154100x800000000000000058955384Microsoft-Windows-Sysmon/Operationalwin-host-mhaag-attack-range-622-2023-01-17 22:17:55.924{CCA468B6-1E93-63C7-C611-000000009B02}2856C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools\gacutil.exe4.8.9032.0 built by: NET481REL1Microsoft (R) .NET Framework Global Assembly Cache UtilityMicrosoft® .NET FrameworkMicrosoft Corporationgacutil.exe"C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools\gacutil.exe" /i c:\temp\mydll.dllC:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools\WIN-HOST-MHAAG-\Administrator{CCA468B6-1B42-63C7-5CB5-C00000000000}0xc0b55c2HighMD5=5CD4C12D08C3F1AAE0DE3D1C0B6025F0,SHA256=DC4C0E9F12B73F327B8CFA90894597FB6A95DE2D1332D40C3C07D9887C386A19{00000000-0000-0000-0000-000000000000}4328--- 154100x800000000000000058955088Microsoft-Windows-Sysmon/Operationalwin-host-mhaag-attack-range-622-2023-01-17 22:17:21.807{CCA468B6-1E71-63C7-C511-000000009B02}1144C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools\gacutil.exe4.8.9032.0 built by: NET481REL1Microsoft (R) .NET Framework Global Assembly Cache UtilityMicrosoft® .NET FrameworkMicrosoft Corporationgacutil.exe"C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools\gacutil.exe" -i c:\temp\mydll.dllC:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools\WIN-HOST-MHAAG-\Administrator{CCA468B6-1B42-63C7-5CB5-C00000000000}0xc0b55c2HighMD5=5CD4C12D08C3F1AAE0DE3D1C0B6025F0,SHA256=DC4C0E9F12B73F327B8CFA90894597FB6A95DE2D1332D40C3C07D9887C386A19{CCA468B6-1E4C-63C7-BC11-000000009B02}4328C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" WIN-HOST-MHAAG-\Administrator