734700x800000000000000017907Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.local-2024-11-28 14:32:34.660{103530B6-7F02-6748-5E10-00000000BA03}1116C:\Temp\meduza_payload.exeC:\Windows\System32\vaultcli.dll10.0.14393.7426 (rs1_release.240926-1524)Credential Vault Client LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationvaultcli.dllMD5=D419CF093B6A879FC175D7D7F3836ACC,SHA256=3EA476D9EB97AA620E91AC658D4830A24D8AC463D5C01A149BA3BF174F82CA44,IMPHASH=E0B17C1B749544B11E7164BC8880263EtrueMicrosoft WindowsValidATTACKRANGE\Administrator 734700x800000000000000015817Microsoft-Windows-Sysmon/Operationalar-win-dc.attackrange.local-2024-11-28 14:26:19.591{103530B6-7D8B-6748-3010-00000000BA03}6336C:\Temp\meduza_payload.exeC:\Windows\System32\vaultcli.dll10.0.14393.7426 (rs1_release.240926-1524)Credential Vault Client LibraryMicrosoft® Windows® Operating SystemMicrosoft Corporationvaultcli.dllMD5=D419CF093B6A879FC175D7D7F3836ACC,SHA256=3EA476D9EB97AA620E91AC658D4830A24D8AC463D5C01A149BA3BF174F82CA44,IMPHASH=E0B17C1B749544B11E7164BC8880263EtrueMicrosoft WindowsValidATTACKRANGE\Administrator