154100x8000000000000000145407Microsoft-Windows-Sysmon/Operationalar-win-dc-2025-10-31 12:34:35.898{CA8A6768-ACDB-6904-1C08-00000000FB03}6004C:\Windows\System32\ComputerDefaults.exe10.0.14393.0 (rs1_release.160715-1616)Set Program Access and Computer Defaults Control PanelMicrosoft® Windows® Operating SystemMicrosoft CorporationComputerDefaults.EXEC:\Windows\System32\ComputerDefaults.exeC:\Windows\system32\AR-WIN-DC\Administrator{CA8A6768-9E3A-6904-4D9C-1E0000000000}0x1e9c4d2HighMD5=3F032A1BDF4D7DF2F43FE7C0410AC175,SHA256=4978AD7650C44D4239ED6B77267DD21D50D33BBD3D875ACE4131F2DED3A11804,IMPHASH=DA2422A9623D87A53282F4F5922988FA{CA8A6768-AC6C-6904-0C08-00000000FB03}3932C:\Temp\castlerat_SEMIFIX.exe"C:\Temp\castlerat_SEMIFIX.exe"AR-WIN-DC\Administrator 154100x8000000000000000142536Microsoft-Windows-Sysmon/Operationalar-win-dc-2025-10-31 12:30:47.570{CA8A6768-ABF7-6904-FB07-00000000FB03}4404C:\Temp\castlerat_SEMIFIX.exe-----"C:\Temp\castlerat_SEMIFIX.exe"C:\Windows\AR-WIN-DC\Administrator{CA8A6768-9E3A-6904-4D9C-1E0000000000}0x1e9c4d2HighMD5=6A3ABE8AB294FCC92FF7357F7FF3CEEC,SHA256=3D16DD50015F219C913E6C66DCC1EA43DE6D7B455B7C92ECB0FF3A3DCB676CCC,IMPHASH=EE5F65CAC162ED0E86CB399CF1B9A9DB{CA8A6768-ABF7-6904-FA07-00000000FB03}6780C:\Windows\System32\ComputerDefaults.exeC:\Windows\System32\ComputerDefaults.exeAR-WIN-DC\Administrator 154100x8000000000000000142529Microsoft-Windows-Sysmon/Operationalar-win-dc-2025-10-31 12:30:47.562{CA8A6768-ABF7-6904-FA07-00000000FB03}6780C:\Windows\System32\ComputerDefaults.exe10.0.14393.0 (rs1_release.160715-1616)Set Program Access and Computer Defaults Control PanelMicrosoft® Windows® Operating SystemMicrosoft CorporationComputerDefaults.EXEC:\Windows\System32\ComputerDefaults.exeC:\Windows\system32\AR-WIN-DC\Administrator{CA8A6768-9E3A-6904-4D9C-1E0000000000}0x1e9c4d2HighMD5=3F032A1BDF4D7DF2F43FE7C0410AC175,SHA256=4978AD7650C44D4239ED6B77267DD21D50D33BBD3D875ACE4131F2DED3A11804,IMPHASH=DA2422A9623D87A53282F4F5922988FA{CA8A6768-AAC8-6904-D107-00000000FB03}7136C:\Temp\castlerat_SEMIFIX.exe"C:\Temp\castlerat_SEMIFIX.exe"AR-WIN-DC\Administrator