,MD5=AE2C7A65AC68E02C0C29D63C93207648,SHA256=4664F24617EB6F7D97E4030F94F38AC9E353D245A8242CA85E6DF647C57B7B1D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588481Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\mpuxagent.dll.muiSHA1=8A3FA0AFBE190B51C50542B3A4783C223E045B94,MD5=685987676797095FD226446B35FC4FF2,SHA256=C2240A3E2AA6D34FB2695E0F51D3D67E92477DE5D2EF9BEB6E6388BF4399521F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588480Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\MpEvMsg.dll.muiSHA1=2E4150E99B88D15470308D6B809109D0FCA4A4C3,MD5=1001E23DE799C471B70F5C483B6FAF19,SHA256=0CB3249F2F894B2925EC28F34027065F8F2C61130FB98D13A177DBC552787D7F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588479Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.983{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\MpAsDesc.dll.muiSHA1=809E3E3CD7863B676515247759CF0226B8177B3D,MD5=275DAE6091F8AB6D64FD3F1A9C8483C7,SHA256=16B484FBED57BD395194FD733CBE36699D115A611B7A0F6144FFBA6973310BF2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588478Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MsMpLics.dllSHA1=B3C76A16FE6FB0E68FC48BE4D1361589ACDA0C67,MD5=4C4617FC6582A59D68927B8429BA6154,SHA256=C1CFBECF84FE7170F48AC23E2A26BE9DF90A744E6C9F8F83E9494619019CFE15,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588477Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpOAV.dllSHA1=4F6D7FE3EEA321D0E7921382F44089AC4878EFA3,MD5=C6FFC57FE2FBF6641B74268C0A4C3054,SHA256=2E270BEA624FD9328D703F5926C2AE4A44EFEC1EBAAB401794A10D6A426F6010,IMPHASH=025AB2C27D98D8168DECD24548EBF963true 26542600x8000000000000000588476Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpDetoursCopyAccelerator.dllSHA1=DDA62E114E636F54BC1CD76B032368818AE751EA,MD5=088B997B2A6A33D153DE942FB280DE63,SHA256=70FB26C4C60694DE59ECB725530CC5F2AEF0B52FCA58ABAF066CBE5223D5BA40,IMPHASH=A72716399E8D068CB87E32A578AB12B7true 26542600x8000000000000000588475Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.967{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpDetours.dllSHA1=CF744D85FDA66EA1E741138247A13A03B735C11C,MD5=D7A7DCC5C8E98FF687E96C0414FA4151,SHA256=4BFF8D0F6745FF993EC46C1D39541E7DE025E0128AD8FD64967A93553FAFC320,IMPHASH=77F41CAB0B63DA8187C849A85C1DB60Atrue 26542600x8000000000000000588474Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.952{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpCmdRun.exeSHA1=209BD31BC5764EED6135DDD0A34E07E050E9674F,MD5=5F1262C1A91954D764520D3C5284DB28,SHA256=AE249DB7CA8DE6CFA565FD44EF56958133F8C9ECAE59573762CA76A5067A027E,IMPHASH=99B11F8B366E2BAA71DC00DD6BC7A0D7true 26542600x8000000000000000588473Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.937{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpClient.dllSHA1=FAE975C98F48FAA3D8FF0D137989D78B38F25F1F,MD5=F9979C4753BF181AF73E8CA88C8C7CC7,SHA256=DBD118233437FDD82BDB3EAAA1691498C28BCF5CB60BCA2215D1939EC404ADFD,IMPHASH=3575AF749B8C94EFF471A3C15299C5D9true 26542600x8000000000000000588472Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.920{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpAsDesc.dllSHA1=CA25BDD61379319ACA1814F20B658C5CB00F4844,MD5=F1C231A0E112966BED692F6768B470B1,SHA256=732810EDCFE917EC09AC8AD4EB8807D54C7C03497C2F4C4C007F7097B64387AD,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588471Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.920{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\endpointdlp.dllSHA1=D4357BA2448E936B85141F65FD1B6BA74A7C5525,MD5=E89691D944DFB0E4D3BDA9F663B4CFEF,SHA256=875A896290C1EF3F5A8BDE5F62537E6F1BF58E7D78D03BA68A9C1C368EF70109,IMPHASH=5EEBBABEBEF35F272F2A87CA59FE84A1true 26542600x8000000000000000588468Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.905{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\en-US\MpAsDesc.dll.muiSHA1=5962681230EF0F292F19AE09AE8C18D43286C327,MD5=6DB83457C5E8670D7DA7BD0A2397B957,SHA256=04255B9D5595BF41A4F666EB69ED02B514EF44406A9D1A65464D5811B683B1D3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588467Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.905{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\vi-VN\mpuxagent.dll.muiSHA1=9B1E891160AF6AC460C5B86E704C2EC86E002F0B,MD5=8FDC8A6667A5D1DD14A098AC3ABA8FFB,SHA256=A5411770B40C8D7AAAD6C7A1DD33F557F46EFE91C5249A2071B91B05BC33516F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588466Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.889{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\vi-VN\MpAsDesc.dll.muiSHA1=1C4E8D32C142A112BAED90AA00D5BFA02808781E,MD5=DD90B54C524C6ECE86CE072C92B72743,SHA256=0ECDAD4BCB8C7DEB9513DE0563A0298F05DDFE1796BF6230C85A6C7B5DC6F545,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588465Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.889{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ur-PK\mpuxagent.dll.muiSHA1=46573E7DCD7BEC7A9A9EC7D75DB635A6A53D9462,MD5=6002E18F1F77E9A776F2CDB90EA933E3,SHA256=3F09DE07205C06DADEB565DE5D9346AD9B6786CA56E21728BC3E17C8E0A873EB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588464Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.889{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\uk-UA\mpuxagent.dll.muiSHA1=92551562852698F9819BC099E10AD405D10C108D,MD5=031083B8F72F6176FD02388CF312F2C6,SHA256=E61CE402C18453F38ACE10258DA1019DFF96496F336D5F9C8C4B63C764B9E1E5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588463Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.889{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\uk-UA\MpAsDesc.dll.muiSHA1=F77EAEC6BD198A0FFCF55873D185B8C2D420D3B8,MD5=600C16CA5191D769AE53A91DE6622BC7,SHA256=52A27A82367AF180BAD5FF70D648C24A056E6AFA0C73957E165BBC89239D06E8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588462Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.889{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ug-CN\mpuxagent.dll.muiSHA1=3EC9A3737D329A26FFA5B58AA9B9046E9ADC4ECD,MD5=E838AC6667A9660B18AD056221CB64A3,SHA256=CD3472318DEDBE5C6CD20673DFE4C4FB240A82BA0360F5D39AC599AFD9A4C2EF,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588461Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.889{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tt-RU\mpuxagent.dll.muiSHA1=FE10AA1FF1998F8256A7A597856EC8DC9942104E,MD5=2ED88451318591AEE716AE5E06817AA2,SHA256=7BB9F51A78C039D0AA0218434F125586298A9E06DBEFE2F77CA769C934F36DE1,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588460Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tr-TR\mpuxagent.dll.muiSHA1=EDF3CE5B7D9FB38D6CEE6133552796B2C6D0FEEC,MD5=FEB61FF0A4201F023473C9FFB9BEC0B9,SHA256=3C366CBB9FE6C0897EB1542E3A881095B8EC1336F65A6AA6559833D09D6A0C06,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588459Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tr-TR\MpEvMsg.dll.muiSHA1=E05CEF0C9713955ADDC2A3A4AED1DD6588C3B945,MD5=72246F6A7E4100AEA456ABCB0BBCF362,SHA256=F4F3B09D67FA23EF8BD825D7059888ED0C187266CA477D891C1C89A2C9418C51,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588458Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tr-TR\MpAsDesc.dll.muiSHA1=93DA5A80FD77E157D2E7FD85BB02AB89FCF88BAE,MD5=B4EAA18E08096A20299A9AD8906D4B12,SHA256=9C05AF033F61BDC14EAFFC6BE5143308694FE0976A0FB4C86D2507506702D8B3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588457Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\th-TH\mpuxagent.dll.muiSHA1=3C7D13C164CD0206E223378798A0E27C529D1287,MD5=F185559DF8E4E6043988E17FB3F9EE95,SHA256=BC0F394DBE9B455A15BEADCD072B709C2110B33886D0194C82FC7DEF3661D4D0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588456Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\th-TH\MpAsDesc.dll.muiSHA1=F6514F3565CF995554D2BB1697D436631963C4D3,MD5=39FD373680043D7CCF5E22F1A80CE5B9,SHA256=BBAC0D603509748B69D933DA2565A6933EDF47C016A580EB1854FA486E0EF34C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588455Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.873{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\te-IN\mpuxagent.dll.muiSHA1=06B2DF1BD1CE1D1229F87E52C05FA9D761FC5CD3,MD5=4062F2DBEB80A144AFEF7984333CF191,SHA256=EABDB6C447F9926BAF7A2AE0859E0758A2D00D80D1DCC5A18FCDF3D75A37D93E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588454Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ta-IN\mpuxagent.dll.muiSHA1=5443492D760DDCD6D7F5D31D826224E90D40B2E2,MD5=FBE6D1C880FD93D5B1F82C776916D0D0,SHA256=69B8333F9994664AEA36EC79F77A0A4EE12509637B1C7A0B60418707F1A38527,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588453Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sv-SE\mpuxagent.dll.muiSHA1=351032471C1917ED2DA910480F4B5E2B14A077B1,MD5=282844F101AE245DD64C6D05198AD24D,SHA256=D71D48AF1A2D1F8B2CCA6EFE1B310F16F236E688A807C4856A31A7967D0F205C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588452Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sv-SE\MpEvMsg.dll.muiSHA1=85300ADE194FC469D80111BE7786C99724CE8195,MD5=E37795F12CCD7B921675EE6C3AD374A9,SHA256=7D729057C076CE488CA86DA60760D197E91964D12E67BD2FFC3F043B466485A8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588451Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sv-SE\MpAsDesc.dll.muiSHA1=3CD48015E939A105F1C7E118507CA60C701B9E52,MD5=61994ABFD42ACAC3EB7A0B9DA622882A,SHA256=74EB90106C99F2DD40E37FF54EF381510932AB810CEA7E29AD0F5472DD3A3A09,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588450Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Latn-RS\mpuxagent.dll.muiSHA1=5ACDC07CDD6CF293BE70CD2A097ACFAABFC58C6F,MD5=3BD726230E3EA7B34D5F03F80C887B56,SHA256=08772F226F2471058B2C1962E5DACA3A09F33DF097EF0D684186318DE0679C75,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588449Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.858{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Latn-RS\MpAsDesc.dll.muiSHA1=ADAB982D638AA9E7A16CE11EA5478483BBE784E3,MD5=30E81D4923E9D50AC40F8797580E3D37,SHA256=3181DDADD7D972216572F8259BF39A17112F0F363F7BC31E9B0488B626CB7D3E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588448Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.842{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Cyrl-RS\mpuxagent.dll.muiSHA1=87A3A6F26BBA0EFACBB1F3AC93138DE263B909F2,MD5=6A32D847A35834C05F2CE02A878B679E,SHA256=E034B4673D11B5B15A084914A899170FF877D22FFFEE7BA09B17CCC0F8ED3BF3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588445Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Cyrl-BA\mpuxagent.dll.muiSHA1=39435196F7903BAA3892789BE0C10A7AD3A153E1,MD5=981A5FFBEBCBEA9AE3778EF84D34CA6A,SHA256=85DF253F3F2EB7B252C0F2CA3E6E3AEF9C3375518BA705E73ECC5D9B8F6E7FE3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588444Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sq-AL\mpuxagent.dll.muiSHA1=E0A36AF0DEF807B8A64D7493F617287A27D164BF,MD5=971537241C6C29E3CEB93BB4B7DAAAFF,SHA256=DB83987CAE2C890349DB6A0B652C8DBCD3FA81CA744B2C54AD5CE88CE958BD0A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588443Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sl-SI\mpuxagent.dll.muiSHA1=4F3FFB318994C24647EE02852DE223D81FA881D9,MD5=3FCC2E50B39DCC632FBF27E91B5E0DFB,SHA256=6838A0C4FDFBE4F41521BA3FED3DB2AFA4AA20DDFB61827F3F289817DC359644,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588442Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sl-SI\MpAsDesc.dll.muiSHA1=8A747AA146ECC11DEA9080CBD3F2EC280D2ECAC3,MD5=E63B91E6B640C80575399485F0B64F6D,SHA256=782DAFF6FFB7D9E046F5BACDD37EE2F4FBEE833C503E343C9C5495D954DA3BB2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588441Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sk-SK\mpuxagent.dll.muiSHA1=6C70E30C072648400920D92EF8912C90F9916A86,MD5=20D0FF3BC9998A1810446D34079BFCEC,SHA256=2AADA35A9863D13601632D57CB53D0BAD41686B206145E062205EDDB9E8B0772,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588440Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sk-SK\MpAsDesc.dll.muiSHA1=334C2E7E0F14FF88216921836D2107B1503F75CB,MD5=A4CA51FBDEEB6E88F36048DCB1F55D73,SHA256=AF3ACE968A26C5C733FB817AECF389D8936DB528074CCC99BA4304B7F4354219,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588439Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.827{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\ProtectionManagement.dll.muiSHA1=CDE4BE7870B7A78DEC20C51276C473190C9A3541,MD5=B2BDF5474AB0A9254301936176C77EBB,SHA256=E19BA67B55A0DAA258D00FBE8EF1C03F6499830F6F3A01F0AAC3220225BBEEA2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588438Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.811{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\mpuxagent.dll.muiSHA1=6BCAF81987DFED98FC59BB2D7BFB2904C398C87E,MD5=D223ADB02053F9325AB9F18E69CA54F4,SHA256=F416C90753E5961B0DEE3ABC58BAAA88E45851DA7103F94F5DE0DD005504930B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588437Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.811{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\MpEvMsg.dll.muiSHA1=22F632B3FF3D5E3C4C2FE2CB8981C99376B3E3AF,MD5=6422EC487D1B1566AA49732ECDB21C48,SHA256=0B9E6388E306AE516B1B7811E290DC4E445C3CE1F842CA1EA439A9871218637F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588436Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.811{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\MpAsDesc.dll.muiSHA1=9580D3256DE1B55582382DB7CFDDA78D45FEB0F2,MD5=ABE9B3B5FB442FF00BD92DE574925C26,SHA256=A584F683A9F7AF3BEA0AACC6F4500A3E09D65B9A97BBC7D856DB0323969A9231,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588435Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.811{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ro-RO\mpuxagent.dll.muiSHA1=489020F50F10E1190A8CE2DFEECFB8BE12B4D90C,MD5=022995C346E31404E4373E4B991D25D3,SHA256=525703EEDB8AE19AF1DF9EE60CCAB88EC4E635C28427EE294B251F3115985B00,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588434Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.811{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ro-RO\MpAsDesc.dll.muiSHA1=6B9BA50035CB93F4B5E9B3D11CB4A60B5B95EE50,MD5=C411F0561237B7CFB6890F75D83D927D,SHA256=7D27CA7FD4D862B159F22BBD6D0E263C92188C303089B9A7DAA7BB3CF0AC7E36,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588433Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\quz-PE\mpuxagent.dll.muiSHA1=6E24B504FC6A0392AA840C25F095DA9589644807,MD5=CEFADFD6855A00DE17ECBAFC93BD139F,SHA256=2573565A86BFC1F431C8301139585D632A674C6FD57A5D9A5FD5F3AA6D1A4C2D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588432Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-PT\mpuxagent.dll.muiSHA1=A50AF9CC0F5D8022A46ECB9BD85359153C4B665D,MD5=42F93C0E9D796FFD767753482DA0D9DB,SHA256=7FA44D34D96310BEC658E0F1E53E66006AD7F641D26827C511B145E5F481BA89,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588431Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-PT\MpEvMsg.dll.muiSHA1=48180551CFA4F9F03085470F1E84A045825E2D7C,MD5=5F3092063BF48A17EE38B90D94412346,SHA256=5CD73AD24474160A6B69E6C98EDB9DBD0E26CFB62BA68642E4BA50697797842A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588430Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-PT\MpAsDesc.dll.muiSHA1=28E59B3025522A88B8DD650FD2E47A29A0F7BB0C,MD5=1B3ED63ECB2130FCDA3328A28CD71F41,SHA256=DE7CCBCC3749B5FA5B9368A31D044161DA6F5AE848F81A38E00662AB3F4C4090,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588429Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\ProtectionManagement.dll.muiSHA1=4F042901FE3D3542F4F0B0D72DB3D7640551807D,MD5=EB525C14118EE6B2B4AF49EE87A22C65,SHA256=FE5E7352207B2EC16EA4CF6C9429A16E0AE2B313F5AD7AB835742B64FCC03931,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588428Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\mpuxagent.dll.muiSHA1=283A9B68ED4137E378C6EA2BA36451B116769124,MD5=524364A4EADF5AB20A55F567B69D9FA4,SHA256=2136519E698928240DAC5537E3518D9E1F9FBA250820D294BFA4CC746DDEFB24,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588427Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.795{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\MpEvMsg.dll.muiSHA1=DBDCCB68AFC3A481586FC2B64F8CBF90FF77050D,MD5=5A32C73050519AA79DB422984253C5A9,SHA256=609F9F52FFFD219A2D5F40673B67FBBC471C4112507E3627C0EBE9D2D284601A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588426Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.780{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\MpAsDesc.dll.muiSHA1=35963B39FDA5D844065FE574AEC00ED9DE2A3FB0,MD5=D9A433D2DA50167521398C270D0C5B07,SHA256=884D94067C5DC46A1733582B9570A0DF6C3C9ACA962284C2C0CBD70022C3AE88,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588425Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.780{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpWDOScan.cdxmlSHA1=EF513920343A00C05E1469AE94564A06BF64B226,MD5=F50FEA3734E145B4B7DB922734F2C634,SHA256=45E70E5D4512533EF7D9EF5DBDDE1EF8F014A039B40411C2ADC353CAD4C929EA,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588424Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.780{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpThreatDetection.cdxmlSHA1=ED9A1E311CB58F04B64D9877F6B22FA890B4BB06,MD5=A21674BF2E6AC204F26B3D8AB714F5EB,SHA256=C00748A38D7778D65DB72C687ECF63AA0D01173A4C27876CDCBCF21A9CE36BC7,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588423Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.780{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpThreatCatalog.cdxmlSHA1=D75559DFC3ED47B3279468C1713C3FC1988C2F94,MD5=4C5C9C3E9311AE5ED98C8E178A9CDF9F,SHA256=6F3D6A4C7C962CB073FBEC4161F9FCFE7B98B4DDA361049F7498ED653FC95560,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588422Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.780{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpThreat.cdxmlSHA1=B13189526325DF1BBDA007A74725006CF9DEC61B,MD5=B8730C31A5B09A0DE67E50063DFB0E7B,SHA256=FBC99399EA1B5EF329D601B15CB5FB7628726A93B8BFA4239FA67B9AB4CE40AB,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588421Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.780{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpSignature.cdxmlSHA1=75A76D80E894EC05682CF979A4298B6F739FF291,MD5=762661ECE3E244C0B01D4D4C6730D475,SHA256=543C60C1C40FB55439B1CAEE1565E2CB6A1B53C41B32990C1E4D1963E93EC4EB,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588420Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.764{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpScan.cdxmlSHA1=D1BF2C2972058F8A653B315C0BB51A2E6AF6AFDE,MD5=BCE223808FD6C3DF834FCAD4A563811A,SHA256=1AFF86C05B9A48A03A6082DBB5A69BE740CB1E2E670D85AAE9F155116BE13FCB,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588417Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.748{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpRollback.cdxmlSHA1=10B03E87AAE0F5E97F7138D7A3FBE666191CDB19,MD5=0938C3D78E4E0FB30915B4D7B356E8B0,SHA256=92AC4333765F642424800D39E6D3408FE71481E26392CA61039AE7C08A4220B0,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588416Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.748{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPreference.cdxmlSHA1=D4A5C08683CFF8707DCE478F6E2C11430A855A70,MD5=8E39F4149A1CC53CC61DC678EF038CCA,SHA256=A3DCE87A51180FDAC7C2BDC60F7BEEC1BF95D72CC87B9B28A5F6AE243A8675A1,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588415Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPerformanceReport.Format.ps1xmlSHA1=CDFF6BCE090C4E6D9013262D109D27BA55BC866A,MD5=F9036A89B193FC7F6CFB0651F612C8CE,SHA256=A50C6FD5764BDD58850AB76FDA73BB9C114DE16F27DAACE0FC9C82A2C35F49ED,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588414Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPerformanceRecording.wprpSHA1=1CDBE901753CCE8D933DF8D50507CE16A25AA428,MD5=990729AD92C1325C42B04BC975ECBD57,SHA256=E796454FEE4CF17EFDC25DB5FEEF00A5D7C1B335E6C4B4FE996E8AD7CAB01BC8,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588413Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPerformanceRecording.psm1SHA1=B8CC9707564835AF06F4EB7C1E5F158442E336DB,MD5=5497187BF08365E2D7B6ABF79183D666,SHA256=EADAA4C31BF2ACAF729FFA4797095C1851F3EF291700846E63EC4752C5297831,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588411Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpComputerStatus.cdxmlSHA1=107746A7B71CCB7E9FF886F73922228482BE30C4,MD5=777F39C7CBDE644C596D1CE638DCC7E3,SHA256=B1224670473260A6FCCD24E59B4C447F675B568BA2CCD668C2FD91FB8FCB6C48,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588410Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\DefenderPerformance.psd1SHA1=EB77043F66ED751F1AD000054FA155E108FF4EE9,MD5=540FC83A3083BA433E7DD290E7F1E155,SHA256=324CF552748C6822CDD9DDB4B95A26F4054422FD395CFB34059FE8AA513CB68B,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588409Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.733{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\Defender.psd1SHA1=F4376134EB46873CB32C3DC9BF491752DF0AC70F,MD5=381CD4A37460D0204CF1EB9C7A760B2B,SHA256=2F99FC383EC1ED08E091B5D5116DA90E7EE44D56675E7A0B91D209082470F5E9,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588406Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.717{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pl-PL\mpuxagent.dll.muiSHA1=B9455D7C2B23DEE93FFC63F476CF1F1B0D87AE37,MD5=920AD72ADCB80AD3A863F098F863155A,SHA256=41DF0E48DEF7663D5B2D1EE0E8B4A31C19DA10B148D538EBDD90B708B1BB7094,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588405Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.717{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pl-PL\MpEvMsg.dll.muiSHA1=59EA83D70B0E668E37A89F53737E9DBF74F134E5,MD5=6DEB4281E284D6CA281B6807992E92F6,SHA256=8810301217D8207BDD58C0E153DCB22B969D68413CEC92AD9099713693760543,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588404Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.717{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pl-PL\MpAsDesc.dll.muiSHA1=C1C467B9C410BCE137FD042351B0BB7DEDA1FEE6,MD5=899E846E247BDC7CC80779BCE505B081,SHA256=09A9E907C1D6CF8D43561EAF17E758ADE12F48077D1E249F31A476AD59214728,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588403Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.717{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pa-IN\mpuxagent.dll.muiSHA1=D486871BB9E67DF370CC90E195D90D4EAEE2877E,MD5=93F4AB403FBDB647CD351D810B513A64,SHA256=35E3E8EEBAD9F87206D0EB4573E9EC833DB712ECF7EDC7BA1E28AC5BD0103306,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588402Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.717{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\or-IN\mpuxagent.dll.muiSHA1=90E3005D78D51962E76DCD72115DEA6DA40BDA01,MD5=25E45231346DE5E2716B450AAF10601C,SHA256=F9414478CEC594FE5308DA149F8698B2CE493C166D39939340877B1B32DE9BFD,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588401Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.717{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nn-NO\mpuxagent.dll.muiSHA1=7C8353DB56B5201C17346283B777CC58E7A5A763,MD5=A749D1E57EEE38C73DF15E3CEA1ADA4B,SHA256=6D0B5071AE7CE567663512BE5D6522B67257D1179E5FD0004DB9BA9AD37DA5BE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588400Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.702{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nl-NL\mpuxagent.dll.muiSHA1=3575D2AD5F2F8274C403631D573D0C3A79DDCEC3,MD5=4A2E5E37D5B66588227A17E15C37752C,SHA256=CFE3A9BA2C8795E6E6891D1BA57AE9966259B48991998C20CD05109DA2A0BC97,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588399Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.702{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nl-NL\MpEvMsg.dll.muiSHA1=BB1666F352B2668D9BEA03ABAF7DDC77470CAE18,MD5=7EB691213A11E4173F3935E42430C589,SHA256=4872F4D8DD2F66070646C7E66649B90A6C2BC2B55D6FB385CBC82453F1F783F4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588398Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.702{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nl-NL\MpAsDesc.dll.muiSHA1=9F2DEE277582B2D3EDE97F37B4432B3E9899CADD,MD5=86F76AEF572F99452E31AC8600F678D0,SHA256=08B89EF2B900FB51C881824383401691AF3A8402E088AA224D718E53402BF4F0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588397Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.702{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ne-NP\mpuxagent.dll.muiSHA1=D704AE507570627F1FB9C500D9AB9A1B5B4B4697,MD5=8E4AC1FC193E36B66C98D2DFDCDC7432,SHA256=133D442E49EDFD5359D8D40C6B387B47A37BAA66CF9148DC86DE17D3E55AC078,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588396Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.702{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nb-NO\mpuxagent.dll.muiSHA1=334FAC0803CA8D4EEEAD4A0B26CA6EBFEBB22219,MD5=A6082D9B7B4B0F055DDF3FEEE1FDAC29,SHA256=53BD21B1DF88576B04464DCFEDDCB4B1B61E5BD6D67B48538750FF7E1DCAB62C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588395Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.686{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nb-NO\MpEvMsg.dll.muiSHA1=D1CC7E600D202C6B516D0CF126AD8CB38D33E091,MD5=9BB918F670BD510A23C4472E40C16E19,SHA256=D1A6F8735ED892CE138AFB0EB3BCB0EE5AC93E3B76A80B53D484ED1524BBE80A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588394Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.686{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nb-NO\MpAsDesc.dll.muiSHA1=DD3736B5B1C44822AE197A1478ADACDD191B43D8,MD5=205718129B6B4B663C29D660F34E87D0,SHA256=44EDAC6CEB939E254C16FB99F6FD1E7D188CC8EBF22AFEAB95DC14B6BE4A87A1,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588393Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.686{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mt-MT\mpuxagent.dll.muiSHA1=DBED726F9BE19864902B0ACC849745B0F14A7CEC,MD5=61A854CC3844F8BFCFA3CB9EE11B0C85,SHA256=4EEED3699AF8425896273640BF83CEF465EF01A4B3B3D0598C490049284EF1B3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588390Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.670{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ms-MY\mpuxagent.dll.muiSHA1=E5DC830131E4AECC7D7D7C0C24B503F42733828F,MD5=7F137F6D3DE9F5BCD1BAC9B10B5B6F2B,SHA256=7B8415CA9B7A8C3F511E5AD4207BC8F790307D93DDA7C11815D4D8BFE51CD56D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588389Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.670{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mr-IN\mpuxagent.dll.muiSHA1=1FFAB63B719AB6D3FA74F24989CF9ECCAF5008C0,MD5=7D0EA66A58EE5E39165F39035ACB6CB5,SHA256=63B171D10C32ACA2A3567EE18BD680B231F66EB53357D0C6554166A43F873488,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588388Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.670{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ml-IN\mpuxagent.dll.muiSHA1=F0A975A9136F929264697A0C09308FA6312CC08D,MD5=85E841E5A5A117DA050CD9EE0022F8AD,SHA256=339F69B1BADE2110EE622CCFF09B158AE10D1B5636B35A64B5FB0C4983CF07DB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588387Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.670{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mk-MK\mpuxagent.dll.muiSHA1=2207B36639B33F8C367E107567EBA26748E6DDD6,MD5=1066A88C174E1B917588D75308B4971F,SHA256=AC098EC17343ECCF43AC6712C45D03E0F79A752A14483B622660BAC4CE3CBAA8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588386Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.670{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mi-NZ\mpuxagent.dll.muiSHA1=8B9444202AA0CDBE86EED9637ED913FA736DC855,MD5=05AD73A04C891D65FDB464461848CC71,SHA256=74C785DD7965742CFC10BDEFDA5C97719A306DAA97F865B6AE329EA9114721E6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588385Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.670{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lv-LV\mpuxagent.dll.muiSHA1=B7C9AC0B4D960BC845914CD3E6E0E2A883FFEDB6,MD5=A3CD12B2EC6225F6B3BA6A315ECC5BAE,SHA256=F6D2BD8A9C00A19E8206DDDB3F68607AAE75ED700E1F11B9E6829BF2D2B7DC9D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588384Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lv-LV\MpAsDesc.dll.muiSHA1=2F681CE16E43FBF278C453BD7B2CF2D7F5793331,MD5=BCCF970661DC4548B31A9E0DF76F1CC9,SHA256=98352247D504F6D609C33420A98E15577075AFB155A1316B6ED5DE7EC1E23783,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588383Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lt-LT\mpuxagent.dll.muiSHA1=CF0ACDD24A1A3370F167EB1784F7A3F15808687C,MD5=E00A56788AA5D00C2A4D143ED9C3D348,SHA256=432F3FED7AA1C07E7D3BA5FAA46BD6C2B16A2481FF29083CD0B8CAEAAFB6FE4A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588382Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lt-LT\MpAsDesc.dll.muiSHA1=0E76341AE69892C669A4BF43E83E7EA2E57C736E,MD5=65D25DC182E8BECD4444883BE356BCFE,SHA256=3E59D9C377251260185E1F7328161B9832F434451BEEBEAC87A6CE78C19FB08F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588381Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lo-LA\mpuxagent.dll.muiSHA1=11614E0D576CA665A260E2244CEE6D70A48171C9,MD5=83EA5CBE9DCB9E7A7563634A6EA6B751,SHA256=FDB40280E2DD64B1F86F014EA02E1F24F376BE0D76181D1BCA70F2850AEDB06A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588380Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.655{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lb-LU\mpuxagent.dll.muiSHA1=E08DE8C551BD4614406538B2A8664F142182A9E2,MD5=EEE2897085EAA79AD2EB5A103198FAB9,SHA256=618715333A9EC0CF1D5B4D14DEB20371CAB485D78F498EC5BD05C5495074A195,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588379Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\kok-IN\mpuxagent.dll.muiSHA1=25D9395E0D7AD72B9F21C6BA28964A14E22639CD,MD5=714AE16D0C2F4D012DBD8A32574275B9,SHA256=BC9256D87391F07C24F51478A8F8039EB346C8D1FC9A55B93BE63375EBF7C922,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588378Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\ProtectionManagement.dll.muiSHA1=DEC7170FBC93FF3E71F258BD52F928677A3AC65C,MD5=36764617D216301BA6F28FF4DA79CDFD,SHA256=511D811FBBBD2E5FF0881AF96CBCC99CDDCD9B775386E98C70EB86A550E7EE14,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588377Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\mpuxagent.dll.muiSHA1=77E03863ABD42FC0A4826C415C50F9AF6B2876B9,MD5=EBF326B3BAD43631E1AAC887C152FD04,SHA256=4077BE78863779837E63FB0FC8FFE2EC5472908A90CA0185AE0FF521515956ED,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588376Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\MpEvMsg.dll.muiSHA1=70F17B8ED35108BF7133DC89BD6FBCF7DB8A2185,MD5=EE1B55BBB913B97B481E441AA75F7D57,SHA256=D6A66B14DC1602F9648844A09926B62EF4F700CE29AAE3B1D40ACBA8F2023B6D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588375Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\MpAsDesc.dll.muiSHA1=51C9B02B848D78DC59201C93DDE1437D76E3A0A5,MD5=B523E9AC220C6610CFA485C72B866BDE,SHA256=E4F27CBB517BAB4FD5D979D1B2EADD570F61A110C8880FBD30F7C3F030F81E76,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588374Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\kn-IN\mpuxagent.dll.muiSHA1=D732840FB2CAB59ED0A710B93AD03B588A7E4724,MD5=32042F48B1E08933459948CAED48D0CC,SHA256=60ABADA734A54EC27F2659AD9A35C281CF9F114D02D3474B107703BEC63527EE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588373Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.639{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\km-KH\mpuxagent.dll.muiSHA1=5F541DD82A6402D82A9B7666904281A5E778FFEB,MD5=FFD420F473B846A79E3F5CF55AD304A9,SHA256=7BD2BE12638E0DC5D34DC89E43A74380B1D2F95B765AF922BB37754B4633A0E4,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588372Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\kk-KZ\mpuxagent.dll.muiSHA1=B0F33AEEC5FDEF959B8877F230E0A1F7427C3D2B,MD5=0168652B71E259F5F1D6882BA9ED24D3,SHA256=E7344C3D5A33503DC2686C3E247A87CDBDD606553D1E6CD89A5940BDDCC8A4B7,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588371Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ka-GE\mpuxagent.dll.muiSHA1=4C9CAEFE88BADB3962AB302D5F37410B518D64E7,MD5=EDDB6C0922A338A96BA12D786BBBED9F,SHA256=D5B08237BDD176B4E40137B84D086F199480D3BD74CFEC7D8BF93182A59BFA5D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588370Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\ProtectionManagement.dll.muiSHA1=75411B6DD9FDF443EB058061EC8F0D23E3B26D7A,MD5=64ED806D0BC3652B5EF3A8C86A329B15,SHA256=FEF985AC11054ABFB60FEC0388FEA2BF402C83A3B9668391166970DC7AB26212,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588369Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\mpuxagent.dll.muiSHA1=0A4B608EE260DD51F468BBEFE3EC13069CCE783D,MD5=81869ED8FFCFA0A0BC659CDC8B180124,SHA256=5374B41687BDB15B93AE6BDEF50D9915CF7887026E6A52E2B13A23B2FC28A1E0,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588368Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\MpEvMsg.dll.muiSHA1=D77CF03B6637096A3568706538575833E6A3499D,MD5=4E69FCD3D1D79B2D34A6281CE8D0385B,SHA256=50B522766858D3E72E243274AAC9746644A67306D5623E00A2A26794D6C8E8A8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588367Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.623{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\MpAsDesc.dll.muiSHA1=F0C515E33FC2D4EDA604E7641BD1388CE1FF3C28,MD5=7D9A1DA953818667E3061B17CF75CFA7,SHA256=F208ABAE42732A1674A6CEDFD3F45DEAEEABF78F68F51594CF5D2583DBF65AE9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588366Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\ProtectionManagement.dll.muiSHA1=53858910E18D78B2137D25959B52F6B812A104BD,MD5=53C44178EDBC7FE6AD2BF111D86B8A0A,SHA256=DA7928E99A2280C063C6CF3E6D259C693914A4D3FD58D817CD8C3F5203FDDA20,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588365Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\mpuxagent.dll.muiSHA1=6492B9CD14F1A338621F9E7F9084BE7118DBD1F1,MD5=E86B440AC79AA332A2B132FB69039A4D,SHA256=F437ECEE4B0E72FA1AC4D5CB28E12EA1A6CFFCFE519E95C3A1040440C50A6CE7,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588364Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\MpEvMsg.dll.muiSHA1=B909AAF5E971B79B039F913F5FF307348792E31E,MD5=35B37D30DD641602407BD1510BB88FC7,SHA256=871CB5B58B3380F26B0C146FDE387E405D80D18ACD63BA7FBD10AC824336F3BE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588363Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\MpAsDesc.dll.muiSHA1=7E3F9CB33A3564A2F06BCE90116567695C7A4C2B,MD5=8EAA5E0AF05C94EAF6566BCA12B39B01,SHA256=3EDEB36A5D98DC98970673262465F9C31320DDACE8B9457B4C4EE46336A1B62F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588362Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\is-IS\mpuxagent.dll.muiSHA1=80D3B900A67EC0A61841F274E585AF65CCC6D8CE,MD5=511CD8B208D2164BC676AA249DFF19A8,SHA256=03D8F8C8CF90283D25BD1E47C6864CC2309D2950C483F1C713F75C055ADACA4E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588361Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.608{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\id-ID\mpuxagent.dll.muiSHA1=A7543A52A5F0631FEA578CA37EACF35CE0C711D7,MD5=010550510E0775BED4AB4E185528808D,SHA256=04E624AD61A2262DFB282851A9A7E15636734CE5349548F8A4A235942FA7B058,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588360Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\id-ID\MpAsDesc.dll.muiSHA1=637A103D6C0576C83A978C3D8AF6B441205E6689,MD5=109368B3CAB3E531FA46B2643C54E887,SHA256=F4A629357B2141A71FA82F12E414ABC9586693FACA7EDEAB9A507E87EFAE119A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588359Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hu-HU\mpuxagent.dll.muiSHA1=8EE60B49229443C164094AD3A195474D16201A07,MD5=7880E5A6BF585C8FC44EBDFF20076F71,SHA256=2F31FC6D7D6CE1F98BE1353C9AB23ABE14422FE3840AF516C5C0FB8F69D7D5B5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588358Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hu-HU\MpEvMsg.dll.muiSHA1=C3BC563B8BB51AEA01F513B1B7134CB595F0790C,MD5=6513527ED13F59950CF68A730CA3207A,SHA256=CC9D7CF219851C703C0D2AA6856BC75C9D4C58465173A402C81FA2167CAFF5AB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588357Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hu-HU\MpAsDesc.dll.muiSHA1=E85F8033C560CA94E99BE5D37C5C343439D69C5A,MD5=5F615950B131C2EEAA5039DDAF8FBD27,SHA256=CDC2A14519DB3D81B6F90C0972E9C36908E3B06BCB4D5F4A05CD9E7889BD7D8A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588356Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hr-HR\mpuxagent.dll.muiSHA1=37699840B74C103D74E5175A470E19E4DF45787F,MD5=F03396AE063DC943EB333C360B380F26,SHA256=C20A9443D68F93F3A80BB089A567A19597FE495E970BD4AEC63513CB0561DB3D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588355Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.592{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hr-HR\MpAsDesc.dll.muiSHA1=1E4F7A39D56C53BA796C37981AE8BFA26D43F671,MD5=1A20C46DE90614A335B5032F8B1DA57E,SHA256=65D20E208935EF6B0945BC46BCB76B5E7E28940353B21649F2D35E3FEAD297EB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588354Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hi-IN\mpuxagent.dll.muiSHA1=50E65E70D6EE2A9E7E75A01F8589A8E1812DE37C,MD5=3320A4D9EB91BD83BF1A4C5A60825CD0,SHA256=2CFDB7E9790C01FBD0CDD474994994438F17193D75DB1CB7DD0916E3A771A293,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588353Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\he-IL\mpuxagent.dll.muiSHA1=DC5971C5CAAD6BADBF6DE1217786281B64F2D067,MD5=67D8F1B790612AEAB7A166E4BA002AF9,SHA256=99A06E778E0695EA9AA697B06AF42D4FD8BF2E0D9B4ACE15F5BA36183AB9B160,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588352Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\he-IL\MpAsDesc.dll.muiSHA1=205B5495BABF9A4C05B2B24305DC8A767576748D,MD5=ECDB7C30D16A804037543C2C4B81F221,SHA256=CBE0A5C15A25011A65CB4C0AE0C3AB9C04FD13B1BC6E31BDA7F63C48931DC21A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588351Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\gu-IN\mpuxagent.dll.muiSHA1=C6B06F7308CECB7747F8C8900F80D16ADE7810B7,MD5=F9360A4D7AC80B24DC15C583A337E466,SHA256=5A8F8C3032E5E8586A146D2439974A956A920EF2EEC19DC84E1EA7573923259B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588350Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\gl-ES\mpuxagent.dll.muiSHA1=944A228DB65573A1EEF22625394953FFD2EA1CD9,MD5=203A3D0034F8E1CF837EDA1B5B46D385,SHA256=907FC1B846D3B5C92E6B4F7FD17E84A43A3D1D3BAB5C47EAA90264FE3038A491,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588349Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.577{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\gd-GB\mpuxagent.dll.muiSHA1=114C74816A85B01FF4BE3CBC5102BB6658557180,MD5=E860357BBF6B64CDEBB43411445B9DC5,SHA256=284FCCADB1E198B7A59B68F19930625B78FB85C99AD9B697EFF4E9F4A6057572,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588348Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ga-IE\mpuxagent.dll.muiSHA1=02AA2F23BF0EAF359AC1AC3C5ABEB5B3E60F0DF8,MD5=2C01963BECEEF1E36DCBB1CC054F5D58,SHA256=98870A700CA2A2919D685BA261A8C71B9280349E32AD5859A1E5F8C366550691,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588347Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\ProtectionManagement.dll.muiSHA1=15CFD32CBC0ADF822DD1A65577809FC971EC2FCC,MD5=80E987D0E7FCFCB4A12A6A12CD66B2D3,SHA256=D07552737833421758D5DD69163EDCC3D2D03ED04D7E2FBA1AAA0271877CA315,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588346Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\mpuxagent.dll.muiSHA1=3EAB1BF0537531CE3E41471CA1B851B234EB367C,MD5=E49CA450EC24084008FF3CD2352304FD,SHA256=09A558E94692BF763D46ADCBB354CF1E5B17E46F1570965DBA7F7B9792338E25,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588345Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\MpEvMsg.dll.muiSHA1=D74E5EAB7FD72B612F306B8B663F64BADA148BB4,MD5=5D2644473CED8C75B783350D26A8245A,SHA256=4D692331F9FCAC99F58ADCCC2C88E9EC61B6FF902159DA2DF7EF5EC17C647963,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588344Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\MpAsDesc.dll.muiSHA1=150B2F070EA425077E534A25CB5EEB6B092B7DD6,MD5=2B9C30C379C636209BA75AA4FBE90BA3,SHA256=5E58B69EB5DFB7A45DB67051B3B267679E69C526F9E6EB0E0DBD592461230B83,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588343Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.561{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-CA\mpuxagent.dll.muiSHA1=BEA1C2F7F755ECB37633EAAB0E0DAA3D995FF522,MD5=88B1E9F4B3BEA77517B1FB4DD04B0811,SHA256=2952773415CA51F69C8D8B2D7A14C0E0839E2B5DA72FCA29D25F91B5491A5C40,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588342Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-CA\MpAsDesc.dll.muiSHA1=93E048970A7A40CCFC509250BC53BBB5EBEFF657,MD5=7DC8EBFA0F40CF335106D10E11ADD00D,SHA256=7E96A440B5AABB1A606505218C198144DAAF35D0BA3A568A34998A550A70FCEB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588341Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fil-PH\mpuxagent.dll.muiSHA1=2B94051DDF48C965CF7BD4E080D796E603A96F8B,MD5=4F92952FBD4ED009FBBDD928944AB818,SHA256=1206D57DC971CC6AC7C63FE9D4D44436BD788FFEBA31A9554390FC91FE233626,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588340Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fi-FI\mpuxagent.dll.muiSHA1=0243880F8E815C0A878FBD75469FF184172FBD75,MD5=F3F2788860587FEE75BDB40300F3D040,SHA256=1916B25A57AB3D6C72FEA5F2CC5C4C60544A95E18A11502ACEB33F8E9B288722,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588339Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fi-FI\MpEvMsg.dll.muiSHA1=7D6AA0A16D3536693C22F25BF967B1BE08DBF6AD,MD5=D6AA32D18BC0DDBBDC903862DE2AAF9A,SHA256=E88FBBF0DC8A692A580A8DF7D6B165078A13FF836543DCFFA2BE773E87AD3DE5,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588338Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fi-FI\MpAsDesc.dll.muiSHA1=9B1CF346825AE7F85F6B1B5175E76EB58257F177,MD5=59D8486E2290C5F166F624858D96C28B,SHA256=CA78CF19C8459C2B89FFD860413F449DAB5609739321CC3B78963833C4CF3048,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588337Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fa-IR\mpuxagent.dll.muiSHA1=4DD3759D1B40E92D479B6461274ACE334315C920,MD5=D5C10464A317EAE5E4DE9DB6A7E11D44,SHA256=9150114CA29F4FAC7382649313265A65547DEDB8D3D63F2E0424E5BBD8AF4919,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588336Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\eu-ES\mpuxagent.dll.muiSHA1=53F9BD2BBAD40F1D2FDC50F8B2A2869BDE3B949C,MD5=F4BA9FF403991C59DF83F4ABE3D82F59,SHA256=1351E90C9F39721D439A79C1A93DB16EA1F4E3C0904F60D9A97129D636917350,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588335Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\et-EE\mpuxagent.dll.muiSHA1=5537134D39B2BA1FBDB0FB7EE19A180624DC6E91,MD5=DBD623D27CE547BE976F131F5740412D,SHA256=0C77C62FF7D31E875C42D94EBB670DB9273A78F96A99AC0B1025BDD2BE49120E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588334Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\et-EE\MpAsDesc.dll.muiSHA1=17591342EA9EB789AB6FF1E9AF360566DED76C01,MD5=50F913008D338E689B782DD3171C73AF,SHA256=B7054DC961B9402BA690C2C83E07C713D1C1B89C5625BC9F58313CC8EA1BA09E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588333Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-MX\mpuxagent.dll.muiSHA1=AC752B0918B522604A09BD31AE047DFA068DEBF3,MD5=926674D9390FE5AFA2E23B45A9A9FB71,SHA256=D73A1B7C00BCD3F940B4389E068FD3F1134599E8143B0CF74CE8379B682BCC71,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588332Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-MX\MpAsDesc.dll.muiSHA1=A5447C0BFEE974FD01DCD7F23D50BF27833F8B4A,MD5=FBC0687AA12543DF47466D0144790591,SHA256=95A987BCF917672E7A3A03936842B0BFB4ACF27C29726CCCB077D19C29EEBE1F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588331Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.530{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\ProtectionManagement.dll.muiSHA1=BCDF23ABFE3E162E4058F83828F45664594BB685,MD5=E8B0355EE099AC281A1E21B84077B800,SHA256=C14EF3561484E11EA53E9DDF4A85719F7ABB1C85B51318D71A9FA2AF803D4D1B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588330Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.514{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\mpuxagent.dll.muiSHA1=82FFD70F823CC1389BCEAAF12AEA9D59CAC8EF87,MD5=9159488DA8B56BBFEBD823922DD26E3B,SHA256=AB9746889CA0BF8125275AEA017ED04F79568F650E3F754C40E375626B444C6E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588329Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.514{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\MpEvMsg.dll.muiSHA1=EC73525ABF03C659A3053C63047B44EBB130B727,MD5=00F7C48EC9021102BB748CFA1C6F6AEE,SHA256=F971A1C4BB6378FCDAFF8FBE7878FC1D3CB27DD18DA69F66ACBF8564952C6F18,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588328Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.514{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\MpAsDesc.dll.muiSHA1=08871CCA5E032CEBCC8868C8192380A668EA9654,MD5=F5B019FE3AFABAFE5D96D7BC8994C9E8,SHA256=CF08477879C302F5364B62449FD083CD49403A75229F7F5412225DC733723BE1,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588327Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.514{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\ProtectionManagement.dll.muiSHA1=A7A103F7B37C66FA042B1768C90C570DE23A34DF,MD5=E34EFF2C367884E1B404A661A03B4322,SHA256=82E6F959D1A29E01A919B7D3AC6C3F96A06613D9713B824E0197186D4CC06B7E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588326Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.514{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\mpuxagent.dll.muiSHA1=4C3C3A9F207E8228891CFC9D2B33EA394945103B,MD5=BEB46BB3B155B3B1ED467B02C22D1F8B,SHA256=E0859192CB3CB876AD10F786CEFC3B6F45284E0CE993B88A5F103513901EBE24,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588325Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\MpEvMsg.dll.muiSHA1=4B7A4FCA677AC5D55B82C0E844E886102C5C62AC,MD5=4BEB3E03588A81ECAFF6A35CCF5DF50D,SHA256=40C4D1F5541068EA5A452F3E40F100A98B59F0DA082495820DBC1217C9D7400F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588324Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\MpAsDesc.dll.muiSHA1=C053B8C657281F0595E3BD50824D05D22A257A26,MD5=D57DADF93CB990E3482E92CE8341A83C,SHA256=A343E2955CBF498FD113769827CC2B2B52150E248DE9CE928D3ECBE8ADD60D3C,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588323Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-GB\mpuxagent.dll.muiSHA1=5B8A07035DA31BA43E1CD26144D54B417FD34714,MD5=A7C6E474FF05E15DE288D0838040CBBF,SHA256=BEC3C718F81154F2DFD39E9146C66CB9A66E41CA067B4E5BA5E1DBAA26360040,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588322Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-GB\MpAsDesc.dll.muiSHA1=CABEA8E52F83F8153668BD8AF8438E9D805278CC,MD5=90A9508811346AF5C878D1C160EB0412,SHA256=BB96CCA674617611913588D6832927CA0A32CA98F116CCD58B499F10EF2F1E8D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588321Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\el-GR\mpuxagent.dll.muiSHA1=D517D4DECC2EB5C79221D404DA40D05A8467AE3B,MD5=4230650EECAA60578472946378B067C7,SHA256=9FDED1EF8E3438A7DBFE3257424025677C339B4DEACA463FFE09DB1D84B0D6E6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588320Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\el-GR\MpEvMsg.dll.muiSHA1=E8A3A5C3776B79858B6D53DA9419351977E695B2,MD5=94A8D08BCA9DAD915A51F387F8DD6D2E,SHA256=C257072867FF14A4FF267C765D0C6662C39C9948582B3132189C237F8AB7277A,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588319Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\el-GR\MpAsDesc.dll.muiSHA1=94AA641E4556FF67A21082990ED57A56284BE5E8,MD5=D458FD582108263A2C625EDBB7FF9E6F,SHA256=20A7ECF180272AB192D06DFDC72F5785B427CCC0CA0815D6637F7267ED3E33F8,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588318Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdNisDrv.sysSHA1=A6F0882807A5755F32706EC8C03CC4BAF7AC944D,MD5=28EA5EC8A2450954648775C7439237F4,SHA256=E59FB186432992B735FCB9E7F88B51308706AC889C7C590E87129AE09BC15163,IMPHASH=3B35A09D4E1C8B9673E78ECED60728CAtrue 26542600x8000000000000000588317Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.483{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdFilter.sysSHA1=9916ACEF9D20AF7123BB910C7FA145EC58D96728,MD5=765A2AE5BFB1D31049E2F86396C1FCA6,SHA256=3B27AB3E48395439EB0AB8BD8E5E2796883E9B50DFFA6205F4EF62549267D5C7,IMPHASH=78D28E20B8C8766F88DA31B25406AF01true 26542600x8000000000000000588316Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdDevFlt.sysSHA1=5C67F218095C8363E04C7F161D86141660672E54,MD5=9A2AC17C6A9A746107A27FDF7CE2CEFC,SHA256=08A200EF1D3B8374AD84C82C1B5DF34AA416573BB785DB4373BF1FFA9BBDEDDF,IMPHASH=890C088F7D4A3E82BADEAE88FFE6915Ftrue 26542600x8000000000000000588315Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdBoot.sysSHA1=CB6692029D6CA11F7FB2EA26F1495E8050418411,MD5=6B265728512AA0B12D8B79508F41673B,SHA256=15DCA5E814C3772831128E1A7B59A88C370EF7E6FFFDA1CAEBF21C881E5943ED,IMPHASH=5FEE9881DECBCD99AFE063C90FD54A26true 26542600x8000000000000000588314Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\ProtectionManagement.dll.muiSHA1=1774BC45234FEBB2EEF7623DD56A4E7507F79865,MD5=96320C4BC747FEE7B50A59BE481D35E3,SHA256=A04C4C6F453308BD5CA3BE634CF760819FFA10805830392C5485F2605AB2E807,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588313Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\mpuxagent.dll.muiSHA1=49AD385B7CFC3B5A1241D388BEC2F910BF6F2CDC,MD5=10AFD207D8AE3B8005A4F024C3AF6AFA,SHA256=4001BCC703DA46ECEA2DC46528B60B0309943485DF1721183F355A8C58904E6E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588312Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\MpEvMsg.dll.muiSHA1=09BDE5E5336CADFDF9B3F6ECBE426AA140709467,MD5=1E9C3540B8726BEAD49E980C3875353F,SHA256=2AA952EAB66BBC8287DFDDE36C75E573FD138224B6104E8540EC4FCD66B63400,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588311Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\MpAsDesc.dll.muiSHA1=89C072F31FBF79474BAA4C2D24D4BF55DFF07A58,MD5=9C1B7309B97A8D5C429F441254020FE9,SHA256=A033E5AB885CA72330919B85082125AA42F277C53B04A91E2F000BE9CE70175F,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588310Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\da-DK\mpuxagent.dll.muiSHA1=D94E8E23BFB59DEAD894DA1C66F1D9E54410DF24,MD5=28FDBC799CDE1144C81396F97B3B85BB,SHA256=31342DD32FA109779AB0808641BA427AC888190BFAB8F36E09AAD8D634233F93,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588309Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\da-DK\MpEvMsg.dll.muiSHA1=F4119889F1ABF4756DA2EFB5FF218A173475B561,MD5=F0A01C9F246CAA3EAB9CDF35CA0EF0F6,SHA256=82F441D2930B04661F6748321BE1C8A941D4C53D831BB6260A3665B33DCFF434,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588306Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\da-DK\MpAsDesc.dll.muiSHA1=86427BF74B80F8467E701A26818B0FC2F26E6352,MD5=09105D54DC4F9C112C27932FE880607E,SHA256=A1FAE4B4E2132A5264E7E8D6F80500CF0BF12B0505FEB8C29599F32C1610FFE3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588304Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.452{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cy-GB\mpuxagent.dll.muiSHA1=48B1CE735D86EC6C6F3AEA6B237652ACDB44163B,MD5=BBCE82BECB0A8DDBEEA72FC8F779A2FE,SHA256=12A6C24976FF4E1425E533BA22B5D813A455E6981B14EF8A087F00E7FE8C5A6D,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588303Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cs-CZ\mpuxagent.dll.muiSHA1=D7AE38B160A576F5FD807A9089B70EC11CF8C7B2,MD5=B061BCD4B0040900D9C6BFAA47EBCF25,SHA256=FD290A9B7AAE7B4E8CDEB410E4AD3EB2D7EF7948805F413B2FEC6E91323BBBBA,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588302Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cs-CZ\MpEvMsg.dll.muiSHA1=7BBFAEBED463F2857FC002BB0A4B6AB821A3732A,MD5=EB0BD755F5056336B8CC6EE668AE24FD,SHA256=622FEFA35722C9CE5BE1296DC883698714BB1B474B69E2D86B4D367310D3C5B6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588301Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cs-CZ\MpAsDesc.dll.muiSHA1=AE7C26D6EE2AE09CEA8A95641BCC907DA0548C72,MD5=D025B25D190DA11D4622E1CD2CD9E380,SHA256=DFC43B39132278A614516DF81847659F5217307B7DC6228FDC8F0C18B5A4BFD6,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588300Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Catalogs\IGD.CATSHA1=5DD48FF67162707C4468A7D6AB3E80F66E87660E,MD5=10AF96986E0337DE2DB015DF14AFC054,SHA256=48E3A2E2DA71C9E040D4F530725C1A5F401124C4D94496C7F5B492A7C30E277D,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000588299Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ca-ES-valencia\mpuxagent.dll.muiSHA1=BA14FD5CFF8C4C4A2EF21447A094CAFBC1E647F3,MD5=22FC9CB88F1F8AF5639F0E7A9EB2F528,SHA256=A561818FBC387456251655FE4F9E96446B1F5F90AD9B473B7C064A5BB55F5593,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588298Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.436{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ca-ES\mpuxagent.dll.muiSHA1=EADE87FE5DD725E6C12ACEAB2616D5C9B7B88FA5,MD5=BAED3A91575515E287A1355B963C9AE5,SHA256=D8FB4D188D93EA36D8C0FBECAC1F502E8B11FDF7315EDDDF9D9C322FA05DEDE7,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588297Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ca-ES\MpAsDesc.dll.muiSHA1=644994CCCFA6CFF2FD6283B0E64DA18CB3274A0E,MD5=147E1F80B82A64064D8923BB4815A9C9,SHA256=71E0AD674F89626DFA110BB1C5EC34F9F7889F6BB5EC0C30AD9B41CE638A9774,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588296Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bs-Latn-BA\mpuxagent.dll.muiSHA1=5E4B4257A60E94C1789E5878EBE41A0ACD7625BB,MD5=88BAE05F6F4F15BB389748403622C6E5,SHA256=C73D077D4437AC912B72C13D7FE7959F30A5149E93944CC81F3710530EE483EE,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588295Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bn-IN\mpuxagent.dll.muiSHA1=11A6003FB68067932B61C24C47D1EA93B36191F0,MD5=FE88CD10921F42D7C7EBFC18CB0BCC13,SHA256=AC555F8F52962C598BE544A60105F72184806DFF6B2CE2803E325FA23A84ABF7,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588294Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bg-BG\mpuxagent.dll.muiSHA1=C97DE224B0BE3439F610E44EA9477C4B629AAE7E,MD5=9E784B3BEAC2929CF6BE702DC98CBC2E,SHA256=9885DAE65B9F59B704E2DD63EF15AE5097B18B8D1C49079478F77792E99328C9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588293Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bg-BG\MpAsDesc.dll.muiSHA1=B81710201CFBA7CAB278001CFA8DFBB105F26885,MD5=296242EAFBDBE02062B4A03ED45D785A,SHA256=B9726F67437B67FE287B0D10EF8D75428D204D650F5CCE91504528B0A6FB4259,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588292Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\az-Latn-AZ\mpuxagent.dll.muiSHA1=E6A69B2AE88EACE21131791F3F95198CA7C6481E,MD5=79C1AFC65B95B68CD64A8DD2AC0953EC,SHA256=1E025F998D09B80E0A972175C80839044A0A80A173DF9B5F75F1C2AE99B606F7,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588291Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\as-IN\mpuxagent.dll.muiSHA1=34421A4FAA37A3AC56A68C05458F89E7D9E5E07F,MD5=54A7824FB8A0D3503DC322C2BB09339E,SHA256=A7A032BEB20638C64015BC834B159AE497481ECB409A1D8EBD261E3F05260D55,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588290Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ar-SA\mpuxagent.dll.muiSHA1=46B00AD3A782DDF308FE5BA759F87CC939DD24F2,MD5=1176BC5213E1B1800E59A4C7B039A047,SHA256=D3F48A6A045F01E3FFB29EEF521C46DF1E7D244EF760D20AEEFBE3CF09851E02,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588289Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ar-SA\MpAsDesc.dll.muiSHA1=30133BA8250CD2DFC3427A4E8B92D160F93DFA11,MD5=B2033969592F611F7609571FC1C18AA1,SHA256=863902A3D7095B75A555F0E56A7504081AA07532DA9B9316F2AD6C80153B25EB,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588288Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\am-ET\mpuxagent.dll.muiSHA1=8E6B824EAE75995D2FF04D168C7B668BB7A9F2F2,MD5=D2434346275CC0CB95C456D642A63B62,SHA256=1613FEE906CD591DDFD6D70F2593EDB51D3BCC4ED1FE7C873134C03E0D92BC5B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588287Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.405{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\af-ZA\mpuxagent.dll.muiSHA1=607ED908A2C104819AE08D229F49F6832AC4DFE1,MD5=E1BC2CF83E5234F631FEF6A94C25EB6A,SHA256=58EC76E24D989E0F32FA14EC807CB19F5BF6B64CCE67BB09E3D2FF3638E03888,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588286Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.389{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exeSHA1=692957C7E2C14AE6E06F1A3CE8D03B67E3C75DF8,MD5=155E15C20958264B24A10AA24567AB10,SHA256=49A7A3DB17D369AA416F882C33A34236995DF3FF68B45CD1851B96143C5098E7,IMPHASH=F8791C208990C75821507CE310EAF09Etrue 26542600x8000000000000000588285Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpLics.dllSHA1=BC8B74F2F11FE4E2EA16DAA2F25B3A4D5003E356,MD5=D64D204D3140C6303EBD2F4F8370C476,SHA256=2D5C50D8F90335D545B74BE69B70B4ACD2BD9BA52CAD2C84486CF79C05CF7F23,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588284Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.342{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exeSHA1=22702B3C03C56199E63EBE0C5D76258024C31658,MD5=4B9B5D750D7F823A6EC3B4EA75C99279,SHA256=EEA0023D44F1840F3E4D0B3B343A9275A1AB3CA753CA365E39C47C5786C587D6,IMPHASH=BF6871190EBC23C782B30D156B94B20Ctrue 26542600x8000000000000000588281Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpUpdate.dllSHA1=152D91C97B50CAA103B06C2075962CAC9E8A7B4B,MD5=70C9342181981E7BD981D1DE8CA68C8A,SHA256=EAE7CD925F12BE3C9802D409E5DFDEA9F9F62D6FB567989B38202D8130508E8E,IMPHASH=3EC98BEFCEF8BFA75F48DD97AD4D16EAtrue 26542600x8000000000000000588280Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.327{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpSvc.dllSHA1=447B0F5DB972829C60752BD3CF282F752DE905A4,MD5=88BBDB5030602606674F9C1460402DC7,SHA256=6265BAC8A09764EC44BCE9D43CDE2BDC11BECF72B7FFAE9C95C79DD8F1EFAF12,IMPHASH=3CC33666E8013595E7BD20DDB8C7C0EAtrue 26542600x8000000000000000588279Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.295{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpRtp.dllSHA1=A6FB8FE1DB11D0FFC81EB2010A6515203513DC29,MD5=796DFB37C08A5AE39EA0570FE05AAB75,SHA256=899DC068F8477C83895915F3D7EEFDEE0DAF027889E89B86458EF5E8AA21A3B8,IMPHASH=74B0B56BDF2F5BFF264A82CC1D3C79E6true 26542600x8000000000000000588278Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpOAV.dllSHA1=C5C8B0CFA44125560541BE75FF2F8BCD19D9B7D5,MD5=AADAA6D9A9AF82A2C03CE7B2F09E94CD,SHA256=DA2B8D842FAB4C864BD2DC0486FFF35005DC4E6B9097E47DEC96F4825B1669F0,IMPHASH=26F5074076E239A05F85ED2BBA28B2CBtrue 26542600x8000000000000000588277Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCommu.dllSHA1=6BA3F20F4CA2D21186E3E9B350359167204CBD71,MD5=40E15FDC3CACAE0C0CE637C70EA4A83F,SHA256=C4CAB60F36B08CD65BB163B84F21213894BFBD5902E7F1FF41595E694275C5D9,IMPHASH=3A12D7A3F9626D03D8F6A29A07E97D6Dtrue 26542600x8000000000000000588276Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.280{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exeSHA1=3A3478EA40FAA4E059CE1EE3CF41C48C662A294A,MD5=3651B14A2E0D87A9FA88E214A966F717,SHA256=FE361EE0C37F0D4BC25BBAD83AB10182D7498FB8650EDFA863915A579D544D69,IMPHASH=B34FCC4C232A80C59EEDF422ACC8372Dtrue 26542600x8000000000000000588275Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpClient.dllSHA1=EB904DA32BA7CA36504B964B8BA1D1FF4431936E,MD5=695E30E53ED55347D2B72444D487E397,SHA256=4D0A0CB744E7F4A7D877544E0DEE5DBCA6DFF0B09EB6D90339989167CD614F19,IMPHASH=59D31F62CD106A55C84669028A7BB63Ctrue 26542600x8000000000000000588274Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.249{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpAzSubmit.dllSHA1=A0C0B5618E294D52E50AF5A379B787D98C0B79C6,MD5=25C67A2806308AFBE10770BA2CDE0FA8,SHA256=4EE352649089B3C743BC3D92E23BD3E21416753E69E6EE4E19CB3DCD95C106B5,IMPHASH=4F79B83BDCC8CAAF0FAA289EFD276BB2true 26542600x8000000000000000588273Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.218{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpAsDesc.dllSHA1=4E13309B715B33EE72019BF58128F09A385BB0AB,MD5=DE561FCD04F5E163A36961A235C7CA1E,SHA256=350D99EC7BDBFADA93DAD40B436DEC35E7373F525B544C5D40C621821EFB0302,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588272Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.218{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\ConfigSecurityPolicy.exeSHA1=8D41EB9FB7286A1658388E0A97FF01F20D53A4BA,MD5=46C518D95E8754DBAF8A0E39AF92AC43,SHA256=9CFF15424F054060A6A488952044D0350C222C0B1E41F36FBAF65F1A9745A8CB,IMPHASH=07F4A73550F8370233E6E15EA549427Atrue 26542600x8000000000000000588271Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MsMpLics.dllSHA1=FC9DFDF54AD4A918A6BC7E6A81649A3483C9B6CA,MD5=9C5EC72DE0D88F2F4F1E7A119B138C4D,SHA256=9DC2F07345E98BC45C7F5723EF6B3DA765CD7759797B678856FB808607D32344,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588270Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MpOAV.dllSHA1=BD2B4A9C9FE5B69153F8FD60A4A57BBCBDF0BC1E,MD5=FCAF40ED46242603F79AEAFD7E457071,SHA256=D75AA266CEDED572741561B9E955DE84B8DCDB2C808D7A3968F4E4165F536DB2,IMPHASH=8C8323C1058AC4D02D5E003289D2A92Ctrue 26542600x8000000000000000588269Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.202{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MpClient.dllSHA1=6E88A5D82E969B99D8E225221CD094F927C68D79,MD5=9F219AE89A66FD9C02D1532D44059014,SHA256=644BE94FEAF7E4A2298B6D0E45DDB71B815B816455863F3244021EC047F9764F,IMPHASH=A189D024C01E475324C323AFB94DB7BDtrue 26542600x8000000000000000588268Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MpAsDesc.dllSHA1=87145234DA6AE69BE31C6D32CE39C14D6BBC0C16,MD5=A0D20703E35D7958B2AB5627AE0B11D7,SHA256=7EFB308D1C6301DD7B1E130B3DB686E1A58E8BD89DBF11E74F022C542945BD60,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588267Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\en-US\mpasdesc.dll.muiSHA1=C6EA78BF61F981CCE80569A1C7E0C6ED9EFC3C7B,MD5=2A79A7FE1EFCC7D54CC4DE06575D6B27,SHA256=D014301CB016022722294027C857AD4DBDC8D03AD4B015B08139620E1EA9CDE9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588266Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.186{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\en-US\mpasdesc.dll.muiSHA1=C6EA78BF61F981CCE80569A1C7E0C6ED9EFC3C7B,MD5=2A79A7FE1EFCC7D54CC4DE06575D6B27,SHA256=D014301CB016022722294027C857AD4DBDC8D03AD4B015B08139620E1EA9CDE9,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588265Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.171{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\Drivers\WdNisDrv.sysSHA1=FF0413B06FA36E48531B68F5C8050D6788EAB4D1,MD5=169EA7A30D6E74A5A444CCCAEBDE32CE,SHA256=6E671F5E9798DD75AAC55D798176B5EE3B25CD7E93C93A1DD6372CC70672D82D,IMPHASH=10EB6A42883440BBBC3F00B4000A1AA9true 26542600x8000000000000000588264Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.171{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\Drivers\WdFilter.sysSHA1=34BD5567A59A69FE022D2CEB8142FA87CD7B220A,MD5=1BC2F29ED391A68841010CC5B4720CD0,SHA256=D0FF2877F05BBCCE43BA1EA475903AC7E0C96A85D3BB2A6D73D85CF7E9FAB83C,IMPHASH=8B764044766128FA43A0AE9976DB68F7true 26542600x8000000000000000588263Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:16.171{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\Drivers\WdBoot.sysSHA1=B6702872B19167071535E7E5F20A01204094F3A8,MD5=3E88BA05612E0F07D1C4420678EF92AD,SHA256=E753B11FFFC03BFAA9D5DE68E614086883DBA13112E901B36E3B652722662F2E,IMPHASH=849A6F20E1993D772DB6AE7A9C61349Etrue 26542600x8000000000000000588262Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:15.764{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpavdlta.vdmSHA1=530ADD15D9BD9AC3120EE81A693A3FF616325E28,MD5=D678CE06C4F432A4E4D3E3D74717723F,SHA256=0A594581D9D348422FBC0F2EF2A41CA2D675BA7DEB857251876F9644585F3BF3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588261Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:15.748{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpavbase.vdmSHA1=F966DCE530D52BB36CFAA356EF3A54A004CAD5F7,MD5=6C1BBE912DC927A7B5425BC2D3FE0268,SHA256=82BED9A37F86663CF85D8FA4AD432E71CAC1CE6179B29741B0F56C71E9D02BC2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588258Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:15.296{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpasdlta.vdmSHA1=1D855E8E19673C0A40DB159632427EDC10FC9E24,MD5=3592C4C922631DB037B505B6AC911526,SHA256=5F13A39BC958EE53130F63F1B4194DF813F3D4F199602C6242F3D86964EC5572,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588257Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:15.264{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpasbase.vdmSHA1=525A01558B50AAACD2F3FC4380101AADA5CDA680,MD5=AFAD9BA23A6406FE6498DAE4FF519A0D,SHA256=D94A1B31FC77AF68E0057FCBDCAC9FAB9AA6B43DEACE649A04462F29FE9387D3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588256Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:14.467{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\StableEngineEtwLocation\mpengine_etw.dllSHA1=931CD2B818CC5BD45463065E0626ABB7EE102E8F,MD5=8857BF462D6B7C5EFF3DC098662CFCDF,SHA256=9738FB25677D3D8C5583A63292F3533A6B84046A6CDD2A7D73742DF2B3F343E4,IMPHASH=BFC11C0997765311C1469C748EEA57ECtrue 26542600x8000000000000000588253Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:14.217{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.lkgSHA1=597CACED9F0F0030342498D325EFFF66DC716236,MD5=4C4EC2CF24A50A55544430BED08E6858,SHA256=C1EE50DC366B63532B629D22B73547672B719924C77A3D55DCEE17CB1DF24634,IMPHASH=9B1919C2DC4B86462443F433945C4680true 26542600x8000000000000000588252Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:13.951{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dllSHA1=931CD2B818CC5BD45463065E0626ABB7EE102E8F,MD5=8857BF462D6B7C5EFF3DC098662CFCDF,SHA256=9738FB25677D3D8C5583A63292F3533A6B84046A6CDD2A7D73742DF2B3F343E4,IMPHASH=BFC11C0997765311C1469C748EEA57ECtrue 26542600x8000000000000000588251Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:13.701{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavdlta.vdmSHA1=4E158EDAC92852E96E9CD6964234C694E0E32BA4,MD5=084301F4880B3DA6BA2956CD1F1488B3,SHA256=AF147D54A849A9C59AF0EB9D070A0DC4371F6D60B10440511006C40156B9E8C2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588250Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:13.701{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavdlta.lkgSHA1=30861600CA6F4D69A930FDC78F945F79B2088D80,MD5=5433995FE0E3AAB9043339C78B4EEB0E,SHA256=00A7578D341A67F5CF4B5209F6BE6AF1DEAB283F1AD6A4266B860AE0E9DF1B64,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588249Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:13.686{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavbase.vdmSHA1=F966DCE530D52BB36CFAA356EF3A54A004CAD5F7,MD5=6C1BBE912DC927A7B5425BC2D3FE0268,SHA256=82BED9A37F86663CF85D8FA4AD432E71CAC1CE6179B29741B0F56C71E9D02BC2,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588237Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:13.108{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavbase.lkgSHA1=71C6482375F688DD2836B5D3F9328538256D9191,MD5=4ABEBAA861B35B6B70483C94A9BB96EF,SHA256=490996253DE8CA0F43889915FDE0FD8E6330EA988C7BE0966D8C97B341D99235,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588236Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:12.545{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasdlta.vdmSHA1=4CC3FCC727C9512D04954658524A53FE1AA37D6A,MD5=2FFCB285DC8514107345A1DD662ACA86,SHA256=EB3AEC7E99F9F7767BFED91DA049C7DB4AE48FF65DCDE6EEDED38E68B5DA0A0B,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588235Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:12.498{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasdlta.lkgSHA1=68348EDA3A759D24227A0513DDF9AC0D48D282D9,MD5=8621932A31DC4B943A4DCE0EB6704C44,SHA256=120778CC4E2D72464DB3AAA3BABB74AB8B35D43185B608040DD97D1A6EFDFB6E,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588234Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:12.404{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasbase.vdmSHA1=525A01558B50AAACD2F3FC4380101AADA5CDA680,MD5=AFAD9BA23A6406FE6498DAE4FF519A0D,SHA256=D94A1B31FC77AF68E0057FCBDCAC9FAB9AA6B43DEACE649A04462F29FE9387D3,IMPHASH=00000000000000000000000000000000true 26542600x8000000000000000588144Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:11.420{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasbase.lkgSHA1=430050E60065644FA058B460304C7ECF1CC1F054,MD5=5AB76D46A601AA54DCD500E32DA689A9,SHA256=A3BBCD86518373DF430110B0017313EEE1A54421D062889F5BB8827A1D042A25,IMPHASH=00000000000000000000000000000000true 734700x8000000000000000587864Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:10.217{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P521220ea#\925ddb6c6beccc8cba60d69cf388b814\Microsoft.PowerShell.Commands.Utility.ni.dll10.0.17134.1Microsoft Windows PowerShell Utility CommandsMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.Commands.Utility.dllSHA1=7E9E7794C05596E4C3E456E064C9FBF66061404D,MD5=46CF27F82214E7E40FF10D2BC3E3A508,SHA256=A4007A60881AFA24801B44F1B66180C29FEA69E83B032C644BE72C20DDC8746B,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587770Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.935{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Confe64a9051#\596aeece440d4acb04a277177eeaa720\System.Configuration.Install.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Configuration.Install.dllSHA1=434F9F76C6C3A7BC90FD0C8C67DD879BC3646826,MD5=C455BF22D21AC9A40737113495260C93,SHA256=9D4B687A386685434FC0F5F17DBF5438C21E533629D689847559313C0EDCDA32,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587767Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.904{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pae3498d9#\fdd76904665c37dd7afe5b363c2395ca\Microsoft.PowerShell.Commands.Management.ni.dll10.0.17134.1Microsoft Windows PowerShell Management CommandsMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.Commands.Management.dllSHA1=D626A78DFDE14733B1BCF40366F25E7D6E69CCA9,MD5=B426861A77B0A78D3A7C91127322DD98,SHA256=E00DAAACB9CA284C58992C329D674F88B7E21CD732541ED86B5FA568F441AF4D,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587654Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\propsys.dll7.0.17134.619 (WinBuild.160101.0800)Microsoft Property SystemWindows® SearchMicrosoft Corporationpropsys.dllSHA1=9751B6199F2E26D4AC3F3D8A578852ADD462ED21,MD5=BD9D301F9EB2B9D11B9621D3887098F2,SHA256=FC18080DA588E2B88EEB4A74D5DAC01686743E9835B6ACE56EFBDFB89099EBFF,IMPHASH=F3BE8E7DFD48421D8CC97AB3FEB5A013trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587653Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\4497a3ae81f8de6e4ea4abe3d4a1d7de\System.Configuration.ni.dll4.7.3056.0 built by: NET472REL1System.Configuration.dllMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Configuration.dllSHA1=A063249A955218B1F3844D377697D50F3407805E,MD5=F53067F50876CF0F09284A02CB808758,SHA256=297F8FD14066338215B636EFD4B40555CAD3D6A82D2EE9841D73FE0327AA80CC,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 11241100x8000000000000000587624Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.435{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Temp\PS_Transcripts\20240304\PowerShell_transcript.ATTACKBOX-WIN10.ATXtnv8E.20240304160309.txt2024-03-04 21:03:09.435NT AUTHORITY\SYSTEM 11241100x8000000000000000587623Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.435{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Temp\PS_Transcripts\202403042024-03-04 21:03:09.435NT AUTHORITY\SYSTEM 734700x8000000000000000587607Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.420{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpClient.dll4.18.23100.2009 (8fcbd1c22d82af16ba34560e1a70591413e88d17)Client InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationmpclient.dllSHA1=212A30C8880BB14FE79802A1B0492CAE21D1B736,MD5=F6241AA123B9835ADD945B91D3805629,SHA256=5CFA0ACF6BD10FBEB3DB7FB642AE68EBE9F9C01D9F49A6082D1432914E766C57,IMPHASH=B9FF20C6C7B890C0C363159B3EA2D8CCtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587596Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.358{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll4.7.3221.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.transactions.dllSHA1=D45432B5B1E27DBEA80C10C498E4C87600FFCA2D,MD5=C741E5F6C7E81C14596880E0EC00C953,SHA256=0CDB3A26D5D466265A6249F263C01B62C61439A4742E3E5EC4C4262F12F0E55F,IMPHASH=D81529B56931ECB5B33B9BB26514FA61trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587595Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.342{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\f208e8bec2327ecadc47105c989575fb\System.Transactions.ni.dll4.7.3221.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.transactions.dllSHA1=35123690C4814C3157FF46435A7E3C0B3D3114DD,MD5=0E0F9B93186D4957381AC7004475F6F1,SHA256=F60B2561CFED100C6374B58C4B5432848FC40DA907D4699FFF0293F243836412,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587592Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.420{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\uxtheme.dll10.0.17134.1 (WinBuild.160101.0800)Microsoft UxTheme LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationUxTheme.dllSHA1=B2A91F0E48DAA53A2700112FFF6A175C7E7BB5B8,MD5=7E130D1F1126B2F0A0B273F27CFB03B5,SHA256=361DFE489430518E09FE9D121032ECCF89C49115E64B9E7685737EA2B72DBA9A,IMPHASH=D99F0664C05A033A9884A8840A292D21trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587589Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.311{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f792626#\ccb486dbf2a63ca03cb24ac854ac61d1\Microsoft.PowerShell.Security.ni.dll10.0.17134.1Microsoft Windows PowerShell Management CommandsMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.Security.dllSHA1=136407ABC110E812AED6C5D473025A225E32B4CB,MD5=E32F05DCE5BCD4E17BA086E8CC0E183B,SHA256=709442D1D8569508326ED4B4DF859D17B848AA82E2EE3BECB735C80F484E5844,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587588Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\sspicli.dll10.0.17134.376 (WinBuild.160101.0800)Security Support Provider InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationsspicli.dllSHA1=68F4CE3B51682AF3839B56362878AD66CAFFA189,MD5=FE2A6322A668309787223A90ED8F7F21,SHA256=C76973F5333FFC7BFC2B8A45FE78998D2303CA1BB7C05749A14BD9B7DB9563BF,IMPHASH=992D8E49BD3A55BC851266C792D9B7EFtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587587Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\secur32.dll10.0.17134.1 (WinBuild.160101.0800)Security Support Provider InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationsecur32.dllSHA1=2B62B1EE58DC9E1B09065306DA851AF3429E2150,MD5=38C059F9CBEC83EBB6B25AB3498EDA46,SHA256=0E40493E12DAB155F1966EC08855A23E2D32A21381BCD2AE4DA40F777403C63B,IMPHASH=F90C2A389F295606533D615109FB248BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587511Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.279{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll4.7.3394.0 built by: NET472REL1LAST_CMicrosoft .NET Runtime Just-In-Time CompilerMicrosoft® .NET FrameworkMicrosoft Corporationclrjit.dllSHA1=E759C73E67E1EF423698AD8CE81A04523B8EC158,MD5=428A8931E2CE8976B67BBAB4383B4075,SHA256=76902D1757C4725B59E96F79AD42AA8AF53CEE6E2E81C13DD47CAFBEB559A2C8,IMPHASH=FA7A821066192A37CCC0139EE536509DtrueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587510Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.170{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll4.7.3260.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.data.dllSHA1=7FFFEF06DFCE9104E3816A68B25DE73C7796E618,MD5=61FB7235F664EA47A15EEA64279ECD22,SHA256=87101E9F6F63B2F876363ED14AAC5CE88C5DEB3934A7E8ECCE28C2FA03664B78,IMPHASH=3B897D84F3084C9AD191B04AB60ED556trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587509Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.123{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll10.0.17134.1 (WinBuild.160101.0800)Crypto SIP provider for signing and verifying PowerShell script files (.ps1/.ps1xml)Microsoft® Windows® Operating SystemMicrosoft Corporationpwrshsip.dllSHA1=423662C48E9C6011C4349A2F03123E192FF96D6E,MD5=41AA783741CA59A8650DD41E73F05898,SHA256=3F88C8203856ABC329982F6779073487BB3359D710D4B25B1EE6945FD37B4D01,IMPHASH=D9D7C00E2EAF03F74330D8F1204C0A12trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587482Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.060{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\AppxSip.dll10.0.17134.1 (WinBuild.160101.0800)Appx Subject Interface PackageMicrosoft® Windows® Operating SystemMicrosoft CorporationAppxSip.dllSHA1=21909AA1190581CED469E60BD424B274EBF2010A,MD5=5D7BA61CC1DE6A672E7036F5664232E0,SHA256=58E9CB41A99465626BE944F2BA801E6781DEAE322A39562AF357AAF9245A7D10,IMPHASH=4DC49BE07CC15B2ED23E22C75299D7B6trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587479Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.045{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\4f1c8abba5a5de2730f6d48259c3078e\System.Data.ni.dll4.7.3260.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.data.dllSHA1=97E7B0752B4C23F897D0759980C3FADC3331F19E,MD5=EC3D633055BFF25F1629F10055CCD7EC,SHA256=CC347733820B670A055DBF4983207F2A5E50853C17F347F6A97F84477C15E2E6,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 17141700x8000000000000000587478Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-CreatePipe2024-03-04 21:03:09.201{51A89197-370C-65E6-0406-000000001D00}3060\PSHost.133540597883762210.3060.DefaultAppDomain.powershellC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeNT AUTHORITY\SYSTEM 11241100x8000000000000000587475Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.185{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell2024-03-04 21:03:09.170NT AUTHORITY\SYSTEM 734700x8000000000000000587474Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.170{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ws2_32.dll10.0.17134.1 (WinBuild.160101.0800)Windows Socket 2.0 32-Bit DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationws2_32.dllSHA1=5D8508BA30453C7ECFDD47E29FD36210F1E3BB3C,MD5=6013120B6B147B2584927639EE70FB4F,SHA256=E52B017D1475BF07CB9652418E4C8CECC739C06ABC446ED7E0E5D9831D225B85,IMPHASH=58B0AF34B71F60EB8949033F1340A5FFtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 26542600x8000000000000000587473Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.139{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_w5fbawep.2wi.psm1SHA1=F1C707BB2D0482E5F1603F102D86F448DFAA8FC1,MD5=50C82C7490EDC4A56ECED83B5BAF0A59,SHA256=3443A5A94B798C332CAB424052E722EF78703B305182B2447CD4358F712CD91D,IMPHASH=00000000000000000000000000000000false 26542600x8000000000000000587472Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.123{51A89197-370C-65E6-0406-000000001D00}3060NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_hhzh1cfn.jpu.ps1SHA1=F1C707BB2D0482E5F1603F102D86F448DFAA8FC1,MD5=50C82C7490EDC4A56ECED83B5BAF0A59,SHA256=3443A5A94B798C332CAB424052E722EF78703B305182B2447CD4358F712CD91D,IMPHASH=00000000000000000000000000000000false 734700x8000000000000000587465Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.108{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\iertutil.dll11.00.17134.677 (WinBuild.160101.0800)Run time utility for Internet ExplorerInternet ExplorerMicrosoft CorporationIeRtUtil.dllSHA1=D4A84795ED12DC7918A82377588EA8467CDAB633,MD5=0F0D2131930849A85CF9D9D31161897D,SHA256=C18F554FCA6EC57FCAEBFA5EAB1F1FFF08BD0164C0C6B30ACAE44A6B9C9F44E1,IMPHASH=D07EAB22B7743ED9E7D2FC9029C4BBC6trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587455Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.108{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\mintdh.dll10.0.17134.1 (WinBuild.160101.0800)Event Trace Helper LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationmintdh.dllSHA1=E0C65E14601CF419DA7EA9A89409F01C8AFE291B,MD5=EB3E23649D0AC5C0989F69F2C165FA3F,SHA256=1E2BCEFB2416EAAC6FEC7B9B29C12192A82C073D16E163696CD1A3888B74516F,IMPHASH=2151CB9F3A32BF72E66127875144A61AtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587445Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.108{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\urlmon.dll11.00.17134.648 (WinBuild.160101.0800)OLE32 Extensions for Win32Internet ExplorerMicrosoft CorporationUrlMon.dllSHA1=F5EE114DF0459B4FD853720D7EC04C88E49CFC3D,MD5=4FD6C56217F6EF94E9AAB9DE3852D325,SHA256=5974435C52FF3B2B999280E28C49743340C69032D5D873C95FE1F24106340E95,IMPHASH=3D857AE4CB00C3687EE3690D74966EADtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587443Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.904{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\wshext.dll5.812.10240.16384Microsoft ® Shell Extension for Windows Script HostMicrosoft ® Windows Script HostMicrosoft Corporationwshext.dllSHA1=C8F05D739B736C8B6FDCA373EE7AD2BA09030CFF,MD5=3D7180CB5B8BBDAEF3388B5BE387F15D,SHA256=8E1CF12FD975501AD65D5387790A648894973D7DA7620D167043394A8AC24D6D,IMPHASH=CE4097CF7A85C58FF4D2B125C2BD77AFtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587436Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.092{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\mintdh.dll10.0.17134.1 (WinBuild.160101.0800)Event Trace Helper LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationmintdh.dllSHA1=E0C65E14601CF419DA7EA9A89409F01C8AFE291B,MD5=EB3E23649D0AC5C0989F69F2C165FA3F,SHA256=1E2BCEFB2416EAAC6FEC7B9B29C12192A82C073D16E163696CD1A3888B74516F,IMPHASH=2151CB9F3A32BF72E66127875144A61AtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587435Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.092{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\OpcServices.dll10.0.17134.648 (WinBuild.160101.0800)Native Code OPC Services LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationOpcServices.dllSHA1=FFFC11573DCDCB1174B1426905E4955C83DF29CD,MD5=53CD516D399D313EDCDCAA83B4B6A8AB,SHA256=E4A9BF9284715B67C85F622D19DA2E3D3A95F87DB7415C3D8EED6A3A52442B5C,IMPHASH=26283D4F3E0B1A05401E21EDD5793E53trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587434Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.092{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\xmllite.dll10.0.17134.1 (WinBuild.160101.0800)Microsoft XmlLite LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationXmlLite.dllSHA1=DCBC3133FB95517CC85B023A27DF0711886E0957,MD5=DDD9A230BCB4085F82F8A3842B57F7B3,SHA256=87FF46D09E37BD852E6B5994D3A0219B6C1CE8272CE87EAA15E5340803303665,IMPHASH=06DAF09D33453B29428EDC6F85F687A0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587433Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.904{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\a731d07e485edb73d891f47b30a8892e\System.Numerics.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Numerics.dllSHA1=3868FFFB464E4547A0848E659EFDA53D07882E3B,MD5=2A4F9E165F04A56C317261FB44FCC489,SHA256=3D71A57191CDAB90D408E3B5C9ECE2D0ED9E1ADBB972E2F9F059790954B708EE,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587405Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:09.060{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\tdh.dll10.0.17134.376 (WinBuild.160101.0800)Event Trace Helper LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationtdh.dllSHA1=A354A33F0CB9842B2F2405B723BE17ADCD44E0BD,MD5=7153A8F22EF5BD7C470E953D932E8AC2,SHA256=E73AA6C1FCAEB7FF79EEDA10106285B9327FBF04208D126F26473350DAA75D07,IMPHASH=DF79D9BB50DC3D73DFCDF2F032971AE3trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587404Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.888{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msisip.dll5.0.17134.407 (WinBuild.160101.0800)MSI Signature SIP ProviderWindows Installer - UnicodeMicrosoft CorporationMSISIP.DLLSHA1=7E5891C0D354CAB1C0A98D162ED456C911B4C93A,MD5=BA8E6EA095F6ABACD03ADFCDB6DF60E7,SHA256=1D0C815A046201BFC77F77BF736B3DEC4EE00D4D73B32AB3C779A3C077BC8C79,IMPHASH=150D403348708F6FFE54239F62030443trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587403Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.888{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\3e2a136bd90f7b370837ed4a1e9e9926\System.Xml.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Xml.dllSHA1=63B01A42F31BD4CE6080768971031920617849E5,MD5=61869A136266E6DF6DD7F166BA12A144,SHA256=E551B218481DAC59B2E33EFC099DD5AB2DE0793D591B652882F030CEFE03FF85,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587400Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.764{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\79f906fc2b71f39343f1f5382020df88\System.DirectoryServices.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.DirectoryServices.dllSHA1=E4A32818429AE2C1E4F89D16E2A946D244F48DE2,MD5=B8ADB4A10C48EE7271523DB1B0F9EFEB,SHA256=234C7DA03F32392E165B48C7CBE48A48441D3D7AFECC3A71CD9BBB56AF77CD86,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587397Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.732{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\62598e47161047fdcc0a1a95088a231d\System.Management.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Management.dllSHA1=6FDB04C760FFC31277C2FF19E536FC66A4F141B1,MD5=EEA8DBAA1E08FF09DD4E12A71C5030BA,SHA256=E0184B94C6017F5DE22E4BAFB4D9E13620732BE6B608BB6879BDAC04A8E56D8E,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587396Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.888{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\coml2.dll10.0.17134.407 (WinBuild.160101.0800)Microsoft COM for WindowsMicrosoft® Windows® Operating SystemMicrosoft CorporationCOML2.DLLSHA1=84F4161E48F9D12CA0E87C9E4F7FC7F15A5E1CAD,MD5=984F45A0B6BF827B7C055E5323FD8207,SHA256=7DA24037EC734345694A1DECB8EE388483D7F5DD3D33B66ADF7E6F90D7BFAE80,IMPHASH=04F8F04D04DECA726C09B5E6948FEAD4trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587369Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.717{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\wldp.dll10.0.17134.556 (WinBuild.160101.0800)Windows Lockdown PolicyMicrosoft® Windows® Operating SystemMicrosoft Corporationwldp.dllSHA1=79B0DE9E4E786D09F54E8700D31DD87D6341F30C,MD5=1342AF5B645A8BC05F6DFB8C8FA3EE42,SHA256=66930691B0C88337669DF46E90FED30C85141A3CB5C35C3D310CA6831CAD969D,IMPHASH=EE81985E2FFC06F215A4F96631CAEC8CtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587368Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.717{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf49f6405#\21b05d1297015f998d3bc2c9cf64da9a\Microsoft.Management.Infrastructure.ni.dll10.0.17134.1csMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.Management.Infrastructure.dllSHA1=E0B50A4EE277379C024CCCF872B7766AA1553F96,MD5=A4254436C20027658FF6D66A3487983C,SHA256=214234AAE5DAF479B3EC9AA29AE1EF43E6DD45656411682C6FD58C2562FE9BAF,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 11241100x8000000000000000587367Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.795{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_w5fbawep.2wi.psm12024-03-04 21:03:08.795NT AUTHORITY\SYSTEM 11241100x8000000000000000587364Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.732{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_hhzh1cfn.jpu.ps12024-03-04 21:03:08.732NT AUTHORITY\SYSTEM 734700x8000000000000000587363Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.701{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpOAV.dll4.18.23100.2009 (8fcbd1c22d82af16ba34560e1a70591413e88d17)IOfficeAntiVirus ModuleMicrosoft® Windows® Operating SystemMicrosoft CorporationMpOAV.dllSHA1=E5E75A15EE46E0968665FF180C34880E163F27F0,MD5=E8EA978A581E6C3A616E69939CB2F5F3,SHA256=077043850436F281BB354D03A7F33042543E7C2BF4F46A865BAE60F37D8DEBDB,IMPHASH=28D3DE166C9E9C46DC0EA2089E2AC74EtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587362Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.701{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\userenv.dll10.0.17134.1 (WinBuild.160101.0800)UserenvMicrosoft® Windows® Operating SystemMicrosoft Corporationuserenv.dllSHA1=7966AA52E64E4AB0028A77731F9B0C854FA53AFC,MD5=5C9CD98858C019E5CCDCEB3390050BE7,SHA256=765CDD4DE91F19B65A980C9F0A714E18B29FF3B7A907DA0169E8D032E1DC8C17,IMPHASH=47FDCAF428C8D0CC7C6DB099657F377BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587361Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.701{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\amsi.dll10.0.17134.1 (WinBuild.160101.0800)Anti-Malware Scan InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationamsi.dllSHA1=133681B382A830BC0001865B024CB7D89431729C,MD5=28CE0099F0FFAD21B386FF70835A841C,SHA256=6FEF51A0E1555C2C3173E237A2CB8C4B7BECA91EF407A18F5B316F529339F05E,IMPHASH=5DF821FF4F8CD6F40F9AE4DAC8155549trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587360Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.701{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\gpapi.dll10.0.17134.1 (WinBuild.160101.0800)Group Policy Client APIMicrosoft® Windows® Operating SystemMicrosoft Corporationgpapi.dllSHA1=433D3DD1B3F1F6D37E1407DF0BA187D260175D46,MD5=FFAB7B0F987092F8B34FA1AC1086A95A,SHA256=885D21F133EAA0827D7D9712052F3C8DB5ABB1BA2DDEBAC0FA2DEEDEE8FC73D3,IMPHASH=616735D68C1250AAF2A068310DA96C94trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587359Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\psapi.dll10.0.17134.1 (WinBuild.160101.0800)Process Status HelperMicrosoft® Windows® Operating SystemMicrosoft CorporationPSAPISHA1=B0AB30B86154371CCC5484A0A9E243959136505C,MD5=9A088FEF6EFA3F08C3C9740DAA3E18E3,SHA256=6481D9F581E0B49F6A481AC12601833DCF5992A858FAFC9811C9848CD72D98AC,IMPHASH=A19426362F5443C7159B76FBEAFD171FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587358Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\crypt32.dll10.0.17134.1 (WinBuild.160101.0800)Crypto API32Microsoft® Windows® Operating SystemMicrosoft CorporationCRYPT32.DLLSHA1=42B8241C53758256244017D89752932C57581C80,MD5=04B1E9B60F8ABDF718135BD62D8E554D,SHA256=332B99071E6D8A0DD110C6C1F0A76898773E6661840FED804101DD7173B6C577,IMPHASH=D2996D954533896638CFB94FD38EEE56trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587357Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msasn1.dll10.0.17134.1 (WinBuild.160101.0800)ASN.1 Runtime APIsMicrosoft® Windows® Operating SystemMicrosoft Corporationmsasn1.dllSHA1=45822B434605A4D1C60C814263F341C9D4D5A84C,MD5=31F9783D0EC7C6ED7E7C1A964C4E3614,SHA256=21AED93FAFDFDA3049D77EA8D4C14369A6157A9AAC6ABA86E9A56DAE500BD5DD,IMPHASH=BDACB2E2B23E3493547E6859F06D493FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587356Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\wintrust.dll10.0.17134.556 (WinBuild.160101.0800)Microsoft Trust Verification APIsMicrosoft® Windows® Operating SystemMicrosoft CorporationWINTRUST.DLLSHA1=9CC7DA2B533952E7F4F6CC730871C5297326E2E9,MD5=642F9E6EBD059A9DE2E4C88DA02A2B33,SHA256=CCBDABCEDE143A2352B3FAB8A8E2A02B871CFFA826318E379B82ADD6C586D1C2,IMPHASH=A67EC84098A89C564A7957E55727E43FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587355Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\fltLib.dll10.0.17134.1 (WinBuild.160101.0800)Filter LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationfilterLib.dllSHA1=06656D9053DE1A84D93616354286424000C4304B,MD5=2F0387C78880D60D1D8A2AC32E964F79,SHA256=CA4C6BECE4AD3E1635D3A7FD305FA1335EC9EE8DD69E75C26F005901313A720D,IMPHASH=1AC90E68C7E7F27FB14870BE142D19C0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587354Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\powrprof.dll10.0.17134.1 (WinBuild.160101.0800)Power Profile Helper DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationPOWRPROF.DLLSHA1=590871BCEE31E80B0017F236780C18999D81E6FC,MD5=7658D29106996D3B2066728AF30D2BE6,SHA256=FDE937CBD326061E8E4567F1AA661E822CB9AADB5C4FDF829A95A00B360D9649,IMPHASH=7F9940371B5E355D00CBCAC63A0A0090trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587353Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\profapi.dll10.0.17134.1 (WinBuild.160101.0800)User Profile Basic APIMicrosoft® Windows® Operating SystemMicrosoft CorporationPROFAPI.DLLSHA1=9A5A8BE83B4F04635DA7A0F63F7679F7B22F9D60,MD5=91E3CBB214F208C0C72B4B621180B70A,SHA256=AF5D099FA328581540CDFC3632BF871AD8C95C5B98BB6705A97DEBAB518716DF,IMPHASH=0BBC3EED9BD594FF035DD5C00B0DF1F0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587352Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\windows.storage.dll10.0.17134.677 (WinBuild.160101.0800)Microsoft WinRT Storage APIMicrosoft® Windows® Operating SystemMicrosoft CorporationWindows.Storage.dllSHA1=6D38944EA8B38771B9CBE68B9FC2C911AA8D6A7D,MD5=6DFC325A1FCEC4E9B2A58E186CAE8E72,SHA256=31B1BF48286AC2E4A8244050B3849308C16EA83DBFBBB01746C5D7977A00C32E,IMPHASH=F641A1545F0D278EC89BD734BD348646trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587351Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\SHCore.dll10.0.17134.112 (WinBuild.160101.0800)SHCOREMicrosoft® Windows® Operating SystemMicrosoft CorporationSHCORE.dllSHA1=AF160F526ED471445E5063E36F9750FB8725BCBB,MD5=9586E9DB1B741BD40131385D390212BA,SHA256=AF38913C52DDC7F2B785416DD0FF91B81DE60EF2C4F9E465CFC65E7CD1199860,IMPHASH=50F2B551F77865958266544784D2AC31trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587350Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\cfgmgr32.dll10.0.17134.1 (WinBuild.160101.0800)Configuration Manager DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationCFGMGR32.DLLSHA1=EFB90C0C47EC654B0AB35DDDAEEACDEAC88AEB74,MD5=9CE572A0B0916D680D148ED714E19B47,SHA256=B55A0CF0C19646B980BDE6B7A533E75F07DDEDF8AE9DC993E65A577CF24FAD44,IMPHASH=7666C7745A520FEA108CDDEAD00C69A7trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587349Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.670{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\shell32.dll10.0.17134.441 (WinBuild.160101.0800)Windows Shell Common DllMicrosoft® Windows® Operating SystemMicrosoft CorporationSHELL32.DLLSHA1=E1A00D9299D8FF3AC76DC9578F8DCB12401BFEA9,MD5=93B9B2B128CC3279996F9456A06160F6,SHA256=D76FB22897D13DF98A5C094E91CA9032DB6E07F141F319FA000F5E8F3183BA32,IMPHASH=C0C78E052E00F60E38FFEEE3CD6CBDB9trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587346Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.654{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\clbcatq.dll2001.12.10941.16384 (WinBuild.160101.0800)COM+ Configuration CatalogMicrosoft® Windows® Operating SystemMicrosoft CorporationCLBCATQ.DLLSHA1=7D111AC4B4D13C34D63A08ED57AFEA1AA61DA0FF,MD5=A112FB218386B213F4EE777A0DBE9078,SHA256=9043B9B35D7B39E906841124BDC9C9C68B77A018C5C01BA9C2C7F5CE72ADDE08,IMPHASH=8005E7C46231AFFF2AFEDAF5CA4BE196trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587343Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.623{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\116fb555d1729fb71f61c78c4ca972a7\System.Management.Automation.ni.dll10.0.17134.590System.Management.AutomationMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationSystem.Management.Automation.dllSHA1=FD8590406BDC54938C301567E4263C70C52773D7,MD5=180F22B28E6EB78C51C54E67F60091B9,SHA256=C2665F495D8F3427BA20A7EC7F22BABCE65CD6299C07CB231AEF8135B0B6F458,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587321Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\cryptbase.dll10.0.17134.1 (WinBuild.160101.0800)Base cryptographic API DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationcryptbase.dllSHA1=AB26391C6589B7FED7B466F3470B2D50DEB1D8BC,MD5=54750967F4CDA0ECE951CB3ECD43AC0C,SHA256=6433169682AFE6F321BA382BC94DAD5199C9617CFF14C368E5DC72AFE9B617D5,IMPHASH=3F27E242D68FC14338677A25FAE441F7trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587315Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\bcrypt.dll10.0.17134.112 (WinBuild.160101.0800)Windows Cryptographic Primitives LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationbcrypt.dllSHA1=95E316C6D716B95D3A35444AD0CAE48F3BCE8E7C,MD5=7BAB54AC2F062D1843DC7BA0B4AF2B35,SHA256=5BCD1247DE542C58E8E5E2045EFB4B7BB0F4211D8FE537B91136DDD5626E8D0A,IMPHASH=E5649DCD6FA9472DB9A89CCD123913C0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587314Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\rsaenh.dll10.0.17134.254 (WinBuild.160101.0800)Microsoft Enhanced Cryptographic ProviderMicrosoft® Windows® Operating SystemMicrosoft Corporationrsaenh.dllSHA1=924697314B6F0D5F205357463D93F7165AC75672,MD5=81DFBF4B36B530DB70FB97632F62AF85,SHA256=8F7D835A3A23A2CE7A544CF1221D8F80E058E595E238C46D4A22CAFEAA45C7AF,IMPHASH=786C25E0AFF17591A84C3764CEF2746FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587311Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\cryptsp.dll10.0.17134.1 (WinBuild.160101.0800)Cryptographic Service Provider APIMicrosoft® Windows® Operating SystemMicrosoft Corporationcryptsp.dllSHA1=267F50875AC6BFB3AA9D410A5D8F093C6CA2FE5A,MD5=336C40FA6E69B15A54CA319448AAD7C1,SHA256=EDDB08E025A6B918576EE402052D43DC99134C14818604E034B8D26BEA64BCB1,IMPHASH=E82FEDD1FE85842FA25639E518C8A2DEtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587310Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pb378ec07#\64faf31091818f47a25fd1548b1b10ae\Microsoft.PowerShell.ConsoleHost.ni.dll10.0.17134.48Microsoft.PowerShell.ConsoleHostMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.ConsoleHost.dllSHA1=161849F2014C719C847A00BCE900DD6F72FCCA90,MD5=B66DFDE1C2CB50D02FF46234118C91D6,SHA256=C3BA3E055E4E24877F818D6089999DE681200F53EBE3D715D7F885955B8CAFDF,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587309Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\ac9180fc25a6b32d5e24e383f70e7a65\System.Core.ni.dll4.7.3362.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Core.dllSHA1=3181B2BCD1A11E525A78C98362DE025B22E84383,MD5=F36510FC2C47CDB10DE2EC3E93ADB442,SHA256=629109B34016D072FAF76162EAC92CC12D0588204E721044FFC0846BC1172E33,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587308Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.607{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System\390ce15833384db335593dfa637bf5e9\System.ni.dll4.7.3362.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.dllSHA1=59CC765EA2FA4F3A8C3589FFEA148C3A96A98E09,MD5=0C59DD558C460FBA4951835221791176,SHA256=FC74E571D3B19F10121705BAA3247766EEC3A921582F94643918671BEAD85DD2,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000587307Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.592{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\a50e4fdd1f3d4ffe275988b3fc12e863\mscorlib.ni.dll4.7.3394.0 built by: NET472REL1LAST_CMicrosoft Common Language Runtime Class LibraryMicrosoft® .NET FrameworkMicrosoft Corporationmscorlib.dllSHA1=F5B4F4FD036E0F957983260637029B40691ED9E7,MD5=575D8F9CF5AA1A620E3FF51E4F9C4842,SHA256=1B097E56A309504A47CB8FCAC5BACA5781AA1E668048A30E0E61164DEB85570F,IMPHASH=00000000000000000000000000000000trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587306Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.592{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\psapi.dll10.0.17134.1 (WinBuild.160101.0800)Process Status HelperMicrosoft® Windows® Operating SystemMicrosoft CorporationPSAPISHA1=B0AB30B86154371CCC5484A0A9E243959136505C,MD5=9A088FEF6EFA3F08C3C9740DAA3E18E3,SHA256=6481D9F581E0B49F6A481AC12601833DCF5992A858FAFC9811C9848CD72D98AC,IMPHASH=A19426362F5443C7159B76FBEAFD171FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587305Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.592{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msvcr120_clr0400.dll12.00.52519.0 built by: VSWINSERVICINGMicrosoft® C Runtime LibraryMicrosoft® Visual Studio® 2013Microsoft Corporationmsvcr120_clr0400.dllSHA1=C889D6646D7C33FB108E2719875C5F4C49A6B0C0,MD5=99E982747B36AF703209B734D9D05263,SHA256=17E09579C756D7374DEA79969BAB36D3D9257D4D51AA1934D2DB1BE374D9A425,IMPHASH=8F18E22935EF8B336E246EE763FBEC97trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587304Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.592{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll4.7.3394.0 built by: NET472REL1LAST_CMicrosoft .NET Runtime Common Language Runtime - WorkStationMicrosoft® .NET FrameworkMicrosoft Corporationclr.dllSHA1=5FBA404767EA062AF99C567EC2B5A9D9DAB26F09,MD5=AF9E56588EA414FCA8904B4A64DCDFFE,SHA256=E89CEC8EFFF3603687CD2B9451C972CD81924689486F78FBB0F28892D91B5568,IMPHASH=38F8A1CF545DBF2C054FAB701F585BFFtrueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587303Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.592{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\version.dll10.0.17134.1 (WinBuild.160101.0800)Version Checking and File Installation LibrariesMicrosoft® Windows® Operating SystemMicrosoft CorporationVERSION.DLLSHA1=A05A9082DC84C34EF876521B11E28F6684DB484A,MD5=30EBAC24A7D60DFB597576B46C9B82FB,SHA256=6426CF806ECFC1432326BD4E0C9D0BBA25B8DB8FF5A79EF2722E7DDD889A8F30,IMPHASH=34340C2C4E9AA6EF6AD12BB695FC695BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587302Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.576{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\kernel.appcore.dll10.0.17134.112 (WinBuild.160101.0800)AppModel API HostMicrosoft® Windows® Operating SystemMicrosoft Corporationkernel.appcore.dllSHA1=D4C9389A8C61DDE511239CA13DA91B704D49E120,MD5=51E940608A78A627D5231F32E518F745,SHA256=808AD1C80A283A832A16F6EE5A38C9077425532244DECBA8D8CC678A9CC81906,IMPHASH=6B95B10E47BEE4CE03390A70FB7EF691trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587301Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.576{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\shlwapi.dll10.0.17134.1 (WinBuild.160101.0800)Shell Light-weight Utility LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationSHLWAPI.DLLSHA1=9CD3A305C0909237A281E8C8039AA2ACF55B1CDC,MD5=26961387EB5E1668F6D3E1453703F3DB,SHA256=3F37BB1BF301454D19F7FD9033BB169873247504CF1E3DBC82051D627260D0D4,IMPHASH=0F49D2E8A51D0A3AE767A2F2E8AE58C5trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587299Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.576{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll4.7.3056.0 built by: NET472REL1Microsoft .NET Runtime Execution EngineMicrosoft® .NET FrameworkMicrosoft Corporationmscoreei.dllSHA1=FBE7EDA0B86E915286A0C3C8742B72B82D072DDA,MD5=D2C812FB24F81F9F88693CAE7E4B6D78,SHA256=D96CA388CD514DCBF4696957A5467692234D1A17AE535101F97A1C84CADB59CF,IMPHASH=44A6C29B17044B03996A4F4B5A5C82D7trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000587292Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.561{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\imm32.dll10.0.17134.1 (WinBuild.160101.0800)Multi-User Windows IMM32 API Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationimm32SHA1=16983CB149F64A0AD2F2CDD085BB2CFAA43714EC,MD5=9345A5D3801ABE2909CB8CE8D6D90D79,SHA256=4236210BD16305682611CD937B69142040E19A0C88AEDD3102A74B53511AF761,IMPHASH=288B23CFC7E95270A29D0D4D381AE1BCtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587291Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.561{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\mscoree.dll10.0.17134.1 (WinBuild.160101.0800)Microsoft .NET Runtime Execution EngineMicrosoft® Windows® Operating SystemMicrosoft Corporationmscoree.dllSHA1=2B275596477BC76FDF924E697DF3CC8BB0FAD387,MD5=99C72E462B21A62F7E397E869E345B14,SHA256=714D3E839C30C4A5490DC87F320245FA31D54EC208C4A9E344861AFCD1E5BC66,IMPHASH=65F23EFA1EB51A5DAAB399BFAA840074trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587290Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.561{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\atl.dll3.05.2284ATL Module for Windows XP (Unicode)Microsoft (R) Visual C++Microsoft CorporationATL.DLLSHA1=FA8EFF5D41C7EB2FFD91FDA5C319FEB767ACD770,MD5=8DD954DDB4944587A5841BAC5383A722,SHA256=803E29600B7BFED78DEFE186DDBF60E37B5DBB2AFAE5EE3EC9A6B3618CA1581C,IMPHASH=75FE4D242CDB81C8FD19F8165A4D313DtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587289Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.561{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\win32u.dll10.0.17134.1 (WinBuild.160101.0800)Win32uMicrosoft® Windows® Operating SystemMicrosoft CorporationWin32u.DLLSHA1=10B324B91B6A3CE83384238C74A2249E4E7BDA75,MD5=F3BBD0E5FCC48794DF55349F22FDB418,SHA256=28CC07F7208742C7D01FB35AFC48A852B2D05A95D18B01A411981E13E418CFBD,IMPHASH=00000000000000000000000000000000trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587288Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.561{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\user32.dll10.0.17134.376 (WinBuild.160101.0800)Multi-User Windows USER API Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationuser32SHA1=A8D593FC9A44CCC5C17696D1B44BA59481B816E0,MD5=CEC499E17074BEF1CF32BB0AF742F2D2,SHA256=8733A580442177D5820BFA6592BC593D09F8EB3944231130473E53A9BDFD775C,IMPHASH=DF0DC07BFAB73712DAED45422E20378DtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587287Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.545{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\gdi32full.dll10.0.17134.706 (WinBuild.160101.0800)GDI Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationgdi32SHA1=4652DF764CADC234CC4B27E589800DD6871690B8,MD5=486620CFF75E29223B40316ABDC52F80,SHA256=21B73574A60C53F9CA476837565050EF0A50FB09B3F6B55852FCD1DBFD02C9B7,IMPHASH=01AFAF63C699021DE5945BC50C3A4436trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587286Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.545{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\gdi32.dll10.0.17134.285 (WinBuild.160101.0800)GDI Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationgdi32SHA1=147200B7E4B562D9D30AB2AEB0A75E9F0F16DE6A,MD5=4DE34C71E2C642A5ED3BF13E43F7519D,SHA256=F9E90287809B904C08995A101B73F62A7A1BDFB0DD4BCE447E05B5A113E3B9D7,IMPHASH=F8C2F33E948A65100AF3F6AF02F477E9trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587285Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.545{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ole32.dll10.0.17134.407 (WinBuild.160101.0800)Microsoft OLE for WindowsMicrosoft® Windows® Operating SystemMicrosoft CorporationOLE32.DLLSHA1=96A3E0CD00A6BA6FBFA420651E655BF2BC9CE64B,MD5=E29A659E7FE8E3B010C59A54A65E7646,SHA256=15C1C0A260F6F151DA540E252093B93FB09B0D5C56905429FB221EC216D7C1BF,IMPHASH=B5F54F6AF811BCFF3A5E0536D10A0CDEtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587283Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\sechost.dll10.0.17134.319 (WinBuild.160101.0800)Host for SCM/SDDL/LSA Lookup APIsMicrosoft® Windows® Operating SystemMicrosoft Corporationsechost.dllSHA1=136453020D3A1C3F87829F7BD83C7B36C0A27805,MD5=AB7AA9E1AE57362E4E78703E3A2D5A7D,SHA256=8198A73682BA00568EDAFD2091E4AFAC6F33C361CCBADC5BD23154B362911CA8,IMPHASH=1ABE74A44180732951AB6EDFA1AA0282trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587282Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\advapi32.dll10.0.17134.471 (WinBuild.160101.0800)Advanced Windows 32 Base APIMicrosoft® Windows® Operating SystemMicrosoft Corporationadvapi32.dllSHA1=86DE00DCF65B3AC656158B829053AFC368BD647F,MD5=C102A6FF0FE651242BE9A4BE3E579106,SHA256=EF117B762C2C680D181CF4119FF611C9DE46FCEA6B60775E746541F5DD8F1CD0,IMPHASH=0475FE4DD54AD7F28E679FF261C67BF3trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587281Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\bcryptprimitives.dll10.0.17134.1 (WinBuild.160101.0800)Windows Cryptographic Primitives LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationbcryptprimitives.dllSHA1=77017C919E2B8BFF4624E7C91CB8E3360B64E963,MD5=211D98BDF8BB67866F169DC23ECABA5B,SHA256=60B16451000BF1DDC1E1CF1CE27526A259987E712D80D49C87A448E9FB70DE5C,IMPHASH=C7FCD14944F90184E7A61DBD9322926BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587280Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\rpcrt4.dll10.0.17134.648 (WinBuild.160101.0800)Remote Procedure Call RuntimeMicrosoft® Windows® Operating SystemMicrosoft Corporationrpcrt4.dllSHA1=95466888B0062EE59588D02F897FEEB2D6AE5E7C,MD5=B76F8A048F5A0A05018D2413694D4DAA,SHA256=C5C37A2000626137DCDFF1D3D895C2CAE55C31925A787621783F2B750A05CE4C,IMPHASH=8D57648E6B44F7EEB8EC42A52C4DE444trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587279Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\combase.dll10.0.17134.619 (WinBuild.160101.0800)Microsoft COM for WindowsMicrosoft® Windows® Operating SystemMicrosoft CorporationCOMBASE.DLLSHA1=77A271F5B8DECC7D668F833B3769AC3A7637874D,MD5=2471D4FEEFD93183284363E012C04C7C,SHA256=88BEE99EAE4A1A97E10D749D807DD03C7B092B4CAFFA78DDCAEB0FCFC5E3E661,IMPHASH=FE529835066894B316B2106B974FB01BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587278Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ucrtbase.dll10.0.17134.677 (WinBuild.160101.0800)Microsoft® C Runtime LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationucrtbase.dllSHA1=14205F96B616C35F66B36978C1868D13FB0D5598,MD5=1F7D0DEFBA3C793F018F7D10ECDEAB8D,SHA256=0797F4A5EAA5BA3C35287F0D75084A9E7805596D199B66EB00DED9D865E275B6,IMPHASH=EA4D5E085D5BBDBD19DCCE14D926B29EtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587277Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msvcp_win.dll10.0.17134.619 (WinBuild.160101.0800)Microsoft® C Runtime LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationmsvcp_win.dllSHA1=E84E037EF7CFA7DE72999984770AB38F1BAD9D04,MD5=DB0DA6A10E3DA13DEEDE1BEB26F43375,SHA256=6D1E5B1FA0F35FF31DBA9295A154971B36D4DDE8FE2719C8A99C8FE970DC013B,IMPHASH=43414A3CC2964EA236E1A6C3EC81350DtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587276Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\oleaut32.dll10.0.17134.706 (WinBuild.160101.0800)OLEAUT32.DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationOLEAUT32.DLLSHA1=4A96FD3EF6DDD60D443CAD16EE3D2E33EB86A58D,MD5=258B5B72C9D343297BE4FB58DD978240,SHA256=E937FC63B1C6BD1C92E1F22A36F352C81AF148F571F797161EFD29769629FCD9,IMPHASH=C71394BF1E4212C0EE940475D2C1D152trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587275Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.514{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msvcrt.dll7.0.17134.1 (WinBuild.160101.0800)Windows NT CRT DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationmsvcrt.dllSHA1=5BB0FC89E614BCD1903D702ECA6CF79DBC25D661,MD5=7FCD4654FC7F16FDA52848E2D0AAFA9D,SHA256=995F25E8380D924C98DBE44F68D6BF2B0A62244BFE817A22D91B9586E3B479F6,IMPHASH=4BA50461B0B5FF3404B4A5B55C6A08B4trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587195Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\KernelBase.dll10.0.17134.556 (WinBuild.160101.0800)Windows NT BASE API Client DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationKernelbase.dllSHA1=13BC46DE564D0A715E88A9BF7F7F640211D0350E,MD5=60D1EB0BE090FFA6163D6540673B925C,SHA256=576ABFB3327A3B66A1C9779FD8E159ED17D227F8F9DE34C22035FB75B0A31BA3,IMPHASH=B6A56E7F6E9B3018B2475EE0547F0EFAtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587194Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\kernel32.dll10.0.17134.706 (WinBuild.160101.0800)Windows NT BASE API Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationkernel32SHA1=E6E99A68E4ADC88A19AE5B2A734BA50195D242CC,MD5=E1B62AD97016F328E6A843F690A6CD5F,SHA256=1B4AFDB38C6955F9DD375F376EA3ECD9222986EBCDABBEFBA28D9CC4A14A26F8,IMPHASH=100F313C3EEB0E6BB4BCD10918D650F0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587193Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ntdll.dll10.0.17134.556 (WinBuild.160101.0800)NT Layer DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationntdll.dllSHA1=2CAAE2BEFD373926331F5FC806B62D3BED6DD5C9,MD5=61E6720247E029EE0100D287EF9543D5,SHA256=C5C078AFC3EA674F5F1E0915A33F579D2C931C36ABAF68804A1D78838ADD54AB,IMPHASH=00000000000000000000000000000000trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000587192Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.373{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe10.0.17134.1 (WinBuild.160101.0800)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXESHA1=1B3B40FBC889FD4C645CC12C85D0805AC36BA254,MD5=95000560239032BC68B4C2FDFCDEF913,SHA256=D3F8FADE829D2B7BD596C4504A6DAE5C034E789B6A3DEFBE013BDA7D14466677,IMPHASH=741776AACCFC5B71FF59832DCDCACE0FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 154100x8000000000000000587189Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 21:03:08.376{51A89197-370C-65E6-0406-000000001D00}3060C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe10.0.17134.1 (WinBuild.160101.0800)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXE"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" rmdir 'C:\ProgramData\Microsoft\Windows Defender' -RecurseC:\Windows\System32\WindowsPowerShell\v1.0\NT AUTHORITY\SYSTEM{51A89197-3B87-654E-E703-000000000000}0x3e71SystemSHA1=1B3B40FBC889FD4C645CC12C85D0805AC36BA254,MD5=95000560239032BC68B4C2FDFCDEF913,SHA256=D3F8FADE829D2B7BD596C4504A6DAE5C034E789B6A3DEFBE013BDA7D14466677,IMPHASH=741776AACCFC5B71FF59832DCDCACE0F{51A89197-36EC-65E6-F805-000000001D00}8004C:\Users\VICTIM\Desktop\AdvancedRun.exe"C:\Users\VICTIM\Desktop\AdvancedRun.exe" ATTACKBOX-WIN10\VICTIM 534500x8000000000000000577393Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:51.057{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeNT AUTHORITY\SYSTEM 11241100x8000000000000000577392Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:51.041{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log2024-03-04 20:58:51.041NT AUTHORITY\SYSTEM 11241100x8000000000000000577391Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:51.041{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive2024-03-04 20:58:51.041NT AUTHORITY\SYSTEM 11241100x8000000000000000577386Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:50.244{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache2024-03-04 20:58:50.244NT AUTHORITY\SYSTEM 23542300x8000000000000000577377Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:48.197{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-9FF3EC34E84FD35BDE98CACAA518B4B841899F76.binSHA1=F380C5BD99DC001980E90532BB0D80F9E220F4F7,MD5=72C05088B7BA2B90C58F5C556AF8BB98,SHA256=4FD3AAAD9E295024245162BDB89211A1AC8C5BD3C8F70938295CE3118DAF7A9B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577376Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\Scans\History\CacheManager\7A012CB2-69ED-4AFD-BEF6-F12032FAA46ESHA1=CC926CE4A60BFA59CF30F927EC65705A6441069D,MD5=7D716E4ED5D485E02685699801E99716,SHA256=3BA573EB3D969D26BDC687B38D354DABFCB7E32AB88EF6F1EA31ECB5B2A54A6F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577375Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\febc135bd0c67bdf9a7a87e867f6d63346503e44SHA1=7694D67A33A4C4FEBB20604C88BA05DD1A9E463F,MD5=3B53DBCEC32CBD86072934B0226DEA85,SHA256=7250A4213EFA81D963DD562B26CC332ED98E46D6F3EAAD191F7BC509D89DEE59,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577374Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\eff936be315a6e194c752c9044e82e574ceecbacSHA1=F64A3756AC0FCF58A73EA20189F3F227F1FDDD1A,MD5=4B7AB81A2DB3DC2CB6D1CB889790CE6C,SHA256=F9A9AC3A93D640705F37A6C3A2947F0EB98C28DCE0A1044EB95F49EE0E475A2E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577373Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\ef551193dee312abb5cd5317fb8230b1d982a04dSHA1=CFE754617D6B94E43D6DE4F926DD75FDD6B85708,MD5=AEDB972AEF4EC511C4A072C95BD70AE9,SHA256=57723816871DBC6329F76924AB1454370FADA3D983F92DDCF68550E94764C3C6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577372Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\d18ccadf45110101cfa97939ea8e97a55b4a0e64SHA1=C8DFF9A3DBA4934F0CA032BB92A296EB70755036,MD5=8A7C21192DBAB6ED489F3B086271AC61,SHA256=3CDABF0DDF924EA13DFDE3791FE2764F1A52CF480D7E77FE3EC90F0D9C9D0D46,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577371Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\d17feb872a5a18419675028601a5aa933bea014fSHA1=CF73CE299AE396B1BC52F65887FED2FBF5B5648F,MD5=D75DCCF8DD6C79492E72B8CC3EEF6146,SHA256=C5BC0C59381583056CAE028966824BBCEF6B99F86D207E3734B54F4E71BBC3EA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577370Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\8a7534df03d5067985d35de9c4b2227a7302856bSHA1=582199BE7763ECAA4C26BA274F60E99B4C3C6A17,MD5=8BB6C8ECF17E05BDAAF5F0D6342DAA9A,SHA256=28AF98A00CA09F14A5C2CA52326075B146C2A974E1987067D1EF24F6FAE2F49A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577369Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\6e8513041450fa9b77c7604d869d3892f52a03a6SHA1=92DB4B1B14A8DCDD97362E66F04077BECE5F974C,MD5=8BFCB55B360C713B065ED1A39BDA61CE,SHA256=8287ECE2BC6A77AA1E90E35B7DA21A17168BF4B57CE937C9DB9B2CA24C869DCB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577368Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\44ceca41cda054e6dec8cc7f09611a22f898918bSHA1=B98D5062A721D076B8282531581D1FCA7A79E395,MD5=800CF3DF520D6D817CFFD3A998D07257,SHA256=FD7738319469DA593F78E09C7312228272A370AA692D775315352FE7ACE7ACA3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577367Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\12e2760d850cb12f45afda2857caafe7ee37b996SHA1=D3D789492A98CC8EA0E93A9BCAAEAD8315BA9485,MD5=4217204B14B0682B497BD85FC67D9BE7,SHA256=3EC031904F29A25DC949B55A840E3E92C775C45BAA596B690C67F3F4C992E9FA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577366Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\126a636f8c72523561091586d9971541efa5a0a2SHA1=6399168D9576D26A4A2BD6C90D654A426CDDDE37,MD5=BC08E9BA44F33C7D3889CAA6610DB45A,SHA256=DFE161F778C4B3276DCD7FA348ABDE4EBF2FE1362E29F4C65C8A7E37CE30941B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577365Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\1144f4b87197457956b4eb7febceb04bfb730c8dSHA1=40BCDC14FC2CC7129FC8532AE1D9EE7679766350,MD5=9BE29A6D968ECE757A009CF939C84664,SHA256=AAB76DD1D43590EC42C38886601A708BCAA124FC56EEF59101B99D8C15CD4BEA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577364Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\01b176dd59b666d6b38284947c3d38b57b66ecb8SHA1=95B744977BACD45578548456183162B2C3E3CA00,MD5=F6FD9A22C174E427A9CFDC003D133DA7,SHA256=C97532CFE7699E542402DE8612D929F14493FE705D2E3A32A913D4D3AAD120FF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577363Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.603{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.LogSHA1=E514C16E0B0216A29A173E2379BAE30BDC14FABF,MD5=45D1CC05ABE862EFB6E5CB283B340009,SHA256=038C77D7BEC02EE8E847C43A41142396EB02B2E392020AE21EB65B253B4D1C19,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577362Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.603{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.LogSHA1=D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB,MD5=F3B25701FE362EC84616A93A45CE9998,SHA256=B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577361Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.510{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\BDB74174-B924-42FD-94BC-61A032E8F6AASHA1=8D505847A7663C24625602001D577F99F1BDB0B1,MD5=51C222B258D5496256180ACC9961E9DC,SHA256=1B3A8792915AA60B94F770F96555C807FF000BCD615B689753B26832C787540A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577360Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.494{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{F0BDB0AE-3589-46D0-85EE-E91C863991A2}SHA1=D44B461069DF5295D4788BBB90E18EC761CBEE33,MD5=476654A5F5857D9E9E42637DC638B14D,SHA256=5ADAACBF6D533FC19943DE50666E6B2EF550486EB3B63CCCC9B629CF48306B0B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577359Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.494{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E8744FDF-1A7A-4440-8EA4-3C7C75BB1F4B}SHA1=3B497E7DEE80B3C5E9E327167FE6C790A938A8B0,MD5=EA119A262E2928923D64AACDB5EECD4F,SHA256=BA75B2F862CFE8AA6212E2851D95862AA4D5F2EE90A9A4566035CF0966346EC1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577358Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.494{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E71431D8-B44F-47CA-9F0D-BD4408A80FC5}SHA1=3F598DF85711480A2A6F271BB4E40086A382FE8E,MD5=2E63077C6E693B24FB32D418B81F3080,SHA256=05C2B0937E9503F9C0DE106216C8B2231A94DDB0C27FA94B4ADD9AED19C94725,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577357Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.494{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{81E47BA1-BB19-4F17-B143-0BD61A8B850A}SHA1=4C5BDB9D5A6EA4E0CEC4FDF5400B2319BDC32440,MD5=26E81842C5AC323E6AACE227CA510A05,SHA256=82BF8CBAACA819D60F5D1C6E855C5030F3C4FDC18E1C8B0011F565EDFA4345B5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577356Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.494{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{3AEB9754-7669-4C4C-B7CE-F9A9B3D11916}SHA1=54D3F044FE6A73C9B630A12B4B94FF1CBD9A03D1,MD5=B36315D944D08F1F50E7707AEF02CDE7,SHA256=14508F448AB77F414694F55478C479078C86BE5C84B253D57C302338A41B326F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577355Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.479{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{32D1F1DC-2B8F-4DE5-81D8-5D4786D7A3EC}SHA1=5AF65D58D31C6FAB01D328D40714433DC09D1875,MD5=A76D3E8C083253352BDE754FFE8D0DAD,SHA256=9C3CC482BF07121F3D97164C040125C4987356D5E1CBDF3EC9355019C0A0D2F0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577354Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.479{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{2DEB5E11-E06C-46C8-BD21-CD33199B61D9}SHA1=4C4C1B6F4F7C724644D0EE27E4589C316005D1D9,MD5=55F503C8ABAD94B0E3FFABF89C159644,SHA256=5A8ADC4D144DF24F02EB3103D624B89ADFC874A61A78E7CAE46FC8AB68FEA1CC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577353Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.479{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Quick\{CFB7021A-FDBB-4AD4-AFA4-387E81D80E70}SHA1=D8EC090731AE0D21D55FE4541B2439AC1038C702,MD5=8ED76550A6C97410F15E97B6936FCE5C,SHA256=4C53EC76426A69B92D1428412F20FDD78AF1C4F75D536141238283FE7D10C48C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577348Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ThirdPartyNotices.txtSHA1=F969931AC45991F7ECB6767A69433A7082ECCA2F,MD5=CE7313760386B6ABDE405F9B9E6EA51D,SHA256=73E26404B3571A9E859B3A1144F54C353172479586E0A23C3A7DDA0C1C0AE919,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577347Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ProtectionManagement_Uninstall.mofSHA1=5CB3AD07CF6DFF3DB5BAAD55488A769A664BC093,MD5=C4E26C53F76774E091FEE17FFFF64414,SHA256=5172863C41E84024799B2034D42F10E9720FC53171A4F6C1CA2FDB2C6F71DFE9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577346Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ProtectionManagement.mofSHA1=24FFC508EC2AE269985CD6CD63D873060EF4B1D2,MD5=B9562ADAD44B395A0633E3B9F26894C5,SHA256=093148D14841F5034CE66574FFB43061931384773F7A07A18083DA243360A1F8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577345Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ProtectionManagement.dllSHA1=DD6369DB7560D87CDD3C7A7D9DAC5687CBCC9A43,MD5=1A8FF1B68DAD2B5DD2164CC4373DFAFB,SHA256=4CFCAC95D2D3EFBECAA29DE693F40C201787704F3F86DBBFFA7C5DF39D9DEB4C,IMPHASH=A76BFF4687C0E1559E35DA4E213B4B92truetrue 23542300x8000000000000000577344Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:47.010{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exeSHA1=7FAFC37E865A0F1AE95206EF540740C7F7A2A0A8,MD5=8DF231B23C96FFDC35865DEEF00D117A,SHA256=AF92673F0C25E1C5D8E2919B84BB52B67E1AAEE360F4E9950701924D82B40FAD,IMPHASH=B2CF270DD30617D242703BF264932A90truetrue 23542300x8000000000000000577343Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpLics.dllSHA1=BAD80598539A74E7BC3A923D117C433A77341558,MD5=797731C4384CA780824835423A3C1BD0,SHA256=9B7CAA9615679EA04AF4594F1F4D5F09400960913E93C04A5E6913026082A175,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577342Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpUxAgent.dllSHA1=FE60264B92355A3B2221F3643DFDD2C3C0DF6996,MD5=EDA32503F33B4E04AC9E708F04978651,SHA256=6DBF4C0A8DA855506F5F76AF9FB686D2D44A12D5FB6BA36280C9FE298F678E5A,IMPHASH=8E71AAB314BFC70EEC0B1A22533EFA2Dtruetrue 23542300x8000000000000000577341Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpUpdate.dllSHA1=DC943AD11FF15C575524D8D6D66C3F8F02286002,MD5=7FBEF4A542BC4E99B16B014EDCA064ED,SHA256=DA653E4EB9A197948D3B6FB0645224644D24D92BB7148D652219AA94459E1E13,IMPHASH=643C3273BD359D079EF68C411527FEF7truetrue 23542300x8000000000000000577340Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpSenseComm.dllSHA1=00532F2B1E2336BC14CEE08AB31CACB6FBFEF156,MD5=6B54675026726DF1F03D8846F0FEE1B8,SHA256=F9F7945AC007F648F5707FA12D4032686B33A661BB44F39F6FACB43915070B1B,IMPHASH=862E746102BE3A8FC5C27A5CE86507A6truetrue 23542300x8000000000000000577339Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mpextms.exeSHA1=94F807589FA09C4E728E2613F2472ABBBC604BB0,MD5=FB11046B43A435A582B0C222EDD7F184,SHA256=DD20EA449CC4214762D38CA1F8B9551E22A743C62DBD65F13F8FAA027C393808,IMPHASH=BCC38FEB02785A4856185CBCECBA4B70truetrue 23542300x8000000000000000577338Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.557{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpEvMsg.dllSHA1=6DBAA44587BACC80F22D5E8EDCB742D7A25CC740,MD5=AFBC4EA22548070B7BD5B76E66774DC6,SHA256=0C6DDAE52AFBBE853D542721E80CC2A8EB356AEFF2CB83CEF1C586FD44A55BA3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577337Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDlpCmd.exeSHA1=58B90ABDF08F3A09E6932FCFC865AD6690B26EDD,MD5=970D1E3480F3F0D1D221BE8DB158DE3F,SHA256=82013630CEBC57802D27454F64955E4B6EA0F948E1060A5BA92C7ED573A12B51,IMPHASH=9273F91C797CD5C40E5E956EEC1FD849truetrue 23542300x8000000000000000577336Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDlp.dllSHA1=B4670EC1C1658189E6E39E557BC9C961DEC0FDBD,MD5=F7B03F0109440DFE89A9759C5F0C9C54,SHA256=7A8BA6AF2A3209176D1D798E8D318E8E3A169D882905E3D2C761545A575AC93B,IMPHASH=ED3F289CB36976A283987C9F1CF4A280truetrue 23542300x8000000000000000577335Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDetoursCopyAccelerator.dllSHA1=62656FDB5F409C233443C88240A74FFC8C245C43,MD5=9B6579177CEB20840F8CCA83CD1EBE5E,SHA256=4772F5F19B389DD7AA34E931CE0C9F8CE1C4A44BB46A8818EE331F42659FFFF0,IMPHASH=8134FB421E1A724B4B4991256B828B42truetrue 23542300x8000000000000000577334Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.510{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDetours.dllSHA1=BD2A8EEECFDCFD5A7B39F96DD82A24DCF8D009B1,MD5=5CC0EA5E1F90DADD42AFEE3882F0C0C6,SHA256=40D09791B5D5C03E41427F5B0C0FBC0F0F33D8D1EF59F817F1ABA1EFDEBCB6C1,IMPHASH=E7CD5D60382F6730AC72D09484F903EBtruetrue 23542300x8000000000000000577333Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.510{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpDefenderCoreService.exeSHA1=FFE8D7826A15DB95D2B76DF920DDC93E0799A9A0,MD5=85EE97970435BC93D49FE1D9C8EC232D,SHA256=B8EB22BA21C3B22BF1B0EDA198BBCDD0C44116C9E6655956648B3DC872D500B6,IMPHASH=641D8ACA0D62E5A11BD76BE6968F175Ctruetrue 23542300x8000000000000000577332Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.478{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCopyAccelerator.exeSHA1=60047F2EC7FB8D1173764179D70DDDBA5B91E638,MD5=73A5D3846252A3E197FDC5CB34D1D600,SHA256=D66CBC9C6729477B091ED3997C1E4B80EE27F23D28663374872DF44D8994AB0B,IMPHASH=94316E3271598CFCB7F9A6A96CFED214truetrue 23542300x8000000000000000577331Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.385{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exeSHA1=A18E6C5EDA86FC3564DF37BDC8D6BF4EF23CCE19,MD5=0E02F8BFC21339B03A2A252FCB9F6CBD,SHA256=ED614BB9149FCE681D5348DE2B50C92D07FD23A7891F518E876B3E1570FB79DE,IMPHASH=B286F695393D113C848879DFB1B444BEtruetrue 23542300x8000000000000000577328Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.213{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpAzSubmit.dllSHA1=261219CF1DF2A3E4D3E873D8512B7F13394C370F,MD5=A83B5A5C18E29A8E4D373F4703E7AB5D,SHA256=B7F0FE6FF23983405B20FEA013A40634AD1E765C8503C2BF1DAAB206454E5A43,IMPHASH=EB7C065A5795F9B75CF01CE1DAC3CC99truetrue 23542300x8000000000000000577327Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpAsDesc.dllSHA1=C7B7C096956D3471EFA4F3A01943D1441A1FE1EF,MD5=28BE66E5631179D3C4F5B2289D88B807,SHA256=AE6F0F0DFCCAF5D519FAFD404C79A6C8DA56A2F4BE398869E070CD18E3D48408,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577326Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Windows-Windows Defender.manSHA1=6A9ADFD47BAD44DF42E3BDDA37D563FDCCC4DD29,MD5=018276802DB93EB0D750D0E83E50D771,SHA256=F6267FCAD9C25F4288914CA920BA0DC06277ED71BA688803B56E458823CC74AA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577325Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-Service.manSHA1=F11FA3289AD921E1029BEF34E88870910D5D8C32,MD5=529043A62ED87EB797B2BB5FE1A90C3F,SHA256=3982E3620282A820412C825C0F3C9451CF697F11A83AEE527C48E10B06E95B17,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577324Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-RTP.manSHA1=3E5CF0627D76A682D40B8775D880BD20B90B5E69,MD5=0254A51E922D467661D5D39C886AC9BC,SHA256=FAD08683B176DFC27FF428A6F05D10982FCF20AFC59DAAB21539296FF50F5002,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577323Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-Protection.manSHA1=B7DC3C04C67D7903E04B0EBF2AB7840AAA717EE0,MD5=E4AD891E7B62475FCA109C0DF4DEF16E,SHA256=DF9AD93CDB61587A35FCDCE996955A64413439A474D85C86133A9E9C185D1966,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577322Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-NIS.manSHA1=6E5AD734AB6A9F8B82B19024E21007AC2CAD2540,MD5=5562965C32F03AE0DF8B9DEF950F8651,SHA256=EA64BE59286B67AE930729FA92B2B08DCE5C2EAEB70FEABE2320C47FB6DDAC6C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577321Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Microsoft-Antimalware-AMFilter.manSHA1=8E006DAC462C9AD9D2C0FA1C8BA95E6D1D94382F,MD5=FA41CDEB03243C5F0341301FDB95206A,SHA256=B783898BD2C680A58F4E41D899ADF7C3438B06E426FDACCBEAA68E7A720171D0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577320Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\endpointdlp.dllSHA1=3796543B71F2385FAE5BD83454C86F2700DC2862,MD5=D557F528F04EB59761301F3D4CA887EC,SHA256=50EF3EE1AE5B13FB394853F2299D806F52B7797D01FCDDFFB6886C42231B568B,IMPHASH=A451518025186A5E48F0CF5E423958E4truetrue 23542300x8000000000000000577319Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\DlpUserAgent.exeSHA1=3BD09D907B44F76DC6CFC1AE4C32F3373ED6EDC8,MD5=11AF0F7CB2F91CF0048715DE641D682E,SHA256=728CBA2A026FB5C72C57A98741D5B89324114BC453A6E9DC60686802957AEE66,IMPHASH=9AA23113C0B0161962B65F943657BE8Dtruetrue 23542300x8000000000000000577318Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\DefenderCSP.dllSHA1=1602D6A4A887420D935A63653B90F4FA64C7461A,MD5=A604D64D6F13DE83932A4F31110991B1,SHA256=491DAB39985663BD79FEC4D2A27A07F85A3487E0237D766199FCAB8872787757,IMPHASH=E26CF5840AD105DAD7F9F7DF926D6A80truetrue 23542300x8000000000000000577317Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ConfigSecurityPolicy.exeSHA1=C71F42108AD935E8377BEB673FBDD435FCDFEC99,MD5=6EDFAAF773C6BD7D2696820694B699F3,SHA256=331695EDE87EC218E9A3337886E0E90CD4AFBFB0B37C71C5A1E1B54F9C09C4C5,IMPHASH=0167833356936E8B9601140CFFFDBE1Dtruetrue 23542300x8000000000000000577316Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\com.microsoft.defender.be.firefox.jsonSHA1=241F5E9FCE639E713E50FE748B5865F6EC2880C0,MD5=7797BB3399C837EDB0F7564D6E3C6217,SHA256=E2A0B5B4F64653C86B71231EB3FF5ABED56B4180C90234DE2C008456E270F8E3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577315Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\com.microsoft.defender.be.chrome.jsonSHA1=CD82C099B0ADB4496E7D30951F249EB7CEBE7570,MD5=36CA2812EE9B49E0785121434B7DD136,SHA256=8602FABA22D8E06CCB146707B4A10F6256799FFE854D37781156A5A6D6120369,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577314Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\ProtectionManagement.dll.muiSHA1=780D00B1EDAB22A717C839558685C622C6187EA6,MD5=1DBB902159F2F0BF41D52718142D54AE,SHA256=B5C94D9741719B1CD6AB3870365868E040CAA68DAB73815ED2D4A7ECF2B37E32,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577313Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\mpuxagent.dll.muiSHA1=B215F5640129CB9B4A7FA8B3043D6E8E4C590E7A,MD5=56700A4F968F624C30EB4FD7685F6FF0,SHA256=FFA7539E1F322CFE6B9E3ED56836AC1EB0DCB1FA5BA03607E957D19BC02719A0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577312Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\MpEvMsg.dll.muiSHA1=8F97F6A5A5C7A1D1A8343BA56CC0AF7120651F4D,MD5=A731485DF9448D29210DAAC8849C50C6,SHA256=133E4C0C082A5F09F1A0DC1385579B74CC2148B769D32CAFD939BEDC75A1008E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577311Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-TW\MpAsDesc.dll.muiSHA1=3F6F76D8A3E4908E8C88A39CA628DF59A7094F9A,MD5=429AE320D108534680A6874C7D2292FC,SHA256=207F5F6503A9B4E6FD47E3521ADC4BEB452BC6F4423F9A2EFE878F2C8F948B6D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577310Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\ProtectionManagement.dll.muiSHA1=F9EBF5A583B33C4584090CDE010176F482A3E5DF,MD5=FE22A81A1002E686B64F2CEA96F8EF1F,SHA256=4151AA5EE416AE5E869F6B291766F25C046FBA11B0B0B615F381A0A3E38B826A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577309Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\mpuxagent.dll.muiSHA1=A4F1977808255B138C53F9E7BAA058E7D6DAB800,MD5=32E3D3AA2E69725155BD8323A9A9812F,SHA256=9CD036E1C71EBAB86457D9B0D5806CC12DA45C2B19D8702FB462585F8A803589,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577308Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\MpEvMsg.dll.muiSHA1=6AC1EFB856CBB796D6760E950AEB6D22F9B62DC3,MD5=FB8694092BA2AF6E9DF02CB8E564921A,SHA256=7587AF31BC243AF524B2FE1E4B0F7998ECBB469E1E764B064B232AA7C4E51677,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577307Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\zh-CN\MpAsDesc.dll.muiSHA1=7FEEC5EB7152E21AEF952CE377E4ABF78F369E24,MD5=D85B2A4FF1E818F1AB818CB4FAEB49AA,SHA256=0F402DE5E6129E70A002EEDC0995BDF50078F3B0D1D5FAA13C4C0CCC146841B1,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577306Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MsMpLics.dllSHA1=B882F530A82EBC71AB8EE0A5C38F7ACFBFDE54F1,MD5=4CB0EDAE9091E9380F5C7A019481AE9E,SHA256=4FDAD3A2825944276BE8E53F72CE06EE5660F6AF715A96521994AF0AA09495DE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577305Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpOAV.dllSHA1=42A0CF9471109AE443A649C1319323B12233AE5C,MD5=EF6940CC39A8B06E07BC951B2C3F96E7,SHA256=2224186127E776143E7D6E1FF9FB8E883997D63F3AEE5C271D02D339A71A7C4C,IMPHASH=025AB2C27D98D8168DECD24548EBF963truetrue 23542300x8000000000000000577304Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpDetoursCopyAccelerator.dllSHA1=0672E8C7F0C9BEC4207229B9A09F20BD9AF45899,MD5=4E929A4B1CE0ABE8F9EC62096476EBFC,SHA256=60B65819D96BEC09DAC08272645F68A8DE768FB76FA81F79CCDC85A65288C13F,IMPHASH=A72716399E8D068CB87E32A578AB12B7truetrue 23542300x8000000000000000577303Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.072{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpDetours.dllSHA1=965188CF2810580165D0AC353C6BFCA4AD6F1763,MD5=6671F6CE19F3D5A7B84712B2CBAED469,SHA256=F2C80DF3420B47CBF9FE1EA96641D1454C7BB4DBD05BDC04D386E6EB9C9DDE91,IMPHASH=77F41CAB0B63DA8187C849A85C1DB60Atruetrue 23542300x8000000000000000577302Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.072{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpCmdRun.exeSHA1=FBBFD6DE5B9F42A3AD06D3E908FAA5E8953B423E,MD5=CDE1A8B380255FDD24FF10BD0EBF1697,SHA256=A6E45BA93AADA1FAE908A5E6D734813A7ED8B8957016D168CE9DB7D034B0D7A6,IMPHASH=C402F48F2AEA69E391D6D0D1282A2D19truetrue 23542300x8000000000000000577301Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.057{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpClient.dllSHA1=AA44B5447788DED6608183E39F4EB82A9F8F9B66,MD5=0D0165835A2355CECA967078099F1CEC,SHA256=0CB2D04D87DE115BA8E81782450A1F7CA43A93000348B36FC34A7FE44CEBB086,IMPHASH=3575AF749B8C94EFF471A3C15299C5D9truetrue 23542300x8000000000000000577300Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\MpAsDesc.dllSHA1=56D7FCC85E6B0951850BA90FA4DC81DFE748B85B,MD5=49431C3231FE57EA77C316D12A5397C9,SHA256=EE5CF05BFE5D696BB38ACD79BB83FFDF24482CB5F763B72448E11901CB127EB0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577299Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\endpointdlp.dllSHA1=A828152C4233BBDE6E07A5108DB3007BC20631AC,MD5=4A975EC059F4ABFF073CD9F3D9ECF16E,SHA256=E3005C1CE041176E45AAD712DE11F5AB2973F8508E2A26A4C6816EF4C30EEDB4,IMPHASH=5EEBBABEBEF35F272F2A87CA59FE84A1truetrue 23542300x8000000000000000577298Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\X86\en-US\MpAsDesc.dll.muiSHA1=ABEC90FDD622081EFB6D44BAAE38A01C46C52184,MD5=28D1D51F60FD3B8F37BB838C2D95C6EB,SHA256=065CC41AE11572A42239321952A674ED4FDE057A0A841679D5518143B7BF65F9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577297Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\vi-VN\mpuxagent.dll.muiSHA1=B4B8088A142215ABF50251451B454120D3CB8CD9,MD5=67469060476A5FC27A6AD5F8391B3BE2,SHA256=763376A10E7BF10F515F3C899CFF611C9CF00E15F7B8E18881292931BAB3A492,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577296Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\vi-VN\MpAsDesc.dll.muiSHA1=06BF4B41F616F795B013013622AE3B4F1533F13D,MD5=96C5F6B619C33AD55DD4ADE337F9C660,SHA256=58F0525FE78431C337528A33E7CF20E242EECB1A83FC094168B016F4867BAEFB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577295Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ur-PK\mpuxagent.dll.muiSHA1=9E18DDEF047D666E0AB806F6B02B097CEFC3CB5C,MD5=3B84DEA23D3D76F236F7B590995F0266,SHA256=3BDDFEC1193803F35A96C9E83D4D0E00C8BA64544C0DEFDFF68A03073AE2FAEA,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577294Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\uk-UA\mpuxagent.dll.muiSHA1=3D347C2ECE117B15F94E536A5D462F1A5403A1FC,MD5=0AC07BD0748642A4527662BD508CE58F,SHA256=4E353FE02AF2364C31F5CDE3145F5C540E487C22B7A0DD67E6D3C6B19978F35D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577293Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:46.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\uk-UA\MpAsDesc.dll.muiSHA1=FB92A1EB8A349C0B975A4903BFAB360D2F5E3611,MD5=312963B1882C2AB335A018BDAD40F4FE,SHA256=0DBD8D2DF8708D7536C55852B7EE4B8635EB94E745A3E199A97581172CF09590,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577292Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ug-CN\mpuxagent.dll.muiSHA1=62BDFE63BC47F481225C4D24CD008227EBE83E11,MD5=4DA481789E7B4E26943465FE63EA5985,SHA256=CA7DD4A1E54832CF2368FE94BCE39A40A50D82A399A1D7FAB815E2DDEEBA7A05,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577291Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tt-RU\mpuxagent.dll.muiSHA1=FF4B059A985E906A25BD1BA28BE9530C14E017B1,MD5=1FB538519DFC6ABEC689659B5CC51B9A,SHA256=1A06747D14D1CE82C2D6AF7B825719C8F7862C139471AD071965FABAD1D108DB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577290Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tr-TR\mpuxagent.dll.muiSHA1=5E2AFD54C33E441D6A535CF458EB53109AE0A988,MD5=8A7D8B28665CCF5858A486679B1EE21E,SHA256=F8C96A56F501A914A653BE2AE4E834F1B809185971DBF3904ABCB5454D8E554C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577289Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tr-TR\MpEvMsg.dll.muiSHA1=E3FDF85B282FC761A149B77A60875850C17423A7,MD5=87DFB296E668DEC9D9202FE37C1FADCD,SHA256=37D21D284FB664753033008503142145D35F0C35FB043CF0DA57F95C5769C83F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577286Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\tr-TR\MpAsDesc.dll.muiSHA1=88925F1A33857FA627200E656DE1359D4B735FA8,MD5=AF9A04AD4AC26F6A65791A543C5E312F,SHA256=5717C9C0AAD2E80B9F7971E6DD1D94C7124B81D95B2F7919403F96434B89463C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577285Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\th-TH\mpuxagent.dll.muiSHA1=40F1CC2656BBD8A890747C1EB16B951405E3AF10,MD5=A52F869FAB693269CB16E61EDF1AEDD4,SHA256=759A26D464F4F57D486976FCC8F81FFCF13F92CEC77F52CE0D981942E3D1B919,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577284Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\th-TH\MpAsDesc.dll.muiSHA1=3FB6C2B489247797BB900EA881376A50DD22405C,MD5=9506C98E77C4ACE5F9D9B90E6F90D593,SHA256=CBB72F18956D6EF1FAD78805C504731B45B8C179A5F22F8C974B061FE9769A80,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577283Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\te-IN\mpuxagent.dll.muiSHA1=89451007C06FCCFA1ABA781DE6951CB7DF26552B,MD5=EB021CFF9345BCBB90CC7AE9EB2F791C,SHA256=8977ADEFCEAB46772C94FDA92E18A94EDFEBFA729F449C99C59D7CDE6CEB5762,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577282Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ta-IN\mpuxagent.dll.muiSHA1=54A7AAD2BB03AA57D22B36B14A702629AFB2B799,MD5=C6E6B7DE84AEA45BF679379D42DA8173,SHA256=F9FD28DA4A315BEBDABA2FC56F47721431F94C1FC426FC5E5A898633B1C653A2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577281Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sv-SE\mpuxagent.dll.muiSHA1=C3229079F8722BEA76DF523423D8BF65FFABA844,MD5=93B6B4DB1A6B7A198F593B5A9C2B0F31,SHA256=309B721AD343E81F5BD8EF44E8245D958E611E4EF101180BDA15D9B08E46668F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577280Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sv-SE\MpEvMsg.dll.muiSHA1=097257DCB9A1734580C3BBCC09852B5AF82EDD46,MD5=9E8F892E8EE49E3A20FA94F9269AED9D,SHA256=CE4830E4F61A90C47D8E6B0748E83CB609BF029C95D4070AF52CCF9266ADBA9B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577279Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sv-SE\MpAsDesc.dll.muiSHA1=38558EBAEDB4353541600E1EA81338A3A8BA5AF4,MD5=F605919E25E96F4050B3C53F8220A3DF,SHA256=5B17CE0AC6B1A62EC54E9BEB8DED21F22E79398591D3934C601E9C06DB38F419,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577278Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Latn-RS\mpuxagent.dll.muiSHA1=EFC72478502319AF685581C678E5CE116A828E8E,MD5=F03AA610FB7FEE669658DBE470180A02,SHA256=7BD4EBA3D5E453CF8ED8C308FACFBD3119888D34ABD988CB824A923DCF33D8B5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577277Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Latn-RS\MpAsDesc.dll.muiSHA1=8CF83B3FA5D568113D665D2D5D7FB00A2505931C,MD5=34CD4C0ED273C444608C0730DF6292D2,SHA256=E23F0FDF0A84079CF39D7232E55AA5D4F822E946EC80920E014D5ACF3AFA118D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577276Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Cyrl-RS\mpuxagent.dll.muiSHA1=D15CABB0DD9E44C9F5A0138B86615633D35B80B7,MD5=52D37C70221556835AE2045084512CB7,SHA256=8267D140FD42037CDED81C15A5F4D97FF9E22BEBD31F78BB981B69CCF6B275E5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577275Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.931{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sr-Cyrl-BA\mpuxagent.dll.muiSHA1=CDBCB959D59FBEB1A5F00315F40EFAEC2B597414,MD5=B1700357013E44BB77E3DB9C5529C790,SHA256=37E643A87C64894DC4EB762DB79A0C0969477F08E626E833C87491DE683E4700,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577274Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.931{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sq-AL\mpuxagent.dll.muiSHA1=0EA4DCEFEE940B875EB49B59D4E148E1C5C3D6B3,MD5=E6B1782EE0ED8496990670A0D8D792E6,SHA256=2548A04CB932B5887193AD4322A609CCDF1EC04F3F97BEE8E0D96D9931606B63,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577273Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.931{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sl-SI\mpuxagent.dll.muiSHA1=47867D27096CC4A2BEF83BED20489720BB8350F7,MD5=AD157EDABA90D5A6A59B8F5BA149EB5E,SHA256=2C1B7C0572602CD9B9E0EED6B1C8EF3D02FEE266806271B5F62BAC2010A52128,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577272Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.931{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sl-SI\MpAsDesc.dll.muiSHA1=A5B19B6220935C593195559208A3233BC98602BE,MD5=F87D5F96550A109DA887C18BC604483E,SHA256=F369C64D9CC6C79341E90060EBE623E27E13EC1B9080D3D7544906A9C7FB3644,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577271Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.931{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sk-SK\mpuxagent.dll.muiSHA1=F323F44B605899CC57F0B22D5BC55ED5A26DA2E7,MD5=F90FF04B35BC8C25BEFBC6E65050894F,SHA256=444D4C49FD74F9E11A3F915DFE9E93F44790658D5C11F0F12DDC159CFCD0F898,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577270Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.931{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\sk-SK\MpAsDesc.dll.muiSHA1=B7C4FCE8D5FE69242F112EC7A9D5BC5973E80044,MD5=615742CE9D7E88A675DDB46634A64F57,SHA256=A1F4822D96341B0387E52FC107ED8D777F79263321A512F957081E5B260CBD3A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577269Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\ProtectionManagement.dll.muiSHA1=B561F26BDD62E9BAF696FD6D8C588CBD6CA28BC9,MD5=7C74703A1EBD8D9D32789D1BE1D37F7C,SHA256=3FFDB1BBA1A26A6314744A7F9CA2CC034D9190012C72FAA656CB4AFB60CD10D3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577268Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\mpuxagent.dll.muiSHA1=16836883FD87D13D1792E30DB3940E0A457B1EB8,MD5=B1C9BF06FAE80FD32015910F30C96FAE,SHA256=0CB266308AA2895E666A95008C7E4F64417F3CE000FF486A15FF3A160246CA2A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577267Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\MpEvMsg.dll.muiSHA1=A3D4213C1314059878F352B4C2160819A8EE3CF3,MD5=243B89694AF2FA635338A9390F988092,SHA256=88391DB3AD4E0672D07ACD40808117BCF47F26256046715E8D055928CDD9DBE8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577266Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ru-RU\MpAsDesc.dll.muiSHA1=7722EDC17BF52669A835A90E34911392550399E0,MD5=51EBD3727EFBA5442DF7528E4EBABD72,SHA256=C2860097980CBC68B5D82AF5D9B9C3D926DDBACC457B283F6369970FCD52AE73,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577265Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.900{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ro-RO\mpuxagent.dll.muiSHA1=0C2287EB524E4DC5DA0907B73C8E3F35F16B8291,MD5=DDC79E743EA55AEBA0A5A714FDB13C90,SHA256=A906FEAA4295D34EBFCFCB784B9D0C3501D47451BA9ECD4211B4FBED14EFABAF,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577260Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.885{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ro-RO\MpAsDesc.dll.muiSHA1=90AD5606824F223FFA8A896248BE2B8FB80A746E,MD5=453B308ACD204E467286B60891F54213,SHA256=6AC8838A82FBD2841CF5482EF03C60BA879B3C03BF82D445CE9FF9DCF101EF23,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577259Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\quz-PE\mpuxagent.dll.muiSHA1=FF6847DE7EE7056D261A22F2035CB6A897D10021,MD5=26E710CF70B48F9CC930AB12AC96949F,SHA256=461C32870AC3191E4CB2F8E662685DDE60350B743C9C2E0FF9B74514EAB344B0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577258Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-PT\mpuxagent.dll.muiSHA1=51BDD668F8C7999529278D9904EC05E19A433348,MD5=4905BEC34A7531D4F766408A0976AE52,SHA256=2FC574175766F7100D56FADE591BB96D00120233AC43A186AF8C98929DCC5428,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577257Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-PT\MpEvMsg.dll.muiSHA1=C09854C3540E3EC5652F33E677986D957998633E,MD5=DA24A24142D75DCD16D08E633B219FA1,SHA256=8A4092F87D1B650DB47E433829691AA502F00D7F7585E383B0DB60EB9B2585F4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577256Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-PT\MpAsDesc.dll.muiSHA1=62ED712C299710B3D0EA807B75FC6BBFBA95FCD4,MD5=79FE005B9B0599255E0B7E2B34202900,SHA256=B2F190FAE43356656A7B1D8F9CD560F64173D9732ECD5D940F47035E0D6E0074,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577255Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\ProtectionManagement.dll.muiSHA1=F59AE0AFBC28E45E39C75E2A424E1033FA79CE25,MD5=D25E27CF17CF273F5315B05DC1547B84,SHA256=BE0AAD35F18EC0EA010AAAB6B0BB777A735FEC8D34942A7A771A140960DA7603,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577254Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\mpuxagent.dll.muiSHA1=94D2225DA455157ED46F34C6869B71AF83032634,MD5=1E76B595330297BE2E8EA1932726046F,SHA256=05086A8DA062316F814744A29BB6FBAFE8935D5ED028AA7B69C7469B0A9C0117,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577253Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\MpEvMsg.dll.muiSHA1=BF12E9DCD1A0A422D97646C67A21C4C82EEE29BA,MD5=A70DFFA26E5BC2EBB123146EADBA6177,SHA256=511398C1631A1CCD3DCB96553273F1EB26DA558C0FDAB12466FB52196627A0D6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577252Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pt-BR\MpAsDesc.dll.muiSHA1=5B38209F691FCAE323BA1055F437EEB35B7D6357,MD5=E8736DCC61E4138A5BF9D4BF73E1B641,SHA256=2922CBF91D20865677537B733DFE07D4E4E64F86FFCD0E499B2A980FF53137FC,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577251Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpWDOScan.cdxmlSHA1=EC624D5ED202A0DC2464CC14A96DD9792B8A6D15,MD5=713CAE1384E4C0C3E979595D44419478,SHA256=57D0EA6F7DD365DD206C2FC965A3C2395B5F40B51AAAA645F7953A527D0CCA0B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577250Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpThreatDetection.cdxmlSHA1=612C2E7AA2F6B6ED46B5DF9F78072C4DA2D94FF7,MD5=BCBC9279D587A6F972F13A4A7D7FB74E,SHA256=552638DFE7722F884A35CCE96D9F4943754E727225B80DD1FFCE29D364C6B246,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577249Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpThreatCatalog.cdxmlSHA1=CC0D31DB8A186EE2E23A0C4F841BE512019060B2,MD5=DA7528544E7DCDA0825C88CA79608796,SHA256=DE25D55B8B6C7CFBF6115AD41F31E23F6A881DEA4284261B6A9540DE8E258950,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577248Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpThreat.cdxmlSHA1=722744EE1E2BB557153679446ACC75AC68B92448,MD5=B44BAE6D6869CD16A2C93455AECB0DA4,SHA256=810A3B3F0EF9650A4409D493161435CF7B2637FD5DCE44FA97F92CD9AC3BC0F7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577247Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpSignature.cdxmlSHA1=7E21BFEC06AADD900B899AF66151EA098A437F32,MD5=DB592644B4B970A3E38A9F8F824381CA,SHA256=FABE403C3B41D03DF4E3061261935FB0362CD5E1252E0EF72012DE4A2FF02EF4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577246Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpScan.cdxmlSHA1=E01FEBBA599F246613CFCB8C42B20A95AE900F33,MD5=38B0046D83866E20A6F7F43C3AA4BBDB,SHA256=8DD0DAF6242DB2FB514662071A9A206A7FFF69648C3DD518D76702CD6836E0F1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577245Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpRollback.cdxmlSHA1=9655F6AF120CE8F2FDFF549B79162F1BEE2B19DE,MD5=DF27F4EAF6B1C30D7DF4904D37870012,SHA256=409E1B94B5E69E6F3335B3C46F53BDFEFDB59E74027EE349E16234DB5C6EB1FE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577244Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPreference.cdxmlSHA1=F30DA4948605B22AE16464F51CBCE8278BF34AB8,MD5=5C4D45B8958AE16D81E51373530EAC90,SHA256=0823E66C1EAA8D8A0A740C53DF2AD8E6F78CEFB41967758C35C3D4570F2EBDBD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577243Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPerformanceReport.Format.ps1xmlSHA1=5AC038BDE8B6E3C52759EA88D2AF6F55EFE33CB3,MD5=07BE5F50CC3AA5054F23EB4AC264967C,SHA256=E8C5E5953B34149D753DBACEF65875BDC15459D3345E8932F2F08D7058B4BE08,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577242Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPerformanceRecording.wprpSHA1=1CDBE901753CCE8D933DF8D50507CE16A25AA428,MD5=990729AD92C1325C42B04BC975ECBD57,SHA256=E796454FEE4CF17EFDC25DB5FEEF00A5D7C1B335E6C4B4FE996E8AD7CAB01BC8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577241Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpPerformanceRecording.psm1SHA1=E121C82F1D97349A12DE3A13AC96B84C13D48A13,MD5=C7B102D4F8EFC2C60E9E2BC1B83C8DCF,SHA256=554AF8A6F8B95DD838D21A74CFB7FC2A58F2004B5E427D01C2410E391CF0BF0E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577240Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\MSFT_MpComputerStatus.cdxmlSHA1=8794A19E21734C5D5CB71C5FF62203A1D6CBCA19,MD5=DFE920B8C6E6B6AD4B7E83F8E2A2BD42,SHA256=BB2A895F549B5EB2F4344411B2B4B4DB0546D12BC26459F6CBDA22A43716228E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577239Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\DefenderPerformance.psd1SHA1=B043EAC2EF1BFC950C30B832D403EF297426E236,MD5=92764A49395B7D6D7BD162BDF92F18D6,SHA256=3D63DE5BA71908EDF648DF5F8CD3EACA3086E40F9DBC7D22225222E33B7FF692,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577238Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Powershell\Defender.psd1SHA1=57A3465BF4E815E9B73C885DFCC0FEEB452F8020,MD5=960EE2DF82D362120BD66E0D8743F3E4,SHA256=42BCD8FC27C7F32BE6F238B978FB02035F906A9C68E84A7C0AB221BA2D6C533D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577237Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pl-PL\mpuxagent.dll.muiSHA1=06F3CC79290992BBA4A8478828721EFEF57D06D7,MD5=44E718C6BF3C5D3FCB97B8093EB3DEFE,SHA256=2567D032E0F8811DE28C881BAB16C91A4685C5CAC41B8B3EC3C85E0039FAF17B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577236Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pl-PL\MpEvMsg.dll.muiSHA1=0C882425A0E7A5F2B3D9A8294A897BCD21A23081,MD5=98B03B227C23200D1119A7E3026435D9,SHA256=C5CD8FC745084D1CD11B5FEDCD459567649D25D14315BB67AA153E4EF0B1CFFC,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577235Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pl-PL\MpAsDesc.dll.muiSHA1=F0BC857D183A2C4E4E3C05B25B31CFFD07405DFA,MD5=E099683641E1F16AEEF758CDF9886DD9,SHA256=054BC29F129E9DABDFDA29CD854F50BA96678ED85B79052CF04312553F20F519,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577234Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.806{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\pa-IN\mpuxagent.dll.muiSHA1=037FAAF229E53C53880F4C1BEB97A22AF71B3C9A,MD5=DE487DAE68DE1A032B0AC54D5D6055A9,SHA256=100DD06DC4620CBD6EF272B9563B338FF4CB8BF61B666CA9336999581DE58FD3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577233Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\or-IN\mpuxagent.dll.muiSHA1=267329641EEE003997453781349A6A941E722910,MD5=2163B17887A8A06EBB4B1D01C1D1F0EF,SHA256=6D509162469F0435666D26315356E5347AE4AC16EAB3CC2113A753757DBBCA12,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577232Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nn-NO\mpuxagent.dll.muiSHA1=C836165AEFF54804E49E79B7085A92FAAF4ECF73,MD5=ECC86F1B1329EA5AD58E2A7D083DB75E,SHA256=30DCD0B59FE79AB344FC7D3EA860E0F4A70569C0A0254188AD12EA4B9A770163,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577231Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nl-NL\mpuxagent.dll.muiSHA1=1949E685A1A20698E39F88CC937EEE450FB553DB,MD5=C34A9B42AD8AE4FD6EF9E950DE36B211,SHA256=6929203232EEE1135C8F3701E066B67A98B0A1C32D78C4EB764DD375FCBE0D82,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577230Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nl-NL\MpEvMsg.dll.muiSHA1=5451EA94E3B86CCCFF0653F219187AEFEF33C19C,MD5=1FEC1BFEAE6EBF5FC0723758896FDF6B,SHA256=5A16EEF5216C7B7853B3062D2236C5D211C11ECB79FC47078876EB774864C7A9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577229Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nl-NL\MpAsDesc.dll.muiSHA1=04EBA85741CACE58756A64E79055113F5F614817,MD5=7FC1171DEBD850493D35D2C413EAF656,SHA256=CCA727AE792B92F104208B451B88E0FA60BCCAA02DC81538C836BF21AD0F43DB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577228Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ne-NP\mpuxagent.dll.muiSHA1=44BF9F99CC8A6D10248092B1359872C4C18BA809,MD5=3FAE774A4BD86574878EFF3CFAA5137E,SHA256=F4C6E1FC0490735D66DE7FE1A69C36E5DA13BDBCB789F80DE3B3301FC1FB6EDE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577227Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nb-NO\mpuxagent.dll.muiSHA1=3AD093F8AC010E572AEE1E8874E8F68674DE90FA,MD5=ED91A95FA09F60E795FE32E5A2CFE138,SHA256=E97EA58EEA576A3BD7B393115F3B2A0BEA34D28D8DD5FBF4D1D31FD9CC596225,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577226Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nb-NO\MpEvMsg.dll.muiSHA1=C376554FC38DB432CCEAF7513ABD3B902F1C4E38,MD5=3DA6254C836A7475F0FD358C7BE5D7DC,SHA256=19394831053DE4272BD21F7DC356C6C1E7838EB37A4479D95B41B0D086F90E10,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577225Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\nb-NO\MpAsDesc.dll.muiSHA1=3F68816382C71023E227858171A64CF0C436E2A7,MD5=111FC21AA2A317372AE4BDA8C59BCBB9,SHA256=D8DBA9F237790E53188211636B5347BDEAD21E35F3DBD4AB6371DD4AEE94C18C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577224Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mt-MT\mpuxagent.dll.muiSHA1=97D5F2F4459E413A2B1306639ADF4083F548DA34,MD5=5AA511D054F4BFD2FF3F17112BE46CA1,SHA256=430E232355027966F50C02CE54EE885F4B225F0DC5ADFDA7C97562A5391F7907,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577223Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ms-MY\mpuxagent.dll.muiSHA1=39D9E11810A6D26F1413467B8C206DA15BD134FF,MD5=035587D0567CF0F75C948757CF573520,SHA256=9769DCD0E04BBD2D0FF9D14A11FF95EEEADBD6257250936B6F6117BEA4428356,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577222Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mr-IN\mpuxagent.dll.muiSHA1=578E8BBB649BD895898B369004224A412BFFCB20,MD5=9FA164EA0821876AFEB988B27B9291F9,SHA256=CE837E2F2411F4741C6F1159C4B9044292F73AC7A522C65716782DBE6C27E2C0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577221Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ml-IN\mpuxagent.dll.muiSHA1=89605E573560CD4533ABB2D50C7A906059366EFC,MD5=9EB92F32917C53E8B27808C905DA6493,SHA256=C75E326F3CD88C2F07FE8AE05DB536E87DF885CBD48DC9E1636B2B96822B67CB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577220Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mk-MK\mpuxagent.dll.muiSHA1=053A72CFF3A7B47F3AFBB5EA45996A0639322959,MD5=BE567302649B04027AD42A652D40210E,SHA256=B73DAA9A3AB59A93AEC587D5FE1C00C008DBDBC7370A4B993437A0CE74C75BA4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577219Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\mi-NZ\mpuxagent.dll.muiSHA1=A1FAAFA05A76283F2477BA5F54CC7CE2818C5859,MD5=1AAA4289274480D6B135C21FC99490B6,SHA256=CB82AD430B2183BCC9007E1314B1014256F23910F60CDA063406683BD403DA39,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577218Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lv-LV\mpuxagent.dll.muiSHA1=3F1986E30D80D2C90EB5A8FBB45E863357396FD7,MD5=C059CC3977C5E41898C30037832DA4F0,SHA256=FF1D2BA95E64A975BBF21C2CF7FA36F718C37253D280FF196489D6EF9989C8A4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577217Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lv-LV\MpAsDesc.dll.muiSHA1=F703309F4D34C88577630F5464F3E3C6F17FC303,MD5=067051E224678577D577506375838644,SHA256=759498FE7EA95E3C792B329B4D5A3DA36CEA9C9C5D7549714CBD595E1B9058BD,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577216Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lt-LT\mpuxagent.dll.muiSHA1=1392721033B59F501034E0A6178915904E36F47E,MD5=61019351DEE688F792E3EB797DAF7ABC,SHA256=32FEC3709D40FFB492D88087FC6A3D2546EA7283FE7AE79D3B6EB835EF8DB576,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577215Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lt-LT\MpAsDesc.dll.muiSHA1=DD1729DDC9E3B9D80FB43BD31FA247733F242454,MD5=DE478BDBD21AFFFE4534186A56649A50,SHA256=FDB358DD2A0F0E88347598D64E84A8AB1C6EF7270D85ED3398F874648E413A77,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577214Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lo-LA\mpuxagent.dll.muiSHA1=5F852609201124A9DFDFF1CB1AE25D1ADAB6A965,MD5=150A28261ADA7DECB5802DD54B64F024,SHA256=CD8238C7D66B7AE5B5E5180AD13D778DA612A336B420205F81B8B8A4F05AD769,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577213Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\lb-LU\mpuxagent.dll.muiSHA1=B9AF22AC3AFF08A275261C2CEC44021876B58FED,MD5=C179730333E5867678735536B865E5C9,SHA256=B8EE65679E7ABF410184AD6F6DD2AA9B5E84D7D1F2CA9BC9320AC8A15B9FC7EE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577212Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\kok-IN\mpuxagent.dll.muiSHA1=D10A31D6AC4FF554C45679B11D6A0BF1EE56CB7C,MD5=3762CFCC7C43336E0A267B8CC2FB5A10,SHA256=EE908C1E55F82F324CF687BD840A91FDE2308C99EF3AB2B7EA3D89820705B893,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577211Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\ProtectionManagement.dll.muiSHA1=84E9AD18C18ACD1B8B48D0F747180EEDE318221B,MD5=99738147A360017F2A76BD1C5BA5DE24,SHA256=C974676A733EC091C6F19851218892FE0A257C0F9F2B97DC5D60D2B0A4863BF6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577210Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\mpuxagent.dll.muiSHA1=D620F843EBABA8A909143B87A9E9144E91AE757B,MD5=802F0FC32D3E54BCFFD168E1DE3C6027,SHA256=C8864B181B266BB01E14945B12AB88BAF601F630F29BC308078B891D79A19E98,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577209Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\MpEvMsg.dll.muiSHA1=8245A9773FA2E9F2B9DF52DA07F08277721B96A6,MD5=4F778A57DCB22BFC4EB9377F5E268DC1,SHA256=4F2FD7D5ADF6C4EF1A757B16FCBD2D9BDB80248FA7F9A6845F2572587029B040,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577208Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ko-KR\MpAsDesc.dll.muiSHA1=8DA87B93149FA50DF8DE117B8C66D81DF24B92B5,MD5=54872A9910E17F4B1D80EB94BCA69994,SHA256=546EDF2268B466B3B03958D92095629F6BF9CF0263135B608D32B2D9408F67FC,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577207Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\kn-IN\mpuxagent.dll.muiSHA1=137C57494D031AB5243E4E71E9774ADACEBAF487,MD5=25F123D45760803E216106371040A316,SHA256=AB5D86D9007F77D442A494F629EAF985E6DDFC87A7EEDEB9B3EDFEB17D5AA2EC,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577206Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\km-KH\mpuxagent.dll.muiSHA1=5AF0EDDBFA7E28DAABE19E6426CEC40E35CFB1CA,MD5=EEFA8D643D9EBFCCED73A0E213B78A97,SHA256=B13C6C38FF1FB8965AD4290F545EAA636819693BE5B74BE57067B7B5A37F379F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577205Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\kk-KZ\mpuxagent.dll.muiSHA1=354ECB15CB7126D399DF721F5938F13C28E12C13,MD5=79B6B76320B58587C641478D843AB825,SHA256=90BECDD2752EC88981160DCD745F2DA08DDC84336C8273525694821B22620AD0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577204Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ka-GE\mpuxagent.dll.muiSHA1=94D42BEC0508D2710C453A4C4EFC6428FFC825F7,MD5=116F3CEE170BD03ED7C8532D25A4F8A2,SHA256=54AFDAAFAB9C6324ACACCC0260E914B07C32C5FD58A89A12426D1E16F8710765,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577203Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\ProtectionManagement.dll.muiSHA1=3098657A03BAC4A094F9030BE687FF408222FEDC,MD5=DA4542797452600D08AB5EA528BB46A3,SHA256=3E1DDCE7DE5C6A66C7BD9273DB480A3D637B13D0571DDEE0647EBE4687F2E6B5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577202Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\mpuxagent.dll.muiSHA1=3B29312FBA3E47E2B647917D50D16D7BCE0FA7B7,MD5=ECF717049BF49DDDF631514BC46867EF,SHA256=74A74A8A0B1F50A0AB1DA6BA64F94F248448204117D34F3397FE48B6D4B15934,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577201Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\MpEvMsg.dll.muiSHA1=5F01627FC09D1CE9771A996209584E2B3AAFB7E9,MD5=EBBF46AEACCEF5981E0995D7FC03CC8A,SHA256=264C617D7F90284A3E1A362411567BC89C0ACFBC1CC58A6D284AFD21EDC855A2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577200Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ja-JP\MpAsDesc.dll.muiSHA1=77138EFC6E4070F15B48E3851B0CD584B00FD8C0,MD5=8A07E52485B5126F36669D931EB1FB93,SHA256=7DE52413BD1DF1010B655C26DB8BF51B87B10CAB14D1D687DCD8ED38E913DAB9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577199Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\ProtectionManagement.dll.muiSHA1=16C4084AC7BF87746568F0CC62C94C48C00AAD71,MD5=203E8324BE33312FD40E17BB3A68B900,SHA256=D537A53C99DC293CAD01341D3C8EBF57EB53DEE3051D467D85DBA59A099E2F2A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577198Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.682{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\mpuxagent.dll.muiSHA1=CE09057AEEF18AA0DD75E4BFB4EFDD117C7AC089,MD5=4C0C8D953902F86ACB1B2FA5F1E4B495,SHA256=ACAF4A36AB07438D98CCC480EB8664226A35BC922E2FBD30DA6D73BF6E257B2F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577197Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.682{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\MpEvMsg.dll.muiSHA1=3D7C88700533D4739FE1BAAB1A1E6FBA3DED626E,MD5=C0565424B51564314D258D4BE76A9D04,SHA256=EE2C9815268CD7A6C4398943A033D268D60EDBA8658830CFF0F90DB1A65BAB80,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577196Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.682{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\it-IT\MpAsDesc.dll.muiSHA1=B5106BFE3C17E614B087863CB8949C4288C679CC,MD5=E09378702158E60F833DE897F23C2AC2,SHA256=F42C66B861B90FAEA604A411098C6A0DF4BD7DD50C03032EA0F1B0DBFBDD128A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577195Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.682{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\is-IS\mpuxagent.dll.muiSHA1=A53756F8A4F645F409CAC64AB717C53EAA805F41,MD5=C0E523E62EC810220D7B11D50FF337B4,SHA256=B8CCAC40878FC64D343038C93F73C808CD38C23ADB45C784B818DA8A4A5EB9B5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577194Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\id-ID\mpuxagent.dll.muiSHA1=E701E42EA4FF94F8092EA7D328E9CAB7CE1AA8A9,MD5=6533125E52E3E84E10D2D27322150F0C,SHA256=6E817114C6741E27833B6236E681BC1F9D3E2F109E39997D0285065861EDA153,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577193Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\id-ID\MpAsDesc.dll.muiSHA1=054CB9C37D25BDF325F3541A1838CC401EAF9E4D,MD5=F9D3ED415CF773A090530E789BE3C1C7,SHA256=D27859733DD07D1FC1858A788AC50E257C3FF8428C970FB541EA6E093DA5CB9F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577192Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hu-HU\mpuxagent.dll.muiSHA1=7823BC687A767920E33848A470237D00474B9CA5,MD5=D1492D28FE8BBC6D564A67BDF9A52A77,SHA256=59A1BB8AB33C84C4978E9C362E72F1EB7E5425BABDA8A0C6C0CDE32C8F875A17,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577191Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hu-HU\MpEvMsg.dll.muiSHA1=C6E2229BE89F521161AE7ED345F9AB1E7F1D9429,MD5=7982D1EE8FE609A20D04F9BFBB42AB2D,SHA256=8FD7F73B7FB82C79E91B48730B6426FBDF6021941EC7FB840D165442DD8809A5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577190Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hu-HU\MpAsDesc.dll.muiSHA1=62BB6B12B92BC8135A8FD4A186126C2BC959000B,MD5=B207BC37729FC5027FE7B69A0E0BE798,SHA256=7243DD52C3D9C211985162342C4D8EC2B2DC1659D8CDC665419991BAC1E10151,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577189Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hr-HR\mpuxagent.dll.muiSHA1=3D72E7100E02343B8A74B5B9108DF60325122DE9,MD5=A5E087763B32C42CAA960FBCE96D7656,SHA256=EAFEBCD1E39C060AE0765CEF3C15DF857E51FC33DF3A8C338B10D860CF0D134C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577188Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hr-HR\MpAsDesc.dll.muiSHA1=6354C6088207E74EB43C90963099C29EBB2C8652,MD5=E1754EB0E9EA3CC65F09DE46B3C42682,SHA256=6B68AA54D0EF1EA56078925E928097268EB3049F8284F2F973EF9D794ABC5899,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577187Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\hi-IN\mpuxagent.dll.muiSHA1=47B34FF1A11A86A6CAAEBA4B100358AD50A311EA,MD5=F18E07E1C12A5DD55F5E3FFAC3D4B59A,SHA256=0CB921059089617AC56299E233508DAF0F3EFB5B58099559ADE252BB76938866,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577186Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\he-IL\mpuxagent.dll.muiSHA1=2C9B042B3D9A5FDA582D32B794041F55078F5402,MD5=0610442D7736BD4B84B06AC7DFC4E168,SHA256=FA1330DFEED540CB2CE2AAE08AB3202FEC3318392B64DF767F8612D35B214A94,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577185Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\he-IL\MpAsDesc.dll.muiSHA1=426661E3C16370A2DD1EEC8375875EF8AB896077,MD5=6858F4CFD50B33A4946F53B9CD6ED9C2,SHA256=EFE64AC6C612F0BBCCE54D2A5A3FF22F3293B10D8130F6A38049DC60D71692CE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577184Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.634{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\gu-IN\mpuxagent.dll.muiSHA1=3AF305BE87F9E58CB2D6FCA2E95FCB0CE8661E9E,MD5=0E659A3B584F6378B2BBEC402486092D,SHA256=7F68399BDC5E5375580073F45269B3620A6C424098C5C16A2B8B1E0C44E24F5C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577183Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.634{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\gl-ES\mpuxagent.dll.muiSHA1=00A759419D6E17B59C297B12E00A470FA95ADF24,MD5=30994CEBCB5098919123EC67EFA237F9,SHA256=2A0C479D4507F6A8DF6179D933D6A0341511D4F938E955FDA2AE002973EC336A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577182Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.634{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\gd-GB\mpuxagent.dll.muiSHA1=3D310B0E49611DB62BD2D5789E0B2E5755600648,MD5=18991E9EDF6B0CD4148DFADF0A68172F,SHA256=6C42395E63C677EC8BFE93C7EB1EEE0A1D2A51BC733B4676440E5B23AC1008C5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577181Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.634{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ga-IE\mpuxagent.dll.muiSHA1=9A50E257AC0BE37EDB2674FCBD4310BC02AF412A,MD5=60A2A7AE0837834F41D41A1C52515E6C,SHA256=C27AA2FE3D696E4423DFE41CF1544A7619C5B3EDCA105BAE34A299FBFA2EB8ED,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577180Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\ProtectionManagement.dll.muiSHA1=0F1B42B71E131F0B657BEC1DDC71C81D9892E554,MD5=784F4BF195568A9E70973B30C819E323,SHA256=8452E9F54D4163A5B93A23924BCFAAAA373F509CE0E5349E9EF8ECFE380CE7C4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577179Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\mpuxagent.dll.muiSHA1=4596269BB52AC423E5FC5C8D92DCC493DE1F7A8D,MD5=9914B819FFB5012CFB1C17AAD219C1F5,SHA256=AB49FF583B55B78A394BB4D84F6B41A938B04663BF680EBEA00A54CA29B9B4C4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577178Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\MpEvMsg.dll.muiSHA1=499B5C093CDB78F0363ABD059105F961E0A591A0,MD5=C56F08A9C984483BD349D5E2E516CFA4,SHA256=DE3883F561E11C5BEC40DC3833C01AE57C14846C55D49906AA50A88AC955472C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577177Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-FR\MpAsDesc.dll.muiSHA1=AB82690A1F596694AB09CB6A4E5418D1B0A059D5,MD5=91E884CA4E43BF58CA3FA26CB31D4728,SHA256=8FE9B179CB9731D75BB862D1D39E658A94132F8FD52BB00AA4A3BD9A60644E78,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577176Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-CA\mpuxagent.dll.muiSHA1=70E04F73A03C46302288F73FE131212EBC79620E,MD5=A13668F2E594ABEF40EC23CCC2CBB6B5,SHA256=61F26D9E1B557797B75D1BE6A16162086F19242E88DCF287DF02ED67D8847BB2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577175Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fr-CA\MpAsDesc.dll.muiSHA1=97D46929F9C2AFCC6BBF270EFDF0A14D2BF80AA2,MD5=790CED754ED840D4E4C335F4FC3B6EB4,SHA256=BAD70706AD051FBC92AEDED082FB866F8825DF3AD3AFC97500B08479315DC101,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577174Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fil-PH\mpuxagent.dll.muiSHA1=B1DDFA43E7A8621C27AA205A3C5EC57CC28F92E8,MD5=C674ECFB2E88B11A05EC620AF7760808,SHA256=BEA484C11C8134C40E4CE41BB921BBA6F5901D6865C64227919AC1160AB71083,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577173Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fi-FI\mpuxagent.dll.muiSHA1=BC7BE5B5E3C1B4D3FE595F56DC51F695932A5906,MD5=2EBB18CA9E032D5E93F6BD2F0A0CFA4B,SHA256=758D26E14D51C29BD84A7ED00A0DC640D1A72E1DD58F16097F8DC73A25DAF69B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577172Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fi-FI\MpEvMsg.dll.muiSHA1=B114B18A64678566513EAF4ABC7B9C1B8A4378EF,MD5=8F8ACB273FBB064BFB89C8C885EEA162,SHA256=FD52200363C72AA86A9B16BF805917B13C7DA8581CF79BEEFA9AE4C959402D2F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577171Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fi-FI\MpAsDesc.dll.muiSHA1=33EB8C034877D4CCE126CD24C6D66B0EDED67977,MD5=C124F63C88A789E7FCD59213530AF8D5,SHA256=1C1FFD02B504092851E7AA921BB1C3C21465475E0247C346CC6959C6FBCD04EA,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577170Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.588{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\fa-IR\mpuxagent.dll.muiSHA1=C32890FAC3D7777872674E4C411DC05B063F97E7,MD5=D820B8DA27FCEF038A0F418005422075,SHA256=D7C6EC9D021D3AD099129D91C275E907655F92609448DD2A1A3FE890D7C75BDB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577169Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.588{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\eu-ES\mpuxagent.dll.muiSHA1=F5CCCDFF2F813C289D6EA3814D1B7DF637C8F998,MD5=4467AE596AECBDC051A3891662DF7B06,SHA256=10366F323DFD4F8B790B761A54E8AB71FEA1CBFB76A94F86422C2F3BF11EB71B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577168Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.588{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\et-EE\mpuxagent.dll.muiSHA1=4AB0BF3BB7294044071ABD6DB614D957888FA0E1,MD5=001E088C953D05FD44A3BFC5A2AFB4CE,SHA256=4AB9563EB2F0AAF29D589695BC8F9DB43EC259DDC94CBADCF866ABFEEEE839BE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577167Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.588{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\et-EE\MpAsDesc.dll.muiSHA1=789A0001A4A63A5BE4D0B593B1AE75D4EE3FE237,MD5=BD88C21EFC303E2E878A9B1F227AA9AB,SHA256=38891844908F87F4D8DD96422ACDA51AAFF65D585E5A514EFADBB2367B59D9C4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577166Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-MX\mpuxagent.dll.muiSHA1=4A8355EE2A44DA69E395A8FEA977A956012E309C,MD5=784BC305DF2F511048C5562144779A32,SHA256=6EFC75E3412761C2FD38F06E43E123EBA64B28E6963004941994784322349FAF,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577165Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-MX\MpAsDesc.dll.muiSHA1=BFE353F149021F405355623091F82B8D6A7EB1F6,MD5=BACB16A167DACF6450672D1B5CF8B2AA,SHA256=E389BAD2B2E6EB3CD470A0D3F50EF00457D24D8BC315B8677D8C1B9B58F7C252,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577164Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\ProtectionManagement.dll.muiSHA1=23521801B68CF36D66D0EC7AD8BE3B7233A5CEBF,MD5=6CDFA1BCC75AA4C549E973B33D4C9D5B,SHA256=E518A42E6298A4F795EDB69A17214E194193AAC47380684496E80F4549C3CB68,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577163Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\mpuxagent.dll.muiSHA1=BD5353428AC45B19B736F793AC2F30BB8B58877E,MD5=793FA3D40D0A94765F9B9FC4E8E989FD,SHA256=4519C0B152C5B1411A01049224B0813FEFC3C11A72C960B858FEBDD3DECECDEC,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577162Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\MpEvMsg.dll.muiSHA1=6ED4A83C0A42DCAC80DABD055BB1B5051B696AED,MD5=BC33C4FE1C22C423D24E30EB8338D827,SHA256=7308126D43A4EDD20C15E435685DDE2CE778DE5DBF00195F52E81098478D431F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577161Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.556{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\es-ES\MpAsDesc.dll.muiSHA1=4CE478425BF812172F06A0FF140FF38A672D025E,MD5=2183185A3D1990BB813AC9FA0A87162D,SHA256=6D8A695F64986356B97A7CBD8823DE36188F9D94922B76055B20378C01530ED5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577160Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.556{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\ProtectionManagement.dll.muiSHA1=582D115915D34A0F45160B87C41733B82C960C83,MD5=3A040A135D1324DECD9D9D52AD01CA4A,SHA256=CB275B125252B70E3225FA2BC3FDEC4C5D19418DDD1C97EACD6E4B86B2891DEE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577159Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.556{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\mpuxagent.dll.muiSHA1=4E0C7438F0CF118EBC112ABCFD0DD490762786AA,MD5=BF455B47A23BCCEEE2FB3EF185730AA9,SHA256=688F3C07DE1915FA3A79E5B4D05F081602FC3BE3F3DC98765144AFC126C6AD52,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577158Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.556{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\MpEvMsg.dll.muiSHA1=72F0A502E969E37B335BF1D3C4E562D14F30169D,MD5=8A9647E0CDB6D07B50747D421BB65BD6,SHA256=9EE50693A95F08AFE3C0F492C61DF6B38E0F4ADAE6D9A22C72DD55966E3CD771,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577157Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.556{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-US\MpAsDesc.dll.muiSHA1=FD857483657A7409AAAE8780E78B94D5B968E00E,MD5=7A585E3CAC8DCC61F6809659DB50741F,SHA256=A205F07A0A62720C4CD2FB29642D43958888FDDD91FCAD31FFE5320F7C1CE239,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577156Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-GB\mpuxagent.dll.muiSHA1=29FAD2B3208DDF35CBA08CEB15FBCCD24FDECBFF,MD5=72FE2E3E1A56B82A3EF3DF7733708B76,SHA256=8DC860BB4676B8E8AB851E635343934F88E0E2F3401F50F9534F226AEF69C6D9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577155Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\en-GB\MpAsDesc.dll.muiSHA1=5F505C6A7F1E216C5F730CD5892BBB17239E6E1A,MD5=7951EBE420359FE3B96B20019F61CC0E,SHA256=DC6662AD4797D4C218F8C6837FF8CDF561A9D7D31ED30373CB3B755BB22CB90D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577154Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\el-GR\mpuxagent.dll.muiSHA1=E19F5B5B6640F7F336E48BA4992EC9CB2175F30E,MD5=EB33D69ED9620E109E69B61B973E9F1D,SHA256=B4EB4185D9230E375A3C2716C7DFFC7731CCA0641DAFD550786CFF15ACBED079,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577153Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\el-GR\MpEvMsg.dll.muiSHA1=A361DA1CB99CA888E96E02A97E6D7B403B037B22,MD5=254655CAB0B961A8CE3D188D5AA81864,SHA256=0C13DEFF461AF42DCAA54E06BD53FB772AD11D5DA86374F2290D14F97BD683BE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577152Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\el-GR\MpAsDesc.dll.muiSHA1=5531225BEF37B67BD8D2AF5F31887E807168C730,MD5=ADB142F2662B036AF10D9D3B5FB03856,SHA256=D7203E4B5C6F0786BFCFDBABB17D36FD41AB6CD9785C2F8291EC49E55B6869FD,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577151Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdNisDrv.sysSHA1=9B16744F49B9FECDCB8B21071889A6FE97B94257,MD5=87BD9EF526BDAB09DB00D678B464DBB8,SHA256=4B7BA644B135484FEA1CABCD93567A0C68D1063BDDC4AD43A2F692345BD870A9,IMPHASH=3B35A09D4E1C8B9673E78ECED60728CAtruetrue 23542300x8000000000000000577150Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdDevFlt.sysSHA1=93D7A10BC068759D1E8D8306BD35AE05FD6A9317,MD5=4D6817E7E835A6E0BD313FA85B97A682,SHA256=49940425184487C2DD6DBC79F7B503FCD9C5BBE262D7B559D37BC9340AF463BF,IMPHASH=890C088F7D4A3E82BADEAE88FFE6915Ftruetrue 23542300x8000000000000000577149Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdBoot.sysSHA1=3AC4FFA62C03095F8EB0A3A38EB5412C976EB35B,MD5=2EA35389A9D1D63FBA379FBE8F23EA28,SHA256=38A1B29647AA53D72674C2A5267AC1ED065643FB4B81547ACD1A19D08F24A8B0,IMPHASH=5FEE9881DECBCD99AFE063C90FD54A26truetrue 23542300x8000000000000000577148Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\ProtectionManagement.dll.muiSHA1=AEBF33C0254EB959C0C333E1186053EB068C5570,MD5=E5CC79360615CAD8F304981779F04FFD,SHA256=F180340017BCC3513676BD563CF43670E9C0D99242F577D28E5A02D906F03471,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577147Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\mpuxagent.dll.muiSHA1=881B9D3C1182FE2166E450676FB94766AD7BAF02,MD5=B2AAEE829AF970C744D907490FEAB678,SHA256=331860B3A5A19D24C7C808B4A07B75F6E211BF0BA23A1F8B6CF0661D14C4E1C8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577146Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\MpEvMsg.dll.muiSHA1=F6E60F04817217DB8B68379621F6EA43D21FA42F,MD5=72F52C0F38F7DA1DE4966FA892E3E1E3,SHA256=A145770D6B5299F5C8B9E9D3EB7FFB7073D2D4B6104E83E176492B49C95AA2E2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577145Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\de-DE\MpAsDesc.dll.muiSHA1=00EBD41A31120476634CACE947E471D707F34414,MD5=CEF6410FC3748BFC40A853F48C9AB69D,SHA256=CF5F590F0D6C8293930131B8C8E508D0F2D6DC7E6A675EDC8F4C9AF55A2A45ED,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577144Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\da-DK\mpuxagent.dll.muiSHA1=2646091E39CFFFBC846EB888A6702B8542113B81,MD5=6A69D247851408FB0E19BFAD1C1C7C60,SHA256=C84215ADE9D2FD6C59404AED8603FAAFA6303375A3250DD62BE6F5BFE58D7D4A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577143Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\da-DK\MpEvMsg.dll.muiSHA1=E410CB00CC7483F2FFDBDBCE9F30D578DCEB1173,MD5=AE16A347D1FE591E41F7F31A8DF43EA2,SHA256=D8CBE89C7C3A72FAB865B4D4926B1832FA145C1C5DFF211C65C9316EA7CF12C2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577142Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\da-DK\MpAsDesc.dll.muiSHA1=9574D2655EB967F9C504C59D6E8D9B303E3FC157,MD5=7D9295F9975C43D3B14B4B5AA60EC2EC,SHA256=8DDBDD655B0C6F0EA52F8855C88172E96DDDD8A620F278383023E66BBF590D60,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577141Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cy-GB\mpuxagent.dll.muiSHA1=6F5E41016DEC6C42D791D0AF0531DD314056AED2,MD5=81E92BF8011FCD7680464DC9120425A2,SHA256=04FE456173708F86983932F0C02304DA648D4DE8142A20FAF814C988D8D62891,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577140Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cs-CZ\mpuxagent.dll.muiSHA1=4E727BA96495A88D74240D5E30F8DD8DF1BB0115,MD5=727F734379A99AE973274976197B48AC,SHA256=47E1014942C17C76ADAAFE742B0B7B307E833F3E75BE03A830CB0C2450277B3B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577139Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cs-CZ\MpEvMsg.dll.muiSHA1=3E02756F491257E2285B544EA54116D5179CFFA2,MD5=472BFAA5D78D04CDEC87A31D9D35DCEF,SHA256=BE5C6F3348723DE4D86860B59193FE0D33D6B908AA555BDAFBB927CFA584D7F8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577138Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\cs-CZ\MpAsDesc.dll.muiSHA1=44A4C5A87875835295B0E195D7D7F6A16300031C,MD5=41FE3C5FABC7C925FA5F56BFFA15EE4E,SHA256=4502C67E78D9EDA07C0C22829C7358C90644B3879F4CFEBB2C540A7421C1B3DA,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577137Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Catalogs\IGD.CATSHA1=76D558CB63295902883C01D90201BB04A8561571,MD5=3548AF94D70C01DE9A93F4B6BBEC14AB,SHA256=54FF9808A965E71DD0A7E6F0A1CD410B967E357E2FCFD09D6E6A28A0DCD1DC54,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577136Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ca-ES-valencia\mpuxagent.dll.muiSHA1=C5F867D60C9D3A967E8F1907604B9A93C2D7346B,MD5=9AA7079EB7D818A60E56E81198842FDD,SHA256=9C14DBB14536B240DB74C2B96FCA1FB56320489FFC2E75C7310603FDF1E31B4A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577135Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ca-ES\mpuxagent.dll.muiSHA1=31E0268164BD977963DAAFB50BCD499F4A5E1E5D,MD5=661310D06F0A11F64C3A3E6E6F9B9279,SHA256=E0DBB794C31000CA18550FEE8E47B2EEC446EA31219B2069AE6617CBBAB9CFD4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577134Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ca-ES\MpAsDesc.dll.muiSHA1=A0A695A9C04CC3CCE709D961E40E292DAD6EAC18,MD5=4800E9F13CD088F558831581B7AB8768,SHA256=4A281A2C0860D9A84A14DA18F7ACC86B0EAC47482115E21050BD1D189C57C715,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577133Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bs-Latn-BA\mpuxagent.dll.muiSHA1=F0D5184B6497D784D8141BF055AC1CD96413F0E4,MD5=049861B31AB2CB1C7A09C90D873454C7,SHA256=C6F840B486508F80D79835AC79723EEF7825C82018D72B8A70DD723AA1B7A4B6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577132Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bn-IN\mpuxagent.dll.muiSHA1=800D86EA76F81AD3A8943EEB0E98EE5B1D19BBFC,MD5=B0995091A735E168193347BD7A774FB7,SHA256=5BD34C8231834B9BE110239104245E38C56326AE75BA349D2E0F597F2BCAB60C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577131Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bg-BG\mpuxagent.dll.muiSHA1=1A0F52720B22886009263F3D6A242BA5B17D12CC,MD5=D98BAB6197B08747A94CF68313CCC3F5,SHA256=34147E68357F553D0F386A0A18CB5952C681A276DD2CD2D4ECE38EBAD5131BC4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577130Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\bg-BG\MpAsDesc.dll.muiSHA1=7C7152FAED82C78F6EB41198D16AA1DA4C2ED663,MD5=85B953B08F8AA94E01390BD8036B313C,SHA256=D053BF46C85C254D109C0B2405B0FD536AA6C60D510360EFAEE6686CAA435014,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577129Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\az-Latn-AZ\mpuxagent.dll.muiSHA1=E692551A766E51FAED4DB24C60B3885A70A1783A,MD5=FACFDC8A4DC6C06EDF555EE0FDECA5C6,SHA256=EA6793C69AF0D4346A00A52142922F7CD1C48CEE0AA68096BA4A29C26536B03A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577128Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\as-IN\mpuxagent.dll.muiSHA1=37F89C743D821FEF8531F292BB2D399BF7081811,MD5=33D82E598A52372E904F1E18D6957C1A,SHA256=D3068AFE198FED6089EF7A2FC79C2DE6D0B003CAFF61806D1480D0F37B689CD3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577127Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ar-SA\mpuxagent.dll.muiSHA1=482A68D428A1A8CD06B3595B146CA94252DA2843,MD5=99BD8F5B9075815B20264741B203E40A,SHA256=3C048EEEAB4414E3C818F43B1AC91F92E5515E5509342A4DBF2319A037155BAE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577124Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\ar-SA\MpAsDesc.dll.muiSHA1=4C33A24D768EBC0E3DB022DA6D2D60B516A3CBA6,MD5=A5F1B9E28E9EDC354EE806EE1AE67151,SHA256=61920688C20D57997696C8D0DDE099A21B8453325AF6BC888C5D740ADC9FF9DF,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577123Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\am-ET\mpuxagent.dll.muiSHA1=D35DE66A99039505E949CAD8C8B0D4BC0945461A,MD5=8103208986850FC602C1105CACBE44ED,SHA256=FEFAF89D5C6105152F2B1FE305D8531E6B27B4B00622608B342BE8FB66C13098,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577122Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\af-ZA\mpuxagent.dll.muiSHA1=1A1F24896490462A4770AAE2D203F98536AE5319,MD5=3E84F8CD3E421FC382FD6024E09729DB,SHA256=81F25787754E8AD62A82E796EC471B095BF76A4583D68232DCB745AE347B5404,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577121Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ThirdPartyNotices.txtSHA1=F969931AC45991F7ECB6767A69433A7082ECCA2F,MD5=CE7313760386B6ABDE405F9B9E6EA51D,SHA256=73E26404B3571A9E859B3A1144F54C353172479586E0A23C3A7DDA0C1C0AE919,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577120Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ProtectionManagement_Uninstall.mofSHA1=5CB3AD07CF6DFF3DB5BAAD55488A769A664BC093,MD5=C4E26C53F76774E091FEE17FFFF64414,SHA256=5172863C41E84024799B2034D42F10E9720FC53171A4F6C1CA2FDB2C6F71DFE9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577119Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.150{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ProtectionManagement.mofSHA1=40591520D5459CD068F798B0E330DDC2B072557F,MD5=510A7A8AF72668788C27FE22CE1B11F2,SHA256=A54237F0686223511A7ABE06E6DBE1C16A9EFA86C5FA7D321AFF62EF7A96EE2D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577118Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.150{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ProtectionManagement.dllSHA1=C0973629F3D037767DC5259239C832DF129ED531,MD5=3092E66F9E4F9B6BE2D592DCFA5CBCB7,SHA256=79802C213E7928468FFF93D72CED605D8012322E46C3BCC52191353132FEE144,IMPHASH=A76BFF4687C0E1559E35DA4E213B4B92truetrue 23542300x8000000000000000577117Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.135{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exeSHA1=35DD89461E9406CA9820061F055A6725FF081BC8,MD5=FA040CFFF6B032C226C6B82A826D5024,SHA256=5B97B5ED8EBD795F9667A2CCAAB76E0A413D4D07F76488B51B4AC0485DD69090,IMPHASH=B2CF270DD30617D242703BF264932A90truetrue 23542300x8000000000000000577116Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpLics.dllSHA1=85A264C0D88E0F6C12D447FF560C1A67D147BE81,MD5=63B430EC9335673E713C34C4E9473967,SHA256=6543B9FE1BE62ED9B3967E94445F63349A69D3DF41F2DE78E5DF99E87D1D3C4C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577115Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exeSHA1=003F4160FC1BC322F0E3BA95B1D540AC955D081E,MD5=CAC984BF356ED7761912C1D81232495D,SHA256=D5BAD8FD7460DC44C94CC0E9639274A9A69B0ED631D15C86986324901B5044AA,IMPHASH=F189C7B818D0AA5FF3015F856E3C3A13truetrue 23542300x8000000000000000577114Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpUxAgent.dllSHA1=94B9491481A2FC80A5AEEF9FA790B7AF7D07C043,MD5=B5CFF0AD8DDAA87C4D8B3BEB3E253ADC,SHA256=A5229B7FE59239A336573CA5422756741E5E89178670771CE8D7CBDBFADB12D3,IMPHASH=8E71AAB314BFC70EEC0B1A22533EFA2Dtruetrue 23542300x8000000000000000577113Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.088{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpUpdate.dllSHA1=C249FFFF939C08DDDFB21E2CAAD6D9C41B9C7F62,MD5=F0F032D1CCD53831B660ABE243CCFFFC,SHA256=CEAE72B0A21CC2E11C8DF65B06116F31B7171E5BB769D247E8062FA474166901,IMPHASH=643C3273BD359D079EF68C411527FEF7truetrue 23542300x8000000000000000577112Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.072{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpSvc.dllSHA1=EF231CBC963459E9946D7CA361FFA941C9DD4976,MD5=46DCFD688D29412100369397220E921C,SHA256=5A8417E867BF5DEF1AB585F3A707AC8263B1F2B9337581E0BC5C96E420C6C09E,IMPHASH=287248F04AD0B1F8A3201005F54094A3truetrue 23542300x8000000000000000577111Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpSenseComm.dllSHA1=E0DCEA0A9D20C50BB9678FD8A18B036F8B738F74,MD5=01E552C0F9C0A741E97C451FC95E0608,SHA256=6D255A767F20A208B09201C477F28FE1848C7715BD3719A5D9E3A61FDC2AC34A,IMPHASH=862E746102BE3A8FC5C27A5CE86507A6truetrue 23542300x8000000000000000577110Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:45.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpRtp.dllSHA1=186F885910EB59E85B2DDA80786FACDA3B37D01D,MD5=5C5A29ABC01732E8E7EF6FEFA172CD7C,SHA256=0A4A02AFE6A103ABC841F14C996F5186F3C3F94A882A7750F3B0A7D8DE14B052,IMPHASH=3A39FD9B8C74EF0F23C7DA1A0831902Atruetrue 23542300x8000000000000000577109Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpOAV.dllSHA1=7DFAC5D09B1A71C9983D8AC8ADCE8FA1B2AA3DEC,MD5=1A0455FBA14B935C088ED20C3E7D9E3F,SHA256=5EA49B6E291C6CBCE4CE18B276B0AE2BF63CFE405021FB503EF8CE8970683BF7,IMPHASH=28D3DE166C9E9C46DC0EA2089E2AC74Etruetrue 23542300x8000000000000000577108Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mpextms.exeSHA1=E8A1FC5FD64FB358EC4643FB295F2BE043C94B14,MD5=7736526787F59C09C81AE3751AA9907B,SHA256=72CA54B9833888F2AC050E0A90BD4D798E52CFB78FA5403BCFD317793AAD9FC1,IMPHASH=BCC38FEB02785A4856185CBCECBA4B70truetrue 23542300x8000000000000000577107Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpEvMsg.dllSHA1=92C40BB7802B96A06C4EA4DEB261E0B919CDD75E,MD5=8370D709CD1BDECC498D525AEC71E4A5,SHA256=474830421FF3595B06B0A5DBA2A1B51C2D548F4E9BCB832DCF096093393B7705,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577106Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDlpCmd.exeSHA1=0EC800CF1D38F4F32E16E0831413F285F3693B1E,MD5=A3E5F95A27BB35D495347BCB591E1B0C,SHA256=14D00BD63CAD6E7CC712A4C3842C83A9D5EB6B3DBCED8A5337115F67CA98640E,IMPHASH=9273F91C797CD5C40E5E956EEC1FD849truetrue 23542300x8000000000000000577105Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDlp.dllSHA1=EF48E4788D3D948B504C233C2E279BF801A02EC6,MD5=8685D5F263EB10114DF47A56F58CF411,SHA256=1D23B1D7E3E04F9A07296D2E13E1619564C6D21E922DE0117C22CC498F7EA20B,IMPHASH=B0EF5EC0E2095D73AE16394A352C3885truetrue 23542300x8000000000000000577104Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.932{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDetoursCopyAccelerator.dllSHA1=6201C598AC965F5108C2394A3DC6C0DC8BA440A4,MD5=E3D81894936F3428A60B3EF6670F5B37,SHA256=DCC7377E82AD2F3F4C31350ECE61625EBEB143AA126E2B076B4E385CE158ACC1,IMPHASH=8134FB421E1A724B4B4991256B828B42truetrue 23542300x8000000000000000577103Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDetours.dllSHA1=9D92E3A04F222C94FFBF84C0999EB09F9C462F2F,MD5=FC8C4A87A430C5A6D8A41234D4D2C663,SHA256=0B2513281E94F4DB3EE8F82C419EE4B19D6ECA66DDA49477C88C959807E8B93D,IMPHASH=E7CD5D60382F6730AC72D09484F903EBtruetrue 23542300x8000000000000000577102Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpDefenderCoreService.exeSHA1=A430980862417185708C58CD25A3BDB3A156A110,MD5=7A0D2E3C4DE587C4554E055931A7E201,SHA256=52E3A8287FC53503D1D9532E608305B8901308171D947960C85CB893EF7F0AB9,IMPHASH=C815E54C35D1A40CBE18D6E3B92829A6truetrue 23542300x8000000000000000577101Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.884{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCopyAccelerator.exeSHA1=D593DB1D25BD601CF15E99F0097AEF99E65D455F,MD5=68E37488BDB2A10A6974B286963A8E77,SHA256=94D7F4615965CE9D5DDDB0DCE1C5B1DE27A171BC13B2B464E615A66C8C695A9C,IMPHASH=94316E3271598CFCB7F9A6A96CFED214truetrue 23542300x8000000000000000577100Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.884{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCommu.dllSHA1=CA31F34DDB523EC97DF6CE09A464B67816044617,MD5=4E4493F7CBC1F81CC58AD5623414EE24,SHA256=DE30EE123EB86D7511407C0D49F093030E4A6384F7C3C2BE572CDF91DEA2F848,IMPHASH=55239B1ECC1874DB2529B570747F1D53truetrue 23542300x8000000000000000577099Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exeSHA1=9F434B65DB9A9D06D813044D283C76BF40763594,MD5=C40DFEFCD88E769B5D5C6BFBE8FE2B25,SHA256=D922D68886B7EFDBFDD9E9E447A4B588FC17F09644C08F4CB7AFA3BE4C5F7C6D,IMPHASH=0A36B438EE32C23E9D94EF258EF41AABtruetrue 23542300x8000000000000000577098Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpAzSubmit.dllSHA1=10DBBC3C6E26C63396B0A18FCC99A4B2B6BB9C85,MD5=5DBAB5213838FFCDF1D38A2088D296A4,SHA256=7288F380A89F440D09591B03A0839C5F11B3FD3D11DAC471CAD414A04BEB3302,IMPHASH=EB7C065A5795F9B75CF01CE1DAC3CC99truetrue 23542300x8000000000000000577097Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpAsDesc.dllSHA1=6EC6E6A9A1E46B6B887DCE9B8BB49E591480DCD3,MD5=1D59229CA7024A6D5E4392D6C047E77F,SHA256=FB49274BC7331D973133CF803791C86B216A0F1F4B68059D2004FE7172FFCE1C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577096Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Windows-Windows Defender.manSHA1=6A9ADFD47BAD44DF42E3BDDA37D563FDCCC4DD29,MD5=018276802DB93EB0D750D0E83E50D771,SHA256=F6267FCAD9C25F4288914CA920BA0DC06277ED71BA688803B56E458823CC74AA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577095Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-Service.manSHA1=F11FA3289AD921E1029BEF34E88870910D5D8C32,MD5=529043A62ED87EB797B2BB5FE1A90C3F,SHA256=3982E3620282A820412C825C0F3C9451CF697F11A83AEE527C48E10B06E95B17,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577094Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-RTP.manSHA1=3E5CF0627D76A682D40B8775D880BD20B90B5E69,MD5=0254A51E922D467661D5D39C886AC9BC,SHA256=FAD08683B176DFC27FF428A6F05D10982FCF20AFC59DAAB21539296FF50F5002,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577093Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-Protection.manSHA1=B7DC3C04C67D7903E04B0EBF2AB7840AAA717EE0,MD5=E4AD891E7B62475FCA109C0DF4DEF16E,SHA256=DF9AD93CDB61587A35FCDCE996955A64413439A474D85C86133A9E9C185D1966,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577092Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.713{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-NIS.manSHA1=6E5AD734AB6A9F8B82B19024E21007AC2CAD2540,MD5=5562965C32F03AE0DF8B9DEF950F8651,SHA256=EA64BE59286B67AE930729FA92B2B08DCE5C2EAEB70FEABE2320C47FB6DDAC6C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577091Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Microsoft-Antimalware-AMFilter.manSHA1=8E006DAC462C9AD9D2C0FA1C8BA95E6D1D94382F,MD5=FA41CDEB03243C5F0341301FDB95206A,SHA256=B783898BD2C680A58F4E41D899ADF7C3438B06E426FDACCBEAA68E7A720171D0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577090Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\endpointdlp.dllSHA1=0EC484EEEF57CE8B788B7AE50EEE1189A6EC111C,MD5=050374B202488E951585AD11E1D56BA5,SHA256=AF73A1E5A97820150C8B2329AB4D84213507EA4385B7238A648E141D36D160C9,IMPHASH=A451518025186A5E48F0CF5E423958E4truetrue 23542300x8000000000000000577089Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.681{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\DefenderCSP.dllSHA1=648161105DE9353B93836486231D15593B095AE9,MD5=F7D5FF20F5EB84E528EE21F28A9670E7,SHA256=CA09ADB264E69254161AEF4B1BDBB8B5A895D826A4FF802CCA233A77B651FBD3,IMPHASH=E26CF5840AD105DAD7F9F7DF926D6A80truetrue 23542300x8000000000000000577088Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.681{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ConfigSecurityPolicy.exeSHA1=3019726F9DAB8538E01226ECFD76C158616A6A63,MD5=438F984F625500716F2653F117FFCEA5,SHA256=6153EC46489E2C6FEE12ED71967DA4E62096BD4D801DCBD3B0501E6C4AB2C334,IMPHASH=0167833356936E8B9601140CFFFDBE1Dtruetrue 23542300x8000000000000000577087Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\com.microsoft.defender.be.firefox.jsonSHA1=241F5E9FCE639E713E50FE748B5865F6EC2880C0,MD5=7797BB3399C837EDB0F7564D6E3C6217,SHA256=E2A0B5B4F64653C86B71231EB3FF5ABED56B4180C90234DE2C008456E270F8E3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577086Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\com.microsoft.defender.be.chrome.jsonSHA1=CD82C099B0ADB4496E7D30951F249EB7CEBE7570,MD5=36CA2812EE9B49E0785121434B7DD136,SHA256=8602FABA22D8E06CCB146707B4A10F6256799FFE854D37781156A5A6D6120369,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577085Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.666{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\ProtectionManagement.dll.muiSHA1=C1B418F076F5A674F06A7D6CD545698B74CAC22C,MD5=9B8BCDE24749228A9F42971A3D50E4F4,SHA256=608EAF982435FA005D0131E2FB978E78CA4A9C1AEA4D2475917172E4B6F49910,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577084Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\mpuxagent.dll.muiSHA1=CD2586975F74BB94F58D12F83B9F7C40D1E98652,MD5=9DCFEE706059C39976203255FFD30229,SHA256=6FB1E615B12BACA3CE45C2A9B344A5B3140B99A2A566AAE8AD0E3E9788EBB1F0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577083Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\MpEvMsg.dll.muiSHA1=6C1A187EE2FC64A8DCF44BB57329B7295E70DF4B,MD5=371E2EF936605A956B5CA800FE69921F,SHA256=49816B20BFB2E92203B810139687B9D773372D5335FF2552F488B1910EB88E83,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577082Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-TW\MpAsDesc.dll.muiSHA1=CAE7B811533108A623FF81BBEFDDA0334D405305,MD5=C388BD223498554BD93BCA1D9F4A5047,SHA256=F3DA9450C6954BA64BEAC4DB5F39D3C0C9DBB138FAFFAA57940978F9153D62DE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577081Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\ProtectionManagement.dll.muiSHA1=9CBEBD7524C07AED5CD1A42677D6957825762535,MD5=AE2C7A65AC68E02C0C29D63C93207648,SHA256=4664F24617EB6F7D97E4030F94F38AC9E353D245A8242CA85E6DF647C57B7B1D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577080Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.650{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\mpuxagent.dll.muiSHA1=8A3FA0AFBE190B51C50542B3A4783C223E045B94,MD5=685987676797095FD226446B35FC4FF2,SHA256=C2240A3E2AA6D34FB2695E0F51D3D67E92477DE5D2EF9BEB6E6388BF4399521F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577079Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.635{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\MpEvMsg.dll.muiSHA1=2E4150E99B88D15470308D6B809109D0FCA4A4C3,MD5=1001E23DE799C471B70F5C483B6FAF19,SHA256=0CB3249F2F894B2925EC28F34027065F8F2C61130FB98D13A177DBC552787D7F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577076Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.635{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\zh-CN\MpAsDesc.dll.muiSHA1=809E3E3CD7863B676515247759CF0226B8177B3D,MD5=275DAE6091F8AB6D64FD3F1A9C8483C7,SHA256=16B484FBED57BD395194FD733CBE36699D115A611B7A0F6144FFBA6973310BF2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577075Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MsMpLics.dllSHA1=B3C76A16FE6FB0E68FC48BE4D1361589ACDA0C67,MD5=4C4617FC6582A59D68927B8429BA6154,SHA256=C1CFBECF84FE7170F48AC23E2A26BE9DF90A744E6C9F8F83E9494619019CFE15,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577074Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpOAV.dllSHA1=4F6D7FE3EEA321D0E7921382F44089AC4878EFA3,MD5=C6FFC57FE2FBF6641B74268C0A4C3054,SHA256=2E270BEA624FD9328D703F5926C2AE4A44EFEC1EBAAB401794A10D6A426F6010,IMPHASH=025AB2C27D98D8168DECD24548EBF963truetrue 23542300x8000000000000000577073Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.619{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpDetoursCopyAccelerator.dllSHA1=DDA62E114E636F54BC1CD76B032368818AE751EA,MD5=088B997B2A6A33D153DE942FB280DE63,SHA256=70FB26C4C60694DE59ECB725530CC5F2AEF0B52FCA58ABAF066CBE5223D5BA40,IMPHASH=A72716399E8D068CB87E32A578AB12B7truetrue 23542300x8000000000000000577072Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpDetours.dllSHA1=CF744D85FDA66EA1E741138247A13A03B735C11C,MD5=D7A7DCC5C8E98FF687E96C0414FA4151,SHA256=4BFF8D0F6745FF993EC46C1D39541E7DE025E0128AD8FD64967A93553FAFC320,IMPHASH=77F41CAB0B63DA8187C849A85C1DB60Atruetrue 23542300x8000000000000000577071Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.604{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpCmdRun.exeSHA1=209BD31BC5764EED6135DDD0A34E07E050E9674F,MD5=5F1262C1A91954D764520D3C5284DB28,SHA256=AE249DB7CA8DE6CFA565FD44EF56958133F8C9ECAE59573762CA76A5067A027E,IMPHASH=99B11F8B366E2BAA71DC00DD6BC7A0D7truetrue 23542300x8000000000000000577068Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.588{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpClient.dllSHA1=FAE975C98F48FAA3D8FF0D137989D78B38F25F1F,MD5=F9979C4753BF181AF73E8CA88C8C7CC7,SHA256=DBD118233437FDD82BDB3EAAA1691498C28BCF5CB60BCA2215D1939EC404ADFD,IMPHASH=3575AF749B8C94EFF471A3C15299C5D9truetrue 23542300x8000000000000000577067Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\MpAsDesc.dllSHA1=CA25BDD61379319ACA1814F20B658C5CB00F4844,MD5=F1C231A0E112966BED692F6768B470B1,SHA256=732810EDCFE917EC09AC8AD4EB8807D54C7C03497C2F4C4C007F7097B64387AD,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577066Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.572{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\endpointdlp.dllSHA1=D4357BA2448E936B85141F65FD1B6BA74A7C5525,MD5=E89691D944DFB0E4D3BDA9F663B4CFEF,SHA256=875A896290C1EF3F5A8BDE5F62537E6F1BF58E7D78D03BA68A9C1C368EF70109,IMPHASH=5EEBBABEBEF35F272F2A87CA59FE84A1truetrue 23542300x8000000000000000577065Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.556{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\X86\en-US\MpAsDesc.dll.muiSHA1=5962681230EF0F292F19AE09AE8C18D43286C327,MD5=6DB83457C5E8670D7DA7BD0A2397B957,SHA256=04255B9D5595BF41A4F666EB69ED02B514EF44406A9D1A65464D5811B683B1D3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577064Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\vi-VN\mpuxagent.dll.muiSHA1=9B1E891160AF6AC460C5B86E704C2EC86E002F0B,MD5=8FDC8A6667A5D1DD14A098AC3ABA8FFB,SHA256=A5411770B40C8D7AAAD6C7A1DD33F557F46EFE91C5249A2071B91B05BC33516F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577063Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\vi-VN\MpAsDesc.dll.muiSHA1=1C4E8D32C142A112BAED90AA00D5BFA02808781E,MD5=DD90B54C524C6ECE86CE072C92B72743,SHA256=0ECDAD4BCB8C7DEB9513DE0563A0298F05DDFE1796BF6230C85A6C7B5DC6F545,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577062Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ur-PK\mpuxagent.dll.muiSHA1=46573E7DCD7BEC7A9A9EC7D75DB635A6A53D9462,MD5=6002E18F1F77E9A776F2CDB90EA933E3,SHA256=3F09DE07205C06DADEB565DE5D9346AD9B6786CA56E21728BC3E17C8E0A873EB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577061Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.541{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\uk-UA\mpuxagent.dll.muiSHA1=92551562852698F9819BC099E10AD405D10C108D,MD5=031083B8F72F6176FD02388CF312F2C6,SHA256=E61CE402C18453F38ACE10258DA1019DFF96496F336D5F9C8C4B63C764B9E1E5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577060Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\uk-UA\MpAsDesc.dll.muiSHA1=F77EAEC6BD198A0FFCF55873D185B8C2D420D3B8,MD5=600C16CA5191D769AE53A91DE6622BC7,SHA256=52A27A82367AF180BAD5FF70D648C24A056E6AFA0C73957E165BBC89239D06E8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577059Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ug-CN\mpuxagent.dll.muiSHA1=3EC9A3737D329A26FFA5B58AA9B9046E9ADC4ECD,MD5=E838AC6667A9660B18AD056221CB64A3,SHA256=CD3472318DEDBE5C6CD20673DFE4C4FB240A82BA0360F5D39AC599AFD9A4C2EF,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577058Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tt-RU\mpuxagent.dll.muiSHA1=FE10AA1FF1998F8256A7A597856EC8DC9942104E,MD5=2ED88451318591AEE716AE5E06817AA2,SHA256=7BB9F51A78C039D0AA0218434F125586298A9E06DBEFE2F77CA769C934F36DE1,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577057Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tr-TR\mpuxagent.dll.muiSHA1=EDF3CE5B7D9FB38D6CEE6133552796B2C6D0FEEC,MD5=FEB61FF0A4201F023473C9FFB9BEC0B9,SHA256=3C366CBB9FE6C0897EB1542E3A881095B8EC1336F65A6AA6559833D09D6A0C06,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577056Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tr-TR\MpEvMsg.dll.muiSHA1=E05CEF0C9713955ADDC2A3A4AED1DD6588C3B945,MD5=72246F6A7E4100AEA456ABCB0BBCF362,SHA256=F4F3B09D67FA23EF8BD825D7059888ED0C187266CA477D891C1C89A2C9418C51,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577055Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\tr-TR\MpAsDesc.dll.muiSHA1=93DA5A80FD77E157D2E7FD85BB02AB89FCF88BAE,MD5=B4EAA18E08096A20299A9AD8906D4B12,SHA256=9C05AF033F61BDC14EAFFC6BE5143308694FE0976A0FB4C86D2507506702D8B3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577054Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.509{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\th-TH\mpuxagent.dll.muiSHA1=3C7D13C164CD0206E223378798A0E27C529D1287,MD5=F185559DF8E4E6043988E17FB3F9EE95,SHA256=BC0F394DBE9B455A15BEADCD072B709C2110B33886D0194C82FC7DEF3661D4D0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577053Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.509{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\th-TH\MpAsDesc.dll.muiSHA1=F6514F3565CF995554D2BB1697D436631963C4D3,MD5=39FD373680043D7CCF5E22F1A80CE5B9,SHA256=BBAC0D603509748B69D933DA2565A6933EDF47C016A580EB1854FA486E0EF34C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577052Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.509{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\te-IN\mpuxagent.dll.muiSHA1=06B2DF1BD1CE1D1229F87E52C05FA9D761FC5CD3,MD5=4062F2DBEB80A144AFEF7984333CF191,SHA256=EABDB6C447F9926BAF7A2AE0859E0758A2D00D80D1DCC5A18FCDF3D75A37D93E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577047Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.494{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ta-IN\mpuxagent.dll.muiSHA1=5443492D760DDCD6D7F5D31D826224E90D40B2E2,MD5=FBE6D1C880FD93D5B1F82C776916D0D0,SHA256=69B8333F9994664AEA36EC79F77A0A4EE12509637B1C7A0B60418707F1A38527,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577046Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.478{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sv-SE\mpuxagent.dll.muiSHA1=351032471C1917ED2DA910480F4B5E2B14A077B1,MD5=282844F101AE245DD64C6D05198AD24D,SHA256=D71D48AF1A2D1F8B2CCA6EFE1B310F16F236E688A807C4856A31A7967D0F205C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577045Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.478{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sv-SE\MpEvMsg.dll.muiSHA1=85300ADE194FC469D80111BE7786C99724CE8195,MD5=E37795F12CCD7B921675EE6C3AD374A9,SHA256=7D729057C076CE488CA86DA60760D197E91964D12E67BD2FFC3F043B466485A8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577044Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.478{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sv-SE\MpAsDesc.dll.muiSHA1=3CD48015E939A105F1C7E118507CA60C701B9E52,MD5=61994ABFD42ACAC3EB7A0B9DA622882A,SHA256=74EB90106C99F2DD40E37FF54EF381510932AB810CEA7E29AD0F5472DD3A3A09,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577043Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.478{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Latn-RS\mpuxagent.dll.muiSHA1=5ACDC07CDD6CF293BE70CD2A097ACFAABFC58C6F,MD5=3BD726230E3EA7B34D5F03F80C887B56,SHA256=08772F226F2471058B2C1962E5DACA3A09F33DF097EF0D684186318DE0679C75,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577042Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.478{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Latn-RS\MpAsDesc.dll.muiSHA1=ADAB982D638AA9E7A16CE11EA5478483BBE784E3,MD5=30E81D4923E9D50AC40F8797580E3D37,SHA256=3181DDADD7D972216572F8259BF39A17112F0F363F7BC31E9B0488B626CB7D3E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577041Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.463{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Cyrl-RS\mpuxagent.dll.muiSHA1=87A3A6F26BBA0EFACBB1F3AC93138DE263B909F2,MD5=6A32D847A35834C05F2CE02A878B679E,SHA256=E034B4673D11B5B15A084914A899170FF877D22FFFEE7BA09B17CCC0F8ED3BF3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577040Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.463{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sr-Cyrl-BA\mpuxagent.dll.muiSHA1=39435196F7903BAA3892789BE0C10A7AD3A153E1,MD5=981A5FFBEBCBEA9AE3778EF84D34CA6A,SHA256=85DF253F3F2EB7B252C0F2CA3E6E3AEF9C3375518BA705E73ECC5D9B8F6E7FE3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577039Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.463{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sq-AL\mpuxagent.dll.muiSHA1=E0A36AF0DEF807B8A64D7493F617287A27D164BF,MD5=971537241C6C29E3CEB93BB4B7DAAAFF,SHA256=DB83987CAE2C890349DB6A0B652C8DBCD3FA81CA744B2C54AD5CE88CE958BD0A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577038Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sl-SI\mpuxagent.dll.muiSHA1=4F3FFB318994C24647EE02852DE223D81FA881D9,MD5=3FCC2E50B39DCC632FBF27E91B5E0DFB,SHA256=6838A0C4FDFBE4F41521BA3FED3DB2AFA4AA20DDFB61827F3F289817DC359644,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577037Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sl-SI\MpAsDesc.dll.muiSHA1=8A747AA146ECC11DEA9080CBD3F2EC280D2ECAC3,MD5=E63B91E6B640C80575399485F0B64F6D,SHA256=782DAFF6FFB7D9E046F5BACDD37EE2F4FBEE833C503E343C9C5495D954DA3BB2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577036Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sk-SK\mpuxagent.dll.muiSHA1=6C70E30C072648400920D92EF8912C90F9916A86,MD5=20D0FF3BC9998A1810446D34079BFCEC,SHA256=2AADA35A9863D13601632D57CB53D0BAD41686B206145E062205EDDB9E8B0772,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577035Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\sk-SK\MpAsDesc.dll.muiSHA1=334C2E7E0F14FF88216921836D2107B1503F75CB,MD5=A4CA51FBDEEB6E88F36048DCB1F55D73,SHA256=AF3ACE968A26C5C733FB817AECF389D8936DB528074CCC99BA4304B7F4354219,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577034Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\ProtectionManagement.dll.muiSHA1=CDE4BE7870B7A78DEC20C51276C473190C9A3541,MD5=B2BDF5474AB0A9254301936176C77EBB,SHA256=E19BA67B55A0DAA258D00FBE8EF1C03F6499830F6F3A01F0AAC3220225BBEEA2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577033Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.447{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\mpuxagent.dll.muiSHA1=6BCAF81987DFED98FC59BB2D7BFB2904C398C87E,MD5=D223ADB02053F9325AB9F18E69CA54F4,SHA256=F416C90753E5961B0DEE3ABC58BAAA88E45851DA7103F94F5DE0DD005504930B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577032Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.431{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\MpEvMsg.dll.muiSHA1=22F632B3FF3D5E3C4C2FE2CB8981C99376B3E3AF,MD5=6422EC487D1B1566AA49732ECDB21C48,SHA256=0B9E6388E306AE516B1B7811E290DC4E445C3CE1F842CA1EA439A9871218637F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577031Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.431{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ru-RU\MpAsDesc.dll.muiSHA1=9580D3256DE1B55582382DB7CFDDA78D45FEB0F2,MD5=ABE9B3B5FB442FF00BD92DE574925C26,SHA256=A584F683A9F7AF3BEA0AACC6F4500A3E09D65B9A97BBC7D856DB0323969A9231,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577030Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.431{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ro-RO\mpuxagent.dll.muiSHA1=489020F50F10E1190A8CE2DFEECFB8BE12B4D90C,MD5=022995C346E31404E4373E4B991D25D3,SHA256=525703EEDB8AE19AF1DF9EE60CCAB88EC4E635C28427EE294B251F3115985B00,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577029Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.431{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ro-RO\MpAsDesc.dll.muiSHA1=6B9BA50035CB93F4B5E9B3D11CB4A60B5B95EE50,MD5=C411F0561237B7CFB6890F75D83D927D,SHA256=7D27CA7FD4D862B159F22BBD6D0E263C92188C303089B9A7DAA7BB3CF0AC7E36,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577028Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.431{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\quz-PE\mpuxagent.dll.muiSHA1=6E24B504FC6A0392AA840C25F095DA9589644807,MD5=CEFADFD6855A00DE17ECBAFC93BD139F,SHA256=2573565A86BFC1F431C8301139585D632A674C6FD57A5D9A5FD5F3AA6D1A4C2D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577027Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.416{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-PT\mpuxagent.dll.muiSHA1=A50AF9CC0F5D8022A46ECB9BD85359153C4B665D,MD5=42F93C0E9D796FFD767753482DA0D9DB,SHA256=7FA44D34D96310BEC658E0F1E53E66006AD7F641D26827C511B145E5F481BA89,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577026Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.416{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-PT\MpEvMsg.dll.muiSHA1=48180551CFA4F9F03085470F1E84A045825E2D7C,MD5=5F3092063BF48A17EE38B90D94412346,SHA256=5CD73AD24474160A6B69E6C98EDB9DBD0E26CFB62BA68642E4BA50697797842A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577025Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.416{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-PT\MpAsDesc.dll.muiSHA1=28E59B3025522A88B8DD650FD2E47A29A0F7BB0C,MD5=1B3ED63ECB2130FCDA3328A28CD71F41,SHA256=DE7CCBCC3749B5FA5B9368A31D044161DA6F5AE848F81A38E00662AB3F4C4090,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577024Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.416{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\ProtectionManagement.dll.muiSHA1=4F042901FE3D3542F4F0B0D72DB3D7640551807D,MD5=EB525C14118EE6B2B4AF49EE87A22C65,SHA256=FE5E7352207B2EC16EA4CF6C9429A16E0AE2B313F5AD7AB835742B64FCC03931,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577021Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.400{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\mpuxagent.dll.muiSHA1=283A9B68ED4137E378C6EA2BA36451B116769124,MD5=524364A4EADF5AB20A55F567B69D9FA4,SHA256=2136519E698928240DAC5537E3518D9E1F9FBA250820D294BFA4CC746DDEFB24,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577020Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.384{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\MpEvMsg.dll.muiSHA1=DBDCCB68AFC3A481586FC2B64F8CBF90FF77050D,MD5=5A32C73050519AA79DB422984253C5A9,SHA256=609F9F52FFFD219A2D5F40673B67FBBC471C4112507E3627C0EBE9D2D284601A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577019Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.384{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pt-BR\MpAsDesc.dll.muiSHA1=35963B39FDA5D844065FE574AEC00ED9DE2A3FB0,MD5=D9A433D2DA50167521398C270D0C5B07,SHA256=884D94067C5DC46A1733582B9570A0DF6C3C9ACA962284C2C0CBD70022C3AE88,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577018Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.384{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpWDOScan.cdxmlSHA1=EF513920343A00C05E1469AE94564A06BF64B226,MD5=F50FEA3734E145B4B7DB922734F2C634,SHA256=45E70E5D4512533EF7D9EF5DBDDE1EF8F014A039B40411C2ADC353CAD4C929EA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577017Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.384{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpThreatDetection.cdxmlSHA1=ED9A1E311CB58F04B64D9877F6B22FA890B4BB06,MD5=A21674BF2E6AC204F26B3D8AB714F5EB,SHA256=C00748A38D7778D65DB72C687ECF63AA0D01173A4C27876CDCBCF21A9CE36BC7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577016Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.384{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpThreatCatalog.cdxmlSHA1=D75559DFC3ED47B3279468C1713C3FC1988C2F94,MD5=4C5C9C3E9311AE5ED98C8E178A9CDF9F,SHA256=6F3D6A4C7C962CB073FBEC4161F9FCFE7B98B4DDA361049F7498ED653FC95560,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577015Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.384{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpThreat.cdxmlSHA1=B13189526325DF1BBDA007A74725006CF9DEC61B,MD5=B8730C31A5B09A0DE67E50063DFB0E7B,SHA256=FBC99399EA1B5EF329D601B15CB5FB7628726A93B8BFA4239FA67B9AB4CE40AB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577014Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.369{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpSignature.cdxmlSHA1=75A76D80E894EC05682CF979A4298B6F739FF291,MD5=762661ECE3E244C0B01D4D4C6730D475,SHA256=543C60C1C40FB55439B1CAEE1565E2CB6A1B53C41B32990C1E4D1963E93EC4EB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577013Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.369{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpScan.cdxmlSHA1=D1BF2C2972058F8A653B315C0BB51A2E6AF6AFDE,MD5=BCE223808FD6C3DF834FCAD4A563811A,SHA256=1AFF86C05B9A48A03A6082DBB5A69BE740CB1E2E670D85AAE9F155116BE13FCB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577012Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.369{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpRollback.cdxmlSHA1=10B03E87AAE0F5E97F7138D7A3FBE666191CDB19,MD5=0938C3D78E4E0FB30915B4D7B356E8B0,SHA256=92AC4333765F642424800D39E6D3408FE71481E26392CA61039AE7C08A4220B0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577011Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.369{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPreference.cdxmlSHA1=D4A5C08683CFF8707DCE478F6E2C11430A855A70,MD5=8E39F4149A1CC53CC61DC678EF038CCA,SHA256=A3DCE87A51180FDAC7C2BDC60F7BEEC1BF95D72CC87B9B28A5F6AE243A8675A1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577010Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.369{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPerformanceReport.Format.ps1xmlSHA1=CDFF6BCE090C4E6D9013262D109D27BA55BC866A,MD5=F9036A89B193FC7F6CFB0651F612C8CE,SHA256=A50C6FD5764BDD58850AB76FDA73BB9C114DE16F27DAACE0FC9C82A2C35F49ED,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577009Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPerformanceRecording.wprpSHA1=1CDBE901753CCE8D933DF8D50507CE16A25AA428,MD5=990729AD92C1325C42B04BC975ECBD57,SHA256=E796454FEE4CF17EFDC25DB5FEEF00A5D7C1B335E6C4B4FE996E8AD7CAB01BC8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577008Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpPerformanceRecording.psm1SHA1=B8CC9707564835AF06F4EB7C1E5F158442E336DB,MD5=5497187BF08365E2D7B6ABF79183D666,SHA256=EADAA4C31BF2ACAF729FFA4797095C1851F3EF291700846E63EC4752C5297831,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577007Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\MSFT_MpComputerStatus.cdxmlSHA1=107746A7B71CCB7E9FF886F73922228482BE30C4,MD5=777F39C7CBDE644C596D1CE638DCC7E3,SHA256=B1224670473260A6FCCD24E59B4C447F675B568BA2CCD668C2FD91FB8FCB6C48,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577006Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\DefenderPerformance.psd1SHA1=EB77043F66ED751F1AD000054FA155E108FF4EE9,MD5=540FC83A3083BA433E7DD290E7F1E155,SHA256=324CF552748C6822CDD9DDB4B95A26F4054422FD395CFB34059FE8AA513CB68B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577005Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Powershell\Defender.psd1SHA1=F4376134EB46873CB32C3DC9BF491752DF0AC70F,MD5=381CD4A37460D0204CF1EB9C7A760B2B,SHA256=2F99FC383EC1ED08E091B5D5116DA90E7EE44D56675E7A0B91D209082470F5E9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000577004Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pl-PL\mpuxagent.dll.muiSHA1=B9455D7C2B23DEE93FFC63F476CF1F1B0D87AE37,MD5=920AD72ADCB80AD3A863F098F863155A,SHA256=41DF0E48DEF7663D5B2D1EE0E8B4A31C19DA10B148D538EBDD90B708B1BB7094,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577003Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.353{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pl-PL\MpEvMsg.dll.muiSHA1=59EA83D70B0E668E37A89F53737E9DBF74F134E5,MD5=6DEB4281E284D6CA281B6807992E92F6,SHA256=8810301217D8207BDD58C0E153DCB22B969D68413CEC92AD9099713693760543,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577002Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pl-PL\MpAsDesc.dll.muiSHA1=C1C467B9C410BCE137FD042351B0BB7DEDA1FEE6,MD5=899E846E247BDC7CC80779BCE505B081,SHA256=09A9E907C1D6CF8D43561EAF17E758ADE12F48077D1E249F31A476AD59214728,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577001Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\pa-IN\mpuxagent.dll.muiSHA1=D486871BB9E67DF370CC90E195D90D4EAEE2877E,MD5=93F4AB403FBDB647CD351D810B513A64,SHA256=35E3E8EEBAD9F87206D0EB4573E9EC833DB712ECF7EDC7BA1E28AC5BD0103306,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000577000Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\or-IN\mpuxagent.dll.muiSHA1=90E3005D78D51962E76DCD72115DEA6DA40BDA01,MD5=25E45231346DE5E2716B450AAF10601C,SHA256=F9414478CEC594FE5308DA149F8698B2CE493C166D39939340877B1B32DE9BFD,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576999Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.338{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nn-NO\mpuxagent.dll.muiSHA1=7C8353DB56B5201C17346283B777CC58E7A5A763,MD5=A749D1E57EEE38C73DF15E3CEA1ADA4B,SHA256=6D0B5071AE7CE567663512BE5D6522B67257D1179E5FD0004DB9BA9AD37DA5BE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576998Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nl-NL\mpuxagent.dll.muiSHA1=3575D2AD5F2F8274C403631D573D0C3A79DDCEC3,MD5=4A2E5E37D5B66588227A17E15C37752C,SHA256=CFE3A9BA2C8795E6E6891D1BA57AE9966259B48991998C20CD05109DA2A0BC97,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576997Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nl-NL\MpEvMsg.dll.muiSHA1=BB1666F352B2668D9BEA03ABAF7DDC77470CAE18,MD5=7EB691213A11E4173F3935E42430C589,SHA256=4872F4D8DD2F66070646C7E66649B90A6C2BC2B55D6FB385CBC82453F1F783F4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576996Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nl-NL\MpAsDesc.dll.muiSHA1=9F2DEE277582B2D3EDE97F37B4432B3E9899CADD,MD5=86F76AEF572F99452E31AC8600F678D0,SHA256=08B89EF2B900FB51C881824383401691AF3A8402E088AA224D718E53402BF4F0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576995Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ne-NP\mpuxagent.dll.muiSHA1=D704AE507570627F1FB9C500D9AB9A1B5B4B4697,MD5=8E4AC1FC193E36B66C98D2DFDCDC7432,SHA256=133D442E49EDFD5359D8D40C6B387B47A37BAA66CF9148DC86DE17D3E55AC078,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576994Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nb-NO\mpuxagent.dll.muiSHA1=334FAC0803CA8D4EEEAD4A0B26CA6EBFEBB22219,MD5=A6082D9B7B4B0F055DDF3FEEE1FDAC29,SHA256=53BD21B1DF88576B04464DCFEDDCB4B1B61E5BD6D67B48538750FF7E1DCAB62C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576993Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nb-NO\MpEvMsg.dll.muiSHA1=D1CC7E600D202C6B516D0CF126AD8CB38D33E091,MD5=9BB918F670BD510A23C4472E40C16E19,SHA256=D1A6F8735ED892CE138AFB0EB3BCB0EE5AC93E3B76A80B53D484ED1524BBE80A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576992Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\nb-NO\MpAsDesc.dll.muiSHA1=DD3736B5B1C44822AE197A1478ADACDD191B43D8,MD5=205718129B6B4B663C29D660F34E87D0,SHA256=44EDAC6CEB939E254C16FB99F6FD1E7D188CC8EBF22AFEAB95DC14B6BE4A87A1,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576991Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mt-MT\mpuxagent.dll.muiSHA1=DBED726F9BE19864902B0ACC849745B0F14A7CEC,MD5=61A854CC3844F8BFCFA3CB9EE11B0C85,SHA256=4EEED3699AF8425896273640BF83CEF465EF01A4B3B3D0598C490049284EF1B3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576990Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ms-MY\mpuxagent.dll.muiSHA1=E5DC830131E4AECC7D7D7C0C24B503F42733828F,MD5=7F137F6D3DE9F5BCD1BAC9B10B5B6F2B,SHA256=7B8415CA9B7A8C3F511E5AD4207BC8F790307D93DDA7C11815D4D8BFE51CD56D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576989Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.306{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mr-IN\mpuxagent.dll.muiSHA1=1FFAB63B719AB6D3FA74F24989CF9ECCAF5008C0,MD5=7D0EA66A58EE5E39165F39035ACB6CB5,SHA256=63B171D10C32ACA2A3567EE18BD680B231F66EB53357D0C6554166A43F873488,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576988Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ml-IN\mpuxagent.dll.muiSHA1=F0A975A9136F929264697A0C09308FA6312CC08D,MD5=85E841E5A5A117DA050CD9EE0022F8AD,SHA256=339F69B1BADE2110EE622CCFF09B158AE10D1B5636B35A64B5FB0C4983CF07DB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576987Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mk-MK\mpuxagent.dll.muiSHA1=2207B36639B33F8C367E107567EBA26748E6DDD6,MD5=1066A88C174E1B917588D75308B4971F,SHA256=AC098EC17343ECCF43AC6712C45D03E0F79A752A14483B622660BAC4CE3CBAA8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576986Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\mi-NZ\mpuxagent.dll.muiSHA1=8B9444202AA0CDBE86EED9637ED913FA736DC855,MD5=05AD73A04C891D65FDB464461848CC71,SHA256=74C785DD7965742CFC10BDEFDA5C97719A306DAA97F865B6AE329EA9114721E6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576985Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lv-LV\mpuxagent.dll.muiSHA1=B7C9AC0B4D960BC845914CD3E6E0E2A883FFEDB6,MD5=A3CD12B2EC6225F6B3BA6A315ECC5BAE,SHA256=F6D2BD8A9C00A19E8206DDDB3F68607AAE75ED700E1F11B9E6829BF2D2B7DC9D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576984Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.291{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lv-LV\MpAsDesc.dll.muiSHA1=2F681CE16E43FBF278C453BD7B2CF2D7F5793331,MD5=BCCF970661DC4548B31A9E0DF76F1CC9,SHA256=98352247D504F6D609C33420A98E15577075AFB155A1316B6ED5DE7EC1E23783,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576983Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lt-LT\mpuxagent.dll.muiSHA1=CF0ACDD24A1A3370F167EB1784F7A3F15808687C,MD5=E00A56788AA5D00C2A4D143ED9C3D348,SHA256=432F3FED7AA1C07E7D3BA5FAA46BD6C2B16A2481FF29083CD0B8CAEAAFB6FE4A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576982Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lt-LT\MpAsDesc.dll.muiSHA1=0E76341AE69892C669A4BF43E83E7EA2E57C736E,MD5=65D25DC182E8BECD4444883BE356BCFE,SHA256=3E59D9C377251260185E1F7328161B9832F434451BEEBEAC87A6CE78C19FB08F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576981Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lo-LA\mpuxagent.dll.muiSHA1=11614E0D576CA665A260E2244CEE6D70A48171C9,MD5=83EA5CBE9DCB9E7A7563634A6EA6B751,SHA256=FDB40280E2DD64B1F86F014EA02E1F24F376BE0D76181D1BCA70F2850AEDB06A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576980Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\lb-LU\mpuxagent.dll.muiSHA1=E08DE8C551BD4614406538B2A8664F142182A9E2,MD5=EEE2897085EAA79AD2EB5A103198FAB9,SHA256=618715333A9EC0CF1D5B4D14DEB20371CAB485D78F498EC5BD05C5495074A195,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576979Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\kok-IN\mpuxagent.dll.muiSHA1=25D9395E0D7AD72B9F21C6BA28964A14E22639CD,MD5=714AE16D0C2F4D012DBD8A32574275B9,SHA256=BC9256D87391F07C24F51478A8F8039EB346C8D1FC9A55B93BE63375EBF7C922,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576978Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\ProtectionManagement.dll.muiSHA1=DEC7170FBC93FF3E71F258BD52F928677A3AC65C,MD5=36764617D216301BA6F28FF4DA79CDFD,SHA256=511D811FBBBD2E5FF0881AF96CBCC99CDDCD9B775386E98C70EB86A550E7EE14,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576977Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\mpuxagent.dll.muiSHA1=77E03863ABD42FC0A4826C415C50F9AF6B2876B9,MD5=EBF326B3BAD43631E1AAC887C152FD04,SHA256=4077BE78863779837E63FB0FC8FFE2EC5472908A90CA0185AE0FF521515956ED,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576976Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\MpEvMsg.dll.muiSHA1=70F17B8ED35108BF7133DC89BD6FBCF7DB8A2185,MD5=EE1B55BBB913B97B481E441AA75F7D57,SHA256=D6A66B14DC1602F9648844A09926B62EF4F700CE29AAE3B1D40ACBA8F2023B6D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576975Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ko-KR\MpAsDesc.dll.muiSHA1=51C9B02B848D78DC59201C93DDE1437D76E3A0A5,MD5=B523E9AC220C6610CFA485C72B866BDE,SHA256=E4F27CBB517BAB4FD5D979D1B2EADD570F61A110C8880FBD30F7C3F030F81E76,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576974Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\kn-IN\mpuxagent.dll.muiSHA1=D732840FB2CAB59ED0A710B93AD03B588A7E4724,MD5=32042F48B1E08933459948CAED48D0CC,SHA256=60ABADA734A54EC27F2659AD9A35C281CF9F114D02D3474B107703BEC63527EE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576973Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\km-KH\mpuxagent.dll.muiSHA1=5F541DD82A6402D82A9B7666904281A5E778FFEB,MD5=FFD420F473B846A79E3F5CF55AD304A9,SHA256=7BD2BE12638E0DC5D34DC89E43A74380B1D2F95B765AF922BB37754B4633A0E4,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576972Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\kk-KZ\mpuxagent.dll.muiSHA1=B0F33AEEC5FDEF959B8877F230E0A1F7427C3D2B,MD5=0168652B71E259F5F1D6882BA9ED24D3,SHA256=E7344C3D5A33503DC2686C3E247A87CDBDD606553D1E6CD89A5940BDDCC8A4B7,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576971Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ka-GE\mpuxagent.dll.muiSHA1=4C9CAEFE88BADB3962AB302D5F37410B518D64E7,MD5=EDDB6C0922A338A96BA12D786BBBED9F,SHA256=D5B08237BDD176B4E40137B84D086F199480D3BD74CFEC7D8BF93182A59BFA5D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576970Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.244{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\ProtectionManagement.dll.muiSHA1=75411B6DD9FDF443EB058061EC8F0D23E3B26D7A,MD5=64ED806D0BC3652B5EF3A8C86A329B15,SHA256=FEF985AC11054ABFB60FEC0388FEA2BF402C83A3B9668391166970DC7AB26212,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576969Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.228{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\mpuxagent.dll.muiSHA1=0A4B608EE260DD51F468BBEFE3EC13069CCE783D,MD5=81869ED8FFCFA0A0BC659CDC8B180124,SHA256=5374B41687BDB15B93AE6BDEF50D9915CF7887026E6A52E2B13A23B2FC28A1E0,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576968Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.228{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\MpEvMsg.dll.muiSHA1=D77CF03B6637096A3568706538575833E6A3499D,MD5=4E69FCD3D1D79B2D34A6281CE8D0385B,SHA256=50B522766858D3E72E243274AAC9746644A67306D5623E00A2A26794D6C8E8A8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576967Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.228{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ja-JP\MpAsDesc.dll.muiSHA1=F0C515E33FC2D4EDA604E7641BD1388CE1FF3C28,MD5=7D9A1DA953818667E3061B17CF75CFA7,SHA256=F208ABAE42732A1674A6CEDFD3F45DEAEEABF78F68F51594CF5D2583DBF65AE9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576966Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.228{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\ProtectionManagement.dll.muiSHA1=53858910E18D78B2137D25959B52F6B812A104BD,MD5=53C44178EDBC7FE6AD2BF111D86B8A0A,SHA256=DA7928E99A2280C063C6CF3E6D259C693914A4D3FD58D817CD8C3F5203FDDA20,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576965Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.228{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\mpuxagent.dll.muiSHA1=6492B9CD14F1A338621F9E7F9084BE7118DBD1F1,MD5=E86B440AC79AA332A2B132FB69039A4D,SHA256=F437ECEE4B0E72FA1AC4D5CB28E12EA1A6CFFCFE519E95C3A1040440C50A6CE7,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576964Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.228{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\MpEvMsg.dll.muiSHA1=B909AAF5E971B79B039F913F5FF307348792E31E,MD5=35B37D30DD641602407BD1510BB88FC7,SHA256=871CB5B58B3380F26B0C146FDE387E405D80D18ACD63BA7FBD10AC824336F3BE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576963Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.213{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\it-IT\MpAsDesc.dll.muiSHA1=7E3F9CB33A3564A2F06BCE90116567695C7A4C2B,MD5=8EAA5E0AF05C94EAF6566BCA12B39B01,SHA256=3EDEB36A5D98DC98970673262465F9C31320DDACE8B9457B4C4EE46336A1B62F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576962Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.213{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\is-IS\mpuxagent.dll.muiSHA1=80D3B900A67EC0A61841F274E585AF65CCC6D8CE,MD5=511CD8B208D2164BC676AA249DFF19A8,SHA256=03D8F8C8CF90283D25BD1E47C6864CC2309D2950C483F1C713F75C055ADACA4E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576961Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.213{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\id-ID\mpuxagent.dll.muiSHA1=A7543A52A5F0631FEA578CA37EACF35CE0C711D7,MD5=010550510E0775BED4AB4E185528808D,SHA256=04E624AD61A2262DFB282851A9A7E15636734CE5349548F8A4A235942FA7B058,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576960Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.213{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\id-ID\MpAsDesc.dll.muiSHA1=637A103D6C0576C83A978C3D8AF6B441205E6689,MD5=109368B3CAB3E531FA46B2643C54E887,SHA256=F4A629357B2141A71FA82F12E414ABC9586693FACA7EDEAB9A507E87EFAE119A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576959Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.197{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hu-HU\mpuxagent.dll.muiSHA1=8EE60B49229443C164094AD3A195474D16201A07,MD5=7880E5A6BF585C8FC44EBDFF20076F71,SHA256=2F31FC6D7D6CE1F98BE1353C9AB23ABE14422FE3840AF516C5C0FB8F69D7D5B5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576958Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.197{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hu-HU\MpEvMsg.dll.muiSHA1=C3BC563B8BB51AEA01F513B1B7134CB595F0790C,MD5=6513527ED13F59950CF68A730CA3207A,SHA256=CC9D7CF219851C703C0D2AA6856BC75C9D4C58465173A402C81FA2167CAFF5AB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576957Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.197{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hu-HU\MpAsDesc.dll.muiSHA1=E85F8033C560CA94E99BE5D37C5C343439D69C5A,MD5=5F615950B131C2EEAA5039DDAF8FBD27,SHA256=CDC2A14519DB3D81B6F90C0972E9C36908E3B06BCB4D5F4A05CD9E7889BD7D8A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576956Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.197{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hr-HR\mpuxagent.dll.muiSHA1=37699840B74C103D74E5175A470E19E4DF45787F,MD5=F03396AE063DC943EB333C360B380F26,SHA256=C20A9443D68F93F3A80BB089A567A19597FE495E970BD4AEC63513CB0561DB3D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576955Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.197{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hr-HR\MpAsDesc.dll.muiSHA1=1E4F7A39D56C53BA796C37981AE8BFA26D43F671,MD5=1A20C46DE90614A335B5032F8B1DA57E,SHA256=65D20E208935EF6B0945BC46BCB76B5E7E28940353B21649F2D35E3FEAD297EB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576954Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\hi-IN\mpuxagent.dll.muiSHA1=50E65E70D6EE2A9E7E75A01F8589A8E1812DE37C,MD5=3320A4D9EB91BD83BF1A4C5A60825CD0,SHA256=2CFDB7E9790C01FBD0CDD474994994438F17193D75DB1CB7DD0916E3A771A293,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576953Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\he-IL\mpuxagent.dll.muiSHA1=DC5971C5CAAD6BADBF6DE1217786281B64F2D067,MD5=67D8F1B790612AEAB7A166E4BA002AF9,SHA256=99A06E778E0695EA9AA697B06AF42D4FD8BF2E0D9B4ACE15F5BA36183AB9B160,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576952Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\he-IL\MpAsDesc.dll.muiSHA1=205B5495BABF9A4C05B2B24305DC8A767576748D,MD5=ECDB7C30D16A804037543C2C4B81F221,SHA256=CBE0A5C15A25011A65CB4C0AE0C3AB9C04FD13B1BC6E31BDA7F63C48931DC21A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576951Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\gu-IN\mpuxagent.dll.muiSHA1=C6B06F7308CECB7747F8C8900F80D16ADE7810B7,MD5=F9360A4D7AC80B24DC15C583A337E466,SHA256=5A8F8C3032E5E8586A146D2439974A956A920EF2EEC19DC84E1EA7573923259B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576950Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.181{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\gl-ES\mpuxagent.dll.muiSHA1=944A228DB65573A1EEF22625394953FFD2EA1CD9,MD5=203A3D0034F8E1CF837EDA1B5B46D385,SHA256=907FC1B846D3B5C92E6B4F7FD17E84A43A3D1D3BAB5C47EAA90264FE3038A491,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576949Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\gd-GB\mpuxagent.dll.muiSHA1=114C74816A85B01FF4BE3CBC5102BB6658557180,MD5=E860357BBF6B64CDEBB43411445B9DC5,SHA256=284FCCADB1E198B7A59B68F19930625B78FB85C99AD9B697EFF4E9F4A6057572,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576948Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ga-IE\mpuxagent.dll.muiSHA1=02AA2F23BF0EAF359AC1AC3C5ABEB5B3E60F0DF8,MD5=2C01963BECEEF1E36DCBB1CC054F5D58,SHA256=98870A700CA2A2919D685BA261A8C71B9280349E32AD5859A1E5F8C366550691,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576947Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\ProtectionManagement.dll.muiSHA1=15CFD32CBC0ADF822DD1A65577809FC971EC2FCC,MD5=80E987D0E7FCFCB4A12A6A12CD66B2D3,SHA256=D07552737833421758D5DD69163EDCC3D2D03ED04D7E2FBA1AAA0271877CA315,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576946Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\mpuxagent.dll.muiSHA1=3EAB1BF0537531CE3E41471CA1B851B234EB367C,MD5=E49CA450EC24084008FF3CD2352304FD,SHA256=09A558E94692BF763D46ADCBB354CF1E5B17E46F1570965DBA7F7B9792338E25,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576945Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.166{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\MpEvMsg.dll.muiSHA1=D74E5EAB7FD72B612F306B8B663F64BADA148BB4,MD5=5D2644473CED8C75B783350D26A8245A,SHA256=4D692331F9FCAC99F58ADCCC2C88E9EC61B6FF902159DA2DF7EF5EC17C647963,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576944Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.150{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-FR\MpAsDesc.dll.muiSHA1=150B2F070EA425077E534A25CB5EEB6B092B7DD6,MD5=2B9C30C379C636209BA75AA4FBE90BA3,SHA256=5E58B69EB5DFB7A45DB67051B3B267679E69C526F9E6EB0E0DBD592461230B83,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576943Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.150{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-CA\mpuxagent.dll.muiSHA1=BEA1C2F7F755ECB37633EAAB0E0DAA3D995FF522,MD5=88B1E9F4B3BEA77517B1FB4DD04B0811,SHA256=2952773415CA51F69C8D8B2D7A14C0E0839E2B5DA72FCA29D25F91B5491A5C40,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576942Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.150{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fr-CA\MpAsDesc.dll.muiSHA1=93E048970A7A40CCFC509250BC53BBB5EBEFF657,MD5=7DC8EBFA0F40CF335106D10E11ADD00D,SHA256=7E96A440B5AABB1A606505218C198144DAAF35D0BA3A568A34998A550A70FCEB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576941Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.150{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fil-PH\mpuxagent.dll.muiSHA1=2B94051DDF48C965CF7BD4E080D796E603A96F8B,MD5=4F92952FBD4ED009FBBDD928944AB818,SHA256=1206D57DC971CC6AC7C63FE9D4D44436BD788FFEBA31A9554390FC91FE233626,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576940Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fi-FI\mpuxagent.dll.muiSHA1=0243880F8E815C0A878FBD75469FF184172FBD75,MD5=F3F2788860587FEE75BDB40300F3D040,SHA256=1916B25A57AB3D6C72FEA5F2CC5C4C60544A95E18A11502ACEB33F8E9B288722,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576939Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fi-FI\MpEvMsg.dll.muiSHA1=7D6AA0A16D3536693C22F25BF967B1BE08DBF6AD,MD5=D6AA32D18BC0DDBBDC903862DE2AAF9A,SHA256=E88FBBF0DC8A692A580A8DF7D6B165078A13FF836543DCFFA2BE773E87AD3DE5,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576938Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fi-FI\MpAsDesc.dll.muiSHA1=9B1CF346825AE7F85F6B1B5175E76EB58257F177,MD5=59D8486E2290C5F166F624858D96C28B,SHA256=CA78CF19C8459C2B89FFD860413F449DAB5609739321CC3B78963833C4CF3048,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576937Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\fa-IR\mpuxagent.dll.muiSHA1=4DD3759D1B40E92D479B6461274ACE334315C920,MD5=D5C10464A317EAE5E4DE9DB6A7E11D44,SHA256=9150114CA29F4FAC7382649313265A65547DEDB8D3D63F2E0424E5BBD8AF4919,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576936Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\eu-ES\mpuxagent.dll.muiSHA1=53F9BD2BBAD40F1D2FDC50F8B2A2869BDE3B949C,MD5=F4BA9FF403991C59DF83F4ABE3D82F59,SHA256=1351E90C9F39721D439A79C1A93DB16EA1F4E3C0904F60D9A97129D636917350,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576935Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.134{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\et-EE\mpuxagent.dll.muiSHA1=5537134D39B2BA1FBDB0FB7EE19A180624DC6E91,MD5=DBD623D27CE547BE976F131F5740412D,SHA256=0C77C62FF7D31E875C42D94EBB670DB9273A78F96A99AC0B1025BDD2BE49120E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576934Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\et-EE\MpAsDesc.dll.muiSHA1=17591342EA9EB789AB6FF1E9AF360566DED76C01,MD5=50F913008D338E689B782DD3171C73AF,SHA256=B7054DC961B9402BA690C2C83E07C713D1C1B89C5625BC9F58313CC8EA1BA09E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576933Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-MX\mpuxagent.dll.muiSHA1=AC752B0918B522604A09BD31AE047DFA068DEBF3,MD5=926674D9390FE5AFA2E23B45A9A9FB71,SHA256=D73A1B7C00BCD3F940B4389E068FD3F1134599E8143B0CF74CE8379B682BCC71,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576932Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-MX\MpAsDesc.dll.muiSHA1=A5447C0BFEE974FD01DCD7F23D50BF27833F8B4A,MD5=FBC0687AA12543DF47466D0144790591,SHA256=95A987BCF917672E7A3A03936842B0BFB4ACF27C29726CCCB077D19C29EEBE1F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576931Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\ProtectionManagement.dll.muiSHA1=BCDF23ABFE3E162E4058F83828F45664594BB685,MD5=E8B0355EE099AC281A1E21B84077B800,SHA256=C14EF3561484E11EA53E9DDF4A85719F7ABB1C85B51318D71A9FA2AF803D4D1B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576930Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.119{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\mpuxagent.dll.muiSHA1=82FFD70F823CC1389BCEAAF12AEA9D59CAC8EF87,MD5=9159488DA8B56BBFEBD823922DD26E3B,SHA256=AB9746889CA0BF8125275AEA017ED04F79568F650E3F754C40E375626B444C6E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576929Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\MpEvMsg.dll.muiSHA1=EC73525ABF03C659A3053C63047B44EBB130B727,MD5=00F7C48EC9021102BB748CFA1C6F6AEE,SHA256=F971A1C4BB6378FCDAFF8FBE7878FC1D3CB27DD18DA69F66ACBF8564952C6F18,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576928Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\es-ES\MpAsDesc.dll.muiSHA1=08871CCA5E032CEBCC8868C8192380A668EA9654,MD5=F5B019FE3AFABAFE5D96D7BC8994C9E8,SHA256=CF08477879C302F5364B62449FD083CD49403A75229F7F5412225DC733723BE1,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576927Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\ProtectionManagement.dll.muiSHA1=A7A103F7B37C66FA042B1768C90C570DE23A34DF,MD5=E34EFF2C367884E1B404A661A03B4322,SHA256=82E6F959D1A29E01A919B7D3AC6C3F96A06613D9713B824E0197186D4CC06B7E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576926Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\mpuxagent.dll.muiSHA1=4C3C3A9F207E8228891CFC9D2B33EA394945103B,MD5=BEB46BB3B155B3B1ED467B02C22D1F8B,SHA256=E0859192CB3CB876AD10F786CEFC3B6F45284E0CE993B88A5F103513901EBE24,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576925Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\MpEvMsg.dll.muiSHA1=4B7A4FCA677AC5D55B82C0E844E886102C5C62AC,MD5=4BEB3E03588A81ECAFF6A35CCF5DF50D,SHA256=40C4D1F5541068EA5A452F3E40F100A98B59F0DA082495820DBC1217C9D7400F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576924Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.087{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-US\MpAsDesc.dll.muiSHA1=C053B8C657281F0595E3BD50824D05D22A257A26,MD5=D57DADF93CB990E3482E92CE8341A83C,SHA256=A343E2955CBF498FD113769827CC2B2B52150E248DE9CE928D3ECBE8ADD60D3C,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576923Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.087{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-GB\mpuxagent.dll.muiSHA1=5B8A07035DA31BA43E1CD26144D54B417FD34714,MD5=A7C6E474FF05E15DE288D0838040CBBF,SHA256=BEC3C718F81154F2DFD39E9146C66CB9A66E41CA067B4E5BA5E1DBAA26360040,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576922Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.087{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\en-GB\MpAsDesc.dll.muiSHA1=CABEA8E52F83F8153668BD8AF8438E9D805278CC,MD5=90A9508811346AF5C878D1C160EB0412,SHA256=BB96CCA674617611913588D6832927CA0A32CA98F116CCD58B499F10EF2F1E8D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576921Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.087{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\el-GR\mpuxagent.dll.muiSHA1=D517D4DECC2EB5C79221D404DA40D05A8467AE3B,MD5=4230650EECAA60578472946378B067C7,SHA256=9FDED1EF8E3438A7DBFE3257424025677C339B4DEACA463FFE09DB1D84B0D6E6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576920Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.087{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\el-GR\MpEvMsg.dll.muiSHA1=E8A3A5C3776B79858B6D53DA9419351977E695B2,MD5=94A8D08BCA9DAD915A51F387F8DD6D2E,SHA256=C257072867FF14A4FF267C765D0C6662C39C9948582B3132189C237F8AB7277A,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576919Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.072{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\el-GR\MpAsDesc.dll.muiSHA1=94AA641E4556FF67A21082990ED57A56284BE5E8,MD5=D458FD582108263A2C625EDBB7FF9E6F,SHA256=20A7ECF180272AB192D06DFDC72F5785B427CCC0CA0815D6637F7267ED3E33F8,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576918Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.072{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdNisDrv.sysSHA1=A6F0882807A5755F32706EC8C03CC4BAF7AC944D,MD5=28EA5EC8A2450954648775C7439237F4,SHA256=E59FB186432992B735FCB9E7F88B51308706AC889C7C590E87129AE09BC15163,IMPHASH=3B35A09D4E1C8B9673E78ECED60728CAtruetrue 23542300x8000000000000000576917Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.072{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdFilter.sysSHA1=9916ACEF9D20AF7123BB910C7FA145EC58D96728,MD5=765A2AE5BFB1D31049E2F86396C1FCA6,SHA256=3B27AB3E48395439EB0AB8BD8E5E2796883E9B50DFFA6205F4EF62549267D5C7,IMPHASH=78D28E20B8C8766F88DA31B25406AF01truetrue 23542300x8000000000000000576916Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.056{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdDevFlt.sysSHA1=5C67F218095C8363E04C7F161D86141660672E54,MD5=9A2AC17C6A9A746107A27FDF7CE2CEFC,SHA256=08A200EF1D3B8374AD84C82C1B5DF34AA416573BB785DB4373BF1FFA9BBDEDDF,IMPHASH=890C088F7D4A3E82BADEAE88FFE6915Ftruetrue 23542300x8000000000000000576915Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.056{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Drivers\WdBoot.sysSHA1=CB6692029D6CA11F7FB2EA26F1495E8050418411,MD5=6B265728512AA0B12D8B79508F41673B,SHA256=15DCA5E814C3772831128E1A7B59A88C370EF7E6FFFDA1CAEBF21C881E5943ED,IMPHASH=5FEE9881DECBCD99AFE063C90FD54A26truetrue 23542300x8000000000000000576914Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.056{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\ProtectionManagement.dll.muiSHA1=1774BC45234FEBB2EEF7623DD56A4E7507F79865,MD5=96320C4BC747FEE7B50A59BE481D35E3,SHA256=A04C4C6F453308BD5CA3BE634CF760819FFA10805830392C5485F2605AB2E807,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576913Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\mpuxagent.dll.muiSHA1=49AD385B7CFC3B5A1241D388BEC2F910BF6F2CDC,MD5=10AFD207D8AE3B8005A4F024C3AF6AFA,SHA256=4001BCC703DA46ECEA2DC46528B60B0309943485DF1721183F355A8C58904E6E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576912Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\MpEvMsg.dll.muiSHA1=09BDE5E5336CADFDF9B3F6ECBE426AA140709467,MD5=1E9C3540B8726BEAD49E980C3875353F,SHA256=2AA952EAB66BBC8287DFDDE36C75E573FD138224B6104E8540EC4FCD66B63400,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576911Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\de-DE\MpAsDesc.dll.muiSHA1=89C072F31FBF79474BAA4C2D24D4BF55DFF07A58,MD5=9C1B7309B97A8D5C429F441254020FE9,SHA256=A033E5AB885CA72330919B85082125AA42F277C53B04A91E2F000BE9CE70175F,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576910Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\da-DK\mpuxagent.dll.muiSHA1=D94E8E23BFB59DEAD894DA1C66F1D9E54410DF24,MD5=28FDBC799CDE1144C81396F97B3B85BB,SHA256=31342DD32FA109779AB0808641BA427AC888190BFAB8F36E09AAD8D634233F93,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576909Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\da-DK\MpEvMsg.dll.muiSHA1=F4119889F1ABF4756DA2EFB5FF218A173475B561,MD5=F0A01C9F246CAA3EAB9CDF35CA0EF0F6,SHA256=82F441D2930B04661F6748321BE1C8A941D4C53D831BB6260A3665B33DCFF434,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576908Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.041{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\da-DK\MpAsDesc.dll.muiSHA1=86427BF74B80F8467E701A26818B0FC2F26E6352,MD5=09105D54DC4F9C112C27932FE880607E,SHA256=A1FAE4B4E2132A5264E7E8D6F80500CF0BF12B0505FEB8C29599F32C1610FFE3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576907Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cy-GB\mpuxagent.dll.muiSHA1=48B1CE735D86EC6C6F3AEA6B237652ACDB44163B,MD5=BBCE82BECB0A8DDBEEA72FC8F779A2FE,SHA256=12A6C24976FF4E1425E533BA22B5D813A455E6981B14EF8A087F00E7FE8C5A6D,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576906Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cs-CZ\mpuxagent.dll.muiSHA1=D7AE38B160A576F5FD807A9089B70EC11CF8C7B2,MD5=B061BCD4B0040900D9C6BFAA47EBCF25,SHA256=FD290A9B7AAE7B4E8CDEB410E4AD3EB2D7EF7948805F413B2FEC6E91323BBBBA,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576905Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cs-CZ\MpEvMsg.dll.muiSHA1=7BBFAEBED463F2857FC002BB0A4B6AB821A3732A,MD5=EB0BD755F5056336B8CC6EE668AE24FD,SHA256=622FEFA35722C9CE5BE1296DC883698714BB1B474B69E2D86B4D367310D3C5B6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576904Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\cs-CZ\MpAsDesc.dll.muiSHA1=AE7C26D6EE2AE09CEA8A95641BCC907DA0548C72,MD5=D025B25D190DA11D4622E1CD2CD9E380,SHA256=DFC43B39132278A614516DF81847659F5217307B7DC6228FDC8F0C18B5A4BFD6,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576903Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\Catalogs\IGD.CATSHA1=5DD48FF67162707C4468A7D6AB3E80F66E87660E,MD5=10AF96986E0337DE2DB015DF14AFC054,SHA256=48E3A2E2DA71C9E040D4F530725C1A5F401124C4D94496C7F5B492A7C30E277D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000576902Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ca-ES-valencia\mpuxagent.dll.muiSHA1=BA14FD5CFF8C4C4A2EF21447A094CAFBC1E647F3,MD5=22FC9CB88F1F8AF5639F0E7A9EB2F528,SHA256=A561818FBC387456251655FE4F9E96446B1F5F90AD9B473B7C064A5BB55F5593,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576901Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ca-ES\mpuxagent.dll.muiSHA1=EADE87FE5DD725E6C12ACEAB2616D5C9B7B88FA5,MD5=BAED3A91575515E287A1355B963C9AE5,SHA256=D8FB4D188D93EA36D8C0FBECAC1F502E8B11FDF7315EDDDF9D9C322FA05DEDE7,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576900Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ca-ES\MpAsDesc.dll.muiSHA1=644994CCCFA6CFF2FD6283B0E64DA18CB3274A0E,MD5=147E1F80B82A64064D8923BB4815A9C9,SHA256=71E0AD674F89626DFA110BB1C5EC34F9F7889F6BB5EC0C30AD9B41CE638A9774,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576899Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:44.009{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bs-Latn-BA\mpuxagent.dll.muiSHA1=5E4B4257A60E94C1789E5878EBE41A0ACD7625BB,MD5=88BAE05F6F4F15BB389748403622C6E5,SHA256=C73D077D4437AC912B72C13D7FE7959F30A5149E93944CC81F3710530EE483EE,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576898Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bn-IN\mpuxagent.dll.muiSHA1=11A6003FB68067932B61C24C47D1EA93B36191F0,MD5=FE88CD10921F42D7C7EBFC18CB0BCC13,SHA256=AC555F8F52962C598BE544A60105F72184806DFF6B2CE2803E325FA23A84ABF7,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576897Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bg-BG\mpuxagent.dll.muiSHA1=C97DE224B0BE3439F610E44EA9477C4B629AAE7E,MD5=9E784B3BEAC2929CF6BE702DC98CBC2E,SHA256=9885DAE65B9F59B704E2DD63EF15AE5097B18B8D1C49079478F77792E99328C9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576896Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\bg-BG\MpAsDesc.dll.muiSHA1=B81710201CFBA7CAB278001CFA8DFBB105F26885,MD5=296242EAFBDBE02062B4A03ED45D785A,SHA256=B9726F67437B67FE287B0D10EF8D75428D204D650F5CCE91504528B0A6FB4259,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576895Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\az-Latn-AZ\mpuxagent.dll.muiSHA1=E6A69B2AE88EACE21131791F3F95198CA7C6481E,MD5=79C1AFC65B95B68CD64A8DD2AC0953EC,SHA256=1E025F998D09B80E0A972175C80839044A0A80A173DF9B5F75F1C2AE99B606F7,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576894Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.994{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\as-IN\mpuxagent.dll.muiSHA1=34421A4FAA37A3AC56A68C05458F89E7D9E5E07F,MD5=54A7824FB8A0D3503DC322C2BB09339E,SHA256=A7A032BEB20638C64015BC834B159AE497481ECB409A1D8EBD261E3F05260D55,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576893Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ar-SA\mpuxagent.dll.muiSHA1=46B00AD3A782DDF308FE5BA759F87CC939DD24F2,MD5=1176BC5213E1B1800E59A4C7B039A047,SHA256=D3F48A6A045F01E3FFB29EEF521C46DF1E7D244EF760D20AEEFBE3CF09851E02,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576892Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\ar-SA\MpAsDesc.dll.muiSHA1=30133BA8250CD2DFC3427A4E8B92D160F93DFA11,MD5=B2033969592F611F7609571FC1C18AA1,SHA256=863902A3D7095B75A555F0E56A7504081AA07532DA9B9316F2AD6C80153B25EB,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576891Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\am-ET\mpuxagent.dll.muiSHA1=8E6B824EAE75995D2FF04D168C7B668BB7A9F2F2,MD5=D2434346275CC0CB95C456D642A63B62,SHA256=1613FEE906CD591DDFD6D70F2593EDB51D3BCC4ED1FE7C873134C03E0D92BC5B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576890Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\af-ZA\mpuxagent.dll.muiSHA1=607ED908A2C104819AE08D229F49F6832AC4DFE1,MD5=E1BC2CF83E5234F631FEF6A94C25EB6A,SHA256=58EC76E24D989E0F32FA14EC807CB19F5BF6B64CCE67BB09E3D2FF3638E03888,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576889Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.963{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exeSHA1=692957C7E2C14AE6E06F1A3CE8D03B67E3C75DF8,MD5=155E15C20958264B24A10AA24567AB10,SHA256=49A7A3DB17D369AA416F882C33A34236995DF3FF68B45CD1851B96143C5098E7,IMPHASH=F8791C208990C75821507CE310EAF09Etruetrue 23542300x8000000000000000576888Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpLics.dllSHA1=BC8B74F2F11FE4E2EA16DAA2F25B3A4D5003E356,MD5=D64D204D3140C6303EBD2F4F8370C476,SHA256=2D5C50D8F90335D545B74BE69B70B4ACD2BD9BA52CAD2C84486CF79C05CF7F23,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576887Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exeSHA1=22702B3C03C56199E63EBE0C5D76258024C31658,MD5=4B9B5D750D7F823A6EC3B4EA75C99279,SHA256=EEA0023D44F1840F3E4D0B3B343A9275A1AB3CA753CA365E39C47C5786C587D6,IMPHASH=BF6871190EBC23C782B30D156B94B20Ctruetrue 23542300x8000000000000000576886Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.916{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpUpdate.dllSHA1=152D91C97B50CAA103B06C2075962CAC9E8A7B4B,MD5=70C9342181981E7BD981D1DE8CA68C8A,SHA256=EAE7CD925F12BE3C9802D409E5DFDEA9F9F62D6FB567989B38202D8130508E8E,IMPHASH=3EC98BEFCEF8BFA75F48DD97AD4D16EAtruetrue 23542300x8000000000000000576885Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.900{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpSvc.dllSHA1=447B0F5DB972829C60752BD3CF282F752DE905A4,MD5=88BBDB5030602606674F9C1460402DC7,SHA256=6265BAC8A09764EC44BCE9D43CDE2BDC11BECF72B7FFAE9C95C79DD8F1EFAF12,IMPHASH=3CC33666E8013595E7BD20DDB8C7C0EAtruetrue 23542300x8000000000000000576884Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.869{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpRtp.dllSHA1=A6FB8FE1DB11D0FFC81EB2010A6515203513DC29,MD5=796DFB37C08A5AE39EA0570FE05AAB75,SHA256=899DC068F8477C83895915F3D7EEFDEE0DAF027889E89B86458EF5E8AA21A3B8,IMPHASH=74B0B56BDF2F5BFF264A82CC1D3C79E6truetrue 23542300x8000000000000000576883Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpOAV.dllSHA1=C5C8B0CFA44125560541BE75FF2F8BCD19D9B7D5,MD5=AADAA6D9A9AF82A2C03CE7B2F09E94CD,SHA256=DA2B8D842FAB4C864BD2DC0486FFF35005DC4E6B9097E47DEC96F4825B1669F0,IMPHASH=26F5074076E239A05F85ED2BBA28B2CBtruetrue 23542300x8000000000000000576882Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCommu.dllSHA1=6BA3F20F4CA2D21186E3E9B350359167204CBD71,MD5=40E15FDC3CACAE0C0CE637C70EA4A83F,SHA256=C4CAB60F36B08CD65BB163B84F21213894BFBD5902E7F1FF41595E694275C5D9,IMPHASH=3A12D7A3F9626D03D8F6A29A07E97D6Dtruetrue 23542300x8000000000000000576881Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exeSHA1=3A3478EA40FAA4E059CE1EE3CF41C48C662A294A,MD5=3651B14A2E0D87A9FA88E214A966F717,SHA256=FE361EE0C37F0D4BC25BBAD83AB10182D7498FB8650EDFA863915A579D544D69,IMPHASH=B34FCC4C232A80C59EEDF422ACC8372Dtruetrue 23542300x8000000000000000576880Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.838{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpClient.dllSHA1=EB904DA32BA7CA36504B964B8BA1D1FF4431936E,MD5=695E30E53ED55347D2B72444D487E397,SHA256=4D0A0CB744E7F4A7D877544E0DEE5DBCA6DFF0B09EB6D90339989167CD614F19,IMPHASH=59D31F62CD106A55C84669028A7BB63Ctruetrue 23542300x8000000000000000576879Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.822{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpAzSubmit.dllSHA1=A0C0B5618E294D52E50AF5A379B787D98C0B79C6,MD5=25C67A2806308AFBE10770BA2CDE0FA8,SHA256=4EE352649089B3C743BC3D92E23BD3E21416753E69E6EE4E19CB3DCD95C106B5,IMPHASH=4F79B83BDCC8CAAF0FAA289EFD276BB2truetrue 23542300x8000000000000000576878Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpAsDesc.dllSHA1=4E13309B715B33EE72019BF58128F09A385BB0AB,MD5=DE561FCD04F5E163A36961A235C7CA1E,SHA256=350D99EC7BDBFADA93DAD40B436DEC35E7373F525B544C5D40C621821EFB0302,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576877Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\ConfigSecurityPolicy.exeSHA1=8D41EB9FB7286A1658388E0A97FF01F20D53A4BA,MD5=46C518D95E8754DBAF8A0E39AF92AC43,SHA256=9CFF15424F054060A6A488952044D0350C222C0B1E41F36FBAF65F1A9745A8CB,IMPHASH=07F4A73550F8370233E6E15EA549427Atruetrue 23542300x8000000000000000576876Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MsMpLics.dllSHA1=FC9DFDF54AD4A918A6BC7E6A81649A3483C9B6CA,MD5=9C5EC72DE0D88F2F4F1E7A119B138C4D,SHA256=9DC2F07345E98BC45C7F5723EF6B3DA765CD7759797B678856FB808607D32344,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576875Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MpOAV.dllSHA1=BD2B4A9C9FE5B69153F8FD60A4A57BBCBDF0BC1E,MD5=FCAF40ED46242603F79AEAFD7E457071,SHA256=D75AA266CEDED572741561B9E955DE84B8DCDB2C808D7A3968F4E4165F536DB2,IMPHASH=8C8323C1058AC4D02D5E003289D2A92Ctruetrue 23542300x8000000000000000576874Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MpClient.dllSHA1=6E88A5D82E969B99D8E225221CD094F927C68D79,MD5=9F219AE89A66FD9C02D1532D44059014,SHA256=644BE94FEAF7E4A2298B6D0E45DDB71B815B816455863F3244021EC047F9764F,IMPHASH=A189D024C01E475324C323AFB94DB7BDtruetrue 23542300x8000000000000000576873Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\MpAsDesc.dllSHA1=87145234DA6AE69BE31C6D32CE39C14D6BBC0C16,MD5=A0D20703E35D7958B2AB5627AE0B11D7,SHA256=7EFB308D1C6301DD7B1E130B3DB686E1A58E8BD89DBF11E74F022C542945BD60,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576872Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.760{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\X86\en-US\mpasdesc.dll.muiSHA1=C6EA78BF61F981CCE80569A1C7E0C6ED9EFC3C7B,MD5=2A79A7FE1EFCC7D54CC4DE06575D6B27,SHA256=D014301CB016022722294027C857AD4DBDC8D03AD4B015B08139620E1EA9CDE9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576871Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\en-US\mpasdesc.dll.muiSHA1=C6EA78BF61F981CCE80569A1C7E0C6ED9EFC3C7B,MD5=2A79A7FE1EFCC7D54CC4DE06575D6B27,SHA256=D014301CB016022722294027C857AD4DBDC8D03AD4B015B08139620E1EA9CDE9,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576870Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\Drivers\WdNisDrv.sysSHA1=FF0413B06FA36E48531B68F5C8050D6788EAB4D1,MD5=169EA7A30D6E74A5A444CCCAEBDE32CE,SHA256=6E671F5E9798DD75AAC55D798176B5EE3B25CD7E93C93A1DD6372CC70672D82D,IMPHASH=10EB6A42883440BBBC3F00B4000A1AA9truetrue 23542300x8000000000000000576869Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\Drivers\WdFilter.sysSHA1=34BD5567A59A69FE022D2CEB8142FA87CD7B220A,MD5=1BC2F29ED391A68841010CC5B4720CD0,SHA256=D0FF2877F05BBCCE43BA1EA475903AC7E0C96A85D3BB2A6D73D85CF7E9FAB83C,IMPHASH=8B764044766128FA43A0AE9976DB68F7truetrue 23542300x8000000000000000576868Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.728{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\Drivers\WdBoot.sysSHA1=B6702872B19167071535E7E5F20A01204094F3A8,MD5=3E88BA05612E0F07D1C4420678EF92AD,SHA256=E753B11FFFC03BFAA9D5DE68E614086883DBA13112E901B36E3B652722662F2E,IMPHASH=849A6F20E1993D772DB6AE7A9C61349Etruetrue 23542300x8000000000000000576867Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpavdlta.vdmSHA1=530ADD15D9BD9AC3120EE81A693A3FF616325E28,MD5=D678CE06C4F432A4E4D3E3D74717723F,SHA256=0A594581D9D348422FBC0F2EF2A41CA2D675BA7DEB857251876F9644585F3BF3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576866Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:43.322{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpavbase.vdmSHA1=F966DCE530D52BB36CFAA356EF3A54A004CAD5F7,MD5=6C1BBE912DC927A7B5425BC2D3FE0268,SHA256=82BED9A37F86663CF85D8FA4AD432E71CAC1CE6179B29741B0F56C71E9D02BC2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576863Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:42.853{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpasdlta.vdmSHA1=1D855E8E19673C0A40DB159632427EDC10FC9E24,MD5=3592C4C922631DB037B505B6AC911526,SHA256=5F13A39BC958EE53130F63F1B4194DF813F3D4F199602C6242F3D86964EC5572,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576862Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:42.807{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4058E39-5352-4977-B236-93CF92C238F3}\mpasbase.vdmSHA1=525A01558B50AAACD2F3FC4380101AADA5CDA680,MD5=AFAD9BA23A6406FE6498DAE4FF519A0D,SHA256=D94A1B31FC77AF68E0057FCBDCAC9FAB9AA6B43DEACE649A04462F29FE9387D3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576859Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:42.025{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\StableEngineEtwLocation\mpengine_etw.dllSHA1=931CD2B818CC5BD45463065E0626ABB7EE102E8F,MD5=8857BF462D6B7C5EFF3DC098662CFCDF,SHA256=9738FB25677D3D8C5583A63292F3533A6B84046A6CDD2A7D73742DF2B3F343E4,IMPHASH=BFC11C0997765311C1469C748EEA57ECtruetrue 23542300x8000000000000000576858Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:41.775{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.lkgSHA1=597CACED9F0F0030342498D325EFFF66DC716236,MD5=4C4EC2CF24A50A55544430BED08E6858,SHA256=C1EE50DC366B63532B629D22B73547672B719924C77A3D55DCEE17CB1DF24634,IMPHASH=9B1919C2DC4B86462443F433945C4680truetrue 23542300x8000000000000000576857Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:41.525{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dllSHA1=931CD2B818CC5BD45463065E0626ABB7EE102E8F,MD5=8857BF462D6B7C5EFF3DC098662CFCDF,SHA256=9738FB25677D3D8C5583A63292F3533A6B84046A6CDD2A7D73742DF2B3F343E4,IMPHASH=BFC11C0997765311C1469C748EEA57ECtruetrue 23542300x8000000000000000576854Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:41.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavdlta.vdmSHA1=4E158EDAC92852E96E9CD6964234C694E0E32BA4,MD5=084301F4880B3DA6BA2956CD1F1488B3,SHA256=AF147D54A849A9C59AF0EB9D070A0DC4371F6D60B10440511006C40156B9E8C2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576853Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:41.275{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavdlta.lkgSHA1=30861600CA6F4D69A930FDC78F945F79B2088D80,MD5=5433995FE0E3AAB9043339C78B4EEB0E,SHA256=00A7578D341A67F5CF4B5209F6BE6AF1DEAB283F1AD6A4266B860AE0E9DF1B64,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576852Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:41.259{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavbase.vdmSHA1=F966DCE530D52BB36CFAA356EF3A54A004CAD5F7,MD5=6C1BBE912DC927A7B5425BC2D3FE0268,SHA256=82BED9A37F86663CF85D8FA4AD432E71CAC1CE6179B29741B0F56C71E9D02BC2,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576849Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:40.697{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpavbase.lkgSHA1=71C6482375F688DD2836B5D3F9328538256D9191,MD5=4ABEBAA861B35B6B70483C94A9BB96EF,SHA256=490996253DE8CA0F43889915FDE0FD8E6330EA988C7BE0966D8C97B341D99235,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576847Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:40.103{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasdlta.vdmSHA1=4CC3FCC727C9512D04954658524A53FE1AA37D6A,MD5=2FFCB285DC8514107345A1DD662ACA86,SHA256=EB3AEC7E99F9F7767BFED91DA049C7DB4AE48FF65DCDE6EEDED38E68B5DA0A0B,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576846Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:40.057{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasdlta.lkgSHA1=68348EDA3A759D24227A0513DDF9AC0D48D282D9,MD5=8621932A31DC4B943A4DCE0EB6704C44,SHA256=120778CC4E2D72464DB3AAA3BABB74AB8B35D43185B608040DD97D1A6EFDFB6E,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576843Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:39.947{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasbase.vdmSHA1=525A01558B50AAACD2F3FC4380101AADA5CDA680,MD5=AFAD9BA23A6406FE6498DAE4FF519A0D,SHA256=D94A1B31FC77AF68E0057FCBDCAC9FAB9AA6B43DEACE649A04462F29FE9387D3,IMPHASH=00000000000000000000000000000000truetrue 23542300x8000000000000000576821Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:38.978{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpasbase.lkgSHA1=430050E60065644FA058B460304C7ECF1CC1F054,MD5=5AB76D46A601AA54DCD500E32DA689A9,SHA256=A3BBCD86518373DF430110B0017313EEE1A54421D062889F5BB8827A1D042A25,IMPHASH=00000000000000000000000000000000truetrue 734700x8000000000000000576818Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:37.775{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P521220ea#\925ddb6c6beccc8cba60d69cf388b814\Microsoft.PowerShell.Commands.Utility.ni.dll10.0.17134.1Microsoft Windows PowerShell Utility CommandsMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.Commands.Utility.dllSHA1=7E9E7794C05596E4C3E456E064C9FBF66061404D,MD5=46CF27F82214E7E40FF10D2BC3E3A508,SHA256=A4007A60881AFA24801B44F1B66180C29FEA69E83B032C644BE72C20DDC8746B,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576813Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:37.494{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Confe64a9051#\596aeece440d4acb04a277177eeaa720\System.Configuration.Install.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Configuration.Install.dllSHA1=434F9F76C6C3A7BC90FD0C8C67DD879BC3646826,MD5=C455BF22D21AC9A40737113495260C93,SHA256=9D4B687A386685434FC0F5F17DBF5438C21E533629D689847559313C0EDCDA32,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576810Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:37.462{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pae3498d9#\fdd76904665c37dd7afe5b363c2395ca\Microsoft.PowerShell.Commands.Management.ni.dll10.0.17134.1Microsoft Windows PowerShell Management CommandsMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.Commands.Management.dllSHA1=D626A78DFDE14733B1BCF40366F25E7D6E69CCA9,MD5=B426861A77B0A78D3A7C91127322DD98,SHA256=E00DAAACB9CA284C58992C329D674F88B7E21CD732541ED86B5FA568F441AF4D,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576766Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.931{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\secur32.dll10.0.17134.1 (WinBuild.160101.0800)Security Support Provider InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationsecur32.dllSHA1=2B62B1EE58DC9E1B09065306DA851AF3429E2150,MD5=38C059F9CBEC83EBB6B25AB3498EDA46,SHA256=0E40493E12DAB155F1966EC08855A23E2D32A21381BCD2AE4DA40F777403C63B,IMPHASH=F90C2A389F295606533D615109FB248BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576765Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.931{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll4.7.3221.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.transactions.dllSHA1=D45432B5B1E27DBEA80C10C498E4C87600FFCA2D,MD5=C741E5F6C7E81C14596880E0EC00C953,SHA256=0CDB3A26D5D466265A6249F263C01B62C61439A4742E3E5EC4C4262F12F0E55F,IMPHASH=D81529B56931ECB5B33B9BB26514FA61trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576755Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.900{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\4497a3ae81f8de6e4ea4abe3d4a1d7de\System.Configuration.ni.dll4.7.3056.0 built by: NET472REL1System.Configuration.dllMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Configuration.dllSHA1=A063249A955218B1F3844D377697D50F3407805E,MD5=F53067F50876CF0F09284A02CB808758,SHA256=297F8FD14066338215B636EFD4B40555CAD3D6A82D2EE9841D73FE0327AA80CC,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576752Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.884{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\f208e8bec2327ecadc47105c989575fb\System.Transactions.ni.dll4.7.3221.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.transactions.dllSHA1=35123690C4814C3157FF46435A7E3C0B3D3114DD,MD5=0E0F9B93186D4957381AC7004475F6F1,SHA256=F60B2561CFED100C6374B58C4B5432848FC40DA907D4699FFF0293F243836412,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576749Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.853{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f792626#\ccb486dbf2a63ca03cb24ac854ac61d1\Microsoft.PowerShell.Security.ni.dll10.0.17134.1Microsoft Windows PowerShell Management CommandsMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.Security.dllSHA1=136407ABC110E812AED6C5D473025A225E32B4CB,MD5=E32F05DCE5BCD4E17BA086E8CC0E183B,SHA256=709442D1D8569508326ED4B4DF859D17B848AA82E2EE3BECB735C80F484E5844,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576675Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.838{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll4.7.3394.0 built by: NET472REL1LAST_CMicrosoft .NET Runtime Just-In-Time CompilerMicrosoft® .NET FrameworkMicrosoft Corporationclrjit.dllSHA1=E759C73E67E1EF423698AD8CE81A04523B8EC158,MD5=428A8931E2CE8976B67BBAB4383B4075,SHA256=76902D1757C4725B59E96F79AD42AA8AF53CEE6E2E81C13DD47CAFBEB559A2C8,IMPHASH=FA7A821066192A37CCC0139EE536509DtrueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576674Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.775{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ws2_32.dll10.0.17134.1 (WinBuild.160101.0800)Windows Socket 2.0 32-Bit DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationws2_32.dllSHA1=5D8508BA30453C7ECFDD47E29FD36210F1E3BB3C,MD5=6013120B6B147B2584927639EE70FB4F,SHA256=E52B017D1475BF07CB9652418E4C8CECC739C06ABC446ED7E0E5D9831D225B85,IMPHASH=58B0AF34B71F60EB8949033F1340A5FFtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576673Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.775{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll4.7.3260.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.data.dllSHA1=7FFFEF06DFCE9104E3816A68B25DE73C7796E618,MD5=61FB7235F664EA47A15EEA64279ECD22,SHA256=87101E9F6F63B2F876363ED14AAC5CE88C5DEB3934A7E8ECCE28C2FA03664B78,IMPHASH=3B897D84F3084C9AD191B04AB60ED556trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576671Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.728{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\4f1c8abba5a5de2730f6d48259c3078e\System.Data.ni.dll4.7.3260.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft Corporationsystem.data.dllSHA1=97E7B0752B4C23F897D0759980C3FADC3331F19E,MD5=EC3D633055BFF25F1629F10055CCD7EC,SHA256=CC347733820B670A055DBF4983207F2A5E50853C17F347F6A97F84477C15E2E6,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576635Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.587{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll10.0.17134.1 (WinBuild.160101.0800)Crypto SIP provider for signing and verifying PowerShell script files (.ps1/.ps1xml)Microsoft® Windows® Operating SystemMicrosoft Corporationpwrshsip.dllSHA1=423662C48E9C6011C4349A2F03123E192FF96D6E,MD5=41AA783741CA59A8650DD41E73F05898,SHA256=3F88C8203856ABC329982F6779073487BB3359D710D4B25B1EE6945FD37B4D01,IMPHASH=D9D7C00E2EAF03F74330D8F1204C0A12trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576634Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.572{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\a731d07e485edb73d891f47b30a8892e\System.Numerics.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Numerics.dllSHA1=3868FFFB464E4547A0848E659EFDA53D07882E3B,MD5=2A4F9E165F04A56C317261FB44FCC489,SHA256=3D71A57191CDAB90D408E3B5C9ECE2D0ED9E1ADBB972E2F9F059790954B708EE,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576607Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.478{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\AppxSip.dll10.0.17134.1 (WinBuild.160101.0800)Appx Subject Interface PackageMicrosoft® Windows® Operating SystemMicrosoft CorporationAppxSip.dllSHA1=21909AA1190581CED469E60BD424B274EBF2010A,MD5=5D7BA61CC1DE6A672E7036F5664232E0,SHA256=58E9CB41A99465626BE944F2BA801E6781DEAE322A39562AF357AAF9245A7D10,IMPHASH=4DC49BE07CC15B2ED23E22C75299D7B6trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576552Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.463{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\wshext.dll5.812.10240.16384Microsoft ® Shell Extension for Windows Script HostMicrosoft ® Windows Script HostMicrosoft Corporationwshext.dllSHA1=C8F05D739B736C8B6FDCA373EE7AD2BA09030CFF,MD5=3D7180CB5B8BBDAEF3388B5BE387F15D,SHA256=8E1CF12FD975501AD65D5387790A648894973D7DA7620D167043394A8AC24D6D,IMPHASH=CE4097CF7A85C58FF4D2B125C2BD77AFtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576551Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.463{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msisip.dll5.0.17134.407 (WinBuild.160101.0800)MSI Signature SIP ProviderWindows Installer - UnicodeMicrosoft CorporationMSISIP.DLLSHA1=7E5891C0D354CAB1C0A98D162ED456C911B4C93A,MD5=BA8E6EA095F6ABACD03ADFCDB6DF60E7,SHA256=1D0C815A046201BFC77F77BF736B3DEC4EE00D4D73B32AB3C779A3C077BC8C79,IMPHASH=150D403348708F6FFE54239F62030443trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576550Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.447{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\3e2a136bd90f7b370837ed4a1e9e9926\System.Xml.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Xml.dllSHA1=63B01A42F31BD4CE6080768971031920617849E5,MD5=61869A136266E6DF6DD7F166BA12A144,SHA256=E551B218481DAC59B2E33EFC099DD5AB2DE0793D591B652882F030CEFE03FF85,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576547Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.306{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\79f906fc2b71f39343f1f5382020df88\System.DirectoryServices.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.DirectoryServices.dllSHA1=E4A32818429AE2C1E4F89D16E2A946D244F48DE2,MD5=B8ADB4A10C48EE7271523DB1B0F9EFEB,SHA256=234C7DA03F32392E165B48C7CBE48A48441D3D7AFECC3A71CD9BBB56AF77CD86,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576544Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.275{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\62598e47161047fdcc0a1a95088a231d\System.Management.ni.dll4.7.3056.0 built by: NET472REL1.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Management.dllSHA1=6FDB04C760FFC31277C2FF19E536FC66A4F141B1,MD5=EEA8DBAA1E08FF09DD4E12A71C5030BA,SHA256=E0184B94C6017F5DE22E4BAFB4D9E13620732BE6B608BB6879BDAC04A8E56D8E,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576543Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:37.025{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\propsys.dll7.0.17134.619 (WinBuild.160101.0800)Microsoft Property SystemWindows® SearchMicrosoft Corporationpropsys.dllSHA1=9751B6199F2E26D4AC3F3D8A578852ADD462ED21,MD5=BD9D301F9EB2B9D11B9621D3887098F2,SHA256=FC18080DA588E2B88EEB4A74D5DAC01686743E9835B6ACE56EFBDFB89099EBFF,IMPHASH=F3BE8E7DFD48421D8CC97AB3FEB5A013trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576540Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.244{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf49f6405#\21b05d1297015f998d3bc2c9cf64da9a\Microsoft.Management.Infrastructure.ni.dll10.0.17134.1csMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.Management.Infrastructure.dllSHA1=E0B50A4EE277379C024CCCF872B7766AA1553F96,MD5=A4254436C20027658FF6D66A3487983C,SHA256=214234AAE5DAF479B3EC9AA29AE1EF43E6DD45656411682C6FD58C2562FE9BAF,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576514Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\shell32.dll10.0.17134.441 (WinBuild.160101.0800)Windows Shell Common DllMicrosoft® Windows® Operating SystemMicrosoft CorporationSHELL32.DLLSHA1=E1A00D9299D8FF3AC76DC9578F8DCB12401BFEA9,MD5=93B9B2B128CC3279996F9456A06160F6,SHA256=D76FB22897D13DF98A5C094E91CA9032DB6E07F141F319FA000F5E8F3183BA32,IMPHASH=C0C78E052E00F60E38FFEEE3CD6CBDB9trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 11241100x8000000000000000576513Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.962{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Temp\PS_Transcripts\20240304\PowerShell_transcript.ATTACKBOX-WIN10.h3OeVKg5.20240304155836.txt2024-03-04 20:58:36.962NT AUTHORITY\SYSTEM 11241100x8000000000000000576512Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.962{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Temp\PS_Transcripts\202403042024-03-04 20:58:36.962NT AUTHORITY\SYSTEM 734700x8000000000000000576511Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.962{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpClient.dll4.18.23100.2009 (8fcbd1c22d82af16ba34560e1a70591413e88d17)Client InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationmpclient.dllSHA1=212A30C8880BB14FE79802A1B0492CAE21D1B736,MD5=F6241AA123B9835ADD945B91D3805629,SHA256=5CFA0ACF6BD10FBEB3DB7FB642AE68EBE9F9C01D9F49A6082D1432914E766C57,IMPHASH=B9FF20C6C7B890C0C363159B3EA2D8CCtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576508Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.947{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\uxtheme.dll10.0.17134.1 (WinBuild.160101.0800)Microsoft UxTheme LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationUxTheme.dllSHA1=B2A91F0E48DAA53A2700112FFF6A175C7E7BB5B8,MD5=7E130D1F1126B2F0A0B273F27CFB03B5,SHA256=361DFE489430518E09FE9D121032ECCF89C49115E64B9E7685737EA2B72DBA9A,IMPHASH=D99F0664C05A033A9884A8840A292D21trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576507Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.931{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\sspicli.dll10.0.17134.376 (WinBuild.160101.0800)Security Support Provider InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationsspicli.dllSHA1=68F4CE3B51682AF3839B56362878AD66CAFFA189,MD5=FE2A6322A668309787223A90ED8F7F21,SHA256=C76973F5333FFC7BFC2B8A45FE78998D2303CA1BB7C05749A14BD9B7DB9563BF,IMPHASH=992D8E49BD3A55BC851266C792D9B7EFtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576505Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.150{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\116fb555d1729fb71f61c78c4ca972a7\System.Management.Automation.ni.dll10.0.17134.590System.Management.AutomationMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationSystem.Management.Automation.dllSHA1=FD8590406BDC54938C301567E4263C70C52773D7,MD5=180F22B28E6EB78C51C54E67F60091B9,SHA256=C2665F495D8F3427BA20A7EC7F22BABCE65CD6299C07CB231AEF8135B0B6F458,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 17141700x8000000000000000576504Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-CreatePipe2024-03-04 20:58:36.806{51A89197-35FA-65E6-F305-000000001D00}5144\PSHost.133540595142572945.5144.DefaultAppDomain.powershellC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeNT AUTHORITY\SYSTEM 11241100x8000000000000000576503Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.791{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell2024-03-04 20:58:36.791NT AUTHORITY\SYSTEM 23542300x8000000000000000576502Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.791{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_qy1jjs3f.xa3.psm1SHA1=73677A93DB6AC3C7DC3A34F53427C2554C81FD10,MD5=38C3850DA2D20A491F8A08BDDD8EA6CF,SHA256=7C9E27B5CF58458A6380126EA840267A23AE073C8890008B233C72257A619404,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000576501Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.744{51A89197-35FA-65E6-F305-000000001D00}5144NT AUTHORITY\SYSTEMC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_l3jjnbno.gr3.ps1SHA1=73677A93DB6AC3C7DC3A34F53427C2554C81FD10,MD5=38C3850DA2D20A491F8A08BDDD8EA6CF,SHA256=7C9E27B5CF58458A6380126EA840267A23AE073C8890008B233C72257A619404,IMPHASH=00000000000000000000000000000000falsetrue 734700x8000000000000000576500Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.541{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\iertutil.dll11.00.17134.677 (WinBuild.160101.0800)Run time utility for Internet ExplorerInternet ExplorerMicrosoft CorporationIeRtUtil.dllSHA1=D4A84795ED12DC7918A82377588EA8467CDAB633,MD5=0F0D2131930849A85CF9D9D31161897D,SHA256=C18F554FCA6EC57FCAEBFA5EAB1F1FFF08BD0164C0C6B30ACAE44A6B9C9F44E1,IMPHASH=D07EAB22B7743ED9E7D2FC9029C4BBC6trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576499Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.509{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\mintdh.dll10.0.17134.1 (WinBuild.160101.0800)Event Trace Helper LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationmintdh.dllSHA1=E0C65E14601CF419DA7EA9A89409F01C8AFE291B,MD5=EB3E23649D0AC5C0989F69F2C165FA3F,SHA256=1E2BCEFB2416EAAC6FEC7B9B29C12192A82C073D16E163696CD1A3888B74516F,IMPHASH=2151CB9F3A32BF72E66127875144A61AtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576498Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.509{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\urlmon.dll11.00.17134.648 (WinBuild.160101.0800)OLE32 Extensions for Win32Internet ExplorerMicrosoft CorporationUrlMon.dllSHA1=F5EE114DF0459B4FD853720D7EC04C88E49CFC3D,MD5=4FD6C56217F6EF94E9AAB9DE3852D325,SHA256=5974435C52FF3B2B999280E28C49743340C69032D5D873C95FE1F24106340E95,IMPHASH=3D857AE4CB00C3687EE3690D74966EADtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576497Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.509{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\xmllite.dll10.0.17134.1 (WinBuild.160101.0800)Microsoft XmlLite LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationXmlLite.dllSHA1=DCBC3133FB95517CC85B023A27DF0711886E0957,MD5=DDD9A230BCB4085F82F8A3842B57F7B3,SHA256=87FF46D09E37BD852E6B5994D3A0219B6C1CE8272CE87EAA15E5340803303665,IMPHASH=06DAF09D33453B29428EDC6F85F687A0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576496Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.494{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\tdh.dll10.0.17134.376 (WinBuild.160101.0800)Event Trace Helper LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationtdh.dllSHA1=A354A33F0CB9842B2F2405B723BE17ADCD44E0BD,MD5=7153A8F22EF5BD7C470E953D932E8AC2,SHA256=E73AA6C1FCAEB7FF79EEDA10106285B9327FBF04208D126F26473350DAA75D07,IMPHASH=DF79D9BB50DC3D73DFCDF2F032971AE3trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576495Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.494{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\OpcServices.dll10.0.17134.648 (WinBuild.160101.0800)Native Code OPC Services LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationOpcServices.dllSHA1=FFFC11573DCDCB1174B1426905E4955C83DF29CD,MD5=53CD516D399D313EDCDCAA83B4B6A8AB,SHA256=E4A9BF9284715B67C85F622D19DA2E3D3A95F87DB7415C3D8EED6A3A52442B5C,IMPHASH=26283D4F3E0B1A05401E21EDD5793E53trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576494Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.463{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\coml2.dll10.0.17134.407 (WinBuild.160101.0800)Microsoft COM for WindowsMicrosoft® Windows® Operating SystemMicrosoft CorporationCOML2.DLLSHA1=84F4161E48F9D12CA0E87C9E4F7FC7F15A5E1CAD,MD5=984F45A0B6BF827B7C055E5323FD8207,SHA256=7DA24037EC734345694A1DECB8EE388483D7F5DD3D33B66ADF7E6F90D7BFAE80,IMPHASH=04F8F04D04DECA726C09B5E6948FEAD4trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 11241100x8000000000000000576493Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.322{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_qy1jjs3f.xa3.psm12024-03-04 20:58:36.322NT AUTHORITY\SYSTEM 734700x8000000000000000576492Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.259{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\gpapi.dll10.0.17134.1 (WinBuild.160101.0800)Group Policy Client APIMicrosoft® Windows® Operating SystemMicrosoft Corporationgpapi.dllSHA1=433D3DD1B3F1F6D37E1407DF0BA187D260175D46,MD5=FFAB7B0F987092F8B34FA1AC1086A95A,SHA256=885D21F133EAA0827D7D9712052F3C8DB5ABB1BA2DDEBAC0FA2DEEDEE8FC73D3,IMPHASH=616735D68C1250AAF2A068310DA96C94trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 11241100x8000000000000000576491Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.259{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Temp\__PSScriptPolicyTest_l3jjnbno.gr3.ps12024-03-04 20:58:36.259NT AUTHORITY\SYSTEM 734700x8000000000000000576490Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.244{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\wldp.dll10.0.17134.556 (WinBuild.160101.0800)Windows Lockdown PolicyMicrosoft® Windows® Operating SystemMicrosoft Corporationwldp.dllSHA1=79B0DE9E4E786D09F54E8700D31DD87D6341F30C,MD5=1342AF5B645A8BC05F6DFB8C8FA3EE42,SHA256=66930691B0C88337669DF46E90FED30C85141A3CB5C35C3D310CA6831CAD969D,IMPHASH=EE81985E2FFC06F215A4F96631CAEC8CtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576489Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.244{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\crypt32.dll10.0.17134.1 (WinBuild.160101.0800)Crypto API32Microsoft® Windows® Operating SystemMicrosoft CorporationCRYPT32.DLLSHA1=42B8241C53758256244017D89752932C57581C80,MD5=04B1E9B60F8ABDF718135BD62D8E554D,SHA256=332B99071E6D8A0DD110C6C1F0A76898773E6661840FED804101DD7173B6C577,IMPHASH=D2996D954533896638CFB94FD38EEE56trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576488Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.244{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msasn1.dll10.0.17134.1 (WinBuild.160101.0800)ASN.1 Runtime APIsMicrosoft® Windows® Operating SystemMicrosoft Corporationmsasn1.dllSHA1=45822B434605A4D1C60C814263F341C9D4D5A84C,MD5=31F9783D0EC7C6ED7E7C1A964C4E3614,SHA256=21AED93FAFDFDA3049D77EA8D4C14369A6157A9AAC6ABA86E9A56DAE500BD5DD,IMPHASH=BDACB2E2B23E3493547E6859F06D493FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576487Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.244{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\wintrust.dll10.0.17134.556 (WinBuild.160101.0800)Microsoft Trust Verification APIsMicrosoft® Windows® Operating SystemMicrosoft CorporationWINTRUST.DLLSHA1=9CC7DA2B533952E7F4F6CC730871C5297326E2E9,MD5=642F9E6EBD059A9DE2E4C88DA02A2B33,SHA256=CCBDABCEDE143A2352B3FAB8A8E2A02B871CFFA826318E379B82ADD6C586D1C2,IMPHASH=A67EC84098A89C564A7957E55727E43FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576486Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpOAV.dll4.18.23100.2009 (8fcbd1c22d82af16ba34560e1a70591413e88d17)IOfficeAntiVirus ModuleMicrosoft® Windows® Operating SystemMicrosoft CorporationMpOAV.dllSHA1=E5E75A15EE46E0968665FF180C34880E163F27F0,MD5=E8EA978A581E6C3A616E69939CB2F5F3,SHA256=077043850436F281BB354D03A7F33042543E7C2BF4F46A865BAE60F37D8DEBDB,IMPHASH=28D3DE166C9E9C46DC0EA2089E2AC74EtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576485Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\fltLib.dll10.0.17134.1 (WinBuild.160101.0800)Filter LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationfilterLib.dllSHA1=06656D9053DE1A84D93616354286424000C4304B,MD5=2F0387C78880D60D1D8A2AC32E964F79,SHA256=CA4C6BECE4AD3E1635D3A7FD305FA1335EC9EE8DD69E75C26F005901313A720D,IMPHASH=1AC90E68C7E7F27FB14870BE142D19C0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576484Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\powrprof.dll10.0.17134.1 (WinBuild.160101.0800)Power Profile Helper DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationPOWRPROF.DLLSHA1=590871BCEE31E80B0017F236780C18999D81E6FC,MD5=7658D29106996D3B2066728AF30D2BE6,SHA256=FDE937CBD326061E8E4567F1AA661E822CB9AADB5C4FDF829A95A00B360D9649,IMPHASH=7F9940371B5E355D00CBCAC63A0A0090trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576483Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\windows.storage.dll10.0.17134.677 (WinBuild.160101.0800)Microsoft WinRT Storage APIMicrosoft® Windows® Operating SystemMicrosoft CorporationWindows.Storage.dllSHA1=6D38944EA8B38771B9CBE68B9FC2C911AA8D6A7D,MD5=6DFC325A1FCEC4E9B2A58E186CAE8E72,SHA256=31B1BF48286AC2E4A8244050B3849308C16EA83DBFBBB01746C5D7977A00C32E,IMPHASH=F641A1545F0D278EC89BD734BD348646trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576482Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\SHCore.dll10.0.17134.112 (WinBuild.160101.0800)SHCOREMicrosoft® Windows® Operating SystemMicrosoft CorporationSHCORE.dllSHA1=AF160F526ED471445E5063E36F9750FB8725BCBB,MD5=9586E9DB1B741BD40131385D390212BA,SHA256=AF38913C52DDC7F2B785416DD0FF91B81DE60EF2C4F9E465CFC65E7CD1199860,IMPHASH=50F2B551F77865958266544784D2AC31trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576481Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\cfgmgr32.dll10.0.17134.1 (WinBuild.160101.0800)Configuration Manager DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationCFGMGR32.DLLSHA1=EFB90C0C47EC654B0AB35DDDAEEACDEAC88AEB74,MD5=9CE572A0B0916D680D148ED714E19B47,SHA256=B55A0CF0C19646B980BDE6B7A533E75F07DDEDF8AE9DC993E65A577CF24FAD44,IMPHASH=7666C7745A520FEA108CDDEAD00C69A7trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576480Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\profapi.dll10.0.17134.1 (WinBuild.160101.0800)User Profile Basic APIMicrosoft® Windows® Operating SystemMicrosoft CorporationPROFAPI.DLLSHA1=9A5A8BE83B4F04635DA7A0F63F7679F7B22F9D60,MD5=91E3CBB214F208C0C72B4B621180B70A,SHA256=AF5D099FA328581540CDFC3632BF871AD8C95C5B98BB6705A97DEBAB518716DF,IMPHASH=0BBC3EED9BD594FF035DD5C00B0DF1F0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576479Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\userenv.dll10.0.17134.1 (WinBuild.160101.0800)UserenvMicrosoft® Windows® Operating SystemMicrosoft Corporationuserenv.dllSHA1=7966AA52E64E4AB0028A77731F9B0C854FA53AFC,MD5=5C9CD98858C019E5CCDCEB3390050BE7,SHA256=765CDD4DE91F19B65A980C9F0A714E18B29FF3B7A907DA0169E8D032E1DC8C17,IMPHASH=47FDCAF428C8D0CC7C6DB099657F377BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576478Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.228{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\amsi.dll10.0.17134.1 (WinBuild.160101.0800)Anti-Malware Scan InterfaceMicrosoft® Windows® Operating SystemMicrosoft Corporationamsi.dllSHA1=133681B382A830BC0001865B024CB7D89431729C,MD5=28CE0099F0FFAD21B386FF70835A841C,SHA256=6FEF51A0E1555C2C3173E237A2CB8C4B7BECA91EF407A18F5B316F529339F05E,IMPHASH=5DF821FF4F8CD6F40F9AE4DAC8155549trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576477Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.197{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\psapi.dll10.0.17134.1 (WinBuild.160101.0800)Process Status HelperMicrosoft® Windows® Operating SystemMicrosoft CorporationPSAPISHA1=B0AB30B86154371CCC5484A0A9E243959136505C,MD5=9A088FEF6EFA3F08C3C9740DAA3E18E3,SHA256=6481D9F581E0B49F6A481AC12601833DCF5992A858FAFC9811C9848CD72D98AC,IMPHASH=A19426362F5443C7159B76FBEAFD171FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576471Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:36.150{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\clbcatq.dll2001.12.10941.16384 (WinBuild.160101.0800)COM+ Configuration CatalogMicrosoft® Windows® Operating SystemMicrosoft CorporationCLBCATQ.DLLSHA1=7D111AC4B4D13C34D63A08ED57AFEA1AA61DA0FF,MD5=A112FB218386B213F4EE777A0DBE9078,SHA256=9043B9B35D7B39E906841124BDC9C9C68B77A018C5C01BA9C2C7F5CE72ADDE08,IMPHASH=8005E7C46231AFFF2AFEDAF5CA4BE196trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576469Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.665{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pb378ec07#\64faf31091818f47a25fd1548b1b10ae\Microsoft.PowerShell.ConsoleHost.ni.dll10.0.17134.48Microsoft.PowerShell.ConsoleHostMicrosoft (R) Windows (R) Operating SystemMicrosoft CorporationMicrosoft.PowerShell.ConsoleHost.dllSHA1=161849F2014C719C847A00BCE900DD6F72FCCA90,MD5=B66DFDE1C2CB50D02FF46234118C91D6,SHA256=C3BA3E055E4E24877F818D6089999DE681200F53EBE3D715D7F885955B8CAFDF,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576466Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.650{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\ac9180fc25a6b32d5e24e383f70e7a65\System.Core.ni.dll4.7.3362.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.Core.dllSHA1=3181B2BCD1A11E525A78C98362DE025B22E84383,MD5=F36510FC2C47CDB10DE2EC3E93ADB442,SHA256=629109B34016D072FAF76162EAC92CC12D0588204E721044FFC0846BC1172E33,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576465Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.713{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\cryptbase.dll10.0.17134.1 (WinBuild.160101.0800)Base cryptographic API DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationcryptbase.dllSHA1=AB26391C6589B7FED7B466F3470B2D50DEB1D8BC,MD5=54750967F4CDA0ECE951CB3ECD43AC0C,SHA256=6433169682AFE6F321BA382BC94DAD5199C9617CFF14C368E5DC72AFE9B617D5,IMPHASH=3F27E242D68FC14338677A25FAE441F7trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576464Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.713{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\bcrypt.dll10.0.17134.112 (WinBuild.160101.0800)Windows Cryptographic Primitives LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationbcrypt.dllSHA1=95E316C6D716B95D3A35444AD0CAE48F3BCE8E7C,MD5=7BAB54AC2F062D1843DC7BA0B4AF2B35,SHA256=5BCD1247DE542C58E8E5E2045EFB4B7BB0F4211D8FE537B91136DDD5626E8D0A,IMPHASH=E5649DCD6FA9472DB9A89CCD123913C0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576463Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.713{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\rsaenh.dll10.0.17134.254 (WinBuild.160101.0800)Microsoft Enhanced Cryptographic ProviderMicrosoft® Windows® Operating SystemMicrosoft Corporationrsaenh.dllSHA1=924697314B6F0D5F205357463D93F7165AC75672,MD5=81DFBF4B36B530DB70FB97632F62AF85,SHA256=8F7D835A3A23A2CE7A544CF1221D8F80E058E595E238C46D4A22CAFEAA45C7AF,IMPHASH=786C25E0AFF17591A84C3764CEF2746FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576462Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.713{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\cryptsp.dll10.0.17134.1 (WinBuild.160101.0800)Cryptographic Service Provider APIMicrosoft® Windows® Operating SystemMicrosoft Corporationcryptsp.dllSHA1=267F50875AC6BFB3AA9D410A5D8F093C6CA2FE5A,MD5=336C40FA6E69B15A54CA319448AAD7C1,SHA256=EDDB08E025A6B918576EE402052D43DC99134C14818604E034B8D26BEA64BCB1,IMPHASH=E82FEDD1FE85842FA25639E518C8A2DEtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576459Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.447{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\System\390ce15833384db335593dfa637bf5e9\System.ni.dll4.7.3362.0 built by: NET472REL1LAST_C.NET FrameworkMicrosoft® .NET FrameworkMicrosoft CorporationSystem.dllSHA1=59CC765EA2FA4F3A8C3589FFEA148C3A96A98E09,MD5=0C59DD558C460FBA4951835221791176,SHA256=FC74E571D3B19F10121705BAA3247766EEC3A921582F94643918671BEAD85DD2,IMPHASH=00000000000000000000000000000000false-UnavailableNT AUTHORITY\SYSTEM 734700x8000000000000000576431Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:35.260{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\a50e4fdd1f3d4ffe275988b3fc12e863\mscorlib.ni.dll4.7.3394.0 built by: NET472REL1LAST_CMicrosoft Common Language Runtime Class LibraryMicrosoft® .NET FrameworkMicrosoft Corporationmscorlib.dllSHA1=F5B4F4FD036E0F957983260637029B40691ED9E7,MD5=575D8F9CF5AA1A620E3FF51E4F9C4842,SHA256=1B097E56A309504A47CB8FCAC5BACA5781AA1E668048A30E0E61164DEB85570F,IMPHASH=00000000000000000000000000000000trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576402Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.962{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\psapi.dll10.0.17134.1 (WinBuild.160101.0800)Process Status HelperMicrosoft® Windows® Operating SystemMicrosoft CorporationPSAPISHA1=B0AB30B86154371CCC5484A0A9E243959136505C,MD5=9A088FEF6EFA3F08C3C9740DAA3E18E3,SHA256=6481D9F581E0B49F6A481AC12601833DCF5992A858FAFC9811C9848CD72D98AC,IMPHASH=A19426362F5443C7159B76FBEAFD171FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576401Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.916{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msvcr120_clr0400.dll12.00.52519.0 built by: VSWINSERVICINGMicrosoft® C Runtime LibraryMicrosoft® Visual Studio® 2013Microsoft Corporationmsvcr120_clr0400.dllSHA1=C889D6646D7C33FB108E2719875C5F4C49A6B0C0,MD5=99E982747B36AF703209B734D9D05263,SHA256=17E09579C756D7374DEA79969BAB36D3D9257D4D51AA1934D2DB1BE374D9A425,IMPHASH=8F18E22935EF8B336E246EE763FBEC97trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576375Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.884{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll4.7.3394.0 built by: NET472REL1LAST_CMicrosoft .NET Runtime Common Language Runtime - WorkStationMicrosoft® .NET FrameworkMicrosoft Corporationclr.dllSHA1=5FBA404767EA062AF99C567EC2B5A9D9DAB26F09,MD5=AF9E56588EA414FCA8904B4A64DCDFFE,SHA256=E89CEC8EFFF3603687CD2B9451C972CD81924689486F78FBB0F28892D91B5568,IMPHASH=38F8A1CF545DBF2C054FAB701F585BFFtrueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576345Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.744{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll4.7.3056.0 built by: NET472REL1Microsoft .NET Runtime Execution EngineMicrosoft® .NET FrameworkMicrosoft Corporationmscoreei.dllSHA1=FBE7EDA0B86E915286A0C3C8742B72B82D072DDA,MD5=D2C812FB24F81F9F88693CAE7E4B6D78,SHA256=D96CA388CD514DCBF4696957A5467692234D1A17AE535101F97A1C84CADB59CF,IMPHASH=44A6C29B17044B03996A4F4B5A5C82D7trueMicrosoft CorporationValidNT AUTHORITY\SYSTEM 734700x8000000000000000576344Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.712{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\mscoree.dll10.0.17134.1 (WinBuild.160101.0800)Microsoft .NET Runtime Execution EngineMicrosoft® Windows® Operating SystemMicrosoft Corporationmscoree.dllSHA1=2B275596477BC76FDF924E697DF3CC8BB0FAD387,MD5=99C72E462B21A62F7E397E869E345B14,SHA256=714D3E839C30C4A5490DC87F320245FA31D54EC208C4A9E344861AFCD1E5BC66,IMPHASH=65F23EFA1EB51A5DAAB399BFAA840074trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576313Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.744{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\version.dll10.0.17134.1 (WinBuild.160101.0800)Version Checking and File Installation LibrariesMicrosoft® Windows® Operating SystemMicrosoft CorporationVERSION.DLLSHA1=A05A9082DC84C34EF876521B11E28F6684DB484A,MD5=30EBAC24A7D60DFB597576B46C9B82FB,SHA256=6426CF806ECFC1432326BD4E0C9D0BBA25B8DB8FF5A79EF2722E7DDD889A8F30,IMPHASH=34340C2C4E9AA6EF6AD12BB695FC695BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576312Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.744{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\kernel.appcore.dll10.0.17134.112 (WinBuild.160101.0800)AppModel API HostMicrosoft® Windows® Operating SystemMicrosoft Corporationkernel.appcore.dllSHA1=D4C9389A8C61DDE511239CA13DA91B704D49E120,MD5=51E940608A78A627D5231F32E518F745,SHA256=808AD1C80A283A832A16F6EE5A38C9077425532244DECBA8D8CC678A9CC81906,IMPHASH=6B95B10E47BEE4CE03390A70FB7EF691trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576311Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.744{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\shlwapi.dll10.0.17134.1 (WinBuild.160101.0800)Shell Light-weight Utility LibraryMicrosoft® Windows® Operating SystemMicrosoft CorporationSHLWAPI.DLLSHA1=9CD3A305C0909237A281E8C8039AA2ACF55B1CDC,MD5=26961387EB5E1668F6D3E1453703F3DB,SHA256=3F37BB1BF301454D19F7FD9033BB169873247504CF1E3DBC82051D627260D0D4,IMPHASH=0F49D2E8A51D0A3AE767A2F2E8AE58C5trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576291Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.697{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\atl.dll3.05.2284ATL Module for Windows XP (Unicode)Microsoft (R) Visual C++Microsoft CorporationATL.DLLSHA1=FA8EFF5D41C7EB2FFD91FDA5C319FEB767ACD770,MD5=8DD954DDB4944587A5841BAC5383A722,SHA256=803E29600B7BFED78DEFE186DDBF60E37B5DBB2AFAE5EE3EC9A6B3618CA1581C,IMPHASH=75FE4D242CDB81C8FD19F8165A4D313DtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576290Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.728{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\imm32.dll10.0.17134.1 (WinBuild.160101.0800)Multi-User Windows IMM32 API Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationimm32SHA1=16983CB149F64A0AD2F2CDD085BB2CFAA43714EC,MD5=9345A5D3801ABE2909CB8CE8D6D90D79,SHA256=4236210BD16305682611CD937B69142040E19A0C88AEDD3102A74B53511AF761,IMPHASH=288B23CFC7E95270A29D0D4D381AE1BCtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576286Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.697{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\win32u.dll10.0.17134.1 (WinBuild.160101.0800)Win32uMicrosoft® Windows® Operating SystemMicrosoft CorporationWin32u.DLLSHA1=10B324B91B6A3CE83384238C74A2249E4E7BDA75,MD5=F3BBD0E5FCC48794DF55349F22FDB418,SHA256=28CC07F7208742C7D01FB35AFC48A852B2D05A95D18B01A411981E13E418CFBD,IMPHASH=00000000000000000000000000000000trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576285Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.697{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\user32.dll10.0.17134.376 (WinBuild.160101.0800)Multi-User Windows USER API Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationuser32SHA1=A8D593FC9A44CCC5C17696D1B44BA59481B816E0,MD5=CEC499E17074BEF1CF32BB0AF742F2D2,SHA256=8733A580442177D5820BFA6592BC593D09F8EB3944231130473E53A9BDFD775C,IMPHASH=DF0DC07BFAB73712DAED45422E20378DtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576284Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.697{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\gdi32full.dll10.0.17134.706 (WinBuild.160101.0800)GDI Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationgdi32SHA1=4652DF764CADC234CC4B27E589800DD6871690B8,MD5=486620CFF75E29223B40316ABDC52F80,SHA256=21B73574A60C53F9CA476837565050EF0A50FB09B3F6B55852FCD1DBFD02C9B7,IMPHASH=01AFAF63C699021DE5945BC50C3A4436trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576283Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.697{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\gdi32.dll10.0.17134.285 (WinBuild.160101.0800)GDI Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationgdi32SHA1=147200B7E4B562D9D30AB2AEB0A75E9F0F16DE6A,MD5=4DE34C71E2C642A5ED3BF13E43F7519D,SHA256=F9E90287809B904C08995A101B73F62A7A1BDFB0DD4BCE447E05B5A113E3B9D7,IMPHASH=F8C2F33E948A65100AF3F6AF02F477E9trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576282Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.697{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ole32.dll10.0.17134.407 (WinBuild.160101.0800)Microsoft OLE for WindowsMicrosoft® Windows® Operating SystemMicrosoft CorporationOLE32.DLLSHA1=96A3E0CD00A6BA6FBFA420651E655BF2BC9CE64B,MD5=E29A659E7FE8E3B010C59A54A65E7646,SHA256=15C1C0A260F6F151DA540E252093B93FB09B0D5C56905429FB221EC216D7C1BF,IMPHASH=B5F54F6AF811BCFF3A5E0536D10A0CDEtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576281Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\sechost.dll10.0.17134.319 (WinBuild.160101.0800)Host for SCM/SDDL/LSA Lookup APIsMicrosoft® Windows® Operating SystemMicrosoft Corporationsechost.dllSHA1=136453020D3A1C3F87829F7BD83C7B36C0A27805,MD5=AB7AA9E1AE57362E4E78703E3A2D5A7D,SHA256=8198A73682BA00568EDAFD2091E4AFAC6F33C361CCBADC5BD23154B362911CA8,IMPHASH=1ABE74A44180732951AB6EDFA1AA0282trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576280Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\advapi32.dll10.0.17134.471 (WinBuild.160101.0800)Advanced Windows 32 Base APIMicrosoft® Windows® Operating SystemMicrosoft Corporationadvapi32.dllSHA1=86DE00DCF65B3AC656158B829053AFC368BD647F,MD5=C102A6FF0FE651242BE9A4BE3E579106,SHA256=EF117B762C2C680D181CF4119FF611C9DE46FCEA6B60775E746541F5DD8F1CD0,IMPHASH=0475FE4DD54AD7F28E679FF261C67BF3trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576279Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\bcryptprimitives.dll10.0.17134.1 (WinBuild.160101.0800)Windows Cryptographic Primitives LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationbcryptprimitives.dllSHA1=77017C919E2B8BFF4624E7C91CB8E3360B64E963,MD5=211D98BDF8BB67866F169DC23ECABA5B,SHA256=60B16451000BF1DDC1E1CF1CE27526A259987E712D80D49C87A448E9FB70DE5C,IMPHASH=C7FCD14944F90184E7A61DBD9322926BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576278Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\rpcrt4.dll10.0.17134.648 (WinBuild.160101.0800)Remote Procedure Call RuntimeMicrosoft® Windows® Operating SystemMicrosoft Corporationrpcrt4.dllSHA1=95466888B0062EE59588D02F897FEEB2D6AE5E7C,MD5=B76F8A048F5A0A05018D2413694D4DAA,SHA256=C5C37A2000626137DCDFF1D3D895C2CAE55C31925A787621783F2B750A05CE4C,IMPHASH=8D57648E6B44F7EEB8EC42A52C4DE444trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576277Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\combase.dll10.0.17134.619 (WinBuild.160101.0800)Microsoft COM for WindowsMicrosoft® Windows® Operating SystemMicrosoft CorporationCOMBASE.DLLSHA1=77A271F5B8DECC7D668F833B3769AC3A7637874D,MD5=2471D4FEEFD93183284363E012C04C7C,SHA256=88BEE99EAE4A1A97E10D749D807DD03C7B092B4CAFFA78DDCAEB0FCFC5E3E661,IMPHASH=FE529835066894B316B2106B974FB01BtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576276Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ucrtbase.dll10.0.17134.677 (WinBuild.160101.0800)Microsoft® C Runtime LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationucrtbase.dllSHA1=14205F96B616C35F66B36978C1868D13FB0D5598,MD5=1F7D0DEFBA3C793F018F7D10ECDEAB8D,SHA256=0797F4A5EAA5BA3C35287F0D75084A9E7805596D199B66EB00DED9D865E275B6,IMPHASH=EA4D5E085D5BBDBD19DCCE14D926B29EtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576275Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msvcp_win.dll10.0.17134.619 (WinBuild.160101.0800)Microsoft® C Runtime LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationmsvcp_win.dllSHA1=E84E037EF7CFA7DE72999984770AB38F1BAD9D04,MD5=DB0DA6A10E3DA13DEEDE1BEB26F43375,SHA256=6D1E5B1FA0F35FF31DBA9295A154971B36D4DDE8FE2719C8A99C8FE970DC013B,IMPHASH=43414A3CC2964EA236E1A6C3EC81350DtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576273Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\oleaut32.dll10.0.17134.706 (WinBuild.160101.0800)OLEAUT32.DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationOLEAUT32.DLLSHA1=4A96FD3EF6DDD60D443CAD16EE3D2E33EB86A58D,MD5=258B5B72C9D343297BE4FB58DD978240,SHA256=E937FC63B1C6BD1C92E1F22A36F352C81AF148F571F797161EFD29769629FCD9,IMPHASH=C71394BF1E4212C0EE940475D2C1D152trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576272Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.681{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\msvcrt.dll7.0.17134.1 (WinBuild.160101.0800)Windows NT CRT DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationmsvcrt.dllSHA1=5BB0FC89E614BCD1903D702ECA6CF79DBC25D661,MD5=7FCD4654FC7F16FDA52848E2D0AAFA9D,SHA256=995F25E8380D924C98DBE44F68D6BF2B0A62244BFE817A22D91B9586E3B479F6,IMPHASH=4BA50461B0B5FF3404B4A5B55C6A08B4trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576188Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.509{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\KernelBase.dll10.0.17134.556 (WinBuild.160101.0800)Windows NT BASE API Client DLLMicrosoft® Windows® Operating SystemMicrosoft CorporationKernelbase.dllSHA1=13BC46DE564D0A715E88A9BF7F7F640211D0350E,MD5=60D1EB0BE090FFA6163D6540673B925C,SHA256=576ABFB3327A3B66A1C9779FD8E159ED17D227F8F9DE34C22035FB75B0A31BA3,IMPHASH=B6A56E7F6E9B3018B2475EE0547F0EFAtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576187Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.509{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\kernel32.dll10.0.17134.706 (WinBuild.160101.0800)Windows NT BASE API Client DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationkernel32SHA1=E6E99A68E4ADC88A19AE5B2A734BA50195D242CC,MD5=E1B62AD97016F328E6A843F690A6CD5F,SHA256=1B4AFDB38C6955F9DD375F376EA3ECD9222986EBCDABBEFBA28D9CC4A14A26F8,IMPHASH=100F313C3EEB0E6BB4BCD10918D650F0trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576158Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.259{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe10.0.17134.1 (WinBuild.160101.0800)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXESHA1=1B3B40FBC889FD4C645CC12C85D0805AC36BA254,MD5=95000560239032BC68B4C2FDFCDEF913,SHA256=D3F8FADE829D2B7BD596C4504A6DAE5C034E789B6A3DEFBE013BDA7D14466677,IMPHASH=741776AACCFC5B71FF59832DCDCACE0FtrueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 734700x8000000000000000576156Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.259{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeC:\Windows\System32\ntdll.dll10.0.17134.556 (WinBuild.160101.0800)NT Layer DLLMicrosoft® Windows® Operating SystemMicrosoft Corporationntdll.dllSHA1=2CAAE2BEFD373926331F5FC806B62D3BED6DD5C9,MD5=61E6720247E029EE0100D287EF9543D5,SHA256=C5C078AFC3EA674F5F1E0915A33F579D2C931C36ABAF68804A1D78838ADD54AB,IMPHASH=00000000000000000000000000000000trueMicrosoft WindowsValidNT AUTHORITY\SYSTEM 154100x8000000000000000576152Microsoft-Windows-Sysmon/OperationalAttackBox-Win10-2024-03-04 20:58:34.257{51A89197-35FA-65E6-F305-000000001D00}5144C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe10.0.17134.1 (WinBuild.160101.0800)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXE"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" rmdir 'C:\ProgramData\Microsoft\Windows Defender' -RecurseC:\temp\NT AUTHORITY\SYSTEM{51A89197-3B87-654E-E703-000000000000}0x3e71SystemSHA1=1B3B40FBC889FD4C645CC12C85D0805AC36BA254,MD5=95000560239032BC68B4C2FDFCDEF913,SHA256=D3F8FADE829D2B7BD596C4504A6DAE5C034E789B6A3DEFBE013BDA7D14466677,IMPHASH=741776AACCFC5B71FF59832DCDCACE0F{51A89197-35FA-65E6-F205-000000001D00}1624C:\Users\VICTIM\Desktop\AdvancedRun.exe"C:\Users\VICTIM\Desktop\AdvancedRun.exe" /SpecialRun 14001bb98 1820ATTACKBOX-WIN10\VICTIM