3 5 4 3 0 0x8000000000000000 18855 Microsoft-Windows-Sysmon/Operational quadra.snapattack.labs - 2023-08-11 14:30:17.280 BD1BA16A-45F6-64D6-EE28-000000001600 11052 C:\Users\patreides\Desktop\cloudflared-windows-amd64.exe SNAPATTACK\snapattack udp true false 192.168.196.178 quadra.snapattack.labs 61253 - false 198.41.200.43 - 7844 - 4688 2 0 13312 0 0x8020000000000000 3195789 Security quadra.snapattack.labs S-1-5-21-421648065-3458498710-3574272164-1103 snapattack SNAPATTACK 0xe10b6c 0x2b2c C:\Users\patreides\Desktop\cloudflared-windows-amd64.exe %%1938 0x21a4 "C:\Users\patreides\Desktop\cloudflared-windows-amd64.exe" tunnel --url localhost:8080 S-1-0-0 - - 0x0 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe S-1-16-8192 22 5 4 22 0 0x8000000000000000 18839 Microsoft-Windows-Sysmon/Operational quadra.snapattack.labs - 2023-08-11 14:30:15.563 BD1BA16A-45F6-64D6-EE28-000000001600 11052 api.trycloudflare.com 0 ::ffff:104.17.123.55;::ffff:104.17.124.55; C:\Users\patreides\Desktop\cloudflared-windows-amd64.exe SNAPATTACK\snapattack 4688 2 0 13312 0 0x8020000000000000 165899 Security EC2AMAZ-2RSGUKB S-1-5-21-3081580237-2860106967-1440473398-1009 user EC2AMAZ-2RSGUKB 0x95cce4 0x1db8 C:\Program Files\Tailscale\tailscale-ipn.exe %%1937 0x80c "C:\Program Files\Tailscale\tailscale-ipn.exe" S-1-0-0 - - 0x0 C:\Windows\SysWOW64\msiexec.exe S-1-16-12288 3 5 4 3 0 0x8000000000000000 18855 Microsoft-Windows-Sysmon/Operational quadra.snapattack.labs - 2023-08-11 14:30:17.280 BD1BA16A-45F6-64D6-EE28-000000001600 11052 C:\Users\patreides\Desktop\cloudflared-windows-amd64.exe SNAPATTACK\snapattack udp true false 192.168.196.178 quadra.snapattack.labs 61253 - false 198.41.200.43 - 7844 - 22 5 4 22 0 0x8000000000000000 18839 Microsoft-Windows-Sysmon/Operational quadra.snapattack.labs - 2023-08-11 14:30:15.563 BD1BA16A-45F6-64D6-EE28-000000001600 11052 api.trycloudflare.com 0 ::ffff:104.17.123.55;::ffff:104.17.124.55; C:\Users\patreides\Desktop\cloudflared-windows-amd64.exe SNAPATTACK\snapattack 4688 2 0 13312 0 0x8020000000000000 165899 Security EC2AMAZ-2RSGUKB S-1-5-21-3081580237-2860106967-1440473398-1009 user EC2AMAZ-2RSGUKB 0x95cce4 0x1db8 C:\Program Files\Tailscale\tailscale-ipn.exe %%1937 0x80c "C:\Program Files\Tailscale\tailscale-ipn.exe" S-1-0-0 - - 0x0 C:\Windows\SysWOW64\msiexec.exe S-1-16-12288