354300x800000000000000026090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:19.783{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54584-false10.0.1.12-8000- 354300x800000000000000026091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:23.286{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34296-false10.0.1.12-8089- 354300x800000000000000026092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:25.650{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54588-false10.0.1.12-8000- 354300x800000000000000026093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:30.676{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54590-false10.0.1.12-8000- 154100x800000000000000026094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:31.560{ec2a2542-2813-6254-68a4-1af27c550000}2544/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000026095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:31.571{ec2a2542-2813-6254-68a4-1af27c550000}2544/bin/psroot 23542300x800000000000000026096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:31.815{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:35.815{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54592-false10.0.1.12-8000- 354300x800000000000000026098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:41.689{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54594-false10.0.1.12-8000- 354300x800000000000000026099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:46.759{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54596-false10.0.1.12-8000- 354300x800000000000000026100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:52.693{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54598-false10.0.1.12-8000- 354300x800000000000000026101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:07:57.749{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54600-false10.0.1.12-8000- 23542300x800000000000000026102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:01.814{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:02.803{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54602-false10.0.1.12-8000- 354300x800000000000000026104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:08.599{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54604-false10.0.1.12-8000- 354300x800000000000000026105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:13.645{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54606-false10.0.1.12-8000- 354300x800000000000000026106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:18.813{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54608-false10.0.1.12-8000- 354300x800000000000000026107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:23.291{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34320-false10.0.1.12-8089- 354300x800000000000000026108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:24.642{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54612-false10.0.1.12-8000- 354300x800000000000000026109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:29.741{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54614-false10.0.1.12-8000- 23542300x800000000000000026110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:31.816{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 154100x800000000000000026111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:32.573{ec2a2542-2850-6254-68a4-7d491f560000}2545/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000026112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:32.590{ec2a2542-2850-6254-68a4-7d491f560000}2545/bin/psroot 354300x800000000000000026113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:34.779{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54616-false10.0.1.12-8000- 354300x800000000000000026114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:40.625{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54618-false10.0.1.12-8000- 354300x800000000000000026115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:45.818{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54620-false10.0.1.12-8000- 354300x800000000000000026116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:51.693{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54622-false10.0.1.12-8000- 354300x800000000000000026117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:08:56.776{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54624-false10.0.1.12-8000- 23542300x800000000000000026118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:01.813{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:02.605{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54626-false10.0.1.12-8000- 354300x800000000000000026120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:07.684{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54628-false10.0.1.12-8000- 354300x800000000000000026121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:13.677{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54630-false10.0.1.12-8000- 354300x800000000000000026122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:19.626{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54632-false10.0.1.12-8000- 354300x800000000000000026123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:23.295{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34344-false10.0.1.12-8089- 354300x800000000000000026124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:24.670{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54636-false10.0.1.12-8000- 354300x800000000000000026125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:30.665{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54638-false10.0.1.12-8000- 23542300x800000000000000026126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:31.814{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 154100x800000000000000026127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:33.650{ec2a2542-288d-6254-6874-b67dda550000}2546/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000026128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:33.660{ec2a2542-288d-6254-6874-b67dda550000}2546/bin/psroot 354300x800000000000000026129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:35.667{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54640-false10.0.1.12-8000- 354300x800000000000000026130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:40.757{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54642-false10.0.1.12-8000- 534500x800000000000000026131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:45.241{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452/lib/systemd/systemd-journaldroot 354300x800000000000000026132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:45.827{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54644-false10.0.1.12-8000- 354300x800000000000000026133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:51.664{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54646-false10.0.1.12-8000- 354300x800000000000000026134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:09:56.664{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54648-false10.0.1.12-8000- 354300x800000000000000026135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:01.704{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54650-false10.0.1.12-8000- 23542300x800000000000000026136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:01.815{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:06.760{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54652-false10.0.1.12-8000- 354300x800000000000000026138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:12.720{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54654-false10.0.1.12-8000- 354300x800000000000000026139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:17.726{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54656-false10.0.1.12-8000- 354300x800000000000000026140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:23.301{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34368-false10.0.1.12-8089- 354300x800000000000000026141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:23.708{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54660-false10.0.1.12-8000- 354300x800000000000000026142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:29.614{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54662-false10.0.1.12-8000- 23542300x800000000000000026143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:31.770{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:34.633{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54664-false10.0.1.12-8000- 154100x800000000000000026145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:34.662{ec2a2542-28ca-6254-68c4-b80a29560000}2548/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000026146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:34.673{ec2a2542-28ca-6254-68c4-b80a29560000}2548/bin/psroot 354300x800000000000000026147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:39.749{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54666-false10.0.1.12-8000- 354300x800000000000000026148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:45.705{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54668-false10.0.1.12-8000- 354300x800000000000000026149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:50.707{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54670-false10.0.1.12-8000- 354300x800000000000000026150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:10:56.649{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54672-false10.0.1.12-8000- 23542300x800000000000000026151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:01.691{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:01.793{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54674-false10.0.1.12-8000- 354300x800000000000000026153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:07.633{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54676-false10.0.1.12-8000- 354300x800000000000000026154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:12.638{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54678-false10.0.1.12-8000- 354300x800000000000000026155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:17.757{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54680-false10.0.1.12-8000- 354300x800000000000000026156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:22.763{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54682-false10.0.1.12-8000- 354300x800000000000000026157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:23.316{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34394-false10.0.1.12-8089- 354300x800000000000000026158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:23.663{ec2a2542-0ffd-6254-e0d7-7e6a46560000}1010/usr/sbin/sshdroottcpfalsefalse10.0.1.14-63205-false10.0.1.20-22- 154100x800000000000000026159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:23.664{ec2a2542-28fb-6254-e0e7-64420e560000}2549/usr/sbin/sshd-----/usr/sbin/sshd -D -R/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}1010--- 23542300x800000000000000026161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.365{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000026160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.365{00000000-0000-0000-0000-000000000000}2550<unknown process>sshd 534500x800000000000000026162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.366{00000000-0000-0000-0000-000000000000}2551<unknown process>root 154100x800000000000000026163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.383{ec2a2542-28fe-6254-5819-477f1c560000}2552/lib/systemd/systemd-----/lib/systemd/systemd --user/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{ec2a2542-0ff1-6254-58a9-8a1e10560000}1/lib/systemd/systemd/sbin/initroot 534500x800000000000000026171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.398{00000000-0000-0000-0000-000000000000}2554<unknown process>root 534500x800000000000000026169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.398{ec2a2542-28fe-6254-0000-000000000000}2562-root 534500x800000000000000026167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.398{ec2a2542-28fe-6254-0000-000000000000}2558-root 534500x800000000000000026166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.398{ec2a2542-28fe-6254-0000-000000000000}2556-root 534500x800000000000000026165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.398{ec2a2542-28fe-6254-0000-000000000000}2555-root 23542300x800000000000000026164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.398{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000026173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.399{00000000-0000-0000-0000-000000000000}2559<unknown process>root 534500x800000000000000026172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.399{00000000-0000-0000-0000-000000000000}2553<unknown process>root 534500x800000000000000026170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.399{ec2a2542-28fe-6254-0000-000000000000}2561-root 534500x800000000000000026168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.399{ec2a2542-28fe-6254-0000-000000000000}2560-root 154100x800000000000000026174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.401{ec2a2542-28fe-6254-d0a2-94eed3550000}2568/usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator-----/usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{00000000-0000-0000-0000-000000000000}2564--- 23542300x800000000000000026175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.402{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000026178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.403{00000000-0000-0000-0000-000000000000}2563<unknown process>root 534500x800000000000000026177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.403{00000000-0000-0000-0000-000000000000}2565<unknown process>root 534500x800000000000000026176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.403{ec2a2542-28fe-6254-0000-000000000000}2566-root 534500x800000000000000026179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.404{ec2a2542-28fe-6254-0000-000000000000}2567-root 534500x800000000000000026180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.406{ec2a2542-28fe-6254-d0a2-94eed3550000}2568/usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generatorubuntu 154100x800000000000000026181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.408{ec2a2542-28fe-6254-08a4-a63098550000}2569/bin/bash-----/bin/bash /usr/lib/systemd/user-environment-generators/90gpg-agent/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{00000000-0000-0000-0000-000000000000}2564--- 154100x800000000000000026182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.410{ec2a2542-28fe-6254-b0ff-2f9933560000}2570/usr/bin/gpgconf-----gpgconf --list-dirs agent-socket/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{ec2a2542-28fe-6254-08a4-a63098550000}2569/bin/bash/bin/bashubuntu 534500x800000000000000026185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.414{00000000-0000-0000-0000-000000000000}2572<unknown process>root 534500x800000000000000026184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.414{ec2a2542-28fe-6254-0000-000000000000}2571-root 23542300x800000000000000026183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.414{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000026186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.415{ec2a2542-28fe-6254-b0ff-2f9933560000}2570/usr/bin/gpgconfubuntu 154100x800000000000000026188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.416{ec2a2542-28fe-6254-f02c-37d046560000}2575/usr/bin/gawk-----awk -F: /^enable-ssh-support:/{ print $10 }/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{00000000-0000-0000-0000-000000000000}2573--- 154100x800000000000000026187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.416{ec2a2542-28fe-6254-b05f-577827560000}2574/usr/bin/gpgconf-----gpgconf --list-options gpg-agent/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{00000000-0000-0000-0000-000000000000}2573--- 154100x800000000000000026189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.418{ec2a2542-28fe-6254-c815-43c74f560000}2576/usr/bin/gpg-agent-----gpg-agent --gpgconf-list/ubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{ec2a2542-28fe-6254-b05f-577827560000}2574/usr/bin/gpgconfgpgconfubuntu 534500x800000000000000026190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.427{ec2a2542-28fe-6254-c815-43c74f560000}2576/usr/bin/gpg-agentubuntu 534500x800000000000000026194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.428{ec2a2542-28fe-6254-08a4-a63098550000}2569/bin/bashubuntu 534500x800000000000000026193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.428{00000000-0000-0000-0000-000000000000}2573<unknown process>ubuntu 534500x800000000000000026192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.428{ec2a2542-28fe-6254-f02c-37d046560000}2575/usr/bin/gawkubuntu 534500x800000000000000026191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.428{ec2a2542-28fe-6254-b05f-577827560000}2574/usr/bin/gpgconfubuntu 534500x800000000000000026195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.429{ec2a2542-28fe-6254-0000-000000000000}2564-ubuntu 534500x800000000000000026196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.430{00000000-0000-0000-0000-000000000000}2577<unknown process>ubuntu 154100x800000000000000026197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.458{ec2a2542-28fe-6254-d0fc-328b33560000}2578/bin/systemctl-----/bin/systemctl --user set-environment DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus/home/ubuntuubuntu{ec2a2542-0000-0000-e803-000000000000}10003no level-{ec2a2542-28fe-6254-5819-477f1c560000}2552/lib/systemd/systemd/lib/systemd/systemdubuntu 534500x800000000000000026198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.464{ec2a2542-28fe-6254-d0fc-328b33560000}2578/bin/systemctlubuntu 154100x800000000000000026199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.468{ec2a2542-28fe-6254-6852-1be5ad550000}2579/bin/dash-----sh -c /usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d > /run/motd.dynamic.new/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fb-6254-e0e7-64420e560000}2549/usr/sbin/sshd/usr/sbin/sshdroot 154100x800000000000000026201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.469{ec2a2542-28fe-6254-381a-7a14dc550000}2580/bin/run-parts-----run-parts --lsbsysinit /etc/update-motd.d/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6852-1be5ad550000}2579/bin/dashshroot 154100x800000000000000026200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.469{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env-----/usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6852-1be5ad550000}2579/bin/dashshroot 154100x800000000000000026202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.471{ec2a2542-28fe-6254-6832-e3ab78550000}2581/bin/dash-----/bin/sh /etc/update-motd.d/00-header/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.475{ec2a2542-28fe-6254-807e-f13d6e550000}2583/bin/uname-----uname -r/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6832-e3ab78550000}2581/bin/dash/bin/shroot 534500x800000000000000026204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.475{ec2a2542-28fe-6254-80ae-3cc7e1550000}2582/bin/unameroot 154100x800000000000000026203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.475{ec2a2542-28fe-6254-80ae-3cc7e1550000}2582/bin/uname-----uname -o/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6832-e3ab78550000}2581/bin/dash/bin/shroot 534500x800000000000000026208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.479{ec2a2542-28fe-6254-80de-e782cd550000}2584/bin/unameroot 154100x800000000000000026207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.479{ec2a2542-28fe-6254-80de-e782cd550000}2584/bin/uname-----uname -m/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6832-e3ab78550000}2581/bin/dash/bin/shroot 534500x800000000000000026206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.479{ec2a2542-28fe-6254-807e-f13d6e550000}2583/bin/unameroot 154100x800000000000000026210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.480{ec2a2542-28fe-6254-6882-8b6436560000}2585/bin/dash-----/bin/sh /etc/update-motd.d/10-help-text/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.480{ec2a2542-28fe-6254-6832-e3ab78550000}2581/bin/dashroot 534500x800000000000000026212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.481{ec2a2542-28fe-6254-6882-8b6436560000}2585/bin/dashroot 23542300x800000000000000026211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.481{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452root/lib/systemd/systemd-journald/run/systemd/journal/streams/9:34242--- 154100x800000000000000026213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.482{ec2a2542-28fe-6254-6802-7e74bc550000}2586/bin/dash-----/bin/sh /etc/update-motd.d/50-landscape-sysinfo/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.484{ec2a2542-28fe-6254-509c-8bf64b560000}2587/bin/grep-----grep -c ^processor /proc/cpuinfo/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6802-7e74bc550000}2586/bin/dash/bin/shroot 154100x800000000000000026219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.485{ec2a2542-28fe-6254-989f-a40a04560000}2590/usr/bin/bc-----bc/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2588--- 154100x800000000000000026216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.485{ec2a2542-28fe-6254-b8e0-b577ad550000}2591/usr/bin/cut-----cut -f1 -d /proc/loadavg/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2589--- 534500x800000000000000026215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.485{ec2a2542-28fe-6254-509c-8bf64b560000}2587/bin/greproot 534500x800000000000000026218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.486{00000000-0000-0000-0000-000000000000}2589<unknown process>root 534500x800000000000000026217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.486{ec2a2542-28fe-6254-b8e0-b577ad550000}2591/usr/bin/cutroot 154100x800000000000000026222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.488{ec2a2542-28fe-6254-080f-e12850560000}2592/bin/date-----/bin/date/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6802-7e74bc550000}2586/bin/dash/bin/shroot 534500x800000000000000026221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.488{ec2a2542-28fe-6254-0000-000000000000}2588-root 534500x800000000000000026220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.488{ec2a2542-28fe-6254-989f-a40a04560000}2590/usr/bin/bcroot 154100x800000000000000026224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.489{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6-----/usr/bin/python3 /usr/bin/landscape-sysinfo/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-6802-7e74bc550000}2586/bin/dash/bin/shroot 534500x800000000000000026223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.489{ec2a2542-28fe-6254-080f-e12850560000}2592/bin/dateroot 154100x800000000000000026226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.700{ec2a2542-28fe-6254-b8d1-47a8f87f0000}2594/sbin/ldconfig.real-----/sbin/ldconfig.real -p/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6/usr/bin/python3root 154100x800000000000000026225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.700{ec2a2542-28fe-6254-68f2-918200560000}2594/bin/dash-----/bin/sh /sbin/ldconfig -p/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.701{ec2a2542-28fe-6254-68f2-918200560000}2594/bin/dashroot 154100x800000000000000026229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.774{ec2a2542-28fe-6254-b8c1-49bc947f0000}2595/sbin/ldconfig.real-----/sbin/ldconfig.real -p/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6/usr/bin/python3root 154100x800000000000000026228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.774{ec2a2542-28fe-6254-6802-a1b060550000}2595/bin/dash-----/bin/sh /sbin/ldconfig -p/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:26.776{ec2a2542-28fe-6254-6802-a1b060550000}2595/bin/dashroot 534500x800000000000000026231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.020{00000000-0000-0000-0000-000000000000}2596<unknown process>root 154100x800000000000000026232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.089{ec2a2542-28ff-6254-f003-ba8fb3550000}2597/usr/bin/who-----who -q/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.093{ec2a2542-28ff-6254-f003-ba8fb3550000}2597/usr/bin/whoroot 154100x800000000000000026236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.164{ec2a2542-28ff-6254-68f2-ff1ec2550000}2598/bin/dash-----/bin/sh /etc/update-motd.d/50-motd-news/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.164{ec2a2542-28fe-6254-6802-7e74bc550000}2586/bin/dashroot 534500x800000000000000026234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.164{ec2a2542-28fe-6254-a036-7b0000000000}2593/usr/bin/python3.6root 154100x800000000000000026241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.165{ec2a2542-28ff-6254-e095-7589dd550000}2601/usr/bin/tr-----tr -d \000-\011\013\014\016-\037/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68f2-ff1ec2550000}2598/bin/dash/bin/shroot 154100x800000000000000026239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.165{ec2a2542-28ff-6254-b820-36d485550000}2602/usr/bin/cut-----cut -c -80/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68f2-ff1ec2550000}2598/bin/dash/bin/shroot 154100x800000000000000026238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.165{ec2a2542-28ff-6254-78a2-794cd3550000}2600/usr/bin/head-----head -n 10/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68f2-ff1ec2550000}2598/bin/dash/bin/shroot 154100x800000000000000026237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.165{ec2a2542-28ff-6254-d0b9-219a33560000}2599/bin/cat-----cat /var/cache/motd-news/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68f2-ff1ec2550000}2598/bin/dash/bin/shroot 534500x800000000000000026243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.166{ec2a2542-28ff-6254-d0b9-219a33560000}2599/bin/catroot 534500x800000000000000026240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.166{ec2a2542-28ff-6254-78a2-794cd3550000}2600/usr/bin/headroot 154100x800000000000000026246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.167{ec2a2542-28ff-6254-6802-79df01560000}2603/bin/dash-----/bin/sh /etc/update-motd.d/88-esm-announce/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.167{ec2a2542-28ff-6254-68f2-ff1ec2550000}2598/bin/dashroot 534500x800000000000000026244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.167{ec2a2542-28ff-6254-b820-36d485550000}2602/usr/bin/cutroot 534500x800000000000000026242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.167{ec2a2542-28ff-6254-e095-7589dd550000}2601/usr/bin/trroot 534500x800000000000000026247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.171{ec2a2542-28ff-6254-6802-79df01560000}2603/bin/dashroot 154100x800000000000000026248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.172{ec2a2542-28ff-6254-6832-2960bd550000}2604/bin/dash-----/bin/sh /etc/update-motd.d/90-updates-available/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.173{ec2a2542-28ff-6254-d079-d6330e560000}2605/bin/cat-----cat /var/lib/update-notifier/updates-available/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-6832-2960bd550000}2604/bin/dash/bin/shroot 154100x800000000000000026252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.174{ec2a2542-28ff-6254-6882-9d7f5b550000}2606/bin/dash-----/bin/sh /etc/update-motd.d/91-contract-ua-esm-status/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.174{ec2a2542-28ff-6254-6832-2960bd550000}2604/bin/dashroot 534500x800000000000000026250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.174{ec2a2542-28ff-6254-d079-d6330e560000}2605/bin/catroot 154100x800000000000000026260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.175{ec2a2542-28ff-6254-6872-2e966e550000}2607/bin/dash-----/bin/sh -e /usr/lib/ubuntu-release-upgrader/release-upgrade-motd/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.175{ec2a2542-28ff-6254-6812-973102560000}2607/bin/dash-----/bin/sh /etc/update-motd.d/91-release-upgrade/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.175{ec2a2542-28ff-6254-6882-9d7f5b550000}2606/bin/dashroot 154100x800000000000000026256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.176{ec2a2542-28ff-6254-b840-ada5bc550000}2610/usr/bin/cut-----cut -d -f4/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2608--- 154100x800000000000000026255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.176{ec2a2542-28ff-6254-a036-7b0000000000}2609/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -sd/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2608--- 534500x800000000000000026259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.231{ec2a2542-28fe-6254-0000-000000000000}2608-root 534500x800000000000000026258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.231{ec2a2542-28ff-6254-b840-ada5bc550000}2610/usr/bin/cutroot 534500x800000000000000026257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.231{ec2a2542-28ff-6254-a036-7b0000000000}2609/usr/bin/python3.6root 154100x800000000000000026261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.233{ec2a2542-28ff-6254-08df-5e2a8e550000}2611/bin/date-----date +%s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-6812-973102560000}2607/bin/dash/bin/shroot 154100x800000000000000026263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.234{ec2a2542-28ff-6254-8834-e3c6a4550000}2612/usr/bin/stat-----stat -c %Y /var/lib/ubuntu-release-upgrader/release-upgrade-available/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-6812-973102560000}2607/bin/dash/bin/shroot 534500x800000000000000026262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.234{ec2a2542-28ff-6254-08df-5e2a8e550000}2611/bin/dateroot 154100x800000000000000026265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.236{ec2a2542-28ff-6254-98e5-81b8ef550000}2613/usr/bin/expr-----expr 1649433960 + 86400/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-6812-973102560000}2607/bin/dash/bin/shroot 534500x800000000000000026264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.236{ec2a2542-28ff-6254-8834-e3c6a4550000}2612/usr/bin/statroot 154100x800000000000000026268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.238{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6-----/usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-0ff1-6254-58a9-8a1e10560000}1/lib/systemd/systemd/sbin/initroot 534500x800000000000000026266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.238{ec2a2542-28ff-6254-98e5-81b8ef550000}2613/usr/bin/exprroot 154100x800000000000000026270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.239{ec2a2542-28ff-6254-6872-99c685550000}2615/bin/dash-----/bin/sh /usr/share/unattended-upgrades/update-motd-unattended-upgrades/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.239{ec2a2542-28ff-6254-6842-8317e4550000}2615/bin/dash-----/bin/sh /etc/update-motd.d/92-unattended-upgrades/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.239{ec2a2542-28ff-6254-6812-973102560000}2607/bin/dashroot 154100x800000000000000026273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.241{ec2a2542-28ff-6254-68d2-a877e1550000}2616/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.241{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash-----/bin/sh /etc/update-motd.d/95-hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.241{ec2a2542-28ff-6254-6842-8317e4550000}2615/bin/dashroot 154100x800000000000000026274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.244{ec2a2542-28ff-6254-7334-c6f919560000}2617/usr/bin/apt-config-----apt-config shell StateDir Dir::State/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.248{ec2a2542-28ff-6254-70f1-e971a7550000}2618/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-7334-c6f919560000}2617/usr/bin/apt-configapt-configroot 534500x800000000000000026277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.250{ec2a2542-28ff-6254-7334-c6f919560000}2617/usr/bin/apt-configroot 534500x800000000000000026276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.250{ec2a2542-28ff-6254-70f1-e971a7550000}2618/usr/bin/dpkgroot 154100x800000000000000026278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.251{ec2a2542-28ff-6254-73c4-ae81c5550000}2619/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.255{ec2a2542-28ff-6254-70e1-cbb829560000}2620/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-73c4-ae81c5550000}2619/usr/bin/apt-configapt-configroot 534500x800000000000000026280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.257{ec2a2542-28ff-6254-70e1-cbb829560000}2620/usr/bin/dpkgroot 154100x800000000000000026282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.258{ec2a2542-28ff-6254-73c4-81a75b550000}2621/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 534500x800000000000000026281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.258{ec2a2542-28ff-6254-73c4-ae81c5550000}2619/usr/bin/apt-configroot 154100x800000000000000026283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.262{ec2a2542-28ff-6254-7001-5bedf8550000}2622/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-73c4-81a75b550000}2621/usr/bin/apt-configapt-configroot 534500x800000000000000026284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.264{ec2a2542-28ff-6254-7001-5bedf8550000}2622/usr/bin/dpkgroot 154100x800000000000000026286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.265{ec2a2542-28ff-6254-73a4-89492e560000}2623/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 534500x800000000000000026285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.265{ec2a2542-28ff-6254-73c4-81a75b550000}2621/usr/bin/apt-configroot 154100x800000000000000026287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.270{ec2a2542-28ff-6254-7031-9e8f43560000}2624/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-73a4-89492e560000}2623/usr/bin/apt-configapt-configroot 534500x800000000000000026289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.272{ec2a2542-28ff-6254-73a4-89492e560000}2623/usr/bin/apt-configroot 534500x800000000000000026288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.272{ec2a2542-28ff-6254-7031-9e8f43560000}2624/usr/bin/dpkgroot 154100x800000000000000026290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.275{ec2a2542-28ff-6254-7354-66da9e550000}2625/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.291{ec2a2542-28ff-6254-7031-d5198e550000}2626/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-7354-66da9e550000}2625/usr/bin/apt-configapt-configroot 534500x800000000000000026292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.293{ec2a2542-28ff-6254-7031-d5198e550000}2626/usr/bin/dpkgroot 534500x800000000000000026293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.294{ec2a2542-28ff-6254-7354-66da9e550000}2625/usr/bin/apt-configroot 154100x800000000000000026294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.295{ec2a2542-28ff-6254-9020-05831c560000}2627/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/hwe-eol -print -quit/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.299{ec2a2542-28ff-6254-a820-bf4edf550000}2628/bin/mktemp-----mktemp -p /var/lib/update-notifier/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.299{ec2a2542-28ff-6254-e858-3a7de1550000}2629/usr/bin/dirname-----dirname /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2628--- 534500x800000000000000026295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.299{ec2a2542-28ff-6254-9020-05831c560000}2627/usr/bin/findroot 534500x800000000000000026299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.300{ec2a2542-28ff-6254-a820-bf4edf550000}2628/bin/mktemproot 534500x800000000000000026297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.300{ec2a2542-28ff-6254-e858-3a7de1550000}2629/usr/bin/dirnameroot 154100x800000000000000026300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.301{ec2a2542-28ff-6254-a036-7b0000000000}2630/usr/bin/python3.6-----/usr/bin/python3 /usr/bin/hwe-support-status/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.359{ec2a2542-28ff-6254-70a1-169da6550000}2631/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6/usr/bin/python3root 23542300x800000000000000026303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.361{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.e10XSt--- 534500x800000000000000026302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.361{ec2a2542-28ff-6254-70a1-169da6550000}2631/usr/bin/dpkgroot 23542300x800000000000000026304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.366{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.oSYGxU--- 23542300x800000000000000026305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.372{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.UWpkdl--- 23542300x800000000000000026306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.373{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.GepeTL--- 23542300x800000000000000026307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.375{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.S5Ipzc--- 23542300x800000000000000026308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.379{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.A4kkgD--- 23542300x800000000000000026309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.381{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.k8fuX3--- 23542300x800000000000000026310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.386{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.aursFu--- 23542300x800000000000000026311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.387{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.mAoHnV--- 23542300x800000000000000026312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.389{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.8zxa6l--- 23542300x800000000000000026313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.390{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.iv9QOM--- 23542300x800000000000000026314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.391{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.2qVKxd--- 23542300x800000000000000026315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.393{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.I5CUgE--- 23542300x800000000000000026316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.394{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.qzOj04--- 23542300x800000000000000026317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.396{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.UHxZJv--- 23542300x800000000000000026318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.397{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.2MLUtW--- 23542300x800000000000000026319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.399{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.wxS7dn--- 154100x800000000000000026320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.400{ec2a2542-28ff-6254-70a1-0d9cd9550000}2632/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.403{ec2a2542-28ff-6254-70a1-0d9cd9550000}2632/usr/bin/dpkgroot 154100x800000000000000026322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.417{ec2a2542-28ff-6254-a036-7b0000000000}2633/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -c -s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2630/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.471{ec2a2542-28ff-6254-a036-7b0000000000}2633/usr/bin/python3.6root 154100x800000000000000026324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.472{ec2a2542-28ff-6254-70d1-8d5d8a550000}2634/usr/bin/dpkg-----dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2630/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.474{ec2a2542-28ff-6254-70d1-8d5d8a550000}2634/usr/bin/dpkgroot 534500x800000000000000026326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.493{ec2a2542-28ff-6254-a036-7b0000000000}2630/usr/bin/python3.6root 154100x800000000000000026327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.494{ec2a2542-28ff-6254-885b-49138c550000}2635/bin/mv-----mv /var/lib/update-notifier/tmp.I1AUa8mpL0 /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 154100x800000000000000026329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.495{ec2a2542-28ff-6254-d019-be6f30560000}2636/bin/cat-----cat /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 534500x800000000000000026328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.495{ec2a2542-28ff-6254-885b-49138c550000}2635/bin/mvroot 154100x800000000000000026331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.496{ec2a2542-28ff-6254-70c3-b0f470550000}2637/bin/rm-----rm -f /var/lib/update-notifier/tmp.I1AUa8mpL0/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dash/bin/shroot 534500x800000000000000026330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.496{ec2a2542-28ff-6254-d019-be6f30560000}2636/bin/catroot 534500x800000000000000026333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.497{ec2a2542-28ff-6254-68c2-58e508560000}2616/bin/dashroot 534500x800000000000000026332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.497{ec2a2542-28ff-6254-70c3-b0f470550000}2637/bin/rmroot 154100x800000000000000026334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.498{ec2a2542-28ff-6254-6832-b8d736560000}2638/bin/dash-----/bin/sh /etc/update-motd.d/97-overlayroot/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.500{ec2a2542-28ff-6254-506c-d0beb0550000}2640/bin/grep-----grep -E overlayroot|/media/root-ro|/media/root-rw /proc/mounts/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2639--- 154100x800000000000000026335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.500{ec2a2542-28ff-6254-6862-9f47f9550000}2640/bin/dash-----/bin/sh /bin/egrep overlayroot|/media/root-ro|/media/root-rw /proc/mounts/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2639--- 154100x800000000000000026337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.501{ec2a2542-28ff-6254-188a-8f573a560000}2641/usr/bin/sort-----sort -r/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2639--- 534500x800000000000000026338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.502{ec2a2542-28ff-6254-6862-9f47f9550000}2640/bin/dashroot 534500x800000000000000026341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.503{ec2a2542-28ff-6254-6832-b8d736560000}2638/bin/dashroot 534500x800000000000000026340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.503{00000000-0000-0000-0000-000000000000}2639<unknown process>root 534500x800000000000000026339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.503{ec2a2542-28ff-6254-188a-8f573a560000}2641/usr/bin/sortroot 154100x800000000000000026343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.504{ec2a2542-28ff-6254-68b2-8f4745560000}2642/bin/dash-----/bin/sh /usr/lib/update-notifier/update-motd-fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.504{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash-----/bin/sh /etc/update-motd.d/98-fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.510{ec2a2542-28ff-6254-8894-11df70550000}2643/usr/bin/stat-----stat -c %Y /var/lib/update-notifier/fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash/bin/shroot 154100x800000000000000026348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.515{ec2a2542-28ff-6254-085f-9c25bc550000}2644/bin/date-----date -d now - 6414.04 seconds +%s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash/bin/shroot 154100x800000000000000026346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.515{ec2a2542-28ff-6254-f0bc-7d628b550000}2645/usr/bin/gawk-----awk {print $1} /proc/uptime/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2644--- 534500x800000000000000026345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.515{ec2a2542-28ff-6254-8894-11df70550000}2643/usr/bin/statroot 154100x800000000000000026350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.518{ec2a2542-28ff-6254-086f-6c6ad4550000}2646/bin/date-----date +%s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash/bin/shroot 534500x800000000000000026349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.518{ec2a2542-28ff-6254-085f-9c25bc550000}2644/bin/dateroot 534500x800000000000000026347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.518{ec2a2542-28ff-6254-f0bc-7d628b550000}2645/usr/bin/gawkroot 534500x800000000000000026351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.519{ec2a2542-28ff-6254-086f-6c6ad4550000}2646/bin/dateroot 154100x800000000000000026353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.521{ec2a2542-28ff-6254-f00c-0b0335560000}2649/usr/bin/gawk-----awk $5 ~ /^ext(2|3|4)$/ { print $1 }/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2647--- 154100x800000000000000026352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.521{ec2a2542-28ff-6254-a852-6d210f560000}2648/bin/mount-----mount/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2647--- 534500x800000000000000026355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.524{ec2a2542-28ff-6254-f00c-0b0335560000}2649/usr/bin/gawkroot 534500x800000000000000026354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.524{ec2a2542-28ff-6254-a852-6d210f560000}2648/bin/mountroot 154100x800000000000000026357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.528{ec2a2542-28ff-6254-689e-98588d550000}2650/sbin/dumpe2fs-----dumpe2fs -h /dev/nvme0n1p1/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash/bin/shroot 534500x800000000000000026356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.528{00000000-0000-0000-0000-000000000000}2647<unknown process>root 924900x800000000000000026358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.530{ec2a2542-28ff-6254-689e-98588d550000}2650/sbin/dumpe2fs/dev/nvme0n1p1root 154100x800000000000000026360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.531{ec2a2542-28ff-6254-507c-dc0e61550000}2653/bin/grep-----grep ^Mount count:/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2651--- 534500x800000000000000026359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.531{ec2a2542-28ff-6254-689e-98588d550000}2650/sbin/dumpe2fsroot 154100x800000000000000026361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.532{ec2a2542-28ff-6254-b820-be6af5550000}2654/usr/bin/cut-----cut -d: -f 2-/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2651--- 534500x800000000000000026363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.534{ec2a2542-28ff-6254-507c-dc0e61550000}2653/bin/greproot 534500x800000000000000026362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.534{00000000-0000-0000-0000-000000000000}2652<unknown process>root 534500x800000000000000026365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.535{ec2a2542-28ff-6254-0000-000000000000}2651-root 534500x800000000000000026364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.535{ec2a2542-28ff-6254-b820-be6af5550000}2654/usr/bin/cutroot 154100x800000000000000026367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.542{ec2a2542-28ff-6254-506c-97c33e560000}2657/bin/grep-----grep ^Maximum mount count:/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2655--- 154100x800000000000000026368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.543{ec2a2542-28ff-6254-b850-591a24560000}2658/usr/bin/cut-----cut -d: -f 2-/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2655--- 534500x800000000000000026366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.543{ec2a2542-28ff-6254-0000-000000000000}2656-root 534500x800000000000000026370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.544{ec2a2542-28ff-6254-b850-591a24560000}2658/usr/bin/cutroot 534500x800000000000000026369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.544{ec2a2542-28ff-6254-506c-97c33e560000}2657/bin/greproot 534500x800000000000000026371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.549{00000000-0000-0000-0000-000000000000}2655<unknown process>root 154100x800000000000000026376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.550{ec2a2542-28ff-6254-b8d0-be8411560000}2663/usr/bin/cut-----cut -d( -f 1/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2659--- 154100x800000000000000026374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.550{ec2a2542-28ff-6254-b880-ba32d5550000}2662/usr/bin/cut-----cut -d: -f 2-/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2659--- 154100x800000000000000026373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.550{ec2a2542-28ff-6254-50fc-5c0f48560000}2661/bin/grep-----grep ^Check interval:/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2659--- 534500x800000000000000026372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.550{ec2a2542-28ff-6254-0000-000000000000}2660-root 534500x800000000000000026375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.551{ec2a2542-28ff-6254-50fc-5c0f48560000}2661/bin/greproot 534500x800000000000000026377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.555{ec2a2542-28ff-6254-b880-ba32d5550000}2662/usr/bin/cutroot 154100x800000000000000026382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.556{ec2a2542-28ff-6254-b8f0-6170dc550000}2667/usr/bin/cut-----cut -d: -f 2-/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2664--- 154100x800000000000000026381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.556{ec2a2542-28ff-6254-50cc-7c9070550000}2666/bin/grep-----grep ^Next check after:/root{ec2a2542-0000-0000-0000-000000000000}02no level-{00000000-0000-0000-0000-000000000000}2664--- 534500x800000000000000026380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.556{ec2a2542-28ff-6254-0000-000000000000}2665-root 534500x800000000000000026379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.556{00000000-0000-0000-0000-000000000000}2659<unknown process>root 534500x800000000000000026378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.556{ec2a2542-28ff-6254-b8d0-be8411560000}2663/usr/bin/cutroot 534500x800000000000000026383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.561{ec2a2542-28ff-6254-50cc-7c9070550000}2666/bin/greproot 154100x800000000000000026386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.563{ec2a2542-28ff-6254-088f-e48175550000}2668/bin/date-----date -d +%s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash/bin/shroot 534500x800000000000000026385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.563{00000000-0000-0000-0000-000000000000}2664<unknown process>root 534500x800000000000000026384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.563{ec2a2542-28ff-6254-b8f0-6170dc550000}2667/usr/bin/cutroot 534500x800000000000000026387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.564{ec2a2542-28ff-6254-088f-e48175550000}2668/bin/dateroot 154100x800000000000000026388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.565{ec2a2542-28ff-6254-d0f9-cdcb07560000}2669/bin/cat-----cat /var/lib/update-notifier/fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dash/bin/shroot 534500x800000000000000026390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.566{ec2a2542-28ff-6254-68b2-aef142560000}2642/bin/dashroot 534500x800000000000000026389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.566{ec2a2542-28ff-6254-d0f9-cdcb07560000}2669/bin/catroot 154100x800000000000000026392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.567{ec2a2542-28ff-6254-6862-763267550000}2670/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-reboot-required/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 154100x800000000000000026391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.567{ec2a2542-28ff-6254-6892-7852c1550000}2670/bin/dash-----/bin/sh /etc/update-motd.d/98-reboot-required/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/env/usr/bin/envroot 534500x800000000000000026395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.572{ec2a2542-28fe-6254-6852-1be5ad550000}2579/bin/dashroot 534500x800000000000000026394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.572{ec2a2542-28fe-6254-783c-76de08560000}2580/usr/bin/envroot 534500x800000000000000026393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.572{ec2a2542-28ff-6254-6892-7852c1550000}2670/bin/dashroot 154100x800000000000000026397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.631{ec2a2542-28ff-6254-30c5-b9c4a1550000}2672/usr/lib/openssh/sftp-server-----/usr/lib/openssh/sftp-server/home/ubuntuubuntu{ec2a2542-0000-0000-e803-000000000000}10002no level-{00000000-0000-0000-0000-000000000000}2671--- 154100x800000000000000026396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.631{ec2a2542-28ff-6254-0874-2a80da550000}2672/bin/bash-----bash -c /usr/lib/openssh/sftp-server/home/ubuntuubuntu{ec2a2542-0000-0000-e803-000000000000}10002no level-{00000000-0000-0000-0000-000000000000}2671--- 23542300x800000000000000026398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.757{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.0c1QWO--- 23542300x800000000000000026399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.761{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.McJlGg--- 23542300x800000000000000026400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.765{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.YKgzqI--- 23542300x800000000000000026401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.767{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.KoF2aa--- 23542300x800000000000000026402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.768{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.ANRLVB--- 23542300x800000000000000026403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.773{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.mWKcH3--- 23542300x800000000000000026404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.774{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.I29Ssv--- 23542300x800000000000000026405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.778{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.MrngfX--- 23542300x800000000000000026406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.780{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.QAvT1o--- 23542300x800000000000000026407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.781{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.IWKJOQ--- 23542300x800000000000000026408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.782{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.I7ZMBi--- 23542300x800000000000000026409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.783{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.oK22oK--- 23542300x800000000000000026410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.785{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.6Bszcc--- 23542300x800000000000000026411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.787{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.8XCt0D--- 23542300x800000000000000026412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.789{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.2P9DO5--- 23542300x800000000000000026413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.790{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.iFZ3Cx--- 354300x800000000000000026414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.791{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54686-false10.0.1.12-8000- 23542300x800000000000000026415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.792{ec2a2542-28ff-6254-a036-7b0000000000}2614root/usr/bin/python3.6/tmp/fileutl.message.wSfNrZ--- 154100x800000000000000026416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.795{ec2a2542-28ff-6254-a036-7b0000000000}2673/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -c -s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.838{ec2a2542-28ff-6254-a036-7b0000000000}2673/usr/bin/python3.6root 154100x800000000000000026418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.844{ec2a2542-28ff-6254-a036-7b0000000000}2674/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -c -s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.890{ec2a2542-28ff-6254-a036-7b0000000000}2674/usr/bin/python3.6root 154100x800000000000000026420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.892{ec2a2542-28ff-6254-a036-7b0000000000}2675/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -c -s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.935{ec2a2542-28ff-6254-a036-7b0000000000}2675/usr/bin/python3.6root 154100x800000000000000026422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.937{ec2a2542-28ff-6254-a036-7b0000000000}2676/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -r -s/root{ec2a2542-0000-0000-0000-000000000000}02no level-{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.978{ec2a2542-28ff-6254-a036-7b0000000000}2676/usr/bin/python3.6root 354300x800000000000000026427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.991{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-44111-false10.0.0.2-53- 354300x800000000000000026426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.991{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-44520-false10.0.0.2-53- 354300x800000000000000026425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.991{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudpfalsefalse0.0.0.0-0-false127.0.0.53-53- 354300x800000000000000026424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:27.991{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6rootudptruefalse127.0.0.1-45201-false127.0.0.53-53- 354300x800000000000000026428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.015{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-45201- 354300x800000000000000026429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.016{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6rootudpfalsefalse127.0.0.53-53-false127.0.0.1-45201- 534500x800000000000000026432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.081{00000000-0000-0000-0000-000000000000}2678<unknown process>root 534500x800000000000000026431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.081{ec2a2542-2900-6254-0000-000000000000}2679-root 23542300x800000000000000026430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.081{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 354300x800000000000000026433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.102{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6roottcptruefalse10.0.1.20-35356-false91.189.91.49-443- 534500x800000000000000026434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.156{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6root 534500x800000000000000026435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:28.171{ec2a2542-28ff-6254-a036-7b0000000000}2614/usr/bin/python3.6root 23542300x800000000000000026436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:31.814{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:33.662{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54690-false10.0.1.12-8000- 154100x800000000000000026438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:35.733{ec2a2542-2907-6254-6844-7c6c82550000}2680/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000026439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:35.746{ec2a2542-2907-6254-6844-7c6c82550000}2680/bin/psroot 354300x800000000000000026440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:39.618{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54692-false10.0.1.12-8000- 354300x800000000000000026441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:44.703{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54694-false10.0.1.12-8000- 354300x800000000000000026442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:50.600{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54696-false10.0.1.12-8000- 354300x800000000000000026443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:11:55.796{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54698-false10.0.1.12-8000- 354300x800000000000000026444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:01.704{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54700-false10.0.1.12-8000- 23542300x800000000000000026445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:01.813{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 154100x800000000000000026447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:04.809{ec2a2542-2924-6254-e057-8c3ef0550000}2682/usr/sbin/sshd-----/usr/sbin/sshd -D -R/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}1010--- 354300x800000000000000026446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:04.809{ec2a2542-0ffd-6254-e0d7-7e6a46560000}1010/usr/sbin/sshdroottcpfalsefalse212.187.221.38-52566-false10.0.1.20-22- 354300x800000000000000026448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:06.819{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54702-false10.0.1.12-8000- 534500x800000000000000026449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.500{00000000-0000-0000-0000-000000000000}2683<unknown process>sshd 154100x800000000000000026450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.507{ec2a2542-2927-6254-68f2-d1a948560000}2684/bin/dash-----sh -c /usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d > /run/motd.dynamic.new/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2924-6254-e057-8c3ef0550000}2682/usr/sbin/sshd/usr/sbin/sshdroot 154100x800000000000000026452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.508{ec2a2542-2927-6254-38ca-f77774550000}2685/bin/run-parts-----run-parts --lsbsysinit /etc/update-motd.d/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68f2-d1a948560000}2684/bin/dashshroot 154100x800000000000000026451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.508{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env-----/usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68f2-d1a948560000}2684/bin/dashshroot 154100x800000000000000026453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.509{ec2a2542-2927-6254-68b2-f40fe9550000}2686/bin/dash-----/bin/sh /etc/update-motd.d/00-header/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.510{ec2a2542-2927-6254-80de-de6e19560000}2687/bin/unameroot 154100x800000000000000026454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.510{ec2a2542-2927-6254-80de-de6e19560000}2687/bin/uname-----uname -o/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68b2-f40fe9550000}2686/bin/dash/bin/shroot 154100x800000000000000026458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.511{ec2a2542-2927-6254-80ae-18a624560000}2689/bin/uname-----uname -m/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68b2-f40fe9550000}2686/bin/dash/bin/shroot 534500x800000000000000026457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.511{ec2a2542-2927-6254-808e-6e3476550000}2688/bin/unameroot 154100x800000000000000026456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.511{ec2a2542-2927-6254-808e-6e3476550000}2688/bin/uname-----uname -r/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68b2-f40fe9550000}2686/bin/dash/bin/shroot 154100x800000000000000026461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.512{ec2a2542-2927-6254-6862-a4fce2550000}2690/bin/dash-----/bin/sh /etc/update-motd.d/10-help-text/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.512{ec2a2542-2927-6254-68b2-f40fe9550000}2686/bin/dashroot 534500x800000000000000026459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.512{ec2a2542-2927-6254-80ae-18a624560000}2689/bin/unameroot 154100x800000000000000026464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.513{ec2a2542-2927-6254-501c-414747560000}2692/bin/grep-----grep -c ^processor /proc/cpuinfo/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68a2-51fd9a550000}2691/bin/dash/bin/shroot 154100x800000000000000026463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.513{ec2a2542-2927-6254-68a2-51fd9a550000}2691/bin/dash-----/bin/sh /etc/update-motd.d/50-landscape-sysinfo/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.513{ec2a2542-2927-6254-6862-a4fce2550000}2690/bin/dashroot 154100x800000000000000026466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.515{ec2a2542-2927-6254-988f-08aa94550000}2695/usr/bin/bc-----bc/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2693--- 534500x800000000000000026465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.515{ec2a2542-2927-6254-501c-414747560000}2692/bin/greproot 534500x800000000000000026470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.517{ec2a2542-2927-6254-988f-08aa94550000}2695/usr/bin/bcroot 534500x800000000000000026469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.517{00000000-0000-0000-0000-000000000000}2694<unknown process>root 534500x800000000000000026468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.517{ec2a2542-2927-6254-b8f0-2bcf6e550000}2696/usr/bin/cutroot 154100x800000000000000026467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.517{ec2a2542-2927-6254-b8f0-2bcf6e550000}2696/usr/bin/cut-----cut -f1 -d /proc/loadavg/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2694--- 154100x800000000000000026472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.518{ec2a2542-2927-6254-08df-361d44560000}2697/bin/date-----/bin/date/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68a2-51fd9a550000}2691/bin/dash/bin/shroot 534500x800000000000000026471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.518{ec2a2542-2900-6254-0000-000000000000}2693-root 154100x800000000000000026474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.519{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6-----/usr/bin/python3 /usr/bin/landscape-sysinfo/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68a2-51fd9a550000}2691/bin/dash/bin/shroot 534500x800000000000000026473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.519{ec2a2542-2927-6254-08df-361d44560000}2697/bin/dateroot 154100x800000000000000026476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.706{ec2a2542-2927-6254-b851-4fa05b7f0000}2699/sbin/ldconfig.real-----/sbin/ldconfig.real -p/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6/usr/bin/python3root 154100x800000000000000026475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.706{ec2a2542-2927-6254-6892-5679e1550000}2699/bin/dash-----/bin/sh /sbin/ldconfig -p/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.707{ec2a2542-2927-6254-6892-5679e1550000}2699/bin/dashroot 154100x800000000000000026479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.743{ec2a2542-2927-6254-b801-415c417f0000}2700/sbin/ldconfig.real-----/sbin/ldconfig.real -p/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6/usr/bin/python3root 154100x800000000000000026478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.743{ec2a2542-2927-6254-6822-5b875a550000}2700/bin/dash-----/bin/sh /sbin/ldconfig -p/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.745{ec2a2542-2927-6254-6822-5b875a550000}2700/bin/dashroot 534500x800000000000000026481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.846{00000000-0000-0000-0000-000000000000}2701<unknown process>root 154100x800000000000000026482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.881{ec2a2542-2927-6254-f083-8b6c63550000}2702/usr/bin/who-----who -q/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000026483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.886{ec2a2542-2927-6254-f083-8b6c63550000}2702/usr/bin/whoroot 534500x800000000000000026484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.954{ec2a2542-2927-6254-a036-7b0000000000}2698/usr/bin/python3.6root 154100x800000000000000026486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.955{ec2a2542-2927-6254-6872-8e51b6550000}2703/bin/dash-----/bin/sh /etc/update-motd.d/50-motd-news/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.955{ec2a2542-2927-6254-68a2-51fd9a550000}2691/bin/dashroot 154100x800000000000000026492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.956{ec2a2542-2927-6254-e095-9ada8e550000}2706/usr/bin/tr-----tr -d \000-\011\013\014\016-\037/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-6872-8e51b6550000}2703/bin/dash/bin/shroot 154100x800000000000000026491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.956{ec2a2542-2927-6254-b810-5698ea550000}2707/usr/bin/cut-----cut -c -80/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-6872-8e51b6550000}2703/bin/dash/bin/shroot 154100x800000000000000026489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.956{ec2a2542-2927-6254-78d2-c36473550000}2705/usr/bin/head-----head -n 10/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-6872-8e51b6550000}2703/bin/dash/bin/shroot 534500x800000000000000026488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.956{ec2a2542-2927-6254-d0c9-250c1d560000}2704/bin/catroot 154100x800000000000000026487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.956{ec2a2542-2927-6254-d0c9-250c1d560000}2704/bin/cat-----cat /var/cache/motd-news/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-6872-8e51b6550000}2703/bin/dash/bin/shroot 534500x800000000000000026490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.957{ec2a2542-2927-6254-78d2-c36473550000}2705/usr/bin/headroot 534500x800000000000000026493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.958{ec2a2542-2927-6254-e095-9ada8e550000}2706/usr/bin/trroot 154100x800000000000000026496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.959{ec2a2542-2927-6254-6872-c50aa3550000}2708/bin/dash-----/bin/sh /etc/update-motd.d/88-esm-announce/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.959{ec2a2542-2927-6254-6872-8e51b6550000}2703/bin/dashroot 534500x800000000000000026494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.959{ec2a2542-2927-6254-b810-5698ea550000}2707/usr/bin/cutroot 154100x800000000000000026499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.960{ec2a2542-2927-6254-d0c9-52504c560000}2710/bin/cat-----cat /var/lib/update-notifier/updates-available/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-6812-d75b76550000}2709/bin/dash/bin/shroot 154100x800000000000000026498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.960{ec2a2542-2927-6254-6812-d75b76550000}2709/bin/dash-----/bin/sh /etc/update-motd.d/90-updates-available/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.960{ec2a2542-2927-6254-6872-c50aa3550000}2708/bin/dashroot 154100x800000000000000026502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.961{ec2a2542-2927-6254-6882-b27db9550000}2711/bin/dash-----/bin/sh /etc/update-motd.d/91-contract-ua-esm-status/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.961{ec2a2542-2927-6254-6812-d75b76550000}2709/bin/dashroot 534500x800000000000000026500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.961{ec2a2542-2927-6254-d0c9-52504c560000}2710/bin/catroot 154100x800000000000000026510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.966{ec2a2542-2927-6254-6892-d3971f560000}2712/bin/dash-----/bin/sh -e /usr/lib/ubuntu-release-upgrader/release-upgrade-motd/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 154100x800000000000000026504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.966{ec2a2542-2927-6254-68e2-ebcb0e560000}2712/bin/dash-----/bin/sh /etc/update-motd.d/91-release-upgrade/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.966{ec2a2542-2927-6254-6882-b27db9550000}2711/bin/dashroot 154100x800000000000000026506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.968{ec2a2542-2927-6254-b8f0-bb46a7550000}2715/usr/bin/cut-----cut -d -f4/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2713--- 154100x800000000000000026505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:07.968{ec2a2542-2927-6254-a036-7b0000000000}2714/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -sd/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2713--- 534500x800000000000000026509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.012{ec2a2542-2900-6254-0000-000000000000}2713-root 534500x800000000000000026508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.012{ec2a2542-2927-6254-b8f0-bb46a7550000}2715/usr/bin/cutroot 534500x800000000000000026507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.012{ec2a2542-2927-6254-a036-7b0000000000}2714/usr/bin/python3.6root 154100x800000000000000026511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.013{ec2a2542-2928-6254-083f-209eed550000}2716/bin/date-----date +%s/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68e2-ebcb0e560000}2712/bin/dash/bin/shroot 154100x800000000000000026513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.014{ec2a2542-2928-6254-88e4-8bdc22560000}2717/usr/bin/stat-----stat -c %Y /var/lib/ubuntu-release-upgrader/release-upgrade-available/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68e2-ebcb0e560000}2712/bin/dash/bin/shroot 534500x800000000000000026512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.014{ec2a2542-2928-6254-083f-209eed550000}2716/bin/dateroot 154100x800000000000000026515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.015{ec2a2542-2928-6254-9815-ce090a560000}2718/usr/bin/expr-----expr 1649682689 + 86400/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68e2-ebcb0e560000}2712/bin/dash/bin/shroot 534500x800000000000000026514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.015{ec2a2542-2928-6254-88e4-8bdc22560000}2717/usr/bin/statroot 154100x800000000000000026517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.016{ec2a2542-2928-6254-d079-245129560000}2719/bin/cat-----cat /var/lib/ubuntu-release-upgrader/release-upgrade-available/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-68e2-ebcb0e560000}2712/bin/dash/bin/shroot 534500x800000000000000026516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.016{ec2a2542-2928-6254-9815-ce090a560000}2718/usr/bin/exprroot 154100x800000000000000026521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.017{ec2a2542-2928-6254-6862-1812dd550000}2720/bin/dash-----/bin/sh /usr/share/unattended-upgrades/update-motd-unattended-upgrades/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 154100x800000000000000026520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.017{ec2a2542-2928-6254-68b2-5f8356550000}2720/bin/dash-----/bin/sh /etc/update-motd.d/92-unattended-upgrades/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.017{ec2a2542-2927-6254-68e2-ebcb0e560000}2712/bin/dashroot 534500x800000000000000026518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.017{ec2a2542-2928-6254-d079-245129560000}2719/bin/catroot 154100x800000000000000026524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.018{ec2a2542-2928-6254-6872-72060f560000}2721/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 154100x800000000000000026523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.018{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash-----/bin/sh /etc/update-motd.d/95-hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.018{ec2a2542-2928-6254-68b2-5f8356550000}2720/bin/dashroot 154100x800000000000000026525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.019{ec2a2542-2928-6254-7334-6d092d560000}2722/usr/bin/apt-config-----apt-config shell StateDir Dir::State/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 154100x800000000000000026526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.023{ec2a2542-2928-6254-7071-8c0a21560000}2723/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-7334-6d092d560000}2722/usr/bin/apt-configapt-configroot 534500x800000000000000026528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.027{ec2a2542-2928-6254-7334-6d092d560000}2722/usr/bin/apt-configroot 534500x800000000000000026527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.027{ec2a2542-2928-6254-7071-8c0a21560000}2723/usr/bin/dpkgroot 154100x800000000000000026529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.028{ec2a2542-2928-6254-73c4-e4f978550000}2724/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 154100x800000000000000026530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.032{ec2a2542-2928-6254-70e1-151e44560000}2725/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-73c4-e4f978550000}2724/usr/bin/apt-configapt-configroot 534500x800000000000000026531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.034{ec2a2542-2928-6254-70e1-151e44560000}2725/usr/bin/dpkgroot 154100x800000000000000026533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.035{ec2a2542-2928-6254-7324-ec1e49560000}2726/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 534500x800000000000000026532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.035{ec2a2542-2928-6254-73c4-e4f978550000}2724/usr/bin/apt-configroot 154100x800000000000000026534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.040{ec2a2542-2928-6254-7081-87ff1a560000}2727/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-7324-ec1e49560000}2726/usr/bin/apt-configapt-configroot 154100x800000000000000026537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.042{ec2a2542-2928-6254-7314-f82861550000}2728/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 534500x800000000000000026536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.042{ec2a2542-2928-6254-7324-ec1e49560000}2726/usr/bin/apt-configroot 534500x800000000000000026535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.042{ec2a2542-2928-6254-7081-87ff1a560000}2727/usr/bin/dpkgroot 154100x800000000000000026538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.046{ec2a2542-2928-6254-70c1-878fd4550000}2729/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-7314-f82861550000}2728/usr/bin/apt-configapt-configroot 534500x800000000000000026539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.048{ec2a2542-2928-6254-70c1-878fd4550000}2729/usr/bin/dpkgroot 154100x800000000000000026541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.049{ec2a2542-2928-6254-73a4-6c3841560000}2730/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 534500x800000000000000026540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.049{ec2a2542-2928-6254-7314-f82861550000}2728/usr/bin/apt-configroot 154100x800000000000000026542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.053{ec2a2542-2928-6254-70c1-cb519f550000}2731/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-73a4-6c3841560000}2730/usr/bin/apt-configapt-configroot 534500x800000000000000026544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.055{ec2a2542-2928-6254-73a4-6c3841560000}2730/usr/bin/apt-configroot 534500x800000000000000026543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.055{ec2a2542-2928-6254-70c1-cb519f550000}2731/usr/bin/dpkgroot 154100x800000000000000026545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.056{ec2a2542-2928-6254-9080-f5d702560000}2732/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/hwe-eol -print -quit/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 154100x800000000000000026549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.057{ec2a2542-2928-6254-a8c0-023758550000}2733/bin/mktemp-----mktemp -p /var/lib/update-notifier/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 154100x800000000000000026547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.057{ec2a2542-2928-6254-e8a8-997b47560000}2734/usr/bin/dirname-----dirname /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2733--- 534500x800000000000000026546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.057{ec2a2542-2928-6254-9080-f5d702560000}2732/usr/bin/findroot 534500x800000000000000026550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.058{ec2a2542-2928-6254-a8c0-023758550000}2733/bin/mktemproot 534500x800000000000000026548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.058{ec2a2542-2928-6254-e8a8-997b47560000}2734/usr/bin/dirnameroot 154100x800000000000000026553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.059{ec2a2542-2928-6254-70c3-34bfc1550000}2736/bin/rm-----rm -f /var/lib/update-notifier/tmp.fqgHbSelw3/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 534500x800000000000000026552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.059{ec2a2542-2928-6254-d039-8deb45560000}2735/bin/catroot 154100x800000000000000026551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.059{ec2a2542-2928-6254-d039-8deb45560000}2735/bin/cat-----cat /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dash/bin/shroot 154100x800000000000000026557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.060{ec2a2542-2928-6254-6832-cd0b06560000}2737/bin/dash-----/bin/sh /etc/update-motd.d/97-overlayroot/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.060{ec2a2542-2928-6254-68b2-d8179e550000}2721/bin/dashroot 534500x800000000000000026555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.060{ec2a2542-2928-6254-70c3-34bfc1550000}2736/bin/rmroot 23542300x800000000000000026554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.060{ec2a2542-2928-6254-70c3-34bfc1550000}2736root/bin/rm/var/lib/update-notifier/tmp.fqgHbSelw3--- 154100x800000000000000026560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.061{ec2a2542-2928-6254-506c-db3970550000}2739/bin/grep-----grep -E overlayroot|/media/root-ro|/media/root-rw /proc/mounts/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2738--- 154100x800000000000000026559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.061{ec2a2542-2928-6254-18fa-58c71d560000}2740/usr/bin/sort-----sort -r/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2738--- 154100x800000000000000026558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.061{ec2a2542-2928-6254-68f2-b267e0550000}2739/bin/dash-----/bin/sh /bin/egrep overlayroot|/media/root-ro|/media/root-rw /proc/mounts/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2738--- 534500x800000000000000026563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.062{00000000-0000-0000-0000-000000000000}2738<unknown process>root 534500x800000000000000026562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.062{ec2a2542-2928-6254-18fa-58c71d560000}2740/usr/bin/sortroot 534500x800000000000000026561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.062{ec2a2542-2928-6254-68f2-b267e0550000}2739/bin/dashroot 154100x800000000000000026566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.063{ec2a2542-2928-6254-6892-b2e218560000}2741/bin/dash-----/bin/sh /usr/lib/update-notifier/update-motd-fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.063{ec2a2542-2928-6254-6832-cd0b06560000}2737/bin/dashroot 154100x800000000000000026564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.063{ec2a2542-2928-6254-6812-5b393d560000}2741/bin/dash-----/bin/sh /etc/update-motd.d/98-fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 154100x800000000000000026571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.064{ec2a2542-2928-6254-086f-49ae0c560000}2743/bin/date-----date -d now - 6454.59 seconds +%s/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-6812-5b393d560000}2741/bin/dash/bin/shroot 534500x800000000000000026568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.064{ec2a2542-2928-6254-8814-030fb1550000}2742/usr/bin/statroot 154100x800000000000000026567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.064{ec2a2542-2928-6254-8814-030fb1550000}2742/usr/bin/stat-----stat -c %Y /var/lib/update-notifier/fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-6812-5b393d560000}2741/bin/dash/bin/shroot 154100x800000000000000026569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.065{ec2a2542-2928-6254-f07c-539497550000}2744/usr/bin/gawk-----awk {print $1} /proc/uptime/root{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2743--- 534500x800000000000000026570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.066{ec2a2542-2928-6254-f07c-539497550000}2744/usr/bin/gawkroot 154100x800000000000000026573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.067{ec2a2542-2928-6254-08df-dad52c560000}2745/bin/date-----date +%s/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-6812-5b393d560000}2741/bin/dash/bin/shroot 534500x800000000000000026572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.067{ec2a2542-2928-6254-086f-49ae0c560000}2743/bin/dateroot 534500x800000000000000026576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.069{ec2a2542-2928-6254-d0e9-6f9139560000}2746/bin/catroot 154100x800000000000000026575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.069{ec2a2542-2928-6254-d0e9-6f9139560000}2746/bin/cat-----cat /var/lib/update-notifier/fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2928-6254-6812-5b393d560000}2741/bin/dash/bin/shroot 534500x800000000000000026574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.069{ec2a2542-2928-6254-08df-dad52c560000}2745/bin/dateroot 154100x800000000000000026579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.070{ec2a2542-2928-6254-6862-e3a669550000}2747/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-reboot-required/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 154100x800000000000000026578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.070{ec2a2542-2928-6254-6872-c0316c550000}2747/bin/dash-----/bin/sh /etc/update-motd.d/98-reboot-required/root{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/env/usr/bin/envroot 534500x800000000000000026577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.070{ec2a2542-2928-6254-6812-5b393d560000}2741/bin/dashroot 534500x800000000000000026582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.071{ec2a2542-2927-6254-781c-f9d7ed550000}2685/usr/bin/envroot 534500x800000000000000026581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.071{ec2a2542-2927-6254-68f2-d1a948560000}2684/bin/dashroot 534500x800000000000000026580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.071{ec2a2542-2928-6254-6872-c0316c550000}2747/bin/dashroot 154100x800000000000000026583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.426{ec2a2542-2928-6254-0834-066f98550000}2749/bin/bash------bash/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2748--- 154100x800000000000000026584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.433{ec2a2542-2928-6254-881e-2f5034560000}2751/usr/bin/locale-check-----/usr/bin/locale-check C.UTF-8/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2750--- 534500x800000000000000026586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.435{00000000-0000-0000-0000-000000000000}2750<unknown process>ubuntu 534500x800000000000000026585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.435{ec2a2542-2928-6254-881e-2f5034560000}2751/usr/bin/locale-checkubuntu 154100x800000000000000026587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.438{ec2a2542-2928-6254-3040-64d279550000}2752/usr/bin/locale-----locale/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{ec2a2542-2928-6254-0834-066f98550000}2749/bin/bash-bashubuntu 534500x800000000000000026588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.440{ec2a2542-2928-6254-3040-64d279550000}2752/usr/bin/localeubuntu 534500x800000000000000026589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.442{00000000-0000-0000-0000-000000000000}2753<unknown process>ubuntu 154100x800000000000000026590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.472{ec2a2542-2928-6254-6892-373439560000}2755/bin/dash-----/bin/sh /usr/bin/lesspipe/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2754--- 154100x800000000000000026591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.474{ec2a2542-2928-6254-e8eb-02d3ea550000}2756/usr/bin/basename-----basename /usr/bin/lesspipe/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{ec2a2542-2928-6254-6892-373439560000}2755/bin/dash/bin/shubuntu 154100x800000000000000026593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.476{ec2a2542-2928-6254-e8c8-48bf52560000}2758/usr/bin/dirname-----dirname /usr/bin/lesspipe/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2757--- 534500x800000000000000026592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.476{ec2a2542-2928-6254-e8eb-02d3ea550000}2756/usr/bin/basenameubuntu 534500x800000000000000026596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.477{ec2a2542-2928-6254-6892-373439560000}2755/bin/dashubuntu 534500x800000000000000026595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.477{00000000-0000-0000-0000-000000000000}2757<unknown process>ubuntu 534500x800000000000000026594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.477{ec2a2542-2928-6254-e8c8-48bf52560000}2758/usr/bin/dirnameubuntu 534500x800000000000000026597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.478{00000000-0000-0000-0000-000000000000}2754<unknown process>ubuntu 154100x800000000000000026598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.479{ec2a2542-2928-6254-4889-88f823560000}2760/usr/bin/dircolors-----dircolors -b/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2759--- 534500x800000000000000026600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.481{ec2a2542-2900-6254-0000-000000000000}2759-ubuntu 534500x800000000000000026599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:08.481{ec2a2542-2928-6254-4889-88f823560000}2760/usr/bin/dircolorsubuntu 354300x800000000000000026601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:12.691{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54704-false10.0.1.12-8000- 154100x800000000000000026602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:16.889{ec2a2542-2930-6254-80f2-ce6b9c550000}2761/bin/nano-----nano installmips.sh/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{ec2a2542-2928-6254-0834-066f98550000}2749/bin/bash-bashubuntu 354300x800000000000000026603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:17.827{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54706-false10.0.1.12-8000- 23542300x800000000000000026604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:22.240{ec2a2542-2930-6254-80f2-ce6b9c550000}2761ubuntu/bin/nano/home/ubuntu/./.installmips.sh.swp--- 354300x800000000000000026605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:23.322{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34418-false10.0.1.12-8089- 354300x800000000000000026606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:23.627{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54710-false10.0.1.12-8000- 354300x800000000000000026607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:28.694{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54712-false10.0.1.12-8000- 23542300x800000000000000026608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:31.825{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:33.803{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54714-false10.0.1.12-8000- 154100x800000000000000026610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:36.748{ec2a2542-2944-6254-68c4-3429e0550000}2762/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000026611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:36.759{ec2a2542-2944-6254-68c4-3429e0550000}2762/bin/psroot 354300x800000000000000026612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:38.810{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54716-false10.0.1.12-8000- 354300x800000000000000026613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:44.800{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54718-false10.0.1.12-8000- 354300x800000000000000026614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:49.830{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54720-false10.0.1.12-8000- 354300x800000000000000026615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:12:55.770{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54722-false10.0.1.12-8000- 354300x800000000000000026616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:01.611{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54724-false10.0.1.12-8000- 23542300x800000000000000026617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:01.815{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000026618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:06.680{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54726-false10.0.1.12-8000- 534500x800000000000000026620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:07.122{ec2a2542-2930-6254-80f2-ce6b9c550000}2761/bin/nanoubuntu 23542300x800000000000000026619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:07.122{ec2a2542-2930-6254-80f2-ce6b9c550000}2761ubuntu/bin/nano/home/ubuntu/./.installmips.sh.swp--- 354300x800000000000000026621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:11.760{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54728-false10.0.1.12-8000- 534500x800000000000000026622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:11.815{00000000-0000-0000-0000-000000000000}2763<unknown process>ubuntu 23542300x800000000000000026624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:11.817{ec2a2542-2928-6254-0834-066f98550000}2749ubuntu/bin/bash/tmp/sh-thd.c5aYmu--- 534500x800000000000000026623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:11.817{00000000-0000-0000-0000-000000000000}2764<unknown process>ubuntu 154100x800000000000000026625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:12.309{ec2a2542-2968-6254-e011-ab4b93550000}2765/bin/chmod-----chmod 777 installmips.sh/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{ec2a2542-2928-6254-0834-066f98550000}2749/bin/bash-bashubuntu 534500x800000000000000026626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:12.310{ec2a2542-2968-6254-e011-ab4b93550000}2765/bin/chmodubuntu 154100x800000000000000026627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.314{ec2a2542-296b-6254-087e-8fa8c7550000}2767/usr/bin/sudo-----sudo apt-get install gcc-mips-linux-gnu -y/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2766--- 354300x800000000000000026629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.325{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-40639-false10.0.0.2-53- 354300x800000000000000026628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.325{ec2a2542-296b-6254-087e-8fa8c7550000}2767/usr/bin/sudoubuntuudptruefalse127.0.0.1-55541-false127.0.0.53-53- 354300x800000000000000026630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.326{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-35291-false10.0.0.2-53- 354300x800000000000000026632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.337{ec2a2542-296b-6254-087e-8fa8c7550000}2767/usr/bin/sudoubuntuudpfalsefalse127.0.0.53-53-false127.0.0.1-55541- 354300x800000000000000026631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.337{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-55541- 354300x800000000000000026634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.340{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-40899- 354300x800000000000000026633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.340{ec2a2542-296b-6254-087e-8fa8c7550000}2767/usr/bin/sudoubuntuudptruefalse127.0.0.1-40899-false127.0.0.53-53- 534500x800000000000000026636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.344{00000000-0000-0000-0000-000000000000}2768<unknown process>root 23542300x800000000000000026635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.344{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 154100x800000000000000026637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.345{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-get-----apt-get install gcc-mips-linux-gnu -y/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-087e-8fa8c7550000}2767/usr/bin/sudosudoubuntu 154100x800000000000000026638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.350{ec2a2542-296b-6254-7071-ce890f560000}2770/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 23542300x800000000000000026640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.353{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.Nryxaf--- 534500x800000000000000026639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.353{ec2a2542-296b-6254-7071-ce890f560000}2770/usr/bin/dpkgroot 23542300x800000000000000026641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.363{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.2jg1wq--- 23542300x800000000000000026642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.368{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.rARoUB--- 23542300x800000000000000026643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.370{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.mDO5hN--- 23542300x800000000000000026644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.372{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.tqD5FY--- 23542300x800000000000000026645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.377{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.WXnZ49--- 23542300x800000000000000026646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.379{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.ZH37tl--- 23542300x800000000000000026647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.384{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.QDj8Tw--- 23542300x800000000000000026648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.385{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.zoLpkI--- 23542300x800000000000000026649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.387{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.ceLVKT--- 23542300x800000000000000026650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.388{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.zWOFb5--- 23542300x800000000000000026651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.389{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.UHUCCg--- 23542300x800000000000000026652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.391{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.B6LM3r--- 23542300x800000000000000026653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.392{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.S9ggvD--- 23542300x800000000000000026654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.399{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.9v6RXO--- 23542300x800000000000000026655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.402{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.s05Sq0--- 23542300x800000000000000026656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.403{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.xppaUb--- 154100x800000000000000026657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.406{ec2a2542-296b-6254-7071-61af85550000}2771/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 534500x800000000000000026658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.408{ec2a2542-296b-6254-7071-61af85550000}2771/usr/bin/dpkgroot 154100x800000000000000026659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.940{ec2a2542-296b-6254-6822-c99d84550000}2772/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000026669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.943{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-6822-c99d84550000}2772/bin/dash/bin/shroot 154100x800000000000000026660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.943{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-6822-c99d84550000}2772/bin/dash/bin/shroot 534500x800000000000000026666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.965{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.965{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.965{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.965{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.965{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.965{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.967{ec2a2542-296b-6254-0000-000000000000}2780-root 23542300x800000000000000026667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:15.967{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000026675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.662{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.662{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.662{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.662{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.662{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.662{ec2a2542-296b-6254-7068-d217b1550000}2773/usr/bin/snaproot 534500x800000000000000026676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.665{ec2a2542-296b-6254-e414-9f738f550000}2773/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000026678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.668{ec2a2542-296c-6254-68e2-449013560000}2788/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2787--- 534500x800000000000000026677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.668{ec2a2542-296b-6254-6822-c99d84550000}2772/bin/dashroot 154100x800000000000000026679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.672{ec2a2542-296c-6254-ea8e-022e65550000}2789/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296c-6254-68e2-449013560000}2788/bin/dashshroot 534500x800000000000000026682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.680{ec2a2542-296b-6254-0000-000000000000}2787-root 534500x800000000000000026681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.680{ec2a2542-296c-6254-68e2-449013560000}2788/bin/dashroot 534500x800000000000000026680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.680{ec2a2542-296c-6254-ea8e-022e65550000}2789/usr/lib/ubuntu-advantage/apt-esm-hookroot 154100x800000000000000026685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.720{ec2a2542-296c-6254-b993-efa628560000}2791/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 534500x800000000000000026684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.721{ec2a2542-296c-6254-0000-000000000000}2790-root 23542300x800000000000000026683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.721{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000026686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.726{ec2a2542-296c-6254-b993-efa628560000}2791/usr/lib/apt/methods/httproot 154100x800000000000000026687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.768{ec2a2542-296c-6254-6812-ebdb7c550000}2792/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000026697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.770{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296c-6254-6812-ebdb7c550000}2792/bin/dash/bin/shroot 154100x800000000000000026688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.770{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296c-6254-6812-ebdb7c550000}2792/bin/dash/bin/shroot 354300x800000000000000026689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.783{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54730-false10.0.1.12-8000- 534500x800000000000000026696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.789{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.811{ec2a2542-296c-6254-7068-189610560000}2793/usr/bin/snaproot 534500x800000000000000026706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.813{ec2a2542-296c-6254-6812-ebdb7c550000}2792/bin/dashroot 534500x800000000000000026705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.813{ec2a2542-296c-6254-e414-f4c48f550000}2793/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000026707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.820{ec2a2542-296c-6254-68c2-d56785550000}2808/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000026716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.821{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296c-6254-68c2-d56785550000}2808/bin/dash/bin/shroot 154100x800000000000000026708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.821{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296c-6254-68c2-d56785550000}2808/bin/dash/bin/shroot 534500x800000000000000026715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.838{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.867{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.867{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.867{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.867{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.867{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000026717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.867{ec2a2542-296c-6254-7018-a8f9b4550000}2809/usr/bin/snaproot 534500x800000000000000026723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.868{ec2a2542-296c-6254-e4e4-63f6fd550000}2809/snap/snapd/15177/usr/bin/snaproot 23542300x800000000000000026733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.U0Qmar--- 23542300x800000000000000026732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.f4kZGb--- 23542300x800000000000000026731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.2UbCdW--- 23542300x800000000000000026730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5RmfKG--- 23542300x800000000000000026729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.CGYSgr--- 23542300x800000000000000026728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.J9VwNb--- 23542300x800000000000000026727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.S0bbkW--- 23542300x800000000000000026726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.nrLPQG--- 23542300x800000000000000026725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.aOFunr--- 534500x800000000000000026724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.869{ec2a2542-296c-6254-68c2-d56785550000}2808/bin/dashroot 23542300x800000000000000026743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ShHuUV--- 23542300x800000000000000026742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.n7B3qG--- 23542300x800000000000000026741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.uvTCXq--- 23542300x800000000000000026740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Voxcub--- 23542300x800000000000000026739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.iFrM0V--- 23542300x800000000000000026738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.9XEmxG--- 23542300x800000000000000026737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ssaX3q--- 23542300x800000000000000026736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zXXxAb--- 23542300x800000000000000026735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.sF786V--- 23542300x800000000000000026734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.870{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.HSFKDG--- 154100x800000000000000026744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.873{ec2a2542-296c-6254-b903-9a20ce550000}2823/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 354300x800000000000000026746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.888{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-45880-false10.0.0.2-53- 354300x800000000000000026745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.888{ec2a2542-296c-6254-b903-9a20ce550000}2823/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-45144-false127.0.0.53-53- 354300x800000000000000026747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.889{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-45144- 354300x800000000000000026750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.890{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-50248-false10.0.0.2-53- 354300x800000000000000026749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.890{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-44728-false10.0.0.2-53- 354300x800000000000000026748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.890{ec2a2542-296c-6254-b903-9a20ce550000}2823/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-42486-false127.0.0.53-53- 354300x800000000000000026751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.891{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-42486- 354300x800000000000000026752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:16.892{ec2a2542-296c-6254-b903-9a20ce550000}2823/usr/lib/apt/methods/httproottcptruefalse10.0.1.20-41416-false52.15.155.232-80- 534500x800000000000000026753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.486{ec2a2542-296c-6254-b903-9a20ce550000}2823/usr/lib/apt/methods/http_apt 23542300x800000000000000026754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.487{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/log/apt/eipp.log.xz--- 154100x800000000000000026755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.592{ec2a2542-296d-6254-6892-ad2059550000}2824/bin/dash-----/bin/sh -c /usr/sbin/dpkg-preconfigure --apt || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000026756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.594{ec2a2542-296d-6254-9807-8a42d8550000}2825/usr/bin/perl-----/usr/bin/perl -w /usr/sbin/dpkg-preconfigure --apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-6892-ad2059550000}2824/bin/dash/bin/shroot 154100x800000000000000026757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.691{ec2a2542-296d-6254-30b0-40bcef550000}2826/usr/bin/locale-----locale charmap/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-9807-8a42d8550000}2825/usr/bin/perl/usr/bin/perlroot 534500x800000000000000026758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.693{ec2a2542-296d-6254-30b0-40bcef550000}2826/usr/bin/localeroot 154100x800000000000000026759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.850{ec2a2542-296d-6254-6892-3b4764550000}2827/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-9807-8a42d8550000}2825/usr/bin/perl/usr/bin/perlroot 154100x800000000000000026760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.852{ec2a2542-296d-6254-f0ae-b1eb01560000}2828/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-6892-3b4764550000}2827/bin/dashshroot 154100x800000000000000026763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.855{ec2a2542-296d-6254-6842-7814ba550000}2829/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-9807-8a42d8550000}2825/usr/bin/perl/usr/bin/perlroot 534500x800000000000000026762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.855{ec2a2542-296d-6254-6892-3b4764550000}2827/bin/dashroot 534500x800000000000000026761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.855{ec2a2542-296d-6254-f0ae-b1eb01560000}2828/bin/sttyroot 154100x800000000000000026764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.856{ec2a2542-296d-6254-f00e-448cbe550000}2830/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-6842-7814ba550000}2829/bin/dashshroot 534500x800000000000000026766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.857{ec2a2542-296d-6254-6842-7814ba550000}2829/bin/dashroot 534500x800000000000000026765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.857{ec2a2542-296d-6254-f00e-448cbe550000}2830/bin/sttyroot 154100x800000000000000026767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.861{ec2a2542-296d-6254-3371-438137560000}2832/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/binutils-common_2.30-21ubuntu1~18.04.7_amd64.deb /var/cache/apt/archives/gcc-7-mips-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/cache/apt/archives/libisl19_0.19-1_amd64.deb /var/cache/apt/archives/libmpc3_1.1.0-1_amd64.deb /var/cache/apt/archives/cpp-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/cache/apt/archives/cpp-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/cache/apt/archives/gcc-8-cross-base-ports_8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libcc1-0_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb /var/cache/apt/archives/gcc-7-cross-base-ports_7.5.0-3ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libc6-mips-cross_2.27-3ubuntu1cross1.2_all.deb /var/cache/apt/archives/libgcc1-mips-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libgomp1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libatomic1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libgcc-7-dev-mips-cross_7.5.0-3ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/gcc-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/cache/apt/archives/gcc-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/cache/apt/archives/linux-libc-dev-mips-cross_4.15.0-35.38cross1.2_all.deb /var/cache/apt/archives/libc6-dev-mips-cross_2.27-3ubuntu1cross1.2_all.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}2831--- 154100x800000000000000026768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.869{ec2a2542-296d-6254-70a1-ffe5ac550000}2833/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-3371-438137560000}2832/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000026770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.871{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.NM7v9K--- 534500x800000000000000026769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.871{ec2a2542-296d-6254-70a1-ffe5ac550000}2833/usr/bin/dpkgroot 23542300x800000000000000026771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.876{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.RAIfn3--- 23542300x800000000000000026772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.881{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.N1ZIBl--- 23542300x800000000000000026773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.883{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.RBDxQD--- 23542300x800000000000000026774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.884{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.vHXC5V--- 23542300x800000000000000026775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.889{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.jIFrle--- 23542300x800000000000000026776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.890{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.huLwBw--- 23542300x800000000000000026777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.895{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.PdxlSO--- 23542300x800000000000000026778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.896{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.fGsq96--- 23542300x800000000000000026779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.898{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.JDkKqp--- 23542300x800000000000000026780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.899{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.7y3hIH--- 23542300x800000000000000026781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.900{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.F163ZZ--- 23542300x800000000000000026782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.902{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.NEh6hi--- 23542300x800000000000000026783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.904{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.9CfsAA--- 23542300x800000000000000026784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.906{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.lDPdTS--- 23542300x800000000000000026785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.908{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.jBkfcb--- 23542300x800000000000000026786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.909{ec2a2542-296d-6254-3371-438137560000}2832root/usr/bin/apt-extracttemplates/tmp/fileutl.message.LIyzvt--- 154100x800000000000000026787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.910{ec2a2542-296d-6254-7041-435ddf550000}2834/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-3371-438137560000}2832/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000026788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.912{ec2a2542-296d-6254-7041-435ddf550000}2834/usr/bin/dpkgroot 154100x800000000000000026789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.944{ec2a2542-296d-6254-70c1-2edd24560000}2835/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296d-6254-3371-438137560000}2832/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000026790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.946{ec2a2542-296d-6254-70c1-2edd24560000}2835/usr/bin/dpkgroot 534500x800000000000000026791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.988{ec2a2542-296d-6254-3371-438137560000}2832/usr/bin/apt-extracttemplatesroot 534500x800000000000000026792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:17.996{ec2a2542-296d-6254-0000-000000000000}2831-root 534500x800000000000000026794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.002{ec2a2542-296d-6254-6892-ad2059550000}2824/bin/dashroot 534500x800000000000000026793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.002{ec2a2542-296d-6254-9807-8a42d8550000}2825/usr/bin/perlroot 154100x800000000000000026795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.026{ec2a2542-296e-6254-7051-8b9624560000}2836/usr/bin/dpkg-----/usr/bin/dpkg --assert-multi-arch/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 534500x800000000000000026796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.036{ec2a2542-296e-6254-7051-8b9624560000}2836/usr/bin/dpkgroot 154100x800000000000000026797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.038{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --no-triggers --unpack --auto-deconfigure --recursive /tmp/apt-dpkg-install-qCjo8w/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000026798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.055{ec2a2542-296e-6254-d86f-ed2cb0550000}2838/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/00-binutils-common_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.058{ec2a2542-296e-6254-d86f-ed2cb0550000}2838/usr/bin/dpkg-splitroot 154100x800000000000000026800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.059{ec2a2542-296e-6254-404a-6f3dcb550000}2839/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/00-binutils-common_2.30-21ubuntu1~18.04.7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.062{ec2a2542-296e-6254-b0d3-bc62f3550000}2842/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-404a-6f3dcb550000}2839/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.062{ec2a2542-296e-6254-0000-000000000000}2840-root 534500x800000000000000026802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.063{ec2a2542-296e-6254-0000-000000000000}2841-root 534500x800000000000000026804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.067{ec2a2542-296e-6254-b0d3-bc62f3550000}2842/bin/tarroot 534500x800000000000000026805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.068{ec2a2542-296e-6254-404a-6f3dcb550000}2839/usr/bin/dpkg-debroot 154100x800000000000000026806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.406{ec2a2542-296e-6254-40aa-dc55a4550000}2843/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/00-binutils-common_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.424{ec2a2542-296e-6254-0000-000000000000}2844-root 534500x800000000000000026808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.431{ec2a2542-296e-6254-0000-000000000000}2845-root 534500x800000000000000026809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.432{ec2a2542-296e-6254-40aa-dc55a4550000}2843/usr/bin/dpkg-debroot 154100x800000000000000026810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.481{ec2a2542-296e-6254-7033-2fb838560000}2846/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.482{ec2a2542-296e-6254-7033-2fb838560000}2846/bin/rmroot 23542300x800000000000000026811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.482{ec2a2542-296e-6254-7033-2fb838560000}2846root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.483{ec2a2542-296e-6254-d8cf-ffe62e560000}2847/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/01-gcc-7-mips-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.484{ec2a2542-296e-6254-405a-639fa0550000}2848/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/01-gcc-7-mips-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.484{ec2a2542-296e-6254-d8cf-ffe62e560000}2847/usr/bin/dpkg-splitroot 154100x800000000000000026817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.486{ec2a2542-296e-6254-b023-a7d6ac550000}2851/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-405a-639fa0550000}2848/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.486{ec2a2542-296e-6254-0000-000000000000}2849-root 534500x800000000000000026818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.487{ec2a2542-296e-6254-0000-000000000000}2850-root 534500x800000000000000026819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.489{ec2a2542-296e-6254-b023-a7d6ac550000}2851/bin/tarroot 534500x800000000000000026820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.490{ec2a2542-296e-6254-405a-639fa0550000}2848/usr/bin/dpkg-debroot 154100x800000000000000026821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.507{ec2a2542-296e-6254-40ea-b89275550000}2852/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/01-gcc-7-mips-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.509{ec2a2542-296e-6254-0000-000000000000}2853-root 534500x800000000000000026823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.512{ec2a2542-296e-6254-0000-000000000000}2854-root 534500x800000000000000026824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.513{ec2a2542-296e-6254-40ea-b89275550000}2852/usr/bin/dpkg-debroot 154100x800000000000000026825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.529{ec2a2542-296e-6254-7073-52a421560000}2855/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000026826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.530{ec2a2542-296e-6254-7073-52a421560000}2855root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.531{ec2a2542-296e-6254-d82f-057a08560000}2856/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/02-libisl19_0.19-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.531{ec2a2542-296e-6254-7073-52a421560000}2855/bin/rmroot 534500x800000000000000026829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.532{ec2a2542-296e-6254-d82f-057a08560000}2856/usr/bin/dpkg-splitroot 154100x800000000000000026830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.533{ec2a2542-296e-6254-40aa-638b97550000}2857/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/02-libisl19_0.19-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.534{ec2a2542-296e-6254-b083-f58053560000}2860/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-40aa-638b97550000}2857/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.534{ec2a2542-296e-6254-0000-000000000000}2858-root 534500x800000000000000026833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.538{ec2a2542-296e-6254-0000-000000000000}2859-root 534500x800000000000000026835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.539{ec2a2542-296e-6254-40aa-638b97550000}2857/usr/bin/dpkg-debroot 534500x800000000000000026834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.539{ec2a2542-296e-6254-b083-f58053560000}2860/bin/tarroot 154100x800000000000000026836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.568{ec2a2542-296e-6254-406a-1cda94550000}2861/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/02-libisl19_0.19-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.619{ec2a2542-296e-6254-0000-000000000000}2862-root 534500x800000000000000026839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.629{ec2a2542-296e-6254-406a-1cda94550000}2861/usr/bin/dpkg-debroot 534500x800000000000000026838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.629{00000000-0000-0000-0000-000000000000}2863<unknown process>root 154100x800000000000000026840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.668{ec2a2542-296e-6254-70b3-253d2b560000}2864/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.669{ec2a2542-296e-6254-70b3-253d2b560000}2864/bin/rmroot 23542300x800000000000000026841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.669{ec2a2542-296e-6254-70b3-253d2b560000}2864root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.670{ec2a2542-296e-6254-d89f-8a74b4550000}2865/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/03-libmpc3_1.1.0-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.671{ec2a2542-296e-6254-d89f-8a74b4550000}2865/usr/bin/dpkg-splitroot 154100x800000000000000026845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.672{ec2a2542-296e-6254-40da-5dc575550000}2866/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/03-libmpc3_1.1.0-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.674{ec2a2542-296e-6254-b093-982e39560000}2869/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-40da-5dc575550000}2866/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.674{ec2a2542-296e-6254-0000-000000000000}2867-root 534500x800000000000000026848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.676{ec2a2542-296e-6254-0000-000000000000}2868-root 534500x800000000000000026850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.677{ec2a2542-296e-6254-40da-5dc575550000}2866/usr/bin/dpkg-debroot 534500x800000000000000026849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.677{ec2a2542-296e-6254-b093-982e39560000}2869/bin/tarroot 154100x800000000000000026851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.702{ec2a2542-296e-6254-401a-4ef791550000}2870/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/03-libmpc3_1.1.0-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.705{ec2a2542-296e-6254-0000-000000000000}2871-root 534500x800000000000000026854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.710{ec2a2542-296e-6254-401a-4ef791550000}2870/usr/bin/dpkg-debroot 534500x800000000000000026853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.710{00000000-0000-0000-0000-000000000000}2872<unknown process>root 154100x800000000000000026855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.729{ec2a2542-296e-6254-70b3-9d6f73550000}2873/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.731{ec2a2542-296e-6254-d89f-b1522a560000}2874/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/04-cpp-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.731{ec2a2542-296e-6254-70b3-9d6f73550000}2873/bin/rmroot 23542300x800000000000000026856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.731{ec2a2542-296e-6254-70b3-9d6f73550000}2873root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000026859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.732{ec2a2542-296e-6254-d89f-b1522a560000}2874/usr/bin/dpkg-splitroot 154100x800000000000000026860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.733{ec2a2542-296e-6254-40ea-2e2c4d560000}2875/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/04-cpp-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.734{ec2a2542-296e-6254-b073-821964550000}2878/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-40ea-2e2c4d560000}2875/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.735{ec2a2542-296e-6254-0000-000000000000}2876-root 534500x800000000000000026863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.736{ec2a2542-296e-6254-0000-000000000000}2877-root 534500x800000000000000026864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.737{ec2a2542-296e-6254-b073-821964550000}2878/bin/tarroot 534500x800000000000000026865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.738{ec2a2542-296e-6254-40ea-2e2c4d560000}2875/usr/bin/dpkg-debroot 154100x800000000000000026866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.753{ec2a2542-296e-6254-6802-1eea4f560000}2879/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.754{ec2a2542-296e-6254-6802-1eea4f560000}2879/bin/dashroot 154100x800000000000000026868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:18.755{ec2a2542-296e-6254-409a-87c938560000}2880/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/04-cpp-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.317{ec2a2542-296e-6254-0000-000000000000}2881-root 534500x800000000000000026871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.326{ec2a2542-296e-6254-409a-87c938560000}2880/usr/bin/dpkg-debroot 534500x800000000000000026870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.326{00000000-0000-0000-0000-000000000000}2882<unknown process>root 154100x800000000000000026872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.410{ec2a2542-296f-6254-70c3-49017b550000}2883/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000026873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.411{ec2a2542-296f-6254-70c3-49017b550000}2883root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.412{ec2a2542-296f-6254-d86f-17024a560000}2884/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/05-cpp-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.412{ec2a2542-296f-6254-70c3-49017b550000}2883/bin/rmroot 534500x800000000000000026876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.413{ec2a2542-296f-6254-d86f-17024a560000}2884/usr/bin/dpkg-splitroot 154100x800000000000000026877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.414{ec2a2542-296f-6254-40ca-41ec31560000}2885/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/05-cpp-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.415{ec2a2542-296f-6254-b093-b0e8ce550000}2888/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296f-6254-40ca-41ec31560000}2885/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.415{ec2a2542-296f-6254-0000-000000000000}2886-root 534500x800000000000000026880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.416{ec2a2542-296f-6254-0000-000000000000}2887-root 534500x800000000000000026882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.418{ec2a2542-296f-6254-40ca-41ec31560000}2885/usr/bin/dpkg-debroot 534500x800000000000000026881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.418{ec2a2542-296f-6254-b093-b0e8ce550000}2888/bin/tarroot 154100x800000000000000026883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.433{ec2a2542-296f-6254-40ca-5a4a7e550000}2889/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/05-cpp-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.435{ec2a2542-296f-6254-0000-000000000000}2890-root 534500x800000000000000026886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.436{ec2a2542-296f-6254-40ca-5a4a7e550000}2889/usr/bin/dpkg-debroot 534500x800000000000000026885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.436{00000000-0000-0000-0000-000000000000}2891<unknown process>root 154100x800000000000000026887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.455{ec2a2542-296f-6254-7033-c52ce9550000}2892/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.457{ec2a2542-296f-6254-d8df-79ad11560000}2893/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/06-gcc-8-cross-base-ports_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.457{ec2a2542-296f-6254-7033-c52ce9550000}2892/bin/rmroot 23542300x800000000000000026888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.457{ec2a2542-296f-6254-7033-c52ce9550000}2892root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.458{ec2a2542-296f-6254-40ea-a70648560000}2894/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/06-gcc-8-cross-base-ports_8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.458{ec2a2542-296f-6254-d8df-79ad11560000}2893/usr/bin/dpkg-splitroot 154100x800000000000000026894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.461{ec2a2542-296f-6254-b0d3-26ffe2550000}2897/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296f-6254-40ea-a70648560000}2894/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.461{ec2a2542-296f-6254-0000-000000000000}2895-root 534500x800000000000000026895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.462{ec2a2542-296f-6254-0000-000000000000}2896-root 534500x800000000000000026897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.463{ec2a2542-296f-6254-40ea-a70648560000}2894/usr/bin/dpkg-debroot 534500x800000000000000026896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.463{ec2a2542-296f-6254-b0d3-26ffe2550000}2897/bin/tarroot 154100x800000000000000026898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.481{ec2a2542-296f-6254-402a-6a0fe7550000}2898/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/06-gcc-8-cross-base-ports_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.483{ec2a2542-296f-6254-0000-000000000000}2899-root 534500x800000000000000026900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.485{00000000-0000-0000-0000-000000000000}2900<unknown process>root 534500x800000000000000026901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.486{ec2a2542-296f-6254-402a-6a0fe7550000}2898/usr/bin/dpkg-debroot 154100x800000000000000026902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.503{ec2a2542-296f-6254-7073-d41670550000}2901/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.505{ec2a2542-296f-6254-d83f-144f3d560000}2902/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/07-libcc1-0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.505{ec2a2542-296f-6254-7073-d41670550000}2901/bin/rmroot 23542300x800000000000000026903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.505{ec2a2542-296f-6254-7073-d41670550000}2901root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.506{ec2a2542-296f-6254-40ea-404c48560000}2903/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/07-libcc1-0_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.506{ec2a2542-296f-6254-d83f-144f3d560000}2902/usr/bin/dpkg-splitroot 154100x800000000000000026908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.508{ec2a2542-296f-6254-b0d3-9d7468550000}2906/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296f-6254-40ea-404c48560000}2903/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.509{ec2a2542-296f-6254-0000-000000000000}2905-root 534500x800000000000000026909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.509{ec2a2542-296f-6254-0000-000000000000}2904-root 534500x800000000000000026911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.510{ec2a2542-296f-6254-b0d3-9d7468550000}2906/bin/tarroot 534500x800000000000000026912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.511{ec2a2542-296f-6254-40ea-404c48560000}2903/usr/bin/dpkg-debroot 154100x800000000000000026913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.533{ec2a2542-296f-6254-403a-ffd9eb550000}2907/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/07-libcc1-0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.535{ec2a2542-296f-6254-0000-000000000000}2908-root 534500x800000000000000026916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.541{ec2a2542-296f-6254-403a-ffd9eb550000}2907/usr/bin/dpkg-debroot 534500x800000000000000026915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.541{00000000-0000-0000-0000-000000000000}2909<unknown process>root 154100x800000000000000026917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.561{ec2a2542-296f-6254-7053-e2b946560000}2910/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.562{ec2a2542-296f-6254-7053-e2b946560000}2910/bin/rmroot 23542300x800000000000000026918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.562{ec2a2542-296f-6254-7053-e2b946560000}2910root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.563{ec2a2542-296f-6254-d8cf-244cf6550000}2911/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/08-binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.564{ec2a2542-296f-6254-407a-323f25560000}2912/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/08-binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.564{ec2a2542-296f-6254-d8cf-244cf6550000}2911/usr/bin/dpkg-splitroot 154100x800000000000000026924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.566{ec2a2542-296f-6254-b023-0d527e550000}2915/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296f-6254-407a-323f25560000}2912/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.566{ec2a2542-296f-6254-0000-000000000000}2913-root 534500x800000000000000026925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.568{ec2a2542-296f-6254-0000-000000000000}2914-root 534500x800000000000000026927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.572{ec2a2542-296f-6254-407a-323f25560000}2912/usr/bin/dpkg-debroot 534500x800000000000000026926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.572{ec2a2542-296f-6254-b023-0d527e550000}2915/bin/tarroot 154100x800000000000000026928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.591{ec2a2542-296f-6254-404a-8f9c50560000}2916/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/08-binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.940{ec2a2542-296f-6254-0000-000000000000}2917-root 534500x800000000000000026930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.947{00000000-0000-0000-0000-000000000000}2918<unknown process>root 534500x800000000000000026931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.948{ec2a2542-296f-6254-404a-8f9c50560000}2916/usr/bin/dpkg-debroot 154100x800000000000000026932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.984{ec2a2542-296f-6254-7013-e09370550000}2919/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000026933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.985{ec2a2542-296f-6254-7013-e09370550000}2919root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.986{ec2a2542-296f-6254-d8bf-49c8db550000}2920/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/09-gcc-7-cross-base-ports_7.5.0-3ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.986{ec2a2542-296f-6254-7013-e09370550000}2919/bin/rmroot 154100x800000000000000026937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.987{ec2a2542-296f-6254-40da-f1a485550000}2921/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/09-gcc-7-cross-base-ports_7.5.0-3ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.987{ec2a2542-296f-6254-d8bf-49c8db550000}2920/usr/bin/dpkg-splitroot 154100x800000000000000026940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.989{ec2a2542-296f-6254-b053-2aee61550000}2924/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296f-6254-40da-f1a485550000}2921/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.989{ec2a2542-296f-6254-0000-000000000000}2922-root 534500x800000000000000026939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.990{ec2a2542-296f-6254-0000-000000000000}2923-root 534500x800000000000000026942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.994{ec2a2542-296f-6254-40da-f1a485550000}2921/usr/bin/dpkg-debroot 534500x800000000000000026941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:19.994{ec2a2542-296f-6254-b053-2aee61550000}2924/bin/tarroot 154100x800000000000000026943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.011{ec2a2542-2970-6254-40aa-c86811560000}2925/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/09-gcc-7-cross-base-ports_7.5.0-3ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.013{ec2a2542-2970-6254-0000-000000000000}2926-root 534500x800000000000000026945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.015{ec2a2542-2970-6254-0000-000000000000}2927-root 534500x800000000000000026946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.016{ec2a2542-2970-6254-40aa-c86811560000}2925/usr/bin/dpkg-debroot 154100x800000000000000026947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.038{ec2a2542-2970-6254-7043-5f49d2550000}2928/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.039{ec2a2542-2970-6254-7043-5f49d2550000}2928/bin/rmroot 23542300x800000000000000026948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.039{ec2a2542-2970-6254-7043-5f49d2550000}2928root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.041{ec2a2542-2970-6254-d8ef-1ad559550000}2929/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/10-libc6-mips-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.042{ec2a2542-2970-6254-d8ef-1ad559550000}2929/usr/bin/dpkg-splitroot 154100x800000000000000026952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.043{ec2a2542-2970-6254-404a-a36c2f560000}2930/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/10-libc6-mips-cross_2.27-3ubuntu1cross1.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.044{ec2a2542-2970-6254-b0d3-850fba550000}2933/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2970-6254-404a-a36c2f560000}2930/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.044{ec2a2542-2970-6254-0000-000000000000}2931-root 534500x800000000000000026955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.046{ec2a2542-2970-6254-0000-000000000000}2932-root 534500x800000000000000026957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.047{ec2a2542-2970-6254-404a-a36c2f560000}2930/usr/bin/dpkg-debroot 534500x800000000000000026956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.047{ec2a2542-2970-6254-b0d3-850fba550000}2933/bin/tarroot 154100x800000000000000026958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.068{ec2a2542-2970-6254-407a-468640560000}2934/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/10-libc6-mips-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.179{ec2a2542-2970-6254-0000-000000000000}2935-root 534500x800000000000000026960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.191{ec2a2542-2970-6254-0000-000000000000}2936-root 534500x800000000000000026961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.192{ec2a2542-2970-6254-407a-468640560000}2934/usr/bin/dpkg-debroot 154100x800000000000000026962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.221{ec2a2542-2970-6254-7003-832859550000}2937/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.222{ec2a2542-2970-6254-7003-832859550000}2937/bin/rmroot 23542300x800000000000000026963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.222{ec2a2542-2970-6254-7003-832859550000}2937root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.223{ec2a2542-2970-6254-d86f-eb04bc550000}2938/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/11-libgcc1-mips-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.224{ec2a2542-2970-6254-407a-4091e0550000}2939/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/11-libgcc1-mips-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.224{ec2a2542-2970-6254-d86f-eb04bc550000}2938/usr/bin/dpkg-splitroot 154100x800000000000000026969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.226{ec2a2542-2970-6254-b0d3-fa365d550000}2942/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2970-6254-407a-4091e0550000}2939/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.226{ec2a2542-2970-6254-0000-000000000000}2940-root 534500x800000000000000026970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.228{ec2a2542-2970-6254-0000-000000000000}2941-root 534500x800000000000000026972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.229{ec2a2542-2970-6254-407a-4091e0550000}2939/usr/bin/dpkg-debroot 534500x800000000000000026971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.229{ec2a2542-2970-6254-b0d3-fa365d550000}2942/bin/tarroot 154100x800000000000000026973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.249{ec2a2542-2970-6254-404a-c8505c550000}2943/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/11-libgcc1-mips-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.250{ec2a2542-2970-6254-0000-000000000000}2944-root 534500x800000000000000026975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.255{00000000-0000-0000-0000-000000000000}2945<unknown process>root 534500x800000000000000026976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.256{ec2a2542-2970-6254-404a-c8505c550000}2943/usr/bin/dpkg-debroot 154100x800000000000000026977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.274{ec2a2542-2970-6254-70d3-e2db68550000}2946/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.275{ec2a2542-2970-6254-d87f-301216560000}2947/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/12-libgomp1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.275{ec2a2542-2970-6254-70d3-e2db68550000}2946/bin/rmroot 23542300x800000000000000026978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.275{ec2a2542-2970-6254-70d3-e2db68550000}2946root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000026982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.277{ec2a2542-2970-6254-401a-693aa7550000}2948/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/12-libgomp1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.277{ec2a2542-2970-6254-d87f-301216560000}2947/usr/bin/dpkg-splitroot 154100x800000000000000026984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.279{ec2a2542-2970-6254-b0c3-9577dc550000}2951/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2970-6254-401a-693aa7550000}2948/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.279{ec2a2542-2970-6254-0000-000000000000}2949-root 534500x800000000000000026985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.280{ec2a2542-2970-6254-0000-000000000000}2950-root 534500x800000000000000026987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.281{ec2a2542-2970-6254-401a-693aa7550000}2948/usr/bin/dpkg-debroot 534500x800000000000000026986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.281{ec2a2542-2970-6254-b0c3-9577dc550000}2951/bin/tarroot 154100x800000000000000026988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.299{ec2a2542-2970-6254-40fa-f3109e550000}2952/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/12-libgomp1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.304{ec2a2542-2970-6254-0000-000000000000}2953-root 534500x800000000000000026990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.315{ec2a2542-2970-6254-0000-000000000000}2954-root 534500x800000000000000026991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.316{ec2a2542-2970-6254-40fa-f3109e550000}2952/usr/bin/dpkg-debroot 154100x800000000000000026992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.332{ec2a2542-2970-6254-7033-5cb100560000}2955/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.333{ec2a2542-2970-6254-d89f-3732db550000}2956/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/13-libatomic1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000026994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.333{ec2a2542-2970-6254-7033-5cb100560000}2955/bin/rmroot 23542300x800000000000000026993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.333{ec2a2542-2970-6254-7033-5cb100560000}2955root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000026996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.338{ec2a2542-2970-6254-d89f-3732db550000}2956/usr/bin/dpkg-splitroot 154100x800000000000000026997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.339{ec2a2542-2970-6254-400a-42bc63550000}2957/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/13-libatomic1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000026999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.341{ec2a2542-2970-6254-b013-b07829560000}2960/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2970-6254-400a-42bc63550000}2957/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000026998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.341{ec2a2542-2970-6254-0000-000000000000}2958-root 534500x800000000000000027000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.342{ec2a2542-2970-6254-0000-000000000000}2959-root 534500x800000000000000027002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.344{ec2a2542-2970-6254-400a-42bc63550000}2957/usr/bin/dpkg-debroot 534500x800000000000000027001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.344{ec2a2542-2970-6254-b013-b07829560000}2960/bin/tarroot 154100x800000000000000027003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.363{ec2a2542-2970-6254-404a-0a05ca550000}2961/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/13-libatomic1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.365{ec2a2542-2970-6254-0000-000000000000}2962-root 534500x800000000000000027006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.366{ec2a2542-2970-6254-404a-0a05ca550000}2961/usr/bin/dpkg-debroot 534500x800000000000000027005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.366{ec2a2542-2970-6254-0000-000000000000}2963-root 154100x800000000000000027007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.385{ec2a2542-2970-6254-70b3-f83e49560000}2964/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.387{ec2a2542-2970-6254-d8df-9179d5550000}2965/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/14-libgcc-7-dev-mips-cross_7.5.0-3ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.387{ec2a2542-2970-6254-70b3-f83e49560000}2964/bin/rmroot 23542300x800000000000000027008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.387{ec2a2542-2970-6254-70b3-f83e49560000}2964root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000027011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.388{ec2a2542-2970-6254-d8df-9179d5550000}2965/usr/bin/dpkg-splitroot 154100x800000000000000027012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.389{ec2a2542-2970-6254-40fa-1a4ded550000}2966/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/14-libgcc-7-dev-mips-cross_7.5.0-3ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.390{ec2a2542-2970-6254-b023-67bc74550000}2969/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2970-6254-40fa-1a4ded550000}2966/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.390{ec2a2542-2970-6254-0000-000000000000}2967-root 534500x800000000000000027015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.392{ec2a2542-2970-6254-0000-000000000000}2968-root 534500x800000000000000027016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.393{ec2a2542-2970-6254-b023-67bc74550000}2969/bin/tarroot 534500x800000000000000027017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.394{ec2a2542-2970-6254-40fa-1a4ded550000}2966/usr/bin/dpkg-debroot 154100x800000000000000027018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.408{ec2a2542-2970-6254-40ca-4f3e4d560000}2970/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/14-libgcc-7-dev-mips-cross_7.5.0-3ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.437{ec2a2542-2970-6254-0000-000000000000}2971-root 534500x800000000000000027021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.446{ec2a2542-2970-6254-40ca-4f3e4d560000}2970/usr/bin/dpkg-debroot 534500x800000000000000027020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.446{00000000-0000-0000-0000-000000000000}2972<unknown process>root 154100x800000000000000027022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.502{ec2a2542-2970-6254-7093-73acf2550000}2973/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.503{ec2a2542-2970-6254-7093-73acf2550000}2973/bin/rmroot 23542300x800000000000000027023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.503{ec2a2542-2970-6254-7093-73acf2550000}2973root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.504{ec2a2542-2970-6254-d88f-c77b04560000}2974/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/15-gcc-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.505{ec2a2542-2970-6254-407a-206a41560000}2975/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/15-gcc-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.505{ec2a2542-2970-6254-d88f-c77b04560000}2974/usr/bin/dpkg-splitroot 154100x800000000000000027029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.507{ec2a2542-2970-6254-b0d3-49be6a550000}2978/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2970-6254-407a-206a41560000}2975/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.507{ec2a2542-2970-6254-0000-000000000000}2976-root 534500x800000000000000027030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.508{ec2a2542-2970-6254-0000-000000000000}2977-root 534500x800000000000000027032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.509{ec2a2542-2970-6254-407a-206a41560000}2975/usr/bin/dpkg-debroot 534500x800000000000000027031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.509{ec2a2542-2970-6254-b0d3-49be6a550000}2978/bin/tarroot 154100x800000000000000027033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.527{ec2a2542-2970-6254-6892-0361dc550000}2979/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.528{ec2a2542-2970-6254-6892-0361dc550000}2979/bin/dashroot 154100x800000000000000027035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:20.529{ec2a2542-2970-6254-40da-d15b2a560000}2980/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/15-gcc-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.193{ec2a2542-2970-6254-0000-000000000000}2981-root 534500x800000000000000027038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.198{ec2a2542-2970-6254-40da-d15b2a560000}2980/usr/bin/dpkg-debroot 534500x800000000000000027037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.198{ec2a2542-2970-6254-0000-000000000000}2982-root 154100x800000000000000027039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.242{ec2a2542-2971-6254-70a3-97f0d5550000}2983/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.243{ec2a2542-2971-6254-70a3-97f0d5550000}2983/bin/rmroot 23542300x800000000000000027040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.243{ec2a2542-2971-6254-70a3-97f0d5550000}2983root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.244{ec2a2542-2971-6254-d82f-e407dc550000}2984/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/16-gcc-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.245{ec2a2542-2971-6254-406a-85a923560000}2985/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/16-gcc-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.245{ec2a2542-2971-6254-d82f-e407dc550000}2984/usr/bin/dpkg-splitroot 154100x800000000000000027046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.247{ec2a2542-2971-6254-b073-f2e374550000}2988/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2971-6254-406a-85a923560000}2985/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.247{ec2a2542-2971-6254-0000-000000000000}2986-root 534500x800000000000000027047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.248{ec2a2542-2971-6254-0000-000000000000}2987-root 534500x800000000000000027048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.249{ec2a2542-2971-6254-b073-f2e374550000}2988/bin/tarroot 534500x800000000000000027049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.250{ec2a2542-2971-6254-406a-85a923560000}2985/usr/bin/dpkg-debroot 154100x800000000000000027050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.262{ec2a2542-2971-6254-407a-1f563a560000}2989/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/16-gcc-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.264{ec2a2542-2971-6254-0000-000000000000}2990-root 534500x800000000000000027053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.265{ec2a2542-2971-6254-407a-1f563a560000}2989/usr/bin/dpkg-debroot 534500x800000000000000027052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.265{00000000-0000-0000-0000-000000000000}2991<unknown process>root 154100x800000000000000027054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.285{ec2a2542-2971-6254-70b3-60cfa1550000}2992/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.287{ec2a2542-2971-6254-d83f-596542560000}2993/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/17-linux-libc-dev-mips-cross_4.15.0-35.38cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.287{ec2a2542-2971-6254-70b3-60cfa1550000}2992/bin/rmroot 23542300x800000000000000027055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.287{ec2a2542-2971-6254-70b3-60cfa1550000}2992root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000027058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.288{ec2a2542-2971-6254-d83f-596542560000}2993/usr/bin/dpkg-splitroot 154100x800000000000000027059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.289{ec2a2542-2971-6254-404a-972c3e560000}2994/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/17-linux-libc-dev-mips-cross_4.15.0-35.38cross1.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.292{ec2a2542-2971-6254-b0e3-428cbe550000}2997/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2971-6254-404a-972c3e560000}2994/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.292{ec2a2542-2971-6254-0000-000000000000}2995-root 534500x800000000000000027062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.295{ec2a2542-2971-6254-0000-000000000000}2996-root 534500x800000000000000027064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.296{ec2a2542-2971-6254-404a-972c3e560000}2994/usr/bin/dpkg-debroot 534500x800000000000000027063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.296{ec2a2542-2971-6254-b0e3-428cbe550000}2997/bin/tarroot 154100x800000000000000027065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.312{ec2a2542-2971-6254-40ca-edfac9550000}2998/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/17-linux-libc-dev-mips-cross_4.15.0-35.38cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.510{ec2a2542-2971-6254-0000-000000000000}2999-root 534500x800000000000000027067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.522{ec2a2542-2971-6254-0000-000000000000}3000-root 534500x800000000000000027068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.523{ec2a2542-2971-6254-40ca-edfac9550000}2998/usr/bin/dpkg-debroot 154100x800000000000000027069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.596{ec2a2542-2971-6254-70b3-7f009e550000}3001/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.598{ec2a2542-2971-6254-d81f-176039560000}3002/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-qCjo8w/18-libc6-dev-mips-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.598{ec2a2542-2971-6254-70b3-7f009e550000}3001/bin/rmroot 23542300x800000000000000027070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.598{ec2a2542-2971-6254-70b3-7f009e550000}3001root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000027073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.599{ec2a2542-2971-6254-d81f-176039560000}3002/usr/bin/dpkg-splitroot 154100x800000000000000027074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.600{ec2a2542-2971-6254-404a-b3b286550000}3003/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-qCjo8w/18-libc6-dev-mips-cross_2.27-3ubuntu1cross1.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.601{ec2a2542-2971-6254-b043-79791f560000}3006/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2971-6254-404a-b3b286550000}3003/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.601{ec2a2542-2971-6254-0000-000000000000}3004-root 534500x800000000000000027079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.604{ec2a2542-2971-6254-404a-b3b286550000}3003/usr/bin/dpkg-debroot 534500x800000000000000027078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.604{00000000-0000-0000-0000-000000000000}3005<unknown process>root 534500x800000000000000027077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.604{ec2a2542-2971-6254-b043-79791f560000}3006/bin/tarroot 154100x800000000000000027080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.620{ec2a2542-2971-6254-407a-aa8788550000}3007/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-qCjo8w/18-libc6-dev-mips-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 354300x800000000000000027081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:21.818{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54734-false10.0.1.12-8000- 534500x800000000000000027082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.015{ec2a2542-2971-6254-0000-000000000000}3008-root 534500x800000000000000027084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.027{ec2a2542-2971-6254-407a-aa8788550000}3007/usr/bin/dpkg-debroot 534500x800000000000000027083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.027{00000000-0000-0000-0000-000000000000}3009<unknown process>root 154100x800000000000000027085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.131{ec2a2542-2972-6254-70f3-06bb0c560000}3010/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.132{ec2a2542-2972-6254-70f3-06bb0c560000}3010/bin/rmroot 23542300x800000000000000027086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.132{ec2a2542-2972-6254-70f3-06bb0c560000}3010root/bin/rm/var/lib/dpkg/tmp.ci/control--- 23542300x800000000000000027088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.187{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000027116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000027115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000027114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000027113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000027112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000027111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000027110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000027109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000027108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000027107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000027106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000027105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000027104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000027103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000027102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000027101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000027100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000027099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000027098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000027097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000027096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000027095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000027094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000027093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000027092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000027091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000027090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000027089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.189{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000027147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000027146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000027145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000027144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000027143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000027142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000027141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000027140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000027139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000027138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000027137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000027136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000027135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000027134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000027133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000027132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000027131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000027130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000027129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000027128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000027127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000027126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000027125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000027124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000027123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000027122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000027121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000027120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000027119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000027118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000027117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.190{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000027148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.192{ec2a2542-296e-6254-7061-78cc17560000}2837root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 534500x800000000000000027149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.194{ec2a2542-296e-6254-7061-78cc17560000}2837/usr/bin/dpkgroot 23542300x800000000000000027168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/13-libatomic1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/08-binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb--- 23542300x800000000000000027166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/16-gcc-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb--- 23542300x800000000000000027165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/09-gcc-7-cross-base-ports_7.5.0-3ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/03-libmpc3_1.1.0-1_amd64.deb--- 23542300x800000000000000027163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/11-libgcc1-mips-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/06-gcc-8-cross-base-ports_8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/18-libc6-dev-mips-cross_2.27-3ubuntu1cross1.2_all.deb--- 23542300x800000000000000027160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/05-cpp-mips-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb--- 23542300x800000000000000027159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/01-gcc-7-mips-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb--- 23542300x800000000000000027158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/12-libgomp1-mips-cross_8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/15-gcc-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb--- 23542300x800000000000000027156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/00-binutils-common_2.30-21ubuntu1~18.04.7_amd64.deb--- 23542300x800000000000000027155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/02-libisl19_0.19-1_amd64.deb--- 23542300x800000000000000027154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/14-libgcc-7-dev-mips-cross_7.5.0-3ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/10-libc6-mips-cross_2.27-3ubuntu1cross1.2_all.deb--- 23542300x800000000000000027152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/07-libcc1-0_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000027151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/04-cpp-7-mips-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb--- 23542300x800000000000000027150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.196{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/apt-dpkg-install-qCjo8w/17-linux-libc-dev-mips-cross_4.15.0-35.38cross1.2_all.deb--- 154100x800000000000000027169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.197{ec2a2542-2972-6254-7091-5b1f40560000}3011/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --configure --pending/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000027170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.427{ec2a2542-2972-6254-6812-172f7e550000}3012/bin/dash-----/bin/sh /var/lib/dpkg/info/man-db.postinst triggered /usr/share/man/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2972-6254-7091-5b1f40560000}3011/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.430{ec2a2542-2972-6254-80ea-bcc4cf550000}3013/usr/bin/mandb-----/usr/bin/mandb -pq/man{ec2a2542-0000-0000-0600-000001000000}64no level-{ec2a2542-2972-6254-6812-172f7e550000}3012/bin/dash/bin/shroot 154100x800000000000000027171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.430{ec2a2542-2972-6254-98e7-52e7c2550000}3013/usr/bin/perl-----perl -e @pwd = getpwnam("man"); $) = $( = $pwd[3]; $> = $< = $pwd[2]; exec "/usr/bin/mandb", @ARGV -- -pq/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2972-6254-6812-172f7e550000}3012/bin/dash/bin/shroot 534500x800000000000000027173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.482{ec2a2542-2972-6254-0000-000000000000}3014-man 534500x800000000000000027174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.487{ec2a2542-2972-6254-0000-000000000000}3015-man 534500x800000000000000027175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.488{ec2a2542-2972-6254-0000-000000000000}3017-man 534500x800000000000000027176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.489{00000000-0000-0000-0000-000000000000}3016<unknown process>man 534500x800000000000000027177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.495{00000000-0000-0000-0000-000000000000}3018<unknown process>man 534500x800000000000000027178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.498{ec2a2542-2972-6254-0000-000000000000}3019-man 534500x800000000000000027179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.499{ec2a2542-2972-6254-0000-000000000000}3021-man 534500x800000000000000027180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.501{ec2a2542-2972-6254-0000-000000000000}3020-man 534500x800000000000000027181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.505{ec2a2542-2972-6254-0000-000000000000}3022-man 534500x800000000000000027182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.508{ec2a2542-2972-6254-0000-000000000000}3023-man 534500x800000000000000027184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.509{ec2a2542-2972-6254-0000-000000000000}3024-man 534500x800000000000000027183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.509{ec2a2542-2972-6254-0000-000000000000}3025-man 534500x800000000000000027185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.514{00000000-0000-0000-0000-000000000000}3026<unknown process>man 534500x800000000000000027187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.518{ec2a2542-2972-6254-0000-000000000000}3029-man 534500x800000000000000027186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.518{ec2a2542-2972-6254-0000-000000000000}3027-man 534500x800000000000000027188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.521{00000000-0000-0000-0000-000000000000}3028<unknown process>man 534500x800000000000000027189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.526{ec2a2542-2972-6254-0000-000000000000}3030-man 534500x800000000000000027191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.530{ec2a2542-2972-6254-0000-000000000000}3033-man 534500x800000000000000027190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.530{ec2a2542-2972-6254-0000-000000000000}3031-man 534500x800000000000000027192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.531{ec2a2542-2972-6254-0000-000000000000}3032-man 534500x800000000000000027193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.535{ec2a2542-2972-6254-0000-000000000000}3034-man 534500x800000000000000027195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.539{ec2a2542-2972-6254-0000-000000000000}3037-man 534500x800000000000000027194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.539{ec2a2542-2972-6254-0000-000000000000}3035-man 534500x800000000000000027196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.540{ec2a2542-2972-6254-0000-000000000000}3036-man 534500x800000000000000027197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.543{00000000-0000-0000-0000-000000000000}3038<unknown process>man 534500x800000000000000027198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.546{00000000-0000-0000-0000-000000000000}3039<unknown process>man 534500x800000000000000027199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.547{ec2a2542-2972-6254-0000-000000000000}3041-man 534500x800000000000000027200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.548{ec2a2542-2972-6254-0000-000000000000}3040-man 534500x800000000000000027201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.552{00000000-0000-0000-0000-000000000000}3042<unknown process>man 534500x800000000000000027203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.555{ec2a2542-2972-6254-0000-000000000000}3045-man 534500x800000000000000027202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.555{ec2a2542-2972-6254-0000-000000000000}3043-man 534500x800000000000000027204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.556{ec2a2542-2972-6254-0000-000000000000}3044-man 534500x800000000000000027205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.559{ec2a2542-2972-6254-0000-000000000000}3046-man 534500x800000000000000027206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.562{ec2a2542-2972-6254-0000-000000000000}3047-man 534500x800000000000000027208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.563{ec2a2542-2972-6254-0000-000000000000}3048-man 534500x800000000000000027207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.563{ec2a2542-2972-6254-0000-000000000000}3049-man 534500x800000000000000027209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.567{00000000-0000-0000-0000-000000000000}3050<unknown process>man 534500x800000000000000027210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.570{ec2a2542-2972-6254-0000-000000000000}3051-man 534500x800000000000000027212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.571{ec2a2542-2972-6254-0000-000000000000}3052-man 534500x800000000000000027211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.571{ec2a2542-2972-6254-0000-000000000000}3053-man 534500x800000000000000027213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.575{00000000-0000-0000-0000-000000000000}3054<unknown process>man 534500x800000000000000027214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.578{ec2a2542-2972-6254-0000-000000000000}3055-man 534500x800000000000000027216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.579{ec2a2542-2972-6254-0000-000000000000}3056-man 534500x800000000000000027215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.579{ec2a2542-2972-6254-0000-000000000000}3057-man 534500x800000000000000027217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.583{ec2a2542-2972-6254-0000-000000000000}3058-man 534500x800000000000000027218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.586{00000000-0000-0000-0000-000000000000}3059<unknown process>man 534500x800000000000000027219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.587{ec2a2542-2972-6254-0000-000000000000}3061-man 534500x800000000000000027220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.588{ec2a2542-2972-6254-0000-000000000000}3060-man 534500x800000000000000027221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.592{ec2a2542-2972-6254-0000-000000000000}3062-man 534500x800000000000000027222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.595{ec2a2542-2972-6254-0000-000000000000}3063-man 534500x800000000000000027223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.596{ec2a2542-2972-6254-0000-000000000000}3065-man 534500x800000000000000027224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.597{00000000-0000-0000-0000-000000000000}3064<unknown process>man 534500x800000000000000027225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.602{ec2a2542-2972-6254-0000-000000000000}3066-man 534500x800000000000000027226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.605{ec2a2542-2972-6254-0000-000000000000}3067-man 534500x800000000000000027228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.606{ec2a2542-2972-6254-0000-000000000000}3068-man 534500x800000000000000027227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.606{ec2a2542-2972-6254-0000-000000000000}3069-man 534500x800000000000000027229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.611{00000000-0000-0000-0000-000000000000}3070<unknown process>man 534500x800000000000000027230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.616{00000000-0000-0000-0000-000000000000}3071<unknown process>man 534500x800000000000000027231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.617{ec2a2542-2972-6254-0000-000000000000}3073-man 534500x800000000000000027232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.619{00000000-0000-0000-0000-000000000000}3072<unknown process>man 534500x800000000000000027233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.623{00000000-0000-0000-0000-000000000000}3074<unknown process>man 534500x800000000000000027234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.626{ec2a2542-2972-6254-0000-000000000000}3075-man 534500x800000000000000027235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.628{ec2a2542-2972-6254-0000-000000000000}3077-man 534500x800000000000000027236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.629{00000000-0000-0000-0000-000000000000}3076<unknown process>man 534500x800000000000000027237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.632{ec2a2542-2972-6254-0000-000000000000}3078-man 534500x800000000000000027238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.635{ec2a2542-2972-6254-0000-000000000000}3079-man 534500x800000000000000027240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.636{ec2a2542-2972-6254-0000-000000000000}3080-man 534500x800000000000000027239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.636{ec2a2542-2972-6254-0000-000000000000}3081-man 534500x800000000000000027241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.640{00000000-0000-0000-0000-000000000000}3082<unknown process>man 534500x800000000000000027242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.643{ec2a2542-2972-6254-0000-000000000000}3083-man 534500x800000000000000027243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.644{ec2a2542-2972-6254-0000-000000000000}3085-man 534500x800000000000000027244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.645{00000000-0000-0000-0000-000000000000}3084<unknown process>man 534500x800000000000000027245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.648{00000000-0000-0000-0000-000000000000}3086<unknown process>man 534500x800000000000000027247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.652{ec2a2542-2972-6254-0000-000000000000}3089-man 534500x800000000000000027246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.652{00000000-0000-0000-0000-000000000000}3087<unknown process>man 534500x800000000000000027248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.653{ec2a2542-2972-6254-0000-000000000000}3088-man 534500x800000000000000027249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.656{ec2a2542-2972-6254-0000-000000000000}3090-man 534500x800000000000000027250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.659{ec2a2542-2972-6254-0000-000000000000}3091-man 534500x800000000000000027252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.661{ec2a2542-2972-6254-0000-000000000000}3092-man 534500x800000000000000027251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.661{ec2a2542-2972-6254-0000-000000000000}3093-man 534500x800000000000000027253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.664{ec2a2542-2972-6254-0000-000000000000}3094-man 534500x800000000000000027255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.668{ec2a2542-2972-6254-0000-000000000000}3097-man 534500x800000000000000027254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.668{ec2a2542-2972-6254-0000-000000000000}3095-man 534500x800000000000000027256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.669{00000000-0000-0000-0000-000000000000}3096<unknown process>man 534500x800000000000000027257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.672{00000000-0000-0000-0000-000000000000}3098<unknown process>man 534500x800000000000000027258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.675{ec2a2542-2972-6254-0000-000000000000}3099-man 534500x800000000000000027260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.676{00000000-0000-0000-0000-000000000000}3100<unknown process>man 534500x800000000000000027259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.676{ec2a2542-2972-6254-0000-000000000000}3101-man 534500x800000000000000027261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.679{00000000-0000-0000-0000-000000000000}3102<unknown process>man 534500x800000000000000027262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.683{ec2a2542-2972-6254-0000-000000000000}3103-man 534500x800000000000000027263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.684{ec2a2542-2972-6254-0000-000000000000}3105-man 534500x800000000000000027264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.685{ec2a2542-2972-6254-0000-000000000000}3104-man 534500x800000000000000027265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.689{ec2a2542-2972-6254-0000-000000000000}3106-man 534500x800000000000000027266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.693{ec2a2542-2972-6254-0000-000000000000}3107-man 534500x800000000000000027267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.694{ec2a2542-2972-6254-0000-000000000000}3110-man 534500x800000000000000027268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.695{00000000-0000-0000-0000-000000000000}3108<unknown process>man 534500x800000000000000027269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.699{ec2a2542-2972-6254-0000-000000000000}3111-man 534500x800000000000000027270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.702{ec2a2542-2972-6254-0000-000000000000}3112-man 534500x800000000000000027271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.703{ec2a2542-2972-6254-0000-000000000000}3114-man 534500x800000000000000027272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.704{ec2a2542-2972-6254-0000-000000000000}3113-man 534500x800000000000000027273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.709{00000000-0000-0000-0000-000000000000}3115<unknown process>man 534500x800000000000000027275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.713{ec2a2542-2972-6254-0000-000000000000}3118-man 534500x800000000000000027274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.713{00000000-0000-0000-0000-000000000000}3116<unknown process>man 534500x800000000000000027276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.714{ec2a2542-2972-6254-0000-000000000000}3117-man 534500x800000000000000027277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.718{00000000-0000-0000-0000-000000000000}3119<unknown process>man 534500x800000000000000027278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.721{ec2a2542-2972-6254-0000-000000000000}3120-man 534500x800000000000000027279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.722{ec2a2542-2972-6254-0000-000000000000}3122-man 534500x800000000000000027280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.723{ec2a2542-2972-6254-0000-000000000000}3121-man 534500x800000000000000027281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.727{00000000-0000-0000-0000-000000000000}3123<unknown process>man 534500x800000000000000027283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.730{ec2a2542-2972-6254-0000-000000000000}3126-man 534500x800000000000000027282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.730{ec2a2542-2972-6254-0000-000000000000}3124-man 534500x800000000000000027284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.731{00000000-0000-0000-0000-000000000000}3125<unknown process>man 534500x800000000000000027285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.734{ec2a2542-2972-6254-0000-000000000000}3127-man 534500x800000000000000027286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.737{ec2a2542-2972-6254-0000-000000000000}3128-man 534500x800000000000000027287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.738{ec2a2542-2972-6254-0000-000000000000}3130-man 534500x800000000000000027288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.739{ec2a2542-2972-6254-0000-000000000000}3129-man 534500x800000000000000027289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.743{00000000-0000-0000-0000-000000000000}3131<unknown process>man 534500x800000000000000027290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.746{00000000-0000-0000-0000-000000000000}3132<unknown process>man 534500x800000000000000027291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.747{ec2a2542-2972-6254-0000-000000000000}3134-man 534500x800000000000000027292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.748{00000000-0000-0000-0000-000000000000}3133<unknown process>man 534500x800000000000000027293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.752{00000000-0000-0000-0000-000000000000}3135<unknown process>man 534500x800000000000000027294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.759{ec2a2542-2972-6254-0000-000000000000}3136-man 534500x800000000000000027295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.760{ec2a2542-2972-6254-0000-000000000000}3138-man 534500x800000000000000027296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.761{ec2a2542-2972-6254-0000-000000000000}3137-man 534500x800000000000000027297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.764{00000000-0000-0000-0000-000000000000}3139<unknown process>man 534500x800000000000000027298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.767{00000000-0000-0000-0000-000000000000}3140<unknown process>man 534500x800000000000000027299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.768{ec2a2542-2972-6254-0000-000000000000}3142-man 534500x800000000000000027300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.769{ec2a2542-2972-6254-0000-000000000000}3141-man 534500x800000000000000027301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.774{00000000-0000-0000-0000-000000000000}3143<unknown process>man 534500x800000000000000027302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.777{00000000-0000-0000-0000-000000000000}3144<unknown process>man 534500x800000000000000027303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.778{ec2a2542-2972-6254-0000-000000000000}3146-man 534500x800000000000000027304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.779{ec2a2542-2972-6254-0000-000000000000}3145-man 534500x800000000000000027305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.783{00000000-0000-0000-0000-000000000000}3147<unknown process>man 534500x800000000000000027306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.789{00000000-0000-0000-0000-000000000000}3148<unknown process>man 534500x800000000000000027307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.790{ec2a2542-2972-6254-0000-000000000000}3150-man 534500x800000000000000027308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.797{ec2a2542-2972-6254-0000-000000000000}3149-man 534500x800000000000000027309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.802{ec2a2542-2972-6254-0000-000000000000}3151-man 534500x800000000000000027310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.807{ec2a2542-2972-6254-0000-000000000000}3152-man 534500x800000000000000027311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.808{ec2a2542-2972-6254-0000-000000000000}3154-man 534500x800000000000000027312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.809{ec2a2542-2972-6254-0000-000000000000}3153-man 534500x800000000000000027313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.813{ec2a2542-2972-6254-0000-000000000000}3155-man 534500x800000000000000027314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.816{ec2a2542-2972-6254-0000-000000000000}3156-man 534500x800000000000000027316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.818{ec2a2542-2972-6254-0000-000000000000}3157-man 534500x800000000000000027315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.818{ec2a2542-2972-6254-0000-000000000000}3158-man 534500x800000000000000027317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.822{ec2a2542-2972-6254-0000-000000000000}3159-man 534500x800000000000000027318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.825{ec2a2542-2972-6254-0000-000000000000}3160-man 534500x800000000000000027320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.826{ec2a2542-2972-6254-0000-000000000000}3161-man 534500x800000000000000027319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.826{ec2a2542-2972-6254-0000-000000000000}3162-man 534500x800000000000000027321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.830{00000000-0000-0000-0000-000000000000}3163<unknown process>man 534500x800000000000000027323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.835{ec2a2542-2972-6254-0000-000000000000}3166-man 534500x800000000000000027322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.835{ec2a2542-2972-6254-0000-000000000000}3164-man 534500x800000000000000027324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.836{ec2a2542-2972-6254-0000-000000000000}3165-man 534500x800000000000000027325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.839{ec2a2542-2972-6254-0000-000000000000}3167-man 534500x800000000000000027326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.864{00000000-0000-0000-0000-000000000000}3168<unknown process>man 534500x800000000000000027327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.865{ec2a2542-2972-6254-0000-000000000000}3170-man 534500x800000000000000027328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.866{ec2a2542-2972-6254-0000-000000000000}3169-man 23542300x800000000000000027329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.875{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/hu/3013--- 23542300x800000000000000027330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.876{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/da/3013--- 23542300x800000000000000027331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.877{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/cs/3013--- 23542300x800000000000000027332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.878{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/id/3013--- 23542300x800000000000000027333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.879{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/ru/3013--- 23542300x800000000000000027334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.881{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/sl/3013--- 23542300x800000000000000027335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.882{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/tr/3013--- 23542300x800000000000000027336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.883{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/zh_CN/3013--- 23542300x800000000000000027337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.884{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/it/3013--- 23542300x800000000000000027338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.886{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/ko/3013--- 23542300x800000000000000027339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.887{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/fi/3013--- 23542300x800000000000000027340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.888{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/ja/3013--- 23542300x800000000000000027341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.889{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/pt_BR/3013--- 23542300x800000000000000027342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.890{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/pl/3013--- 23542300x800000000000000027343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.892{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/sv/3013--- 23542300x800000000000000027344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.893{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/de/3013--- 23542300x800000000000000027345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.894{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/zh_TW/3013--- 23542300x800000000000000027346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.896{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/nl/3013--- 23542300x800000000000000027347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.897{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/pt/3013--- 23542300x800000000000000027348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.898{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/sr/3013--- 23542300x800000000000000027349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.900{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/es/3013--- 23542300x800000000000000027350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.901{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/fr/3013--- 23542300x800000000000000027351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.902{ec2a2542-2972-6254-98e7-52e7c2550000}3013man/usr/bin/mandb/var/cache/man/oldlocal/3013--- 534500x800000000000000027353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.903{ec2a2542-2972-6254-6812-172f7e550000}3012/bin/dashroot 534500x800000000000000027352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.903{ec2a2542-2972-6254-98e7-52e7c2550000}3013/usr/bin/perlman 154100x800000000000000027354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.914{ec2a2542-2972-6254-68c2-b6f8ae550000}3171/bin/dash-----/bin/sh /var/lib/dpkg/info/libc-bin.postinst triggered ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2972-6254-7091-5b1f40560000}3011/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.915{ec2a2542-2972-6254-b841-c1bfd07f0000}3172/sbin/ldconfig.real-----/sbin/ldconfig.real/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2972-6254-68c2-b6f8ae550000}3171/bin/dash/bin/shroot 154100x800000000000000027355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.915{ec2a2542-2972-6254-68b2-8da922560000}3172/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2972-6254-68c2-b6f8ae550000}3171/bin/dash/bin/shroot 534500x800000000000000027358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.928{ec2a2542-2972-6254-68c2-b6f8ae550000}3171/bin/dashroot 534500x800000000000000027357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.928{ec2a2542-2972-6254-68b2-8da922560000}3172/bin/dashroot 23542300x800000000000000027359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.967{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000027371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000027370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000027369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000027368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000027367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000027366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000027365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000027364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000027363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000027362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000027361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000027360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.969{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000027410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000027409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000027408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000027407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000027406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000027405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000027404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000027403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000027402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000027401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000027400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000027399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000027398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000027397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000027396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000027395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000027394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000027393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000027392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000027391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000027390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000027389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000027388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000027387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000027386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000027385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000027384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000027383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000027382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000027381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000027380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000027379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000027378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000027377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000027376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000027375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000027374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000027373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000027372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.970{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000027420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0060--- 23542300x800000000000000027419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0059--- 23542300x800000000000000027418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000027417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000027416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000027415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000027414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000027413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000027412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000027411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.971{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000027421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.974{ec2a2542-2972-6254-7091-5b1f40560000}3011root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 534500x800000000000000027422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.975{ec2a2542-2972-6254-7091-5b1f40560000}3011/usr/bin/dpkgroot 23542300x800000000000000027424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.976{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.huSVg3--- 23542300x800000000000000027423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.976{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/var/cache/apt/pkgcache.bin--- 23542300x800000000000000027425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.983{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.wovDqz--- 23542300x800000000000000027426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.988{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.tw6gB5--- 23542300x800000000000000027427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.990{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.AuWeMB--- 23542300x800000000000000027428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.992{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.fdztX7--- 23542300x800000000000000027429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.996{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.UDsr9D--- 23542300x800000000000000027430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:22.998{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.1VSGla--- 23542300x800000000000000027431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.002{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.wzSEyG--- 23542300x800000000000000027432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.004{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.XGpULc--- 23542300x800000000000000027433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.005{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.Ya0nZI--- 23542300x800000000000000027434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.007{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.Tgk5cf--- 23542300x800000000000000027435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.008{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.GG60qL--- 23542300x800000000000000027436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.009{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.h9RaFh--- 23542300x800000000000000027437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.011{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.ggZATN--- 23542300x800000000000000027438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.012{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.bIFh8j--- 23542300x800000000000000027439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.014{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.Uu7enQ--- 23542300x800000000000000027440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.016{ec2a2542-296b-6254-ccaf-57779a550000}2769root/usr/bin/apt-get/tmp/fileutl.message.7Z1uCm--- 154100x800000000000000027441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.017{ec2a2542-2973-6254-7041-61e458550000}3173/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 534500x800000000000000027442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.020{ec2a2542-2973-6254-7041-61e458550000}3173/usr/bin/dpkgroot 154100x800000000000000027443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.218{ec2a2542-2973-6254-7001-8407a5550000}3174/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 534500x800000000000000027444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.221{ec2a2542-2973-6254-7001-8407a5550000}3174/usr/bin/dpkgroot 154100x800000000000000027445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.318{ec2a2542-2973-6254-7031-2a89f9550000}3175/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 534500x800000000000000027446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.321{ec2a2542-2973-6254-7031-2a89f9550000}3175/usr/bin/dpkgroot 354300x800000000000000027447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.329{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34446-false10.0.1.12-8089- 154100x800000000000000027448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.344{ec2a2542-2973-6254-6882-f63465550000}3177/bin/dash-----sh -c if [ -d /var/lib/update-notifier ]; then touch /var/lib/update-notifier/dpkg-run-stamp; fi; /usr/lib/update-notifier/update-motd-updates-available 2>/dev/null || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3176--- 154100x800000000000000027449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.345{ec2a2542-2973-6254-10c0-533f95550000}3178/bin/touch-----touch /var/lib/update-notifier/dpkg-run-stamp/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6882-f63465550000}3177/bin/dashshroot 154100x800000000000000027451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.346{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6882-f63465550000}3177/bin/dashshroot 534500x800000000000000027450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.346{ec2a2542-2973-6254-10c0-533f95550000}3178/bin/touchroot 154100x800000000000000027452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.347{ec2a2542-2973-6254-7324-9d8643560000}3180/usr/bin/apt-config-----apt-config shell StateDir Dir::State/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 154100x800000000000000027453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.352{ec2a2542-2973-6254-7011-76085f550000}3181/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-7324-9d8643560000}3180/usr/bin/apt-configapt-configroot 534500x800000000000000027454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.354{ec2a2542-2973-6254-7011-76085f550000}3181/usr/bin/dpkgroot 154100x800000000000000027456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.355{ec2a2542-2973-6254-7344-ff2e1c560000}3182/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.355{ec2a2542-2973-6254-7324-9d8643560000}3180/usr/bin/apt-configroot 154100x800000000000000027457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.360{ec2a2542-2973-6254-7041-aa179e550000}3183/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-7344-ff2e1c560000}3182/usr/bin/apt-configapt-configroot 534500x800000000000000027458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.362{ec2a2542-2973-6254-7041-aa179e550000}3183/usr/bin/dpkgroot 154100x800000000000000027460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.363{ec2a2542-2973-6254-7304-b16f5a550000}3184/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.363{ec2a2542-2973-6254-7344-ff2e1c560000}3182/usr/bin/apt-configroot 154100x800000000000000027461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.367{ec2a2542-2973-6254-7001-a1ad17560000}3185/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-7304-b16f5a550000}3184/usr/bin/apt-configapt-configroot 534500x800000000000000027462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.370{ec2a2542-2973-6254-7001-a1ad17560000}3185/usr/bin/dpkgroot 154100x800000000000000027464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.371{ec2a2542-2973-6254-7374-e8d50c560000}3186/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.371{ec2a2542-2973-6254-7304-b16f5a550000}3184/usr/bin/apt-configroot 154100x800000000000000027465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.375{ec2a2542-2973-6254-7071-a10094550000}3187/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-7374-e8d50c560000}3186/usr/bin/apt-configapt-configroot 534500x800000000000000027466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.377{ec2a2542-2973-6254-7071-a10094550000}3187/usr/bin/dpkgroot 154100x800000000000000027468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.378{ec2a2542-2973-6254-7374-6b721e560000}3188/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.378{ec2a2542-2973-6254-7374-e8d50c560000}3186/usr/bin/apt-configroot 154100x800000000000000027469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.382{ec2a2542-2973-6254-7031-6f5b5c550000}3189/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-7374-6b721e560000}3188/usr/bin/apt-configapt-configroot 534500x800000000000000027470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.384{ec2a2542-2973-6254-7031-6f5b5c550000}3189/usr/bin/dpkgroot 154100x800000000000000027472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.386{ec2a2542-2973-6254-90f0-77bceb550000}3190/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/updates-available -print -quit/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.386{ec2a2542-2973-6254-7374-6b721e560000}3188/usr/bin/apt-configroot 154100x800000000000000027476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.387{ec2a2542-2973-6254-a800-48da6c550000}3191/bin/mktemp-----mktemp -p /var/lib/update-notifier/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.387{ec2a2542-2973-6254-90f0-77bceb550000}3190/usr/bin/findroot 534500x800000000000000027475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.388{ec2a2542-2973-6254-e8a8-53640d560000}3192/usr/bin/dirnameroot 154100x800000000000000027474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.388{ec2a2542-2973-6254-e8a8-53640d560000}3192/usr/bin/dirname-----dirname /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3191--- 154100x800000000000000027478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.389{ec2a2542-2973-6254-a036-7b0000000000}3193/usr/bin/python3.6-----/usr/bin/python3 /usr/lib/update-notifier/apt-check --human-readable/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.389{ec2a2542-2973-6254-a800-48da6c550000}3191/bin/mktemproot 154100x800000000000000027479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.558{ec2a2542-2973-6254-7021-f9ca45560000}3194/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-a036-7b0000000000}3193/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000027480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.560{ec2a2542-2973-6254-7021-f9ca45560000}3194/usr/bin/dpkgroot 23542300x800000000000000027481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.561{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.VNGC4N--- 23542300x800000000000000027482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.566{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.0aQXOl--- 23542300x800000000000000027483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.571{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.FvocAT--- 23542300x800000000000000027484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.573{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.s0VIlr--- 23542300x800000000000000027485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.574{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.FTqu7Y--- 23542300x800000000000000027486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.580{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.aXjaUw--- 23542300x800000000000000027487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.582{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.VddeH4--- 23542300x800000000000000027488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.588{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.UYUfvC--- 23542300x800000000000000027489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.589{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.VdDwja--- 23542300x800000000000000027490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.590{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.ymVZ7H--- 23542300x800000000000000027491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.592{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.v6SFWf--- 23542300x800000000000000027492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.593{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.eFFyLN--- 23542300x800000000000000027493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.594{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.TpTDAl--- 23542300x800000000000000027494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.595{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.Ir1XpT--- 23542300x800000000000000027495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.597{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.n8Rwfr--- 23542300x800000000000000027496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.600{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.4O0C5Y--- 154100x800000000000000027498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.602{ec2a2542-2973-6254-70f1-e2b969550000}3195/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-a036-7b0000000000}3193/usr/bin/python3.6/usr/bin/python3root 23542300x800000000000000027497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.602{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.JfEZVw--- 534500x800000000000000027499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:23.605{ec2a2542-2973-6254-70f1-e2b969550000}3195/usr/bin/dpkgroot 23542300x800000000000000027500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.071{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.IjEM35--- 23542300x800000000000000027501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.075{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.VoUhcF--- 23542300x800000000000000027502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.079{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.ItZtle--- 23542300x800000000000000027503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.081{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.PGPWuN--- 23542300x800000000000000027504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.082{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.MRQEEm--- 23542300x800000000000000027505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.086{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.leQ2OV--- 23542300x800000000000000027506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.088{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.yGrHZu--- 23542300x800000000000000027507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.092{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.Djq1a4--- 23542300x800000000000000027508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.093{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.W1kBmD--- 23542300x800000000000000027509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.095{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.Lqkoyc--- 23542300x800000000000000027510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.096{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.mdDoKL--- 23542300x800000000000000027511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.097{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.zEGBWk--- 23542300x800000000000000027512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.098{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.2et18T--- 23542300x800000000000000027513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.100{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.DCAGlt--- 23542300x800000000000000027514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.101{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.QcTAy2--- 23542300x800000000000000027515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.103{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.plkKLB--- 23542300x800000000000000027516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.104{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.UdJaZa--- 154100x800000000000000027517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.105{ec2a2542-2974-6254-70f1-167d2c560000}3196/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-a036-7b0000000000}3193/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000027518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.108{ec2a2542-2974-6254-70f1-167d2c560000}3196/usr/bin/dpkgroot 23542300x800000000000000027519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.370{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.BUWwVK--- 23542300x800000000000000027520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.376{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.qzCQSk--- 23542300x800000000000000027521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.380{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.JDRQQU--- 23542300x800000000000000027522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.381{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.OFW6Ou--- 23542300x800000000000000027523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.383{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.5s4BN4--- 23542300x800000000000000027524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.386{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.KjrMME--- 23542300x800000000000000027525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.388{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.DzJcMe--- 23542300x800000000000000027526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.392{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.6bAhMO--- 23542300x800000000000000027527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.393{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.T6eCMo--- 23542300x800000000000000027528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.395{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.gP09MY--- 23542300x800000000000000027529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.396{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.zfNUNy--- 23542300x800000000000000027530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.397{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.o0bSO8--- 23542300x800000000000000027531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.398{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.7Qh2PI--- 23542300x800000000000000027532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.400{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.CawrRi--- 23542300x800000000000000027533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.401{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.9zL5SS--- 23542300x800000000000000027534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.403{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.Us1YUs--- 23542300x800000000000000027535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.404{ec2a2542-2973-6254-a036-7b0000000000}3193root/usr/bin/python3.6/tmp/fileutl.message.HH18W2--- 534500x800000000000000027536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.558{ec2a2542-2973-6254-a036-7b0000000000}3193/usr/bin/python3.6root 154100x800000000000000027537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.559{ec2a2542-2974-6254-88db-9eef8b550000}3197/bin/mv-----mv /var/lib/update-notifier/tmp.tnx9fYHh3K /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 154100x800000000000000027539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.561{ec2a2542-2974-6254-7083-eaa48d550000}3198/bin/rm-----rm -f /var/lib/update-notifier/tmp.tnx9fYHh3K/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2973-6254-6832-326391550000}3179/bin/dash/bin/shroot 534500x800000000000000027538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.561{ec2a2542-2974-6254-88db-9eef8b550000}3197/bin/mvroot 534500x800000000000000027542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.562{ec2a2542-2973-6254-6882-f63465550000}3177/bin/dashroot 534500x800000000000000027541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.562{ec2a2542-2973-6254-6832-326391550000}3179/bin/dashroot 534500x800000000000000027540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.562{ec2a2542-2974-6254-7083-eaa48d550000}3198/bin/rmroot 23542300x800000000000000027545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.563{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/2.ref--- 23542300x800000000000000027544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.563{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/2--- 534500x800000000000000027543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.563{ec2a2542-2973-6254-0000-000000000000}3176-root 154100x800000000000000027546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.564{ec2a2542-2974-6254-6842-441ef0550000}3200/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3199--- 154100x800000000000000027547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.566{ec2a2542-2974-6254-ea6e-c27fbf550000}3201/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-6842-441ef0550000}3200/bin/dashshroot 534500x800000000000000027549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.569{ec2a2542-2974-6254-6842-441ef0550000}3200/bin/dashroot 534500x800000000000000027548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.569{ec2a2542-2974-6254-ea6e-c27fbf550000}3201/usr/lib/ubuntu-advantage/apt-esm-hookroot 534500x800000000000000027550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.570{ec2a2542-2974-6254-0000-000000000000}3199-root 154100x800000000000000027551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.571{ec2a2542-2974-6254-6822-95acbb550000}3202/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getapt-getroot 154100x800000000000000027559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.573{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-6822-95acbb550000}3202/bin/dash/bin/shroot 154100x800000000000000027552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.573{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-6822-95acbb550000}3202/bin/dash/bin/shroot 534500x800000000000000027558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.586{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.586{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.586{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.586{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.586{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.586{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.607{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.607{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.607{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.607{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.607{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.607{ec2a2542-2974-6254-70a8-8f24f7550000}3203/usr/bin/snaproot 534500x800000000000000027566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.608{ec2a2542-2974-6254-e424-9dbd64550000}3203/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.609{ec2a2542-2974-6254-6822-95acbb550000}3202/bin/dashroot 534500x800000000000000027568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.614{ec2a2542-296b-6254-ccaf-57779a550000}2769/usr/bin/apt-getroot 154100x800000000000000027570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.615{ec2a2542-2974-6254-08ae-51bf4f560000}3216/usr/bin/sudo-----sudo apt-get install gcc-mipsel-linux-gnu -y/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2766--- 534500x800000000000000027569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.615{ec2a2542-296b-6254-087e-8fa8c7550000}2767/usr/bin/sudoroot 354300x800000000000000027573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.619{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-39184-false10.0.0.2-53- 354300x800000000000000027572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.619{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-49790-false10.0.0.2-53- 354300x800000000000000027571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.619{ec2a2542-2974-6254-08ae-51bf4f560000}3216/usr/bin/sudoubuntuudptruefalse127.0.0.1-33241-false127.0.0.53-53- 354300x800000000000000027576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.620{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-56839- 354300x800000000000000027575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.620{ec2a2542-2974-6254-08ae-51bf4f560000}3216/usr/bin/sudoubuntuudptruefalse127.0.0.1-56839-false127.0.0.53-53- 354300x800000000000000027574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.620{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-33241- 154100x800000000000000027577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.623{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-get-----apt-get install gcc-mipsel-linux-gnu -y/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-08ae-51bf4f560000}3216/usr/bin/sudosudoubuntu 154100x800000000000000027578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.628{ec2a2542-2974-6254-70d1-4201a2550000}3218/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 23542300x800000000000000027580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.631{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.LIPBPO--- 534500x800000000000000027579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.631{ec2a2542-2974-6254-70d1-4201a2550000}3218/usr/bin/dpkgroot 23542300x800000000000000027581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.642{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.U203vp--- 23542300x800000000000000027582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.648{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.Pjfsd0--- 23542300x800000000000000027583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.649{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.OOT5UA--- 23542300x800000000000000027584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.651{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.rbpZCb--- 23542300x800000000000000027585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.656{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.Y9rJlM--- 23542300x800000000000000027586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.657{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.f97I4m--- 23542300x800000000000000027587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.661{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.qyspOX--- 23542300x800000000000000027588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.663{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.T1rlyy--- 23542300x800000000000000027589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.664{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.wUxui9--- 23542300x800000000000000027590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.665{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.1OPQ2J--- 23542300x800000000000000027591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.667{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.ofnqNk--- 23542300x800000000000000027592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.668{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.xiScyV--- 23542300x800000000000000027593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.670{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.UTdhjw--- 23542300x800000000000000027594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.671{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.T1mB46--- 23542300x800000000000000027595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.673{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.qaXaQH--- 23542300x800000000000000027596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.674{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.LbV1Bi--- 154100x800000000000000027597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.675{ec2a2542-2974-6254-7091-ee4b2f560000}3219/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 534500x800000000000000027598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:24.677{ec2a2542-2974-6254-7091-ee4b2f560000}3219/usr/bin/dpkgroot 154100x800000000000000027599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.118{ec2a2542-2975-6254-68f2-c2af21560000}3220/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 154100x800000000000000027607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.119{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-68f2-c2af21560000}3220/bin/dash/bin/shroot 154100x800000000000000027600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.119{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-68f2-c2af21560000}3220/bin/dash/bin/shroot 534500x800000000000000027605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.133{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.133{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.133{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.133{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.133{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.134{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.157{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.157{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.157{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.157{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.157{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.157{ec2a2542-2975-6254-70b8-58690c560000}3221/usr/bin/snaproot 534500x800000000000000027615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.158{ec2a2542-2975-6254-68f2-c2af21560000}3220/bin/dashroot 534500x800000000000000027614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.158{ec2a2542-2975-6254-e434-dfd954560000}3221/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000027616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.159{ec2a2542-2975-6254-68c2-8e1590550000}3235/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3234--- 154100x800000000000000027617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.160{ec2a2542-2975-6254-eaee-89703f560000}3236/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-68c2-8e1590550000}3235/bin/dashshroot 534500x800000000000000027620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.168{ec2a2542-2974-6254-0000-000000000000}3234-root 534500x800000000000000027619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.168{ec2a2542-2975-6254-68c2-8e1590550000}3235/bin/dashroot 534500x800000000000000027618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.168{ec2a2542-2975-6254-eaee-89703f560000}3236/usr/lib/ubuntu-advantage/apt-esm-hookroot 154100x800000000000000027621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.184{ec2a2542-2975-6254-b953-de107b550000}3237/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 534500x800000000000000027622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.190{ec2a2542-2975-6254-b953-de107b550000}3237/usr/lib/apt/methods/httproot 154100x800000000000000027623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.218{ec2a2542-2975-6254-6882-a242f0550000}3238/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 154100x800000000000000027631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.220{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-6882-a242f0550000}3238/bin/dash/bin/shroot 154100x800000000000000027624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.220{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-6882-a242f0550000}3238/bin/dash/bin/shroot 534500x800000000000000027630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.234{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.234{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.234{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.234{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.234{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.234{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-e434-5cac98550000}3239/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.254{ec2a2542-2975-6254-7068-8f553f560000}3239/usr/bin/snaproot 534500x800000000000000027639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.255{ec2a2542-2975-6254-6882-a242f0550000}3238/bin/dashroot 154100x800000000000000027640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.261{ec2a2542-2975-6254-6802-9ccd26560000}3252/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 154100x800000000000000027648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.262{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-6802-9ccd26560000}3252/bin/dash/bin/shroot 154100x800000000000000027641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.262{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-6802-9ccd26560000}3252/bin/dash/bin/shroot 534500x800000000000000027646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.280{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.280{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.280{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.280{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.281{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.281{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.304{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.304{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.304{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.304{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.304{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000027649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.304{ec2a2542-2975-6254-7048-b17f64550000}3253/usr/bin/snaproot 534500x800000000000000027656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.305{ec2a2542-2975-6254-6802-9ccd26560000}3252/bin/dashroot 534500x800000000000000027655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.305{ec2a2542-2975-6254-e444-27db7a550000}3253/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000027670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2975-6254-b9c3-c5d4f0550000}3266/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 23542300x800000000000000027669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.C1T72m--- 23542300x800000000000000027668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.dkEoyK--- 23542300x800000000000000027667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.M3HF37--- 23542300x800000000000000027666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.fa5Wyv--- 23542300x800000000000000027665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.qWJe4S--- 23542300x800000000000000027664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.vAIwzg--- 23542300x800000000000000027663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.OyZO4D--- 23542300x800000000000000027662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.bHz7z1--- 23542300x800000000000000027661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.A2qq5o--- 23542300x800000000000000027660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.38BJAM--- 23542300x800000000000000027659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.aD6259--- 23542300x800000000000000027658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.HHSmBx--- 23542300x800000000000000027657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.306{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.gL0G6U--- 354300x800000000000000027671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.314{ec2a2542-2975-6254-b9c3-c5d4f0550000}3266/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-41693-false127.0.0.53-53- 354300x800000000000000027675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.315{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-41115- 354300x800000000000000027674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.315{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-54472-false10.0.0.2-53- 354300x800000000000000027673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.315{ec2a2542-2975-6254-b9c3-c5d4f0550000}3266/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-41115-false127.0.0.53-53- 354300x800000000000000027672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.315{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-41693- 354300x800000000000000027676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.317{ec2a2542-2975-6254-b9c3-c5d4f0550000}3266/usr/lib/apt/methods/httproottcptruefalse10.0.1.20-43472-false52.15.158.54-80- 23542300x800000000000000027678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.796{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/log/apt/eipp.log.xz--- 534500x800000000000000027677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.796{ec2a2542-2975-6254-b9c3-c5d4f0550000}3266/usr/lib/apt/methods/http_apt 154100x800000000000000027679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.881{ec2a2542-2975-6254-68c2-714bcb550000}3267/bin/dash-----/bin/sh -c /usr/sbin/dpkg-preconfigure --apt || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 154100x800000000000000027680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.882{ec2a2542-2975-6254-98d7-4a9d47560000}3268/usr/bin/perl-----/usr/bin/perl -w /usr/sbin/dpkg-preconfigure --apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-68c2-714bcb550000}3267/bin/dash/bin/shroot 154100x800000000000000027681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.917{ec2a2542-2975-6254-30b0-4e029f550000}3269/usr/bin/locale-----locale charmap/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-98d7-4a9d47560000}3268/usr/bin/perl/usr/bin/perlroot 534500x800000000000000027682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.918{ec2a2542-2975-6254-30b0-4e029f550000}3269/usr/bin/localeroot 154100x800000000000000027683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.975{ec2a2542-2975-6254-6832-97dcb8550000}3270/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-98d7-4a9d47560000}3268/usr/bin/perl/usr/bin/perlroot 154100x800000000000000027684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.976{ec2a2542-2975-6254-f02e-2b73b7550000}3271/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-6832-97dcb8550000}3270/bin/dashshroot 154100x800000000000000027687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.977{ec2a2542-2975-6254-6862-952665550000}3272/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-98d7-4a9d47560000}3268/usr/bin/perl/usr/bin/perlroot 534500x800000000000000027686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.977{ec2a2542-2975-6254-6832-97dcb8550000}3270/bin/dashroot 534500x800000000000000027685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.977{ec2a2542-2975-6254-f02e-2b73b7550000}3271/bin/sttyroot 154100x800000000000000027688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.978{ec2a2542-2975-6254-f09e-6ae1dc550000}3273/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-6862-952665550000}3272/bin/dashshroot 534500x800000000000000027690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.980{ec2a2542-2975-6254-6862-952665550000}3272/bin/dashroot 534500x800000000000000027689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.980{ec2a2542-2975-6254-f09e-6ae1dc550000}3273/bin/sttyroot 154100x800000000000000027691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.981{ec2a2542-2975-6254-33f1-36d2e6550000}3275/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/gcc-7-mipsel-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/cache/apt/archives/cpp-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/cache/apt/archives/cpp-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/cache/apt/archives/binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb /var/cache/apt/archives/libc6-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb /var/cache/apt/archives/libgcc1-mipsel-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libgomp1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libatomic1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/libgcc-7-dev-mipsel-cross_7.5.0-3ubuntu1~18.04cross1_all.deb /var/cache/apt/archives/gcc-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/cache/apt/archives/gcc-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/cache/apt/archives/linux-libc-dev-mipsel-cross_4.15.0-35.38cross1.2_all.deb /var/cache/apt/archives/libc6-dev-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3274--- 154100x800000000000000027692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.989{ec2a2542-2975-6254-7091-21fcad550000}3276/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-33f1-36d2e6550000}3275/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000027694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.991{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.YUUzki--- 534500x800000000000000027693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.991{ec2a2542-2975-6254-7091-21fcad550000}3276/usr/bin/dpkgroot 23542300x800000000000000027695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:25.997{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.HO48HW--- 23542300x800000000000000027696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.002{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.sYxz6A--- 23542300x800000000000000027697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.004{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Tw3lvf--- 23542300x800000000000000027698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.005{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.M7zpUT--- 23542300x800000000000000027699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.010{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.3W1eky--- 23542300x800000000000000027700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.012{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.KsIqKc--- 23542300x800000000000000027701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.017{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Z9AobR--- 23542300x800000000000000027702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.018{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.GQ0BCv--- 23542300x800000000000000027703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.020{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Pfja49--- 23542300x800000000000000027704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.021{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.EUdWvO--- 23542300x800000000000000027705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.023{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.nJD2Xs--- 23542300x800000000000000027706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.025{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.0b6qq7--- 23542300x800000000000000027707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.027{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.dn9aTL--- 23542300x800000000000000027708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.029{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Euccmq--- 23542300x800000000000000027709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.031{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.1vpxP4--- 23542300x800000000000000027710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.033{ec2a2542-2975-6254-33f1-36d2e6550000}3275root/usr/bin/apt-extracttemplates/tmp/fileutl.message.mTudjJ--- 154100x800000000000000027711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.034{ec2a2542-2976-6254-7081-d73943560000}3277/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-33f1-36d2e6550000}3275/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000027712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.036{ec2a2542-2976-6254-7081-d73943560000}3277/usr/bin/dpkgroot 154100x800000000000000027713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.064{ec2a2542-2976-6254-70e1-d112af550000}3278/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2975-6254-33f1-36d2e6550000}3275/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000027714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.067{ec2a2542-2976-6254-70e1-d112af550000}3278/usr/bin/dpkgroot 534500x800000000000000027715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.104{ec2a2542-2975-6254-33f1-36d2e6550000}3275/usr/bin/apt-extracttemplatesroot 534500x800000000000000027716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.116{ec2a2542-2975-6254-0000-000000000000}3274-root 534500x800000000000000027718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.122{ec2a2542-2975-6254-68c2-714bcb550000}3267/bin/dashroot 534500x800000000000000027717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.122{ec2a2542-2975-6254-98d7-4a9d47560000}3268/usr/bin/perlroot 154100x800000000000000027719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.157{ec2a2542-2976-6254-70a1-239020560000}3279/usr/bin/dpkg-----/usr/bin/dpkg --assert-multi-arch/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 534500x800000000000000027720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.167{ec2a2542-2976-6254-70a1-239020560000}3279/usr/bin/dpkgroot 154100x800000000000000027721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.174{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --no-triggers --unpack --auto-deconfigure --recursive /tmp/apt-dpkg-install-UoEDCG/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 154100x800000000000000027722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.188{ec2a2542-2976-6254-d85f-470acf550000}3281/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/00-gcc-7-mipsel-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.189{ec2a2542-2976-6254-d85f-470acf550000}3281/usr/bin/dpkg-splitroot 154100x800000000000000027724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.190{ec2a2542-2976-6254-408a-90e8c0550000}3282/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/00-gcc-7-mipsel-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.194{ec2a2542-2976-6254-b003-2843d3550000}3285/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-408a-90e8c0550000}3282/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.194{ec2a2542-2976-6254-0000-000000000000}3283-root 534500x800000000000000027727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.195{ec2a2542-2976-6254-0000-000000000000}3284-root 534500x800000000000000027728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.196{ec2a2542-2976-6254-b003-2843d3550000}3285/bin/tarroot 534500x800000000000000027729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.197{ec2a2542-2976-6254-408a-90e8c0550000}3282/usr/bin/dpkg-debroot 154100x800000000000000027730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.256{ec2a2542-2976-6254-404a-1ae0f8550000}3286/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/00-gcc-7-mipsel-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.258{ec2a2542-2976-6254-0000-000000000000}3287-root 534500x800000000000000027733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.261{ec2a2542-2976-6254-404a-1ae0f8550000}3286/usr/bin/dpkg-debroot 534500x800000000000000027732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.261{00000000-0000-0000-0000-000000000000}3288<unknown process>root 154100x800000000000000027734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.280{ec2a2542-2976-6254-7043-d3f133560000}3289/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.284{ec2a2542-2976-6254-7043-d3f133560000}3289/bin/rmroot 23542300x800000000000000027735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.284{ec2a2542-2976-6254-7043-d3f133560000}3289root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.285{ec2a2542-2976-6254-d80f-c25a73550000}3290/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/01-cpp-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.286{ec2a2542-2976-6254-d80f-c25a73550000}3290/usr/bin/dpkg-splitroot 154100x800000000000000027739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.287{ec2a2542-2976-6254-406a-5a1f3b560000}3291/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/01-cpp-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.288{ec2a2542-2976-6254-b0a3-711287550000}3294/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-406a-5a1f3b560000}3291/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.288{ec2a2542-2976-6254-0000-000000000000}3292-root 534500x800000000000000027742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.296{ec2a2542-2976-6254-0000-000000000000}3293-root 534500x800000000000000027744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.297{ec2a2542-2976-6254-406a-5a1f3b560000}3291/usr/bin/dpkg-debroot 534500x800000000000000027743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.297{ec2a2542-2976-6254-b0a3-711287550000}3294/bin/tarroot 154100x800000000000000027745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.318{ec2a2542-2976-6254-68d2-2d5886550000}3295/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.319{ec2a2542-2976-6254-403a-c2eca4550000}3296/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/01-cpp-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:26.319{ec2a2542-2976-6254-68d2-2d5886550000}3295/bin/dashroot 534500x800000000000000027748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.001{ec2a2542-2976-6254-0000-000000000000}3297-root 534500x800000000000000027749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.008{00000000-0000-0000-0000-000000000000}3298<unknown process>root 534500x800000000000000027750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.009{ec2a2542-2976-6254-403a-c2eca4550000}3296/usr/bin/dpkg-debroot 154100x800000000000000027751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.160{ec2a2542-2977-6254-7053-34c0dd550000}3299/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.162{ec2a2542-2977-6254-d85f-83761b560000}3300/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/02-cpp-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.162{ec2a2542-2977-6254-7053-34c0dd550000}3299/bin/rmroot 23542300x800000000000000027752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.162{ec2a2542-2977-6254-7053-34c0dd550000}3299root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000027755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.163{ec2a2542-2977-6254-d85f-83761b560000}3300/usr/bin/dpkg-splitroot 154100x800000000000000027756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.164{ec2a2542-2977-6254-40fa-f859ff550000}3301/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/02-cpp-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.165{ec2a2542-2977-6254-b083-69d329560000}3304/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-40fa-f859ff550000}3301/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.166{ec2a2542-2977-6254-0000-000000000000}3303-root 534500x800000000000000027757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.166{ec2a2542-2977-6254-0000-000000000000}3302-root 534500x800000000000000027761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.168{ec2a2542-2977-6254-40fa-f859ff550000}3301/usr/bin/dpkg-debroot 534500x800000000000000027760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.168{ec2a2542-2977-6254-b083-69d329560000}3304/bin/tarroot 154100x800000000000000027762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.183{ec2a2542-2977-6254-40ea-5c17b9550000}3305/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/02-cpp-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.184{ec2a2542-2977-6254-0000-000000000000}3306-root 534500x800000000000000027765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.187{ec2a2542-2977-6254-40ea-5c17b9550000}3305/usr/bin/dpkg-debroot 534500x800000000000000027764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.187{ec2a2542-2977-6254-0000-000000000000}3307-root 154100x800000000000000027766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.203{ec2a2542-2977-6254-7063-dafa82550000}3308/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.206{ec2a2542-2977-6254-d85f-2c64d9550000}3309/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/03-binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.206{ec2a2542-2977-6254-7063-dafa82550000}3308/bin/rmroot 23542300x800000000000000027767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.206{ec2a2542-2977-6254-7063-dafa82550000}3308root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000027770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.208{ec2a2542-2977-6254-d85f-2c64d9550000}3309/usr/bin/dpkg-splitroot 154100x800000000000000027771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.209{ec2a2542-2977-6254-404a-ace09b550000}3310/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/03-binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.210{ec2a2542-2977-6254-b0e3-fd6eb7550000}3313/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-404a-ace09b550000}3310/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.210{ec2a2542-2977-6254-0000-000000000000}3311-root 534500x800000000000000027773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.211{ec2a2542-2977-6254-0000-000000000000}3312-root 534500x800000000000000027775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.217{ec2a2542-2977-6254-b0e3-fd6eb7550000}3313/bin/tarroot 534500x800000000000000027776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.218{ec2a2542-2977-6254-404a-ace09b550000}3310/usr/bin/dpkg-debroot 154100x800000000000000027777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.237{ec2a2542-2977-6254-401a-12eebc550000}3314/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/03-binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.558{ec2a2542-2977-6254-0000-000000000000}3315-root 534500x800000000000000027780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.565{ec2a2542-2977-6254-401a-12eebc550000}3314/usr/bin/dpkg-debroot 534500x800000000000000027779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.565{00000000-0000-0000-0000-000000000000}3316<unknown process>root 154100x800000000000000027781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.613{ec2a2542-2977-6254-7023-bc29b6550000}3317/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000027782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.615{ec2a2542-2977-6254-7023-bc29b6550000}3317root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.616{ec2a2542-2977-6254-d89f-62dab0550000}3318/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/04-libc6-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.616{ec2a2542-2977-6254-7023-bc29b6550000}3317/bin/rmroot 154100x800000000000000027786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.617{ec2a2542-2977-6254-405a-f6d680550000}3319/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/04-libc6-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.617{ec2a2542-2977-6254-d89f-62dab0550000}3318/usr/bin/dpkg-splitroot 154100x800000000000000027788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.619{ec2a2542-2977-6254-b0f3-a46798550000}3322/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-405a-f6d680550000}3319/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.619{ec2a2542-2977-6254-0000-000000000000}3320-root 534500x800000000000000027789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.620{ec2a2542-2977-6254-0000-000000000000}3321-root 534500x800000000000000027790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.622{ec2a2542-2977-6254-b0f3-a46798550000}3322/bin/tarroot 534500x800000000000000027791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.623{ec2a2542-2977-6254-405a-f6d680550000}3319/usr/bin/dpkg-debroot 154100x800000000000000027792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.640{ec2a2542-2977-6254-408a-66f947560000}3323/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/04-libc6-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 354300x800000000000000027793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.720{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54740-false10.0.1.12-8000- 534500x800000000000000027794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.760{ec2a2542-2977-6254-0000-000000000000}3324-root 534500x800000000000000027796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.775{ec2a2542-2977-6254-408a-66f947560000}3323/usr/bin/dpkg-debroot 534500x800000000000000027795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.775{00000000-0000-0000-0000-000000000000}3325<unknown process>root 154100x800000000000000027797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.796{ec2a2542-2977-6254-70d3-fc1412560000}3326/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000027798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.797{ec2a2542-2977-6254-70d3-fc1412560000}3326root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.799{ec2a2542-2977-6254-d8ef-24794d560000}3327/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/05-libgcc1-mipsel-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.799{ec2a2542-2977-6254-70d3-fc1412560000}3326/bin/rmroot 154100x800000000000000027802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.801{ec2a2542-2977-6254-40fa-e39c21560000}3328/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/05-libgcc1-mipsel-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.801{ec2a2542-2977-6254-d8ef-24794d560000}3327/usr/bin/dpkg-splitroot 154100x800000000000000027804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.803{ec2a2542-2977-6254-b033-c08523560000}3331/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-40fa-e39c21560000}3328/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.803{ec2a2542-2977-6254-0000-000000000000}3329-root 534500x800000000000000027805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.804{ec2a2542-2977-6254-0000-000000000000}3330-root 534500x800000000000000027807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.806{ec2a2542-2977-6254-40fa-e39c21560000}3328/usr/bin/dpkg-debroot 534500x800000000000000027806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.806{ec2a2542-2977-6254-b033-c08523560000}3331/bin/tarroot 154100x800000000000000027808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.826{ec2a2542-2977-6254-400a-336ee7550000}3332/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/05-libgcc1-mipsel-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.828{ec2a2542-2977-6254-0000-000000000000}3333-root 534500x800000000000000027811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.834{ec2a2542-2977-6254-400a-336ee7550000}3332/usr/bin/dpkg-debroot 534500x800000000000000027810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.834{00000000-0000-0000-0000-000000000000}3334<unknown process>root 154100x800000000000000027812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.853{ec2a2542-2977-6254-70b3-ff0133560000}3335/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.854{ec2a2542-2977-6254-d8bf-b21203560000}3336/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/06-libgomp1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.854{ec2a2542-2977-6254-70b3-ff0133560000}3335/bin/rmroot 23542300x800000000000000027813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.854{ec2a2542-2977-6254-70b3-ff0133560000}3335root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.856{ec2a2542-2977-6254-409a-ab4d98550000}3337/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/06-libgomp1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.856{ec2a2542-2977-6254-d8bf-b21203560000}3336/usr/bin/dpkg-splitroot 154100x800000000000000027819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.860{ec2a2542-2977-6254-b0c3-e1694d560000}3340/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-409a-ab4d98550000}3337/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.860{ec2a2542-2977-6254-0000-000000000000}3338-root 534500x800000000000000027820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.861{ec2a2542-2977-6254-0000-000000000000}3339-root 534500x800000000000000027822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.863{ec2a2542-2977-6254-409a-ab4d98550000}3337/usr/bin/dpkg-debroot 534500x800000000000000027821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.863{ec2a2542-2977-6254-b0c3-e1694d560000}3340/bin/tarroot 154100x800000000000000027823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.884{ec2a2542-2977-6254-406a-92d4ff550000}3341/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/06-libgomp1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.888{ec2a2542-2977-6254-0000-000000000000}3342-root 534500x800000000000000027826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.894{ec2a2542-2977-6254-406a-92d4ff550000}3341/usr/bin/dpkg-debroot 534500x800000000000000027825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.894{00000000-0000-0000-0000-000000000000}3343<unknown process>root 154100x800000000000000027827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.912{ec2a2542-2977-6254-7053-99f195550000}3344/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.913{ec2a2542-2977-6254-d8df-b69b98550000}3345/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/07-libatomic1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.913{ec2a2542-2977-6254-7053-99f195550000}3344/bin/rmroot 23542300x800000000000000027828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.913{ec2a2542-2977-6254-7053-99f195550000}3344root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.915{ec2a2542-2977-6254-406a-d739ca550000}3346/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/07-libatomic1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.915{ec2a2542-2977-6254-d8df-b69b98550000}3345/usr/bin/dpkg-splitroot 154100x800000000000000027834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.916{ec2a2542-2977-6254-b033-61b9d7550000}3349/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-406a-d739ca550000}3346/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.917{ec2a2542-2977-6254-0000-000000000000}3348-root 534500x800000000000000027833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.917{ec2a2542-2977-6254-0000-000000000000}3347-root 534500x800000000000000027836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.919{ec2a2542-2977-6254-b033-61b9d7550000}3349/bin/tarroot 534500x800000000000000027837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.920{ec2a2542-2977-6254-406a-d739ca550000}3346/usr/bin/dpkg-debroot 154100x800000000000000027838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.935{ec2a2542-2977-6254-404a-2208c5550000}3350/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/07-libatomic1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.937{ec2a2542-2977-6254-0000-000000000000}3351-root 534500x800000000000000027841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.938{ec2a2542-2977-6254-404a-2208c5550000}3350/usr/bin/dpkg-debroot 534500x800000000000000027840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.938{00000000-0000-0000-0000-000000000000}3352<unknown process>root 154100x800000000000000027842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.957{ec2a2542-2977-6254-7083-8d1ff4550000}3353/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.959{ec2a2542-2977-6254-d89f-c58e72550000}3354/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/08-libgcc-7-dev-mipsel-cross_7.5.0-3ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.959{ec2a2542-2977-6254-7083-8d1ff4550000}3353/bin/rmroot 23542300x800000000000000027843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.959{ec2a2542-2977-6254-7083-8d1ff4550000}3353root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.961{ec2a2542-2977-6254-404a-835c15560000}3355/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/08-libgcc-7-dev-mipsel-cross_7.5.0-3ubuntu1~18.04cross1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.961{ec2a2542-2977-6254-d89f-c58e72550000}3354/usr/bin/dpkg-splitroot 154100x800000000000000027849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.963{ec2a2542-2977-6254-b003-da4863550000}3358/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2977-6254-404a-835c15560000}3355/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.963{ec2a2542-2977-6254-0000-000000000000}3356-root 534500x800000000000000027850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.964{ec2a2542-2977-6254-0000-000000000000}3357-root 534500x800000000000000027852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.965{ec2a2542-2977-6254-404a-835c15560000}3355/usr/bin/dpkg-debroot 534500x800000000000000027851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.965{ec2a2542-2977-6254-b003-da4863550000}3358/bin/tarroot 154100x800000000000000027853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:27.981{ec2a2542-2977-6254-40aa-01d082550000}3359/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/08-libgcc-7-dev-mipsel-cross_7.5.0-3ubuntu1~18.04cross1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.015{ec2a2542-2977-6254-0000-000000000000}3360-root 534500x800000000000000027856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.024{ec2a2542-2977-6254-40aa-01d082550000}3359/usr/bin/dpkg-debroot 534500x800000000000000027855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.024{00000000-0000-0000-0000-000000000000}3361<unknown process>root 154100x800000000000000027857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.075{ec2a2542-2978-6254-7023-fea229560000}3362/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.076{ec2a2542-2978-6254-d8bf-ef0593550000}3363/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/09-gcc-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.076{ec2a2542-2978-6254-7023-fea229560000}3362/bin/rmroot 23542300x800000000000000027858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.076{ec2a2542-2978-6254-7023-fea229560000}3362root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.078{ec2a2542-2978-6254-408a-070adc550000}3364/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/09-gcc-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.078{ec2a2542-2978-6254-d8bf-ef0593550000}3363/usr/bin/dpkg-splitroot 154100x800000000000000027864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.080{ec2a2542-2978-6254-b0a3-e68954560000}3367/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2978-6254-408a-070adc550000}3364/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.081{ec2a2542-2978-6254-0000-000000000000}3366-root 534500x800000000000000027863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.081{ec2a2542-2978-6254-0000-000000000000}3365-root 534500x800000000000000027866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.084{ec2a2542-2978-6254-b0a3-e68954560000}3367/bin/tarroot 534500x800000000000000027867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.086{ec2a2542-2978-6254-408a-070adc550000}3364/usr/bin/dpkg-debroot 154100x800000000000000027868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.105{ec2a2542-2978-6254-68e2-d33dfa550000}3368/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.106{ec2a2542-2978-6254-400a-668d4e560000}3369/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/09-gcc-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.106{ec2a2542-2978-6254-68e2-d33dfa550000}3368/bin/dashroot 534500x800000000000000027871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.777{ec2a2542-2978-6254-0000-000000000000}3370-root 534500x800000000000000027873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.782{ec2a2542-2978-6254-400a-668d4e560000}3369/usr/bin/dpkg-debroot 534500x800000000000000027872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.782{00000000-0000-0000-0000-000000000000}3371<unknown process>root 154100x800000000000000027874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.808{ec2a2542-2978-6254-7063-0400ca550000}3372/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000027875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.809{ec2a2542-2978-6254-7063-0400ca550000}3372root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.810{ec2a2542-2978-6254-d89f-29bc09560000}3373/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/10-gcc-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.810{ec2a2542-2978-6254-7063-0400ca550000}3372/bin/rmroot 154100x800000000000000027879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.811{ec2a2542-2978-6254-408a-8cfacb550000}3374/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/10-gcc-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.811{ec2a2542-2978-6254-d89f-29bc09560000}3373/usr/bin/dpkg-splitroot 154100x800000000000000027881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.813{ec2a2542-2978-6254-b0f3-588321560000}3377/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2978-6254-408a-8cfacb550000}3374/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.813{ec2a2542-2978-6254-0000-000000000000}3375-root 534500x800000000000000027882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.814{ec2a2542-2978-6254-0000-000000000000}3376-root 534500x800000000000000027883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.816{ec2a2542-2978-6254-b0f3-588321560000}3377/bin/tarroot 534500x800000000000000027884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.820{ec2a2542-2978-6254-408a-8cfacb550000}3374/usr/bin/dpkg-debroot 154100x800000000000000027885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.834{ec2a2542-2978-6254-405a-9d6bdc550000}3378/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/10-gcc-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.836{ec2a2542-2978-6254-0000-000000000000}3379-root 534500x800000000000000027888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.837{ec2a2542-2978-6254-405a-9d6bdc550000}3378/usr/bin/dpkg-debroot 534500x800000000000000027887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.837{00000000-0000-0000-0000-000000000000}3380<unknown process>root 154100x800000000000000027889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.857{ec2a2542-2978-6254-7053-55087b550000}3381/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.859{ec2a2542-2978-6254-d8df-3e32ac550000}3382/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/11-linux-libc-dev-mipsel-cross_4.15.0-35.38cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.859{ec2a2542-2978-6254-7053-55087b550000}3381/bin/rmroot 23542300x800000000000000027890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.859{ec2a2542-2978-6254-7053-55087b550000}3381root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.861{ec2a2542-2978-6254-40fa-b4d55b550000}3383/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/11-linux-libc-dev-mipsel-cross_4.15.0-35.38cross1.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.861{ec2a2542-2978-6254-d8df-3e32ac550000}3382/usr/bin/dpkg-splitroot 154100x800000000000000027896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.863{ec2a2542-2978-6254-b0e3-5e392b560000}3386/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2978-6254-40fa-b4d55b550000}3383/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.863{ec2a2542-2978-6254-0000-000000000000}3384-root 534500x800000000000000027897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.866{ec2a2542-2978-6254-0000-000000000000}3385-root 534500x800000000000000027899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.867{ec2a2542-2978-6254-40fa-b4d55b550000}3383/usr/bin/dpkg-debroot 534500x800000000000000027898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.867{ec2a2542-2978-6254-b0e3-5e392b560000}3386/bin/tarroot 154100x800000000000000027900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:28.905{ec2a2542-2978-6254-40fa-ac04ca550000}3387/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/11-linux-libc-dev-mipsel-cross_4.15.0-35.38cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.236{ec2a2542-2978-6254-0000-000000000000}3388-root 534500x800000000000000027903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.248{ec2a2542-2978-6254-40fa-ac04ca550000}3387/usr/bin/dpkg-debroot 534500x800000000000000027902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.248{00000000-0000-0000-0000-000000000000}3389<unknown process>root 154100x800000000000000027904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.299{ec2a2542-2979-6254-70f3-205658550000}3390/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000027905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.300{ec2a2542-2979-6254-70f3-205658550000}3390root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000027907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.301{ec2a2542-2979-6254-d84f-7cc955550000}3391/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-UoEDCG/12-libc6-dev-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.301{ec2a2542-2979-6254-70f3-205658550000}3390/bin/rmroot 534500x800000000000000027908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.302{ec2a2542-2979-6254-d84f-7cc955550000}3391/usr/bin/dpkg-splitroot 154100x800000000000000027909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.303{ec2a2542-2979-6254-40fa-ccac59550000}3392/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-UoEDCG/12-libc6-dev-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.304{ec2a2542-2979-6254-b033-691196550000}3395/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2979-6254-40fa-ccac59550000}3392/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000027910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.304{ec2a2542-2979-6254-0000-000000000000}3393-root 534500x800000000000000027912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.307{ec2a2542-2979-6254-0000-000000000000}3394-root 534500x800000000000000027913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.308{ec2a2542-2979-6254-b033-691196550000}3395/bin/tarroot 534500x800000000000000027914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.309{ec2a2542-2979-6254-40fa-ccac59550000}3392/usr/bin/dpkg-debroot 154100x800000000000000027915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.326{ec2a2542-2979-6254-400a-fe507f550000}3396/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-UoEDCG/12-libc6-dev-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.679{ec2a2542-2979-6254-0000-000000000000}3397-root 534500x800000000000000027918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.690{ec2a2542-2979-6254-400a-fe507f550000}3396/usr/bin/dpkg-debroot 534500x800000000000000027917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.690{00000000-0000-0000-0000-000000000000}3398<unknown process>root 154100x800000000000000027919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.744{ec2a2542-2979-6254-7003-752763550000}3399/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000027921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.746{ec2a2542-2979-6254-7003-752763550000}3399/bin/rmroot 23542300x800000000000000027920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.746{ec2a2542-2979-6254-7003-752763550000}3399root/bin/rm/var/lib/dpkg/tmp.ci/control--- 23542300x800000000000000027922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.753{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000027934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000027933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000027932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000027931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000027930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000027929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000027928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000027927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000027926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000027925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000027924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000027923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.755{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000027963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000027962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000027961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000027960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000027959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000027958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000027957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000027956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000027955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000027954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000027953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000027952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000027951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000027950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000027949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000027948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000027947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000027946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000027945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000027944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000027943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000027942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000027941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000027940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000027939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000027938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000027937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000027936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000027935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.756{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000027964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.759{ec2a2542-2976-6254-7061-3eb7bf550000}3280root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 534500x800000000000000027965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.761{ec2a2542-2976-6254-7061-3eb7bf550000}3280/usr/bin/dpkgroot 23542300x800000000000000027977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/05-libgcc1-mipsel-cross_1%3a8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/03-binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb--- 23542300x800000000000000027975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/09-gcc-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb--- 23542300x800000000000000027974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/02-cpp-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb--- 23542300x800000000000000027973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/06-libgomp1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/10-gcc-mipsel-linux-gnu_4%3a7.4.0-1ubuntu1.3_amd64.deb--- 23542300x800000000000000027971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/07-libatomic1-mipsel-cross_8.4.0-1ubuntu1~18.04cross1_all.deb--- 23542300x800000000000000027970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/04-libc6-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb--- 23542300x800000000000000027969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/11-linux-libc-dev-mipsel-cross_4.15.0-35.38cross1.2_all.deb--- 23542300x800000000000000027968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/00-gcc-7-mipsel-linux-gnu-base_7.5.0-3ubuntu1~18.04cross1_amd64.deb--- 23542300x800000000000000027967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/01-cpp-7-mipsel-linux-gnu_7.5.0-3ubuntu1~18.04cross1_amd64.deb--- 23542300x800000000000000027966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.763{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/08-libgcc-7-dev-mipsel-cross_7.5.0-3ubuntu1~18.04cross1_all.deb--- 154100x800000000000000027979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.764{ec2a2542-2979-6254-7021-5be5cd550000}3400/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --configure --pending/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 23542300x800000000000000027978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.764{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/apt-dpkg-install-UoEDCG/12-libc6-dev-mipsel-cross_2.27-3ubuntu1cross1.2_all.deb--- 154100x800000000000000027980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.938{ec2a2542-2979-6254-6832-b9a05f550000}3401/bin/dash-----/bin/sh /var/lib/dpkg/info/libc-bin.postinst triggered ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2979-6254-7021-5be5cd550000}3400/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.940{ec2a2542-2979-6254-b8a1-ecb6887f0000}3402/sbin/ldconfig.real-----/sbin/ldconfig.real/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2979-6254-6832-b9a05f550000}3401/bin/dash/bin/shroot 154100x800000000000000027981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.940{ec2a2542-2979-6254-68b2-554fef550000}3402/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2979-6254-6832-b9a05f550000}3401/bin/dash/bin/shroot 534500x800000000000000027984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.949{ec2a2542-2979-6254-6832-b9a05f550000}3401/bin/dashroot 534500x800000000000000027983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.949{ec2a2542-2979-6254-68b2-554fef550000}3402/bin/dashroot 154100x800000000000000027985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.959{ec2a2542-2979-6254-6842-68aa26560000}3403/bin/dash-----/bin/sh /var/lib/dpkg/info/man-db.postinst triggered /usr/share/man/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2979-6254-7021-5be5cd550000}3400/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000027987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.961{ec2a2542-2979-6254-804a-2e46b2550000}3404/usr/bin/mandb-----/usr/bin/mandb -pq/man{ec2a2542-0000-0000-0600-000001000000}64no level-{ec2a2542-2979-6254-6842-68aa26560000}3403/bin/dash/bin/shroot 154100x800000000000000027986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.961{ec2a2542-2979-6254-9837-dd7634560000}3404/usr/bin/perl-----perl -e @pwd = getpwnam("man"); $) = $( = $pwd[3]; $> = $< = $pwd[2]; exec "/usr/bin/mandb", @ARGV -- -pq/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2979-6254-6842-68aa26560000}3403/bin/dash/bin/shroot 534500x800000000000000027988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.990{00000000-0000-0000-0000-000000000000}3405<unknown process>man 534500x800000000000000027990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.994{ec2a2542-2979-6254-0000-000000000000}3408-man 534500x800000000000000027989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.994{00000000-0000-0000-0000-000000000000}3406<unknown process>man 534500x800000000000000027991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:29.995{ec2a2542-2979-6254-0000-000000000000}3407-man 534500x800000000000000027992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.001{00000000-0000-0000-0000-000000000000}3409<unknown process>man 534500x800000000000000027993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.010{ec2a2542-2979-6254-0000-000000000000}3410-man 534500x800000000000000027995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.011{00000000-0000-0000-0000-000000000000}3411<unknown process>man 534500x800000000000000027994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.011{ec2a2542-2979-6254-0000-000000000000}3412-man 534500x800000000000000027996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.015{00000000-0000-0000-0000-000000000000}3413<unknown process>man 534500x800000000000000027997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.018{00000000-0000-0000-0000-000000000000}3414<unknown process>man 534500x800000000000000027999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.019{ec2a2542-297a-6254-0000-000000000000}3415-man 534500x800000000000000027998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.019{ec2a2542-297a-6254-0000-000000000000}3416-man 534500x800000000000000028000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.025{00000000-0000-0000-0000-000000000000}3417<unknown process>man 534500x800000000000000028001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.031{ec2a2542-297a-6254-0000-000000000000}3418-man 534500x800000000000000028003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.032{ec2a2542-297a-6254-0000-000000000000}3419-man 534500x800000000000000028002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.032{ec2a2542-297a-6254-0000-000000000000}3420-man 534500x800000000000000028004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.036{ec2a2542-297a-6254-0000-000000000000}3421-man 534500x800000000000000028006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.040{ec2a2542-297a-6254-0000-000000000000}3424-man 534500x800000000000000028005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.040{ec2a2542-297a-6254-0000-000000000000}3422-man 534500x800000000000000028007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.041{ec2a2542-297a-6254-0000-000000000000}3423-man 534500x800000000000000028008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.044{ec2a2542-297a-6254-0000-000000000000}3425-man 534500x800000000000000028010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.048{ec2a2542-297a-6254-0000-000000000000}3428-man 534500x800000000000000028009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.048{ec2a2542-297a-6254-0000-000000000000}3426-man 534500x800000000000000028011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.049{ec2a2542-297a-6254-0000-000000000000}3427-man 534500x800000000000000028012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.052{ec2a2542-297a-6254-0000-000000000000}3429-man 534500x800000000000000028013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.055{ec2a2542-297a-6254-0000-000000000000}3430-man 534500x800000000000000028014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.056{ec2a2542-297a-6254-0000-000000000000}3432-man 534500x800000000000000028015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.057{ec2a2542-297a-6254-0000-000000000000}3431-man 534500x800000000000000028016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.060{ec2a2542-297a-6254-0000-000000000000}3433-man 534500x800000000000000028017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.065{ec2a2542-297a-6254-0000-000000000000}3434-man 534500x800000000000000028019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.066{ec2a2542-297a-6254-0000-000000000000}3435-man 534500x800000000000000028018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.066{ec2a2542-297a-6254-0000-000000000000}3436-man 534500x800000000000000028020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.069{ec2a2542-297a-6254-0000-000000000000}3437-man 534500x800000000000000028022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.073{ec2a2542-297a-6254-0000-000000000000}3440-man 534500x800000000000000028021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.073{ec2a2542-297a-6254-0000-000000000000}3438-man 534500x800000000000000028023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.074{00000000-0000-0000-0000-000000000000}3439<unknown process>man 534500x800000000000000028024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.077{00000000-0000-0000-0000-000000000000}3441<unknown process>man 534500x800000000000000028025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.080{ec2a2542-297a-6254-0000-000000000000}3442-man 534500x800000000000000028027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.081{ec2a2542-297a-6254-0000-000000000000}3443-man 534500x800000000000000028026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.081{ec2a2542-297a-6254-0000-000000000000}3444-man 534500x800000000000000028028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.084{ec2a2542-297a-6254-0000-000000000000}3445-man 534500x800000000000000028029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.088{ec2a2542-297a-6254-0000-000000000000}3446-man 534500x800000000000000028030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.091{ec2a2542-297a-6254-0000-000000000000}3448-man 534500x800000000000000028031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.092{00000000-0000-0000-0000-000000000000}3447<unknown process>man 534500x800000000000000028032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.095{ec2a2542-297a-6254-0000-000000000000}3449-man 534500x800000000000000028033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.098{ec2a2542-297a-6254-0000-000000000000}3450-man 534500x800000000000000028035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.099{ec2a2542-297a-6254-0000-000000000000}3451-man 534500x800000000000000028034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.099{ec2a2542-297a-6254-0000-000000000000}3452-man 534500x800000000000000028036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.103{00000000-0000-0000-0000-000000000000}3453<unknown process>man 534500x800000000000000028037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.106{ec2a2542-297a-6254-0000-000000000000}3454-man 534500x800000000000000028039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.107{00000000-0000-0000-0000-000000000000}3455<unknown process>man 534500x800000000000000028038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.107{ec2a2542-297a-6254-0000-000000000000}3456-man 534500x800000000000000028040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.122{ec2a2542-297a-6254-0000-000000000000}3457-man 534500x800000000000000028041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.126{ec2a2542-297a-6254-0000-000000000000}3458-man 534500x800000000000000028042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.134{ec2a2542-297a-6254-0000-000000000000}3460-man 534500x800000000000000028043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.135{ec2a2542-297a-6254-0000-000000000000}3459-man 534500x800000000000000028044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.140{ec2a2542-297a-6254-0000-000000000000}3461-man 534500x800000000000000028045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.143{ec2a2542-297a-6254-0000-000000000000}3462-man 534500x800000000000000028046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.144{ec2a2542-297a-6254-0000-000000000000}3464-man 534500x800000000000000028047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.146{ec2a2542-297a-6254-0000-000000000000}3463-man 534500x800000000000000028048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.149{00000000-0000-0000-0000-000000000000}3465<unknown process>man 534500x800000000000000028049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.152{ec2a2542-297a-6254-0000-000000000000}3466-man 534500x800000000000000028050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.153{ec2a2542-297a-6254-0000-000000000000}3468-man 534500x800000000000000028051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.154{ec2a2542-297a-6254-0000-000000000000}3467-man 534500x800000000000000028052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.158{ec2a2542-297a-6254-0000-000000000000}3469-man 534500x800000000000000028053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.161{ec2a2542-297a-6254-0000-000000000000}3470-man 534500x800000000000000028054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.162{ec2a2542-297a-6254-0000-000000000000}3472-man 534500x800000000000000028055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.163{ec2a2542-297a-6254-0000-000000000000}3471-man 534500x800000000000000028056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.167{00000000-0000-0000-0000-000000000000}3473<unknown process>man 534500x800000000000000028058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.170{ec2a2542-297a-6254-0000-000000000000}3476-man 534500x800000000000000028057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.170{ec2a2542-297a-6254-0000-000000000000}3474-man 534500x800000000000000028059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.172{00000000-0000-0000-0000-000000000000}3475<unknown process>man 534500x800000000000000028060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.175{00000000-0000-0000-0000-000000000000}3477<unknown process>man 534500x800000000000000028061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.178{ec2a2542-297a-6254-0000-000000000000}3478-man 534500x800000000000000028062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.179{ec2a2542-297a-6254-0000-000000000000}3480-man 534500x800000000000000028063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.180{00000000-0000-0000-0000-000000000000}3479<unknown process>man 534500x800000000000000028064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.183{00000000-0000-0000-0000-000000000000}3481<unknown process>man 534500x800000000000000028066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.187{ec2a2542-297a-6254-0000-000000000000}3484-man 534500x800000000000000028065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.187{ec2a2542-297a-6254-0000-000000000000}3482-man 534500x800000000000000028067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.188{ec2a2542-297a-6254-0000-000000000000}3483-man 534500x800000000000000028068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.192{00000000-0000-0000-0000-000000000000}3485<unknown process>man 534500x800000000000000028069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.195{ec2a2542-297a-6254-0000-000000000000}3486-man 534500x800000000000000028070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.196{ec2a2542-297a-6254-0000-000000000000}3488-man 534500x800000000000000028071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.197{00000000-0000-0000-0000-000000000000}3487<unknown process>man 534500x800000000000000028072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.200{ec2a2542-297a-6254-0000-000000000000}3489-man 534500x800000000000000028073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.203{ec2a2542-297a-6254-0000-000000000000}3490-man 534500x800000000000000028075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.204{ec2a2542-297a-6254-0000-000000000000}3491-man 534500x800000000000000028074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.204{ec2a2542-297a-6254-0000-000000000000}3492-man 534500x800000000000000028076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.207{00000000-0000-0000-0000-000000000000}3493<unknown process>man 534500x800000000000000028077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.210{ec2a2542-297a-6254-0000-000000000000}3494-man 534500x800000000000000028079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.211{00000000-0000-0000-0000-000000000000}3495<unknown process>man 534500x800000000000000028078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.211{ec2a2542-297a-6254-0000-000000000000}3496-man 534500x800000000000000028080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.214{00000000-0000-0000-0000-000000000000}3497<unknown process>man 534500x800000000000000028082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.218{ec2a2542-297a-6254-0000-000000000000}3500-man 534500x800000000000000028081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.218{ec2a2542-297a-6254-0000-000000000000}3498-man 534500x800000000000000028083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.219{ec2a2542-297a-6254-0000-000000000000}3499-man 534500x800000000000000028084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.222{00000000-0000-0000-0000-000000000000}3501<unknown process>man 534500x800000000000000028085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.226{ec2a2542-297a-6254-0000-000000000000}3502-man 534500x800000000000000028086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.227{ec2a2542-297a-6254-0000-000000000000}3504-man 534500x800000000000000028087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.229{ec2a2542-297a-6254-0000-000000000000}3503-man 534500x800000000000000028088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.232{ec2a2542-297a-6254-0000-000000000000}3505-man 534500x800000000000000028089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.235{ec2a2542-297a-6254-0000-000000000000}3506-man 534500x800000000000000028091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.236{ec2a2542-297a-6254-0000-000000000000}3507-man 534500x800000000000000028090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.236{ec2a2542-297a-6254-0000-000000000000}3508-man 534500x800000000000000028092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.240{ec2a2542-297a-6254-0000-000000000000}3509-man 534500x800000000000000028093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.243{ec2a2542-297a-6254-0000-000000000000}3510-man 534500x800000000000000028094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.244{ec2a2542-297a-6254-0000-000000000000}3512-man 534500x800000000000000028095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.245{ec2a2542-297a-6254-0000-000000000000}3511-man 534500x800000000000000028096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.248{00000000-0000-0000-0000-000000000000}3513<unknown process>man 534500x800000000000000028097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.251{ec2a2542-297a-6254-0000-000000000000}3514-man 534500x800000000000000028099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.252{ec2a2542-297a-6254-0000-000000000000}3515-man 534500x800000000000000028098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.252{ec2a2542-297a-6254-0000-000000000000}3516-man 534500x800000000000000028100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.255{00000000-0000-0000-0000-000000000000}3517<unknown process>man 534500x800000000000000028101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.259{ec2a2542-297a-6254-0000-000000000000}3518-man 534500x800000000000000028102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.260{ec2a2542-297a-6254-0000-000000000000}3520-man 534500x800000000000000028103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.261{ec2a2542-297a-6254-0000-000000000000}3519-man 534500x800000000000000028104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.264{00000000-0000-0000-0000-000000000000}3521<unknown process>man 534500x800000000000000028105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.266{ec2a2542-297a-6254-0000-000000000000}3522-man 534500x800000000000000028106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.267{ec2a2542-297a-6254-0000-000000000000}3524-man 534500x800000000000000028107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.268{ec2a2542-297a-6254-0000-000000000000}3523-man 534500x800000000000000028108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.271{00000000-0000-0000-0000-000000000000}3525<unknown process>man 534500x800000000000000028109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.274{ec2a2542-297a-6254-0000-000000000000}3526-man 534500x800000000000000028110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.275{ec2a2542-297a-6254-0000-000000000000}3528-man 534500x800000000000000028111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.276{ec2a2542-297a-6254-0000-000000000000}3527-man 534500x800000000000000028112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.279{ec2a2542-297a-6254-0000-000000000000}3529-man 534500x800000000000000028114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.283{ec2a2542-297a-6254-0000-000000000000}3532-man 534500x800000000000000028113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.283{ec2a2542-297a-6254-0000-000000000000}3530-man 534500x800000000000000028115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.284{ec2a2542-297a-6254-0000-000000000000}3531-man 534500x800000000000000028116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.288{00000000-0000-0000-0000-000000000000}3533<unknown process>man 534500x800000000000000028117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.292{00000000-0000-0000-0000-000000000000}3534<unknown process>man 534500x800000000000000028118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.293{ec2a2542-297a-6254-0000-000000000000}3536-man 534500x800000000000000028119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.294{ec2a2542-297a-6254-0000-000000000000}3535-man 534500x800000000000000028120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.297{00000000-0000-0000-0000-000000000000}3537<unknown process>man 534500x800000000000000028121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.304{ec2a2542-297a-6254-0000-000000000000}3538-man 534500x800000000000000028123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.308{00000000-0000-0000-0000-000000000000}3539<unknown process>man 534500x800000000000000028122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.308{00000000-0000-0000-0000-000000000000}3540<unknown process>man 534500x800000000000000028124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.311{00000000-0000-0000-0000-000000000000}3541<unknown process>man 534500x800000000000000028125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.314{ec2a2542-297a-6254-0000-000000000000}3542-man 534500x800000000000000028126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.315{ec2a2542-297a-6254-0000-000000000000}3544-man 534500x800000000000000028127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.316{ec2a2542-297a-6254-0000-000000000000}3543-man 534500x800000000000000028128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.319{00000000-0000-0000-0000-000000000000}3545<unknown process>man 534500x800000000000000028129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.322{ec2a2542-297a-6254-0000-000000000000}3546-man 534500x800000000000000028130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.323{ec2a2542-297a-6254-0000-000000000000}3548-man 534500x800000000000000028131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.324{ec2a2542-297a-6254-0000-000000000000}3547-man 534500x800000000000000028132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.328{00000000-0000-0000-0000-000000000000}3549<unknown process>man 534500x800000000000000028134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.331{ec2a2542-297a-6254-0000-000000000000}3552-man 534500x800000000000000028133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.331{ec2a2542-297a-6254-0000-000000000000}3550-man 534500x800000000000000028135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.332{00000000-0000-0000-0000-000000000000}3551<unknown process>man 534500x800000000000000028136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.336{00000000-0000-0000-0000-000000000000}3553<unknown process>man 534500x800000000000000028137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.358{ec2a2542-297a-6254-0000-000000000000}3554-man 534500x800000000000000028138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.359{ec2a2542-297a-6254-0000-000000000000}3556-man 534500x800000000000000028139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.360{00000000-0000-0000-0000-000000000000}3555<unknown process>man 534500x800000000000000028140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.364{00000000-0000-0000-0000-000000000000}3557<unknown process>man 534500x800000000000000028141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.367{ec2a2542-297a-6254-0000-000000000000}3558-man 534500x800000000000000028142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.368{ec2a2542-297a-6254-0000-000000000000}3560-man 534500x800000000000000028143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.369{ec2a2542-297a-6254-0000-000000000000}3559-man 23542300x800000000000000028145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.375{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/da/3404--- 23542300x800000000000000028144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.375{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/hu/3404--- 23542300x800000000000000028149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.376{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/sl/3404--- 23542300x800000000000000028148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.376{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/ru/3404--- 23542300x800000000000000028147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.376{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/id/3404--- 23542300x800000000000000028146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.376{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/cs/3404--- 23542300x800000000000000028153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.377{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/ko/3404--- 23542300x800000000000000028152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.377{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/it/3404--- 23542300x800000000000000028151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.377{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/zh_CN/3404--- 23542300x800000000000000028150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.377{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/tr/3404--- 23542300x800000000000000028156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.378{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/pt_BR/3404--- 23542300x800000000000000028155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.378{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/ja/3404--- 23542300x800000000000000028154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.378{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/fi/3404--- 23542300x800000000000000028160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.379{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/zh_TW/3404--- 23542300x800000000000000028159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.379{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/de/3404--- 23542300x800000000000000028158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.379{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/sv/3404--- 23542300x800000000000000028157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.379{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/pl/3404--- 23542300x800000000000000028164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.380{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/es/3404--- 23542300x800000000000000028163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.380{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/sr/3404--- 23542300x800000000000000028162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.380{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/pt/3404--- 23542300x800000000000000028161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.380{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/nl/3404--- 23542300x800000000000000028166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.381{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/oldlocal/3404--- 23542300x800000000000000028165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.381{ec2a2542-2979-6254-9837-dd7634560000}3404man/usr/bin/mandb/var/cache/man/fr/3404--- 534500x800000000000000028168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.382{ec2a2542-2979-6254-6842-68aa26560000}3403/bin/dashroot 534500x800000000000000028167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.382{ec2a2542-2979-6254-9837-dd7634560000}3404/usr/bin/perlman 23542300x800000000000000028169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.431{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000028202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000028201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000028200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000028199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000028198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000028197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000028196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000028195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000028194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000028193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000028192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000028191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000028190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000028189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000028188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000028187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000028186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000028185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000028184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000028183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000028182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000028181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000028180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000028179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000028178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000028177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000028176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000028175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000028174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000028173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000028172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000028171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000028170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.432{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000028212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000028211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000028210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000028209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000028208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000028207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000028206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000028205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000028204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000028203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.433{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000028215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.435{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/var/cache/apt/pkgcache.bin--- 534500x800000000000000028214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.435{ec2a2542-2979-6254-7021-5be5cd550000}3400/usr/bin/dpkgroot 23542300x800000000000000028213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.435{ec2a2542-2979-6254-7021-5be5cd550000}3400root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 23542300x800000000000000028216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.436{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.VQHf7w--- 23542300x800000000000000028217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.440{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.mWpGCn--- 23542300x800000000000000028218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.445{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.ZZiO8d--- 23542300x800000000000000028219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.447{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.q5lkF4--- 23542300x800000000000000028220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.448{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.dc56bV--- 23542300x800000000000000028221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.453{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.6s0JJL--- 23542300x800000000000000028222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.456{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.RODIhC--- 23542300x800000000000000028223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.460{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.oOVtQs--- 23542300x800000000000000028224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.462{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.HpOwpj--- 23542300x800000000000000028225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.464{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.GetWY9--- 23542300x800000000000000028226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.465{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.rTYAy0--- 23542300x800000000000000028227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.467{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.831s8Q--- 23542300x800000000000000028228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.468{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.XBtzIH--- 23542300x800000000000000028229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.470{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.ismXiy--- 23542300x800000000000000028230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.471{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.RtvBTo--- 23542300x800000000000000028231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.473{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.A8vvuf--- 23542300x800000000000000028232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.474{ec2a2542-2974-6254-ccaf-4d0863550000}3217root/usr/bin/apt-get/tmp/fileutl.message.BsGG55--- 154100x800000000000000028233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.475{ec2a2542-297a-6254-70c1-120a67550000}3561/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 534500x800000000000000028234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.478{ec2a2542-297a-6254-70c1-120a67550000}3561/usr/bin/dpkgroot 154100x800000000000000028235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.523{ec2a2542-297a-6254-7091-0318dc550000}3562/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 534500x800000000000000028236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.528{ec2a2542-297a-6254-7091-0318dc550000}3562/usr/bin/dpkgroot 154100x800000000000000028237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.616{ec2a2542-297a-6254-7011-8466a0550000}3563/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 534500x800000000000000028238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.620{ec2a2542-297a-6254-7011-8466a0550000}3563/usr/bin/dpkgroot 154100x800000000000000028239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.641{ec2a2542-297a-6254-6892-4b85ac550000}3565/bin/dash-----sh -c if [ -d /var/lib/update-notifier ]; then touch /var/lib/update-notifier/dpkg-run-stamp; fi; /usr/lib/update-notifier/update-motd-updates-available 2>/dev/null || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3564--- 154100x800000000000000028240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.642{ec2a2542-297a-6254-10d0-5d1a05560000}3566/bin/touch-----touch /var/lib/update-notifier/dpkg-run-stamp/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-6892-4b85ac550000}3565/bin/dashshroot 154100x800000000000000028242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.643{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-6892-4b85ac550000}3565/bin/dashshroot 534500x800000000000000028241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.643{ec2a2542-297a-6254-10d0-5d1a05560000}3566/bin/touchroot 154100x800000000000000028243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.644{ec2a2542-297a-6254-73d4-38c8ba550000}3568/usr/bin/apt-config-----apt-config shell StateDir Dir::State/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 154100x800000000000000028244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.649{ec2a2542-297a-6254-7051-8ba1c9550000}3569/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-73d4-38c8ba550000}3568/usr/bin/apt-configapt-configroot 534500x800000000000000028245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.651{ec2a2542-297a-6254-7051-8ba1c9550000}3569/usr/bin/dpkgroot 154100x800000000000000028247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.652{ec2a2542-297a-6254-7344-0da231560000}3570/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 534500x800000000000000028246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.652{ec2a2542-297a-6254-73d4-38c8ba550000}3568/usr/bin/apt-configroot 154100x800000000000000028248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.656{ec2a2542-297a-6254-7081-1f4ede550000}3571/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-7344-0da231560000}3570/usr/bin/apt-configapt-configroot 534500x800000000000000028250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.659{ec2a2542-297a-6254-7344-0da231560000}3570/usr/bin/apt-configroot 534500x800000000000000028249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.659{ec2a2542-297a-6254-7081-1f4ede550000}3571/usr/bin/dpkgroot 154100x800000000000000028251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.660{ec2a2542-297a-6254-7364-04a751560000}3572/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 154100x800000000000000028252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.664{ec2a2542-297a-6254-7061-4bea59550000}3573/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-7364-04a751560000}3572/usr/bin/apt-configapt-configroot 534500x800000000000000028253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.666{ec2a2542-297a-6254-7061-4bea59550000}3573/usr/bin/dpkgroot 154100x800000000000000028255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.667{ec2a2542-297a-6254-7364-0fd801560000}3574/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 534500x800000000000000028254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.667{ec2a2542-297a-6254-7364-04a751560000}3572/usr/bin/apt-configroot 154100x800000000000000028256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.672{ec2a2542-297a-6254-7011-571c41560000}3575/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-7364-0fd801560000}3574/usr/bin/apt-configapt-configroot 534500x800000000000000028258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.674{ec2a2542-297a-6254-7364-0fd801560000}3574/usr/bin/apt-configroot 534500x800000000000000028257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.674{ec2a2542-297a-6254-7011-571c41560000}3575/usr/bin/dpkgroot 154100x800000000000000028259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.675{ec2a2542-297a-6254-73a4-46c2ed550000}3576/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 154100x800000000000000028260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.679{ec2a2542-297a-6254-7081-749bb8550000}3577/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-73a4-46c2ed550000}3576/usr/bin/apt-configapt-configroot 534500x800000000000000028261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.681{ec2a2542-297a-6254-7081-749bb8550000}3577/usr/bin/dpkgroot 154100x800000000000000028263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.682{ec2a2542-297a-6254-90e0-0feb7c550000}3578/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/updates-available -print -quit/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 534500x800000000000000028262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.682{ec2a2542-297a-6254-73a4-46c2ed550000}3576/usr/bin/apt-configroot 154100x800000000000000028267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.684{ec2a2542-297a-6254-a800-7192cc550000}3579/bin/mktemp-----mktemp -p /var/lib/update-notifier/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 154100x800000000000000028265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.684{ec2a2542-297a-6254-e878-f3246e550000}3580/usr/bin/dirname-----dirname /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3579--- 534500x800000000000000028264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.684{ec2a2542-297a-6254-90e0-0feb7c550000}3578/usr/bin/findroot 534500x800000000000000028266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.686{ec2a2542-297a-6254-e878-f3246e550000}3580/usr/bin/dirnameroot 534500x800000000000000028268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.687{ec2a2542-297a-6254-a800-7192cc550000}3579/bin/mktemproot 154100x800000000000000028269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.688{ec2a2542-297a-6254-a036-7b0000000000}3581/usr/bin/python3.6-----/usr/bin/python3 /usr/lib/update-notifier/apt-check --human-readable/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 154100x800000000000000028270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.777{ec2a2542-297a-6254-7091-f49af6550000}3582/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-a036-7b0000000000}3581/usr/bin/python3.6/usr/bin/python3root 23542300x800000000000000028272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.780{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.d1oHRd--- 534500x800000000000000028271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.780{ec2a2542-297a-6254-7091-f49af6550000}3582/usr/bin/dpkgroot 23542300x800000000000000028273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.785{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.auqrj5--- 23542300x800000000000000028274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.790{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.pcSWLW--- 23542300x800000000000000028275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.791{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.s5vIeO--- 23542300x800000000000000028276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.793{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.puRKHF--- 23542300x800000000000000028277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.797{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.CbGwbx--- 23542300x800000000000000028278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.799{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.RjXxFo--- 23542300x800000000000000028279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.803{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.0p2jag--- 23542300x800000000000000028280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.805{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.LSKmF7--- 23542300x800000000000000028281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.806{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.ac6BaZ--- 23542300x800000000000000028282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.807{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.h2S4FQ--- 23542300x800000000000000028283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.809{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.QBtMbI--- 23542300x800000000000000028284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.810{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.N4ULHz--- 23542300x800000000000000028285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.812{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.m1k0dr--- 23542300x800000000000000028286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.813{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.zC9tKi--- 23542300x800000000000000028287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.815{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.kJieha--- 23542300x800000000000000028288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.816{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.XBlhO1--- 154100x800000000000000028289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.818{ec2a2542-297a-6254-70a1-6ee42e560000}3583/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-a036-7b0000000000}3581/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000028290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:30.820{ec2a2542-297a-6254-70a1-6ee42e560000}3583/usr/bin/dpkgroot 23542300x800000000000000028291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.247{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.MGIdwU--- 23542300x800000000000000028292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.252{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.t3pSeN--- 23542300x800000000000000028293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.256{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.Ke8cYF--- 23542300x800000000000000028294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.257{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.52uOHy--- 23542300x800000000000000028295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.259{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.KrWFrr--- 23542300x800000000000000028296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.263{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.F9Fcck--- 23542300x800000000000000028297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.264{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.QmYZWc--- 23542300x800000000000000028298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.268{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.fmHsI5--- 23542300x800000000000000028299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.270{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.yXHbuY--- 23542300x800000000000000028300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.271{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.NHh8fR--- 23542300x800000000000000028301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.272{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.0nqi2J--- 23542300x800000000000000028302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.273{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.9gmFOC--- 23542300x800000000000000028303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.275{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.aQ5fBv--- 23542300x800000000000000028304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.276{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.Xf36no--- 23542300x800000000000000028305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.278{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.M6Fdbh--- 23542300x800000000000000028306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.279{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.pYQzY9--- 23542300x800000000000000028307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.281{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.soAdM2--- 154100x800000000000000028308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.282{ec2a2542-297b-6254-7021-6df242560000}3584/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-a036-7b0000000000}3581/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000028309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.285{ec2a2542-297b-6254-7021-6df242560000}3584/usr/bin/dpkgroot 23542300x800000000000000028310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.550{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.FY8jjW--- 23542300x800000000000000028311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.554{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.KSweRP--- 23542300x800000000000000028312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.559{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.vVHPpJ--- 23542300x800000000000000028313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.560{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.0tWHYC--- 23542300x800000000000000028314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.562{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.V1GPxw--- 23542300x800000000000000028315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.566{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.8yPC7p--- 23542300x800000000000000028316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.567{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.Py9FHj--- 23542300x800000000000000028317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.571{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.kgjoid--- 23542300x800000000000000028318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.573{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.ngpnT6--- 23542300x800000000000000028319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.574{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.EvSzu0--- 23542300x800000000000000028320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.575{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.rjLZ5T--- 23542300x800000000000000028321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.576{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.syYCHN--- 23542300x800000000000000028322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.578{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.bdntjH--- 23542300x800000000000000028323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.579{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.4nhzVA--- 23542300x800000000000000028324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.581{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.zk0Uxu--- 23542300x800000000000000028325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.582{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.Gihwao--- 23542300x800000000000000028326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.584{ec2a2542-297a-6254-a036-7b0000000000}3581root/usr/bin/python3.6/tmp/fileutl.message.3tToNh--- 534500x800000000000000028327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.725{ec2a2542-297a-6254-a036-7b0000000000}3581/usr/bin/python3.6root 154100x800000000000000028328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.726{ec2a2542-297b-6254-885b-b58d45560000}3585/bin/mv-----mv /var/lib/update-notifier/tmp.QEDDqrk70N /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 154100x800000000000000028330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.727{ec2a2542-297b-6254-70c3-636adc550000}3586/bin/rm-----rm -f /var/lib/update-notifier/tmp.QEDDqrk70N/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dash/bin/shroot 534500x800000000000000028329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.727{ec2a2542-297b-6254-885b-b58d45560000}3585/bin/mvroot 534500x800000000000000028333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.728{ec2a2542-297a-6254-6892-4b85ac550000}3565/bin/dashroot 534500x800000000000000028332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.728{ec2a2542-297a-6254-68e2-99a28e550000}3567/bin/dashroot 534500x800000000000000028331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.728{ec2a2542-297b-6254-70c3-636adc550000}3586/bin/rmroot 23542300x800000000000000028336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.729{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/3.ref--- 23542300x800000000000000028335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.729{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/3--- 534500x800000000000000028334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.729{ec2a2542-297a-6254-0000-000000000000}3564-root 154100x800000000000000028337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.731{ec2a2542-297b-6254-68b2-78981e560000}3588/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3587--- 154100x800000000000000028338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.732{ec2a2542-297b-6254-eace-d628dd550000}3589/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-68b2-78981e560000}3588/bin/dashshroot 534500x800000000000000028341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.735{ec2a2542-297b-6254-0000-000000000000}3587-root 534500x800000000000000028340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.735{ec2a2542-297b-6254-68b2-78981e560000}3588/bin/dashroot 534500x800000000000000028339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.735{ec2a2542-297b-6254-eace-d628dd550000}3589/usr/lib/ubuntu-advantage/apt-esm-hookroot 154100x800000000000000028342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.737{ec2a2542-297b-6254-6842-21f747560000}3590/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getapt-getroot 154100x800000000000000028351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.738{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-6842-21f747560000}3590/bin/dash/bin/shroot 154100x800000000000000028343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.738{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-6842-21f747560000}3590/bin/dash/bin/shroot 534500x800000000000000028350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.751{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.770{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.770{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.770{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.770{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.770{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.770{ec2a2542-297b-6254-7038-ac51f8550000}3591/usr/bin/snaproot 534500x800000000000000028359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.772{ec2a2542-297b-6254-6842-21f747560000}3590/bin/dashroot 534500x800000000000000028358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.772{ec2a2542-297b-6254-e474-cb9d0f560000}3591/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.781{ec2a2542-2974-6254-08ae-51bf4f560000}3216/usr/bin/sudoroot 534500x800000000000000028360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.781{ec2a2542-2974-6254-ccaf-4d0863550000}3217/usr/bin/apt-getroot 154100x800000000000000028362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.782{ec2a2542-297b-6254-088e-a66bce550000}3605/usr/bin/sudo-----sudo apt-get install qemu qemu-user qemu-user-static -y/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2766--- 354300x800000000000000028364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.785{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-39800-false10.0.0.2-53- 354300x800000000000000028363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.785{ec2a2542-297b-6254-088e-a66bce550000}3605/usr/bin/sudoubuntuudptruefalse127.0.0.1-37330-false127.0.0.53-53- 354300x800000000000000028365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.786{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-38609-false10.0.0.2-53- 354300x800000000000000028369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.787{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-55251- 354300x800000000000000028368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.787{ec2a2542-297b-6254-088e-a66bce550000}3605/usr/bin/sudoubuntuudptruefalse127.0.0.1-55251-false127.0.0.53-53- 354300x800000000000000028367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.787{ec2a2542-297b-6254-088e-a66bce550000}3605/usr/bin/sudoubuntuudpfalsefalse127.0.0.53-53-false127.0.0.1-55251- 354300x800000000000000028366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.787{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-37330- 154100x800000000000000028370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.792{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-get-----apt-get install qemu qemu-user qemu-user-static -y/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-088e-a66bce550000}3605/usr/bin/sudosudoubuntu 154100x800000000000000028371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.797{ec2a2542-297b-6254-7031-0b8a5c550000}3607/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 534500x800000000000000028372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.805{ec2a2542-297b-6254-7031-0b8a5c550000}3607/usr/bin/dpkgroot 23542300x800000000000000028373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.806{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.pxGnui--- 23542300x800000000000000028374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.810{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.325AJc--- 23542300x800000000000000028375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.813{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 23542300x800000000000000028376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.814{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.dm4uZ6--- 23542300x800000000000000028377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.816{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.jAqEf1--- 23542300x800000000000000028378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.817{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.vyt2vV--- 23542300x800000000000000028379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.821{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.RVy5MP--- 23542300x800000000000000028380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.823{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.loun4J--- 23542300x800000000000000028381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.827{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.78XkmE--- 23542300x800000000000000028382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.828{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.nvJxEy--- 23542300x800000000000000028383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.829{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.Px5WWs--- 23542300x800000000000000028384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.830{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.TIVyfn--- 23542300x800000000000000028385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.832{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.nhznyh--- 23542300x800000000000000028386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.833{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.BfLoRb--- 23542300x800000000000000028387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.834{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.fBLEa6--- 23542300x800000000000000028388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.836{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.L249t0--- 23542300x800000000000000028389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.837{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.b0cUNU--- 154100x800000000000000028391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.839{ec2a2542-297b-6254-70d1-0d8484550000}3608/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 23542300x800000000000000028390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.839{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.rrlU7O--- 534500x800000000000000028392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:31.842{ec2a2542-297b-6254-70d1-0d8484550000}3608/usr/bin/dpkgroot 154100x800000000000000028393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.253{ec2a2542-297c-6254-68b2-61e60e560000}3609/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000028401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.255{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-68b2-61e60e560000}3609/bin/dash/bin/shroot 154100x800000000000000028394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.255{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-68b2-61e60e560000}3609/bin/dash/bin/shroot 534500x800000000000000028400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.268{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.268{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.268{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.268{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.269{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.269{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.289{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.289{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.289{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.289{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.289{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.289{ec2a2542-297c-6254-70c8-b78035560000}3610/usr/bin/snaproot 534500x800000000000000028409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.291{ec2a2542-297c-6254-68b2-61e60e560000}3609/bin/dashroot 534500x800000000000000028408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.291{ec2a2542-297c-6254-e414-a05b40560000}3610/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000028410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.292{ec2a2542-297c-6254-6822-7d1b8a550000}3624/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3623--- 154100x800000000000000028411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.293{ec2a2542-297c-6254-ea7e-5b933f560000}3625/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-6822-7d1b8a550000}3624/bin/dashshroot 534500x800000000000000028414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.297{ec2a2542-297b-6254-0000-000000000000}3623-root 534500x800000000000000028413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.297{ec2a2542-297c-6254-6822-7d1b8a550000}3624/bin/dashroot 534500x800000000000000028412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.297{ec2a2542-297c-6254-ea7e-5b933f560000}3625/usr/lib/ubuntu-advantage/apt-esm-hookroot 154100x800000000000000028415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.315{ec2a2542-297c-6254-b9d3-5b2816560000}3626/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 534500x800000000000000028416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.321{ec2a2542-297c-6254-b9d3-5b2816560000}3626/usr/lib/apt/methods/httproot 154100x800000000000000028417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.440{ec2a2542-297c-6254-68f2-b90ea2550000}3627/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000028425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.441{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-68f2-b90ea2550000}3627/bin/dash/bin/shroot 154100x800000000000000028418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.441{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-68f2-b90ea2550000}3627/bin/dash/bin/shroot 534500x800000000000000028424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.455{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.455{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.455{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.455{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.455{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.455{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.478{ec2a2542-297c-6254-7058-52ecc5550000}3628/usr/bin/snaproot 534500x800000000000000028434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.479{ec2a2542-297c-6254-68f2-b90ea2550000}3627/bin/dashroot 534500x800000000000000028433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.479{ec2a2542-297c-6254-e414-d0be3f560000}3628/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000028435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.491{ec2a2542-297c-6254-68f2-f5bce1550000}3642/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000028444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.493{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-68f2-f5bce1550000}3642/bin/dash/bin/shroot 154100x800000000000000028436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.493{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297c-6254-68f2-f5bce1550000}3642/bin/dash/bin/shroot 534500x800000000000000028443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.513{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000028445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.538{ec2a2542-297c-6254-70f8-066fff550000}3643/usr/bin/snaproot 534500x800000000000000028453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.539{ec2a2542-297c-6254-68f2-f5bce1550000}3642/bin/dashroot 534500x800000000000000028452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.539{ec2a2542-297c-6254-e4a4-5492a2550000}3643/snap/snapd/15177/usr/bin/snaproot 23542300x800000000000000028467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.pzfxrY--- 23542300x800000000000000028466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.HqFNc2--- 23542300x800000000000000028465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Xgv4X5--- 23542300x800000000000000028464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.3NMlJ9--- 23542300x800000000000000028463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5muDud--- 23542300x800000000000000028462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.PEzVfh--- 23542300x800000000000000028461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.P64d1k--- 23542300x800000000000000028460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Rq2wMo--- 23542300x800000000000000028459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.L1pQxs--- 23542300x800000000000000028458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Nsgajw--- 23542300x800000000000000028457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.pvyu4z--- 23542300x800000000000000028456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.PukPPD--- 23542300x800000000000000028455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.tt1aBH--- 23542300x800000000000000028454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.540{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.FycxmL--- 23542300x800000000000000028492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.JEj6ps--- 23542300x800000000000000028491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.defcbw--- 23542300x800000000000000028490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5DziWz--- 23542300x800000000000000028489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.xIjpHD--- 23542300x800000000000000028488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.tguwsH--- 23542300x800000000000000028487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Lh4DdL--- 23542300x800000000000000028486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ZB5LYO--- 23542300x800000000000000028485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.fxwUJS--- 23542300x800000000000000028484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.3Sn3uW--- 23542300x800000000000000028483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.D8Gcg0--- 23542300x800000000000000028482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Nbrm13--- 23542300x800000000000000028481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.DGAwM7--- 23542300x800000000000000028480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.X8aHxb--- 23542300x800000000000000028479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.9PbSif--- 23542300x800000000000000028478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.lWC33i--- 23542300x800000000000000028477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ZhvfPm--- 23542300x800000000000000028476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.NMMrAq--- 23542300x800000000000000028475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zVtElu--- 23542300x800000000000000028474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.1ECR6x--- 23542300x800000000000000028473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.tfb5RB--- 23542300x800000000000000028472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.xE8iDF--- 23542300x800000000000000028471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ZJvxoJ--- 23542300x800000000000000028470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zikM9M--- 23542300x800000000000000028469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zYy1UQ--- 23542300x800000000000000028468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.541{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.dMchGU--- 23542300x800000000000000028511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.x9fS0i--- 23542300x800000000000000028510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ZJSNLm--- 23542300x800000000000000028509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.LgVJwq--- 23542300x800000000000000028508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.3HoGhu--- 23542300x800000000000000028507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.NigD2x--- 23542300x800000000000000028506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.9BxANB--- 23542300x800000000000000028505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.T0ezyF--- 23542300x800000000000000028504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.t1lyjJ--- 23542300x800000000000000028503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.fEey4M--- 23542300x800000000000000028502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.3zvyPQ--- 23542300x800000000000000028501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.XsazAU--- 23542300x800000000000000028500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.7LhAlY--- 23542300x800000000000000028499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.BurC61--- 23542300x800000000000000028498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.11tFR5--- 23542300x800000000000000028497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.BGVIC9--- 23542300x800000000000000028496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.TjNMnd--- 23542300x800000000000000028495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Po3Q8g--- 23542300x800000000000000028494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zlIVTk--- 23542300x800000000000000028493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.542{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.fqO0Eo--- 23542300x800000000000000028531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zsX8T5--- 23542300x800000000000000028530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.vJaUE9--- 23542300x800000000000000028529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.RMMFpd--- 23542300x800000000000000028528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.JvYrah--- 23542300x800000000000000028527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.bMJeVk--- 23542300x800000000000000028526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.pPU1Fo--- 23542300x800000000000000028525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.pjvPqs--- 23542300x800000000000000028524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.vMuDbw--- 23542300x800000000000000028523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.nKVrWz--- 23542300x800000000000000028522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.lbKgHD--- 23542300x800000000000000028521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.dgY5rH--- 23542300x800000000000000028520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.JwCVcL--- 23542300x800000000000000028519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.9nGLXO--- 23542300x800000000000000028518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.t98BIS--- 23542300x800000000000000028517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.DF0stW--- 23542300x800000000000000028516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.b8jke0--- 23542300x800000000000000028515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.FrSdZ3--- 23542300x800000000000000028514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.dVP7J7--- 23542300x800000000000000028513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Hue2ub--- 23542300x800000000000000028512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.543{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.hG2Wff--- 23542300x800000000000000028554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.TaoIAH--- 23542300x800000000000000028553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.NH9ilL--- 23542300x800000000000000028552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.BbnU5O--- 23542300x800000000000000028551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.RiZvQS--- 23542300x800000000000000028550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.pD37AW--- 23542300x800000000000000028549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.vpyKl0--- 23542300x800000000000000028548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.DOtn63--- 23542300x800000000000000028547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.V3Q0Q7--- 23542300x800000000000000028546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.xhFEBb--- 23542300x800000000000000028545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.rJTimf--- 23542300x800000000000000028544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.nQxX6i--- 23542300x800000000000000028543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.LzDCRm--- 23542300x800000000000000028542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.d99hCq--- 23542300x800000000000000028541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.dP6Xmu--- 23542300x800000000000000028540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.jVtE7x--- 23542300x800000000000000028539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.3nilSB--- 23542300x800000000000000028538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5hx2CF--- 23542300x800000000000000028537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.1tcKnJ--- 23542300x800000000000000028536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.LDjs8M--- 23542300x800000000000000028535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.z9SaTQ--- 23542300x800000000000000028534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.FQUTDU--- 23542300x800000000000000028533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.hHODoY--- 23542300x800000000000000028532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.544{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.PWao91--- 23542300x800000000000000028573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.FRLWky--- 23542300x800000000000000028572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.nqno5B--- 23542300x800000000000000028571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.RmpQPF--- 23542300x800000000000000028570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.xuSiAJ--- 23542300x800000000000000028569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.jyLLkN--- 23542300x800000000000000028568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Nj5e5Q--- 23542300x800000000000000028567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.tcRIPU--- 23542300x800000000000000028566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.tY2cAY--- 23542300x800000000000000028565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.rEGHk2--- 23542300x800000000000000028564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.NQMc55--- 23542300x800000000000000028563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.PnnIP9--- 23542300x800000000000000028562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.HaYeAd--- 23542300x800000000000000028561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.vUXLkh--- 23542300x800000000000000028560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Rspj5k--- 23542300x800000000000000028559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.LxgRPo--- 23542300x800000000000000028558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5uHpAs--- 23542300x800000000000000028557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.JOIYkw--- 23542300x800000000000000028556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.7gby5z--- 23542300x800000000000000028555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.545{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.xD57PD--- 154100x800000000000000028574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.547{ec2a2542-297c-6254-b9c3-080350560000}3658/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 354300x800000000000000028576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.555{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-52033- 354300x800000000000000028575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.555{ec2a2542-297c-6254-b9c3-080350560000}3658/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-52033-false127.0.0.53-53- 354300x800000000000000028578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.556{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-52280- 354300x800000000000000028577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.556{ec2a2542-297c-6254-b9c3-080350560000}3658/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-52280-false127.0.0.53-53- 354300x800000000000000028579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.557{ec2a2542-297c-6254-b9c3-080350560000}3658/usr/lib/apt/methods/httproottcptruefalse10.0.1.20-50796-false52.15.102.108-80- 354300x800000000000000028580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:32.807{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54744-false10.0.1.12-8000- 23542300x800000000000000028582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.428{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/log/apt/eipp.log.xz--- 534500x800000000000000028581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.428{ec2a2542-297c-6254-b9c3-080350560000}3658/usr/lib/apt/methods/http_apt 154100x800000000000000028583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.530{ec2a2542-297e-6254-68c2-94376e550000}3659/bin/dash-----/bin/sh -c /usr/sbin/dpkg-preconfigure --apt || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000028584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.532{ec2a2542-297e-6254-98b7-f1ebba550000}3660/usr/bin/perl-----/usr/bin/perl -w /usr/sbin/dpkg-preconfigure --apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-68c2-94376e550000}3659/bin/dash/bin/shroot 154100x800000000000000028585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.563{ec2a2542-297e-6254-30e0-352c9d550000}3661/usr/bin/locale-----locale charmap/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-98b7-f1ebba550000}3660/usr/bin/perl/usr/bin/perlroot 534500x800000000000000028586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.564{ec2a2542-297e-6254-30e0-352c9d550000}3661/usr/bin/localeroot 154100x800000000000000028587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.622{ec2a2542-297e-6254-6842-121727560000}3662/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-98b7-f1ebba550000}3660/usr/bin/perl/usr/bin/perlroot 154100x800000000000000028588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.623{ec2a2542-297e-6254-f09e-ac7447560000}3663/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-6842-121727560000}3662/bin/dashshroot 534500x800000000000000028590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.624{ec2a2542-297e-6254-6842-121727560000}3662/bin/dashroot 534500x800000000000000028589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.624{ec2a2542-297e-6254-f09e-ac7447560000}3663/bin/sttyroot 154100x800000000000000028591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.625{ec2a2542-297e-6254-6852-631783550000}3664/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-98b7-f1ebba550000}3660/usr/bin/perl/usr/bin/perlroot 534500x800000000000000028594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.626{ec2a2542-297e-6254-6852-631783550000}3664/bin/dashroot 534500x800000000000000028593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.626{ec2a2542-297e-6254-f01e-1622b2550000}3665/bin/sttyroot 154100x800000000000000028592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.626{ec2a2542-297e-6254-f01e-1622b2550000}3665/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-6852-631783550000}3664/bin/dashshroot 154100x800000000000000028595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.628{ec2a2542-297e-6254-33d1-f63b46560000}3667/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/fonts-dejavu-core_2.37-1_all.deb /var/cache/apt/archives/fontconfig-config_2.12.6-0ubuntu2_all.deb /var/cache/apt/archives/libfontconfig1_2.12.6-0ubuntu2_amd64.deb /var/cache/apt/archives/fontconfig_2.12.6-0ubuntu2_amd64.deb /var/cache/apt/archives/libjpeg-turbo8_1.5.2-0ubuntu5.18.04.4_amd64.deb /var/cache/apt/archives/libogg0_1.3.2-1_amd64.deb /var/cache/apt/archives/libiscsi7_1.17.0-1.1_amd64.deb /var/cache/apt/archives/libnl-3-200_3.2.29-0ubuntu3_amd64.deb /var/cache/apt/archives/libnl-route-3-200_3.2.29-0ubuntu3_amd64.deb /var/cache/apt/archives/libibverbs1_17.1-1ubuntu0.2_amd64.deb /var/cache/apt/archives/libnspr4_2%3a4.18-1ubuntu1_amd64.deb /var/cache/apt/archives/libnss3_2%3a3.35-2ubuntu2.13_amd64.deb /var/cache/apt/archives/librados2_12.2.13-0ubuntu0.18.04.10_amd64.deb /var/cache/apt/archives/librbd1_12.2.13-0ubuntu0.18.04.10_amd64.deb /var/cache/apt/archives/qemu-block-extra_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-system-common_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/binfmt-support_2.1.8-2_amd64.deb /var/cache/apt/archives/msr-tools_1.3-2build1_amd64.deb /var/cache/apt/archives/cpu-checker_0.7-0ubuntu7_amd64.deb /var/cache/apt/archives/libdconf1_0.26.0-2ubuntu3_amd64.deb /var/cache/apt/archives/dconf-service_0.26.0-2ubuntu3_amd64.deb /var/cache/apt/archives/dconf-gsettings-backend_0.26.0-2ubuntu3_amd64.deb /var/cache/apt/archives/libproxy1v5_0.4.15-1ubuntu0.2_amd64.deb /var/cache/apt/archives/glib-networking-common_2.56.0-1ubuntu0.1_all.deb /var/cache/apt/archives/glib-networking-services_2.56.0-1ubuntu0.1_amd64.deb /var/cache/apt/archives/gsettings-desktop-schemas_3.28.0-1ubuntu1_all.deb /var/cache/apt/archives/glib-networking_2.56.0-1ubuntu0.1_amd64.deb /var/cache/apt/archives/libcdparanoia0_3.10.2+debian-13_amd64.deb /var/cache/apt/archives/libgstreamer1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb /var/cache/apt/archives/liborc-0.4-0_1%3a0.4.28-1_amd64.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3666--- 154100x800000000000000028596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.632{ec2a2542-297e-6254-7081-cfc096550000}3668/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-33d1-f63b46560000}3667/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000028598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.635{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.TZ9jff--- 534500x800000000000000028597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.635{ec2a2542-297e-6254-7081-cfc096550000}3668/usr/bin/dpkgroot 23542300x800000000000000028599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.640{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.wlcfdh--- 23542300x800000000000000028600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.644{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.pKMSbj--- 23542300x800000000000000028601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.646{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.g0XLal--- 23542300x800000000000000028602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.647{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.fhwU9m--- 23542300x800000000000000028603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.651{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.aMoJ9o--- 23542300x800000000000000028604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.653{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.xG4N9q--- 23542300x800000000000000028605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.657{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Ajmzat--- 23542300x800000000000000028606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.658{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.jL7zbv--- 23542300x800000000000000028607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.659{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.clKNcx--- 23542300x800000000000000028608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.661{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.bLveez--- 23542300x800000000000000028609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.662{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.uE6RfB--- 23542300x800000000000000028610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.663{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.R0CIhD--- 23542300x800000000000000028611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.665{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.CAXOjF--- 23542300x800000000000000028612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.666{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.bSJamH--- 23542300x800000000000000028613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.668{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.gQ5LoJ--- 23542300x800000000000000028614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.669{ec2a2542-297e-6254-33d1-f63b46560000}3667root/usr/bin/apt-extracttemplates/tmp/fileutl.message.lUfErL--- 154100x800000000000000028615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.670{ec2a2542-297e-6254-70d1-eb37aa550000}3669/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-33d1-f63b46560000}3667/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.672{ec2a2542-297e-6254-70d1-eb37aa550000}3669/usr/bin/dpkgroot 154100x800000000000000028617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.693{ec2a2542-297e-6254-7031-fd3e3b560000}3670/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-33d1-f63b46560000}3667/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.696{ec2a2542-297e-6254-7031-fd3e3b560000}3670/usr/bin/dpkgroot 534500x800000000000000028619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.734{ec2a2542-297e-6254-33d1-f63b46560000}3667/usr/bin/apt-extracttemplatesroot 154100x800000000000000028620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.735{ec2a2542-297e-6254-3381-aa2321560000}3671/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/libgstreamer-plugins-base1.0-0_1.14.5-0ubuntu1~18.04.3_amd64.deb /var/cache/apt/archives/libopus0_1.1.2-1ubuntu1_amd64.deb /var/cache/apt/archives/libpixman-1-0_0.34.0-2_amd64.deb /var/cache/apt/archives/libxcb-render0_1.13-2~ubuntu18.04_amd64.deb /var/cache/apt/archives/libxcb-shm0_1.13-2~ubuntu18.04_amd64.deb /var/cache/apt/archives/libxrender1_1%3a0.9.10-1_amd64.deb /var/cache/apt/archives/libcairo2_1.15.10-2ubuntu0.1_amd64.deb /var/cache/apt/archives/libtheora0_1.1.1+dfsg.1-14_amd64.deb /var/cache/apt/archives/libvisual-0.4-0_0.4.0-11_amd64.deb /var/cache/apt/archives/libvorbis0a_1.3.5-4.2_amd64.deb /var/cache/apt/archives/libvorbisenc2_1.3.5-4.2_amd64.deb /var/cache/apt/archives/gstreamer1.0-plugins-base_1.14.5-0ubuntu1~18.04.3_amd64.deb /var/cache/apt/archives/libaa1_1.4p5-44build2_amd64.deb /var/cache/apt/archives/libraw1394-11_2.1.2-1_amd64.deb /var/cache/apt/archives/libavc1394-0_0.5.4-4build1_amd64.deb /var/cache/apt/archives/libcaca0_0.99.beta19-2ubuntu0.18.04.3_amd64.deb /var/cache/apt/archives/libcairo-gobject2_1.15.10-2ubuntu0.1_amd64.deb /var/cache/apt/archives/libdv4_1.0.0-11_amd64.deb /var/cache/apt/archives/libflac8_1.3.2-1_amd64.deb /var/cache/apt/archives/libjpeg8_8c-2ubuntu8_amd64.deb /var/cache/apt/archives/libjbig0_2.1-3.1build1_amd64.deb /var/cache/apt/archives/libtiff5_4.0.9-5ubuntu0.4_amd64.deb /var/cache/apt/archives/libgdk-pixbuf2.0-common_2.36.11-2_all.deb /var/cache/apt/archives/libgdk-pixbuf2.0-0_2.36.11-2_amd64.deb /var/cache/apt/archives/libgstreamer-plugins-good1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb /var/cache/apt/archives/libgudev-1.0-0_1%3a232-2_amd64.deb /var/cache/apt/archives/libiec61883-0_1.2.0-2_amd64.deb /var/cache/apt/archives/libsamplerate0_0.1.9-1_amd64.deb /var/cache/apt/archives/libjack-jackd2-0_1.9.12~dfsg-2_amd64.deb /var/cache/apt/archives/libmp3lame0_3.100-2_amd64.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3666--- 154100x800000000000000028621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.740{ec2a2542-297e-6254-7031-450001560000}3672/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-3381-aa2321560000}3671/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000028623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.743{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.jIh61l--- 534500x800000000000000028622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.743{ec2a2542-297e-6254-7031-450001560000}3672/usr/bin/dpkgroot 23542300x800000000000000028624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.748{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.sq6hio--- 23542300x800000000000000028625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.752{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.BoZbzq--- 23542300x800000000000000028626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.754{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.2bmlQs--- 23542300x800000000000000028627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.755{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.pE7J7u--- 23542300x800000000000000028628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.759{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.sDROpx--- 23542300x800000000000000028629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.760{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.nWx9Hz--- 23542300x800000000000000028630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.765{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.0eUa1B--- 23542300x800000000000000028631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.766{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.XdbskE--- 23542300x800000000000000028632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.767{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.8HyWDG--- 23542300x800000000000000028633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.769{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.7EQEXI--- 23542300x800000000000000028634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.770{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.q74AhL--- 23542300x800000000000000028635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.771{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.F64KBN--- 23542300x800000000000000028636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.773{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.iIwbWP--- 23542300x800000000000000028637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.774{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.TRVRgS--- 23542300x800000000000000028638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.776{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.4F9OBU--- 154100x800000000000000028640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.778{ec2a2542-297e-6254-7061-eaa10a560000}3673/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-3381-aa2321560000}3671/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000028639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.778{ec2a2542-297e-6254-3381-aa2321560000}3671root/usr/bin/apt-extracttemplates/tmp/fileutl.message.RGS3WW--- 534500x800000000000000028641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.782{ec2a2542-297e-6254-7061-eaa10a560000}3673/usr/bin/dpkgroot 154100x800000000000000028642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.803{ec2a2542-297e-6254-7011-647503560000}3674/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-3381-aa2321560000}3671/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.806{ec2a2542-297e-6254-7011-647503560000}3674/usr/bin/dpkgroot 534500x800000000000000028644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.832{ec2a2542-297e-6254-3381-aa2321560000}3671/usr/bin/apt-extracttemplatesroot 154100x800000000000000028645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.833{ec2a2542-297e-6254-3341-0f3043560000}3675/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/libmpg123-0_1.25.10-1_amd64.deb /var/cache/apt/archives/libspeex1_1.2~rc1.2-1ubuntu2.1_amd64.deb /var/cache/apt/archives/libshout3_2.4.1-2build1_amd64.deb /var/cache/apt/archives/libsoup2.4-1_2.62.1-1ubuntu0.4_amd64.deb /var/cache/apt/archives/libtag1v5-vanilla_1.11.1+dfsg.1-0.2build2_amd64.deb /var/cache/apt/archives/libtag1v5_1.11.1+dfsg.1-0.2build2_amd64.deb /var/cache/apt/archives/libtwolame0_0.3.13-3_amd64.deb /var/cache/apt/archives/libv4lconvert0_1.14.2-1_amd64.deb /var/cache/apt/archives/libv4l-0_1.14.2-1_amd64.deb /var/cache/apt/archives/libvpx5_1.7.0-3ubuntu0.18.04.1_amd64.deb /var/cache/apt/archives/libwavpack1_5.1.0-2ubuntu1.5_amd64.deb /var/cache/apt/archives/libxdamage1_1%3a1.1.4-3_amd64.deb /var/cache/apt/archives/libxfixes3_1%3a5.0.3-1_amd64.deb /var/cache/apt/archives/gstreamer1.0-plugins-good_1.14.5-0ubuntu1~18.04.2_amd64.deb /var/cache/apt/archives/libthai-data_0.1.27-2_all.deb /var/cache/apt/archives/libdatrie1_0.2.10-7_amd64.deb /var/cache/apt/archives/libthai0_0.1.27-2_amd64.deb /var/cache/apt/archives/libpango-1.0-0_1.40.14-1ubuntu0.1_amd64.deb /var/cache/apt/archives/libgraphite2-3_1.3.11-2_amd64.deb /var/cache/apt/archives/libharfbuzz0b_1.7.2-1ubuntu1_amd64.deb /var/cache/apt/archives/libpangoft2-1.0-0_1.40.14-1ubuntu0.1_amd64.deb /var/cache/apt/archives/libpangocairo-1.0-0_1.40.14-1ubuntu0.1_amd64.deb /var/cache/apt/archives/libxv1_2%3a1.0.11-1_amd64.deb /var/cache/apt/archives/gstreamer1.0-x_1.14.5-0ubuntu1~18.04.3_amd64.deb /var/cache/apt/archives/ibverbs-providers_17.1-1ubuntu0.2_amd64.deb /var/cache/apt/archives/ipxe-qemu_1.0.0+git-20180124.fbe8c52d-0ubuntu2.2_all.deb /var/cache/apt/archives/ipxe-qemu-256k-compat-efi-roms_1.0.0+git-20150424.a25a16d-0ubuntu2_all.deb /var/cache/apt/archives/libaio1_0.3.110-5ubuntu0.1_amd64.deb /var/cache/apt/archives/libasound2-data_1.1.3-5ubuntu0.6_all.deb /var/cache/apt/archives/libasound2_1.1.3-5ubuntu0.6_amd64.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3666--- 154100x800000000000000028646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.840{ec2a2542-297e-6254-7051-b89299550000}3676/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-3341-0f3043560000}3675/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.842{ec2a2542-297e-6254-7051-b89299550000}3676/usr/bin/dpkgroot 23542300x800000000000000028648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.843{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.BcLJpt--- 23542300x800000000000000028649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.851{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.CEZkXv--- 23542300x800000000000000028650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.857{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.dlt3vy--- 23542300x800000000000000028651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.859{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Oho14A--- 23542300x800000000000000028652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.861{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.hrMkED--- 23542300x800000000000000028653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.865{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.QgZmeG--- 23542300x800000000000000028654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.870{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.L0I6OI--- 23542300x800000000000000028655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.876{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.gHRTqL--- 23542300x800000000000000028656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.877{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.T16X2N--- 23542300x800000000000000028657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.879{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.kj3gFQ--- 23542300x800000000000000028658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.880{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.9rvOhT--- 23542300x800000000000000028659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.881{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.UMMzUV--- 23542300x800000000000000028660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.883{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.dsPyxY--- 23542300x800000000000000028661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.884{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.4g8Ma1--- 23542300x800000000000000028662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.886{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.PftjO3--- 23542300x800000000000000028663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.887{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Cbl7r6--- 23542300x800000000000000028664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.889{ec2a2542-297e-6254-3341-0f3043560000}3675root/usr/bin/apt-extracttemplates/tmp/fileutl.message.pVIc68--- 154100x800000000000000028665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.890{ec2a2542-297e-6254-7001-85dcb3550000}3677/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-3341-0f3043560000}3675/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.892{ec2a2542-297e-6254-7001-85dcb3550000}3677/usr/bin/dpkgroot 154100x800000000000000028667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.925{ec2a2542-297e-6254-7011-82b7f4550000}3678/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-3341-0f3043560000}3675/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.927{ec2a2542-297e-6254-7011-82b7f4550000}3678/usr/bin/dpkgroot 534500x800000000000000028669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.962{ec2a2542-297e-6254-3341-0f3043560000}3675/usr/bin/apt-extracttemplatesroot 154100x800000000000000028670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.963{ec2a2542-297e-6254-33c1-057d1b560000}3679/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/libasyncns0_0.8-6_amd64.deb /var/cache/apt/archives/libbluetooth3_5.48-0ubuntu3.8_amd64.deb /var/cache/apt/archives/libcacard0_1%3a2.5.0-3_amd64.deb /var/cache/apt/archives/libgdk-pixbuf2.0-bin_2.36.11-2_amd64.deb /var/cache/apt/archives/libsndfile1_1.0.28-4ubuntu0.18.04.2_amd64.deb /var/cache/apt/archives/libpulse0_1%3a11.1-1ubuntu7.11_amd64.deb /var/cache/apt/archives/libsdl1.2debian_1.2.15+dfsg2-0.1ubuntu0.1_amd64.deb /var/cache/apt/archives/libspice-server1_0.14.0-1ubuntu2.5_amd64.deb /var/cache/apt/archives/libusbredirparser1_0.7.1-1_amd64.deb /var/cache/apt/archives/libxenstore3.0_4.9.2-0ubuntu1_amd64.deb /var/cache/apt/archives/libyajl2_2.1.0-2build1_amd64.deb /var/cache/apt/archives/libxen-4.9_4.9.2-0ubuntu1_amd64.deb /var/cache/apt/archives/libbrlapi0.6_5.5-4ubuntu2.0.1_amd64.deb /var/cache/apt/archives/libfdt1_1.4.5-3_amd64.deb /var/cache/apt/archives/librdmacm1_17.1-1ubuntu0.2_amd64.deb /var/cache/apt/archives/qemu-system-arm_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-system-mips_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-slof_20170724+dfsg-1ubuntu1_all.deb /var/cache/apt/archives/qemu-system-ppc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-system-sparc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/seabios_1.10.2-1ubuntu1_all.deb /var/cache/apt/archives/qemu-system-x86_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-system-s390x_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-system-misc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-system_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-user_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-utils_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/qemu-user-static_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/cache/apt/archives/sharutils_1%3a4.15.2-3_amd64.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}3666--- 154100x800000000000000028671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.968{ec2a2542-297e-6254-70b1-ff9ce6550000}3680/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-33c1-057d1b560000}3679/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.970{ec2a2542-297e-6254-70b1-ff9ce6550000}3680/usr/bin/dpkgroot 23542300x800000000000000028673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.971{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.5Ij8ZC--- 23542300x800000000000000028674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.976{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Y4fZSF--- 23542300x800000000000000028675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.981{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.nlYHMI--- 23542300x800000000000000028676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.983{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.y1zIGL--- 23542300x800000000000000028677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.985{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.3rI1AO--- 23542300x800000000000000028678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.990{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Y8u9vR--- 23542300x800000000000000028679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.992{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.72lCrU--- 23542300x800000000000000028680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.997{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.YPTVnX--- 23542300x800000000000000028681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:34.998{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.VShwk0--- 23542300x800000000000000028682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.000{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.argkh3--- 23542300x800000000000000028683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.001{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.hmUne6--- 23542300x800000000000000028684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.002{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.mUVEb9--- 23542300x800000000000000028685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.004{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.D4Pc9b--- 23542300x800000000000000028686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.006{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.m8X46e--- 23542300x800000000000000028687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.008{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.txRf5h--- 23542300x800000000000000028688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.009{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.aD9H3k--- 23542300x800000000000000028689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.011{ec2a2542-297e-6254-33c1-057d1b560000}3679root/usr/bin/apt-extracttemplates/tmp/fileutl.message.TP7t2n--- 154100x800000000000000028690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.012{ec2a2542-297f-6254-70d1-62f993550000}3681/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-33c1-057d1b560000}3679/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.014{ec2a2542-297f-6254-70d1-62f993550000}3681/usr/bin/dpkgroot 154100x800000000000000028692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.040{ec2a2542-297f-6254-7081-4f0395550000}3682/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297e-6254-33c1-057d1b560000}3679/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000028693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.042{ec2a2542-297f-6254-7081-4f0395550000}3682/usr/bin/dpkgroot 534500x800000000000000028694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.073{ec2a2542-297e-6254-33c1-057d1b560000}3679/usr/bin/apt-extracttemplatesroot 534500x800000000000000028695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.081{ec2a2542-297e-6254-0000-000000000000}3666-root 534500x800000000000000028697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.087{ec2a2542-297e-6254-68c2-94376e550000}3659/bin/dashroot 534500x800000000000000028696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.087{ec2a2542-297e-6254-98b7-f1ebba550000}3660/usr/bin/perlroot 154100x800000000000000028698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.111{ec2a2542-297f-6254-70c1-d0cc15560000}3683/usr/bin/dpkg-----/usr/bin/dpkg --assert-multi-arch/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 534500x800000000000000028699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.121{ec2a2542-297f-6254-70c1-d0cc15560000}3683/usr/bin/dpkgroot 154100x800000000000000028700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.124{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --no-triggers --unpack --auto-deconfigure --recursive /tmp/apt-dpkg-install-7NsVNE/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000028701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.136{ec2a2542-297f-6254-d88f-090d7c550000}3685/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/000-fonts-dejavu-core_2.37-1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.137{ec2a2542-297f-6254-40fa-7710ec550000}3686/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/000-fonts-dejavu-core_2.37-1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.137{ec2a2542-297f-6254-d88f-090d7c550000}3685/usr/bin/dpkg-splitroot 154100x800000000000000028706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.139{ec2a2542-297f-6254-b0f3-5927c0550000}3689/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-40fa-7710ec550000}3686/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.139{ec2a2542-297f-6254-0000-000000000000}3688-root 534500x800000000000000028704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.139{ec2a2542-297f-6254-0000-000000000000}3687-root 534500x800000000000000028708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.141{ec2a2542-297f-6254-40fa-7710ec550000}3686/usr/bin/dpkg-debroot 534500x800000000000000028707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.141{ec2a2542-297f-6254-b0f3-5927c0550000}3689/bin/tarroot 154100x800000000000000028709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.195{ec2a2542-297f-6254-40aa-8011b4550000}3690/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/000-fonts-dejavu-core_2.37-1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.295{ec2a2542-297f-6254-0000-000000000000}3691-root 534500x800000000000000028712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.301{ec2a2542-297f-6254-40aa-8011b4550000}3690/usr/bin/dpkg-debroot 534500x800000000000000028711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.301{ec2a2542-297f-6254-0000-000000000000}3692-root 154100x800000000000000028713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.321{ec2a2542-297f-6254-7033-84bf26560000}3693/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.323{ec2a2542-297f-6254-d81f-cef858550000}3694/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/001-fontconfig-config_2.12.6-0ubuntu2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.323{ec2a2542-297f-6254-7033-84bf26560000}3693/bin/rmroot 23542300x800000000000000028714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.323{ec2a2542-297f-6254-7033-84bf26560000}3693root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.324{ec2a2542-297f-6254-408a-f7c550560000}3695/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/001-fontconfig-config_2.12.6-0ubuntu2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.324{ec2a2542-297f-6254-d81f-cef858550000}3694/usr/bin/dpkg-splitroot 154100x800000000000000028720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.326{ec2a2542-297f-6254-b033-ad9360550000}3698/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-408a-f7c550560000}3695/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.326{ec2a2542-297f-6254-0000-000000000000}3696-root 534500x800000000000000028721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.328{ec2a2542-297f-6254-0000-000000000000}3697-root 534500x800000000000000028723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.329{ec2a2542-297f-6254-408a-f7c550560000}3695/usr/bin/dpkg-debroot 534500x800000000000000028722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.329{ec2a2542-297f-6254-b033-ad9360550000}3698/bin/tarroot 154100x800000000000000028724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.350{ec2a2542-297f-6254-408a-190197550000}3699/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/001-fontconfig-config_2.12.6-0ubuntu2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.352{ec2a2542-297f-6254-0000-000000000000}3700-root 534500x800000000000000028727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.362{ec2a2542-297f-6254-408a-190197550000}3699/usr/bin/dpkg-debroot 534500x800000000000000028726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.362{00000000-0000-0000-0000-000000000000}3701<unknown process>root 154100x800000000000000028728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.384{ec2a2542-297f-6254-7063-4fa167550000}3702/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.385{ec2a2542-297f-6254-d80f-12d4f1550000}3703/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/002-libfontconfig1_2.12.6-0ubuntu2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.385{ec2a2542-297f-6254-7063-4fa167550000}3702/bin/rmroot 23542300x800000000000000028729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.385{ec2a2542-297f-6254-7063-4fa167550000}3702root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.387{ec2a2542-297f-6254-40ea-663187550000}3704/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/002-libfontconfig1_2.12.6-0ubuntu2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.387{ec2a2542-297f-6254-d80f-12d4f1550000}3703/usr/bin/dpkg-splitroot 154100x800000000000000028735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.389{ec2a2542-297f-6254-b053-5d4533560000}3707/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-40ea-663187550000}3704/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.389{ec2a2542-297f-6254-0000-000000000000}3705-root 534500x800000000000000028736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.390{ec2a2542-297f-6254-0000-000000000000}3706-root 534500x800000000000000028738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.391{ec2a2542-297f-6254-40ea-663187550000}3704/usr/bin/dpkg-debroot 534500x800000000000000028737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.391{ec2a2542-297f-6254-b053-5d4533560000}3707/bin/tarroot 154100x800000000000000028739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.412{ec2a2542-297f-6254-400a-139fc5550000}3708/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/002-libfontconfig1_2.12.6-0ubuntu2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.421{ec2a2542-297f-6254-0000-000000000000}3709-root 534500x800000000000000028742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.429{ec2a2542-297f-6254-400a-139fc5550000}3708/usr/bin/dpkg-debroot 534500x800000000000000028741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.429{00000000-0000-0000-0000-000000000000}3710<unknown process>root 154100x800000000000000028743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.482{ec2a2542-297f-6254-7043-393e4e560000}3711/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.484{ec2a2542-297f-6254-d87f-03f84a560000}3712/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/003-fontconfig_2.12.6-0ubuntu2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.484{ec2a2542-297f-6254-7043-393e4e560000}3711/bin/rmroot 23542300x800000000000000028744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.484{ec2a2542-297f-6254-7043-393e4e560000}3711root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.485{ec2a2542-297f-6254-408a-b38ae6550000}3713/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/003-fontconfig_2.12.6-0ubuntu2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.485{ec2a2542-297f-6254-d87f-03f84a560000}3712/usr/bin/dpkg-splitroot 154100x800000000000000028750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.487{ec2a2542-297f-6254-b0b3-912b35560000}3716/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-408a-b38ae6550000}3713/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.487{ec2a2542-297f-6254-0000-000000000000}3714-root 534500x800000000000000028751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.489{ec2a2542-297f-6254-0000-000000000000}3715-root 534500x800000000000000028752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.490{ec2a2542-297f-6254-b0b3-912b35560000}3716/bin/tarroot 534500x800000000000000028753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.491{ec2a2542-297f-6254-408a-b38ae6550000}3713/usr/bin/dpkg-debroot 154100x800000000000000028754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.512{ec2a2542-297f-6254-405a-66a04d560000}3717/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/003-fontconfig_2.12.6-0ubuntu2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.520{ec2a2542-297f-6254-0000-000000000000}3718-root 534500x800000000000000028757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.524{ec2a2542-297f-6254-405a-66a04d560000}3717/usr/bin/dpkg-debroot 534500x800000000000000028756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.524{00000000-0000-0000-0000-000000000000}3719<unknown process>root 154100x800000000000000028758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.547{ec2a2542-297f-6254-7073-00a359550000}3720/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.548{ec2a2542-297f-6254-7073-00a359550000}3720/bin/rmroot 23542300x800000000000000028759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.548{ec2a2542-297f-6254-7073-00a359550000}3720root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.549{ec2a2542-297f-6254-d85f-63bb35560000}3721/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/004-libjpeg-turbo8_1.5.2-0ubuntu5.18.04.4_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.550{ec2a2542-297f-6254-401a-b872c7550000}3722/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/004-libjpeg-turbo8_1.5.2-0ubuntu5.18.04.4_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.550{ec2a2542-297f-6254-d85f-63bb35560000}3721/usr/bin/dpkg-splitroot 154100x800000000000000028765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.552{ec2a2542-297f-6254-b0d3-78ed8f550000}3725/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-401a-b872c7550000}3722/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.552{ec2a2542-297f-6254-0000-000000000000}3723-root 534500x800000000000000028766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.553{ec2a2542-297f-6254-0000-000000000000}3724-root 534500x800000000000000028767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.554{ec2a2542-297f-6254-b0d3-78ed8f550000}3725/bin/tarroot 534500x800000000000000028768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.555{ec2a2542-297f-6254-401a-b872c7550000}3722/usr/bin/dpkg-debroot 154100x800000000000000028769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.575{ec2a2542-297f-6254-40aa-754caa550000}3726/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/004-libjpeg-turbo8_1.5.2-0ubuntu5.18.04.4_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.582{ec2a2542-297f-6254-0000-000000000000}3727-root 534500x800000000000000028772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.590{ec2a2542-297f-6254-40aa-754caa550000}3726/usr/bin/dpkg-debroot 534500x800000000000000028771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.590{00000000-0000-0000-0000-000000000000}3728<unknown process>root 154100x800000000000000028773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.609{ec2a2542-297f-6254-70c3-49810f560000}3729/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.610{ec2a2542-297f-6254-70c3-49810f560000}3729/bin/rmroot 23542300x800000000000000028774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.610{ec2a2542-297f-6254-70c3-49810f560000}3729root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.611{ec2a2542-297f-6254-d87f-de1f06560000}3730/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/005-libogg0_1.3.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.612{ec2a2542-297f-6254-40aa-864cd5550000}3731/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/005-libogg0_1.3.2-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.612{ec2a2542-297f-6254-d87f-de1f06560000}3730/usr/bin/dpkg-splitroot 154100x800000000000000028780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.614{ec2a2542-297f-6254-b073-1cc958550000}3734/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-40aa-864cd5550000}3731/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.614{ec2a2542-297f-6254-0000-000000000000}3732-root 534500x800000000000000028781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.615{ec2a2542-297f-6254-0000-000000000000}3733-root 534500x800000000000000028783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.617{ec2a2542-297f-6254-40aa-864cd5550000}3731/usr/bin/dpkg-debroot 534500x800000000000000028782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.617{ec2a2542-297f-6254-b073-1cc958550000}3734/bin/tarroot 154100x800000000000000028784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.640{ec2a2542-297f-6254-401a-490ff6550000}3735/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/005-libogg0_1.3.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.642{ec2a2542-297f-6254-0000-000000000000}3736-root 534500x800000000000000028787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.644{ec2a2542-297f-6254-401a-490ff6550000}3735/usr/bin/dpkg-debroot 534500x800000000000000028786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.644{ec2a2542-297f-6254-0000-000000000000}3737-root 154100x800000000000000028788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.662{ec2a2542-297f-6254-7063-8fffda550000}3738/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.663{ec2a2542-297f-6254-d85f-653898550000}3739/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/006-libiscsi7_1.17.0-1.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.663{ec2a2542-297f-6254-7063-8fffda550000}3738/bin/rmroot 23542300x800000000000000028789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.663{ec2a2542-297f-6254-7063-8fffda550000}3738root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.665{ec2a2542-297f-6254-40ba-1d877d550000}3740/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/006-libiscsi7_1.17.0-1.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.665{ec2a2542-297f-6254-d85f-653898550000}3739/usr/bin/dpkg-splitroot 154100x800000000000000028795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.666{ec2a2542-297f-6254-b0b3-b6d112560000}3743/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-40ba-1d877d550000}3740/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.667{ec2a2542-297f-6254-0000-000000000000}3742-root 534500x800000000000000028794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.667{ec2a2542-297f-6254-0000-000000000000}3741-root 534500x800000000000000028798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.669{ec2a2542-297f-6254-40ba-1d877d550000}3740/usr/bin/dpkg-debroot 534500x800000000000000028797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.669{ec2a2542-297f-6254-b0b3-b6d112560000}3743/bin/tarroot 154100x800000000000000028799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.692{ec2a2542-297f-6254-409a-a9ff7f550000}3744/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/006-libiscsi7_1.17.0-1.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.694{ec2a2542-297f-6254-0000-000000000000}3745-root 534500x800000000000000028802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.701{ec2a2542-297f-6254-409a-a9ff7f550000}3744/usr/bin/dpkg-debroot 534500x800000000000000028801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.701{ec2a2542-297f-6254-0000-000000000000}3746-root 154100x800000000000000028803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.718{ec2a2542-297f-6254-7063-422d50560000}3747/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.720{ec2a2542-297f-6254-7063-422d50560000}3747/bin/rmroot 23542300x800000000000000028804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.720{ec2a2542-297f-6254-7063-422d50560000}3747root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.721{ec2a2542-297f-6254-d88f-999829560000}3748/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/007-libnl-3-200_3.2.29-0ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.722{ec2a2542-297f-6254-407a-03bbb8550000}3749/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/007-libnl-3-200_3.2.29-0ubuntu3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.722{ec2a2542-297f-6254-d88f-999829560000}3748/usr/bin/dpkg-splitroot 154100x800000000000000028810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.724{ec2a2542-297f-6254-b073-113abb550000}3752/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-407a-03bbb8550000}3749/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.724{ec2a2542-297f-6254-0000-000000000000}3750-root 534500x800000000000000028811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.725{ec2a2542-297f-6254-0000-000000000000}3751-root 534500x800000000000000028812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.726{ec2a2542-297f-6254-b073-113abb550000}3752/bin/tarroot 534500x800000000000000028813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.727{ec2a2542-297f-6254-407a-03bbb8550000}3749/usr/bin/dpkg-debroot 154100x800000000000000028814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.748{ec2a2542-297f-6254-402a-dceb19560000}3753/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/007-libnl-3-200_3.2.29-0ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.751{ec2a2542-297f-6254-0000-000000000000}3754-root 534500x800000000000000028817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.757{ec2a2542-297f-6254-402a-dceb19560000}3753/usr/bin/dpkg-debroot 534500x800000000000000028816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.757{00000000-0000-0000-0000-000000000000}3755<unknown process>root 154100x800000000000000028818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.774{ec2a2542-297f-6254-70a3-4be7b5550000}3756/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.775{ec2a2542-297f-6254-70a3-4be7b5550000}3756/bin/rmroot 23542300x800000000000000028819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.775{ec2a2542-297f-6254-70a3-4be7b5550000}3756root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.776{ec2a2542-297f-6254-d87f-e3a225560000}3757/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/008-libnl-route-3-200_3.2.29-0ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.777{ec2a2542-297f-6254-403a-2c8666550000}3758/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/008-libnl-route-3-200_3.2.29-0ubuntu3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.777{ec2a2542-297f-6254-d87f-e3a225560000}3757/usr/bin/dpkg-splitroot 154100x800000000000000028825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.779{ec2a2542-297f-6254-b0e3-678064550000}3761/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-403a-2c8666550000}3758/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.779{ec2a2542-297f-6254-0000-000000000000}3759-root 534500x800000000000000028826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.780{ec2a2542-297f-6254-0000-000000000000}3760-root 534500x800000000000000028828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.782{ec2a2542-297f-6254-403a-2c8666550000}3758/usr/bin/dpkg-debroot 534500x800000000000000028827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.782{ec2a2542-297f-6254-b0e3-678064550000}3761/bin/tarroot 154100x800000000000000028829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.804{ec2a2542-297f-6254-405a-8bf3c8550000}3762/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/008-libnl-route-3-200_3.2.29-0ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.814{ec2a2542-297f-6254-0000-000000000000}3763-root 534500x800000000000000028832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.822{ec2a2542-297f-6254-405a-8bf3c8550000}3762/usr/bin/dpkg-debroot 534500x800000000000000028831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.822{00000000-0000-0000-0000-000000000000}3764<unknown process>root 154100x800000000000000028833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.838{ec2a2542-297f-6254-7073-f9483a560000}3765/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.839{ec2a2542-297f-6254-d83f-b20e30560000}3766/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/009-libibverbs1_17.1-1ubuntu0.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.839{ec2a2542-297f-6254-7073-f9483a560000}3765/bin/rmroot 23542300x800000000000000028834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.839{ec2a2542-297f-6254-7073-f9483a560000}3765root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.841{ec2a2542-297f-6254-40fa-aa9d5d550000}3767/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/009-libibverbs1_17.1-1ubuntu0.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.841{ec2a2542-297f-6254-d83f-b20e30560000}3766/usr/bin/dpkg-splitroot 154100x800000000000000028840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.843{ec2a2542-297f-6254-b0d3-e28374550000}3770/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-40fa-aa9d5d550000}3767/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.843{ec2a2542-297f-6254-0000-000000000000}3768-root 534500x800000000000000028841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.844{ec2a2542-297f-6254-0000-000000000000}3769-root 534500x800000000000000028843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.846{ec2a2542-297f-6254-40fa-aa9d5d550000}3767/usr/bin/dpkg-debroot 534500x800000000000000028842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.846{ec2a2542-297f-6254-b0d3-e28374550000}3770/bin/tarroot 154100x800000000000000028844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.867{ec2a2542-297f-6254-403a-621011560000}3771/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/009-libibverbs1_17.1-1ubuntu0.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.869{ec2a2542-297f-6254-0000-000000000000}3772-root 534500x800000000000000028847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.875{ec2a2542-297f-6254-403a-621011560000}3771/usr/bin/dpkg-debroot 534500x800000000000000028846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.875{00000000-0000-0000-0000-000000000000}3773<unknown process>root 154100x800000000000000028848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.896{ec2a2542-297f-6254-70e3-6b75ff550000}3774/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000028849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.898{ec2a2542-297f-6254-70e3-6b75ff550000}3774root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.899{ec2a2542-297f-6254-d8cf-94fea6550000}3775/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/010-libnspr4_2%3a4.18-1ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.899{ec2a2542-297f-6254-70e3-6b75ff550000}3774/bin/rmroot 534500x800000000000000028852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.901{ec2a2542-297f-6254-d8cf-94fea6550000}3775/usr/bin/dpkg-splitroot 154100x800000000000000028853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.902{ec2a2542-297f-6254-408a-fb23a5550000}3776/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/010-libnspr4_2%3a4.18-1ubuntu1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.903{ec2a2542-297f-6254-b013-1a5a24560000}3779/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-408a-fb23a5550000}3776/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.904{ec2a2542-297f-6254-0000-000000000000}3777-root 534500x800000000000000028857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.905{ec2a2542-297f-6254-b013-1a5a24560000}3779/bin/tarroot 534500x800000000000000028856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.905{ec2a2542-297f-6254-0000-000000000000}3778-root 534500x800000000000000028858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.906{ec2a2542-297f-6254-408a-fb23a5550000}3776/usr/bin/dpkg-debroot 154100x800000000000000028859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.950{ec2a2542-297f-6254-40ca-109fb9550000}3780/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/010-libnspr4_2%3a4.18-1ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.958{ec2a2542-297f-6254-0000-000000000000}3781-root 534500x800000000000000028861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.963{ec2a2542-297f-6254-0000-000000000000}3782-root 534500x800000000000000028862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.964{ec2a2542-297f-6254-40ca-109fb9550000}3780/usr/bin/dpkg-debroot 154100x800000000000000028863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.988{ec2a2542-297f-6254-70b3-14f133560000}3783/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000028864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.989{ec2a2542-297f-6254-70b3-14f133560000}3783root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.990{ec2a2542-297f-6254-d83f-a613ab550000}3784/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/011-libnss3_2%3a3.35-2ubuntu2.13_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.990{ec2a2542-297f-6254-70b3-14f133560000}3783/bin/rmroot 154100x800000000000000028868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.991{ec2a2542-297f-6254-401a-7e602d560000}3785/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/011-libnss3_2%3a3.35-2ubuntu2.13_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.991{ec2a2542-297f-6254-d83f-a613ab550000}3784/usr/bin/dpkg-splitroot 154100x800000000000000028870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.993{ec2a2542-297f-6254-b023-e87cf9550000}3788/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-401a-7e602d560000}3785/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.993{ec2a2542-297f-6254-0000-000000000000}3786-root 534500x800000000000000028872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.996{ec2a2542-297f-6254-b023-e87cf9550000}3788/bin/tarroot 534500x800000000000000028871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.996{ec2a2542-297f-6254-0000-000000000000}3787-root 534500x800000000000000028873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:35.997{ec2a2542-297f-6254-401a-7e602d560000}3785/usr/bin/dpkg-debroot 154100x800000000000000028874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.018{ec2a2542-2980-6254-409a-da3dfd550000}3789/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/011-libnss3_2%3a3.35-2ubuntu2.13_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.164{ec2a2542-2980-6254-0000-000000000000}3790-root 534500x800000000000000028877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.174{ec2a2542-2980-6254-409a-da3dfd550000}3789/usr/bin/dpkg-debroot 534500x800000000000000028876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.174{00000000-0000-0000-0000-000000000000}3791<unknown process>root 154100x800000000000000028878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.227{ec2a2542-2980-6254-7013-dd556c550000}3792/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.229{ec2a2542-2980-6254-d83f-42ccf2550000}3793/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/012-librados2_12.2.13-0ubuntu0.18.04.10_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.229{ec2a2542-2980-6254-7013-dd556c550000}3792/bin/rmroot 23542300x800000000000000028879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.229{ec2a2542-2980-6254-7013-dd556c550000}3792root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000028882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.230{ec2a2542-2980-6254-d83f-42ccf2550000}3793/usr/bin/dpkg-splitroot 154100x800000000000000028883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.231{ec2a2542-2980-6254-409a-92fa71550000}3794/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/012-librados2_12.2.13-0ubuntu0.18.04.10_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.237{ec2a2542-2980-6254-b003-422de5550000}3797/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-409a-92fa71550000}3794/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.241{ec2a2542-2980-6254-0000-000000000000}3795-root 534500x800000000000000028886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.254{ec2a2542-2980-6254-b003-422de5550000}3797/bin/tarroot 534500x800000000000000028888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.255{ec2a2542-2980-6254-409a-92fa71550000}3794/usr/bin/dpkg-debroot 534500x800000000000000028887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.255{00000000-0000-0000-0000-000000000000}3796<unknown process>root 154100x800000000000000028889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.306{ec2a2542-2980-6254-406a-5d2bab550000}3798/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/012-librados2_12.2.13-0ubuntu0.18.04.10_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.615{ec2a2542-2980-6254-0000-000000000000}3799-root 534500x800000000000000028892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.623{ec2a2542-2980-6254-406a-5d2bab550000}3798/usr/bin/dpkg-debroot 534500x800000000000000028891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.623{ec2a2542-2980-6254-0000-000000000000}3800-root 154100x800000000000000028893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.641{ec2a2542-2980-6254-7003-cdfd1a560000}3801/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.643{ec2a2542-2980-6254-d82f-ae3b58550000}3802/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/013-librbd1_12.2.13-0ubuntu0.18.04.10_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.643{ec2a2542-2980-6254-7003-cdfd1a560000}3801/bin/rmroot 23542300x800000000000000028894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.643{ec2a2542-2980-6254-7003-cdfd1a560000}3801root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000028897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.644{ec2a2542-2980-6254-d82f-ae3b58550000}3802/usr/bin/dpkg-splitroot 154100x800000000000000028898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.645{ec2a2542-2980-6254-40ca-15299c550000}3803/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/013-librbd1_12.2.13-0ubuntu0.18.04.10_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.646{ec2a2542-2980-6254-b0f3-f14df8550000}3806/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-40ca-15299c550000}3803/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.646{ec2a2542-2980-6254-0000-000000000000}3804-root 534500x800000000000000028901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.648{ec2a2542-2980-6254-0000-000000000000}3805-root 534500x800000000000000028903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.649{ec2a2542-2980-6254-40ca-15299c550000}3803/usr/bin/dpkg-debroot 534500x800000000000000028902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.649{ec2a2542-2980-6254-b0f3-f14df8550000}3806/bin/tarroot 154100x800000000000000028904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.672{ec2a2542-2980-6254-40da-0c8cf2550000}3807/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/013-librbd1_12.2.13-0ubuntu0.18.04.10_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.763{ec2a2542-2980-6254-0000-000000000000}3808-root 534500x800000000000000028907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.770{ec2a2542-2980-6254-40da-0c8cf2550000}3807/usr/bin/dpkg-debroot 534500x800000000000000028906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.770{ec2a2542-2980-6254-0000-000000000000}3809-root 154100x800000000000000028908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.813{ec2a2542-2980-6254-7063-ca6b47560000}3810/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.814{ec2a2542-2980-6254-d89f-eb8f8e550000}3811/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/014-qemu-block-extra_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.814{ec2a2542-2980-6254-7063-ca6b47560000}3810/bin/rmroot 23542300x800000000000000028909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.814{ec2a2542-2980-6254-7063-ca6b47560000}3810root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.816{ec2a2542-2980-6254-40ba-cca3a1550000}3812/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/014-qemu-block-extra_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.816{ec2a2542-2980-6254-d89f-eb8f8e550000}3811/usr/bin/dpkg-splitroot 154100x800000000000000028915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.818{ec2a2542-2980-6254-b073-ad8d97550000}3815/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-40ba-cca3a1550000}3812/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.818{ec2a2542-2980-6254-0000-000000000000}3813-root 534500x800000000000000028916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.819{ec2a2542-2980-6254-0000-000000000000}3814-root 534500x800000000000000028918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.820{ec2a2542-2980-6254-40ba-cca3a1550000}3812/usr/bin/dpkg-debroot 534500x800000000000000028917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.820{ec2a2542-2980-6254-b073-ad8d97550000}3815/bin/tarroot 154100x800000000000000028919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.841{ec2a2542-2980-6254-40ca-d64978550000}3816/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/014-qemu-block-extra_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.843{ec2a2542-2980-6254-0000-000000000000}3817-root 534500x800000000000000028922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.850{ec2a2542-2980-6254-40ca-d64978550000}3816/usr/bin/dpkg-debroot 534500x800000000000000028921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.850{00000000-0000-0000-0000-000000000000}3818<unknown process>root 154100x800000000000000028923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.868{ec2a2542-2980-6254-7013-7218dc550000}3819/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.870{ec2a2542-2980-6254-d8cf-b44bc3550000}3820/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/015-qemu-system-common_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.870{ec2a2542-2980-6254-7013-7218dc550000}3819/bin/rmroot 23542300x800000000000000028924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.870{ec2a2542-2980-6254-7013-7218dc550000}3819root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.872{ec2a2542-2980-6254-400a-103e8e550000}3821/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/015-qemu-system-common_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.872{ec2a2542-2980-6254-d8cf-b44bc3550000}3820/usr/bin/dpkg-splitroot 154100x800000000000000028930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.874{ec2a2542-2980-6254-b093-00123e560000}3824/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-400a-103e8e550000}3821/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.874{ec2a2542-2980-6254-0000-000000000000}3822-root 534500x800000000000000028931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.875{ec2a2542-2980-6254-0000-000000000000}3823-root 534500x800000000000000028933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.876{ec2a2542-2980-6254-400a-103e8e550000}3821/usr/bin/dpkg-debroot 534500x800000000000000028932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.876{ec2a2542-2980-6254-b093-00123e560000}3824/bin/tarroot 154100x800000000000000028934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.903{ec2a2542-2980-6254-6822-a402a1550000}3825/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.904{ec2a2542-2980-6254-681a-c747c2550000}3826/usr/bin/getent-----getent group kvm/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6822-a402a1550000}3825/bin/dash/bin/shroot 154100x800000000000000028937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.908{ec2a2542-2980-6254-98b7-202729560000}3827/usr/bin/perl-----/usr/bin/perl /usr/sbin/addgroup --quiet --system kvm/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6822-a402a1550000}3825/bin/dash/bin/shroot 534500x800000000000000028936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.908{ec2a2542-2980-6254-681a-c747c2550000}3826/usr/bin/getentroot 154100x800000000000000028938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.950{ec2a2542-2980-6254-503d-3bafba550000}3828/usr/sbin/groupadd-----/usr/sbin/groupadd -g 115 kvm/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-98b7-202729560000}3827/usr/bin/perl/usr/bin/perlroot 23542300x800000000000000028940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.955{ec2a2542-2980-6254-503d-3bafba550000}3828root/usr/sbin/groupadd/etc/gshadow.3828--- 23542300x800000000000000028939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.955{ec2a2542-2980-6254-503d-3bafba550000}3828root/usr/sbin/groupadd/etc/group.3828--- 23542300x800000000000000028941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.960{ec2a2542-2980-6254-503d-3bafba550000}3828root/usr/sbin/groupadd/etc/group.lock--- 23542300x800000000000000028942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.965{ec2a2542-2980-6254-503d-3bafba550000}3828root/usr/sbin/groupadd/etc/gshadow.lock--- 534500x800000000000000028944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.966{00000000-0000-0000-0000-000000000000}3830<unknown process>root 534500x800000000000000028943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.966{00000000-0000-0000-0000-000000000000}3829<unknown process>root 534500x800000000000000028946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.967{ec2a2542-2980-6254-503d-3bafba550000}3828/usr/sbin/groupaddroot 534500x800000000000000028945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.967{00000000-0000-0000-0000-000000000000}3831<unknown process>root 154100x800000000000000028948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.969{ec2a2542-2980-6254-6892-13f533560000}3832/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init/qemu-kvm.conf 1:2.8+dfsg-1ubuntu1~ -- install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6822-a402a1550000}3825/bin/dash/bin/shroot 534500x800000000000000028947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.969{ec2a2542-2980-6254-98b7-202729560000}3827/usr/bin/perlroot 154100x800000000000000028949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.971{ec2a2542-2980-6254-e85b-870734560000}3833/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6892-13f533560000}3832/bin/dash/bin/shroot 154100x800000000000000028951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.972{ec2a2542-2980-6254-70b1-0c0a4b560000}3834/usr/bin/dpkg-----dpkg --validate-version -- 1:2.8+dfsg-1ubuntu1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6892-13f533560000}3832/bin/dash/bin/shroot 534500x800000000000000028950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.972{ec2a2542-2980-6254-e85b-870734560000}3833/usr/bin/basenameroot 154100x800000000000000028954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.974{ec2a2542-2980-6254-6812-e74ab7550000}3835/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init.d/qemu-kvm 1:2.8+dfsg-1ubuntu1~ -- install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6822-a402a1550000}3825/bin/dash/bin/shroot 534500x800000000000000028953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.974{ec2a2542-2980-6254-6892-13f533560000}3832/bin/dashroot 534500x800000000000000028952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.974{ec2a2542-2980-6254-70b1-0c0a4b560000}3834/usr/bin/dpkgroot 154100x800000000000000028955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.975{ec2a2542-2980-6254-e88b-b011ff550000}3836/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6812-e74ab7550000}3835/bin/dash/bin/shroot 154100x800000000000000028957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.976{ec2a2542-2980-6254-7041-bf918a550000}3837/usr/bin/dpkg-----dpkg --validate-version -- 1:2.8+dfsg-1ubuntu1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2980-6254-6812-e74ab7550000}3835/bin/dash/bin/shroot 534500x800000000000000028956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.976{ec2a2542-2980-6254-e88b-b011ff550000}3836/usr/bin/basenameroot 154100x800000000000000028961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.979{ec2a2542-2980-6254-406a-d66f8e550000}3838/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/015-qemu-system-common_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.979{ec2a2542-2980-6254-6822-a402a1550000}3825/bin/dashroot 534500x800000000000000028959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.979{ec2a2542-2980-6254-6812-e74ab7550000}3835/bin/dashroot 534500x800000000000000028958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:36.979{ec2a2542-2980-6254-7041-bf918a550000}3837/usr/bin/dpkgroot 534500x800000000000000028962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.029{ec2a2542-2980-6254-0000-000000000000}3839-root 534500x800000000000000028963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.042{ec2a2542-2980-6254-0000-000000000000}3840-root 534500x800000000000000028964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.043{ec2a2542-2980-6254-406a-d66f8e550000}3838/usr/bin/dpkg-debroot 154100x800000000000000028965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.064{ec2a2542-2981-6254-7043-1e835f550000}3841/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.065{ec2a2542-2981-6254-7043-1e835f550000}3841/bin/rmroot 23542300x800000000000000028966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.065{ec2a2542-2981-6254-7043-1e835f550000}3841root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.066{ec2a2542-2981-6254-d80f-1708e8550000}3842/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/016-binfmt-support_2.1.8-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.067{ec2a2542-2981-6254-40aa-d38aae550000}3843/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/016-binfmt-support_2.1.8-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.067{ec2a2542-2981-6254-d80f-1708e8550000}3842/usr/bin/dpkg-splitroot 154100x800000000000000028972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.069{ec2a2542-2981-6254-b053-b39840560000}3846/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-40aa-d38aae550000}3843/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.069{ec2a2542-2981-6254-0000-000000000000}3844-root 534500x800000000000000028973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.070{ec2a2542-2981-6254-0000-000000000000}3845-root 534500x800000000000000028975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.072{ec2a2542-2981-6254-40aa-d38aae550000}3843/usr/bin/dpkg-debroot 534500x800000000000000028974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.072{ec2a2542-2981-6254-b053-b39840560000}3846/bin/tarroot 154100x800000000000000028976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.096{ec2a2542-2981-6254-6822-fa00b9550000}3847/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000028977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.097{ec2a2542-2981-6254-6832-515de8550000}3848/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init/binfmt-support.conf 2.1.8-1~ -- install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-6822-fa00b9550000}3847/bin/dash/bin/shroot 154100x800000000000000028978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.098{ec2a2542-2981-6254-e8ab-6efda4550000}3849/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-6832-515de8550000}3848/bin/dash/bin/shroot 534500x800000000000000028979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.099{ec2a2542-2981-6254-e8ab-6efda4550000}3849/usr/bin/basenameroot 154100x800000000000000028980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.100{ec2a2542-2981-6254-7021-26e5b1550000}3850/usr/bin/dpkg-----dpkg --validate-version -- 2.1.8-1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-6832-515de8550000}3848/bin/dash/bin/shroot 534500x800000000000000028983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.102{ec2a2542-2981-6254-6822-fa00b9550000}3847/bin/dashroot 534500x800000000000000028982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.102{ec2a2542-2981-6254-6832-515de8550000}3848/bin/dashroot 534500x800000000000000028981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.102{ec2a2542-2981-6254-7021-26e5b1550000}3850/usr/bin/dpkgroot 154100x800000000000000028984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.103{ec2a2542-2981-6254-40aa-6fbb36560000}3851/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/016-binfmt-support_2.1.8-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.105{ec2a2542-2981-6254-0000-000000000000}3852-root 534500x800000000000000028986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.119{00000000-0000-0000-0000-000000000000}3853<unknown process>root 534500x800000000000000028987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.120{ec2a2542-2981-6254-40aa-6fbb36560000}3851/usr/bin/dpkg-debroot 154100x800000000000000028988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.144{ec2a2542-2981-6254-7053-3d1fdf550000}3854/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.145{ec2a2542-2981-6254-7053-3d1fdf550000}3854/bin/rmroot 23542300x800000000000000028989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.145{ec2a2542-2981-6254-7053-3d1fdf550000}3854root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000028991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.146{ec2a2542-2981-6254-d8af-87d7c9550000}3855/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/017-msr-tools_1.3-2build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.147{ec2a2542-2981-6254-d8af-87d7c9550000}3855/usr/bin/dpkg-splitroot 154100x800000000000000028993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.148{ec2a2542-2981-6254-40ea-a84eac550000}3856/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/017-msr-tools_1.3-2build1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000028996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.150{ec2a2542-2981-6254-0000-000000000000}3858-root 154100x800000000000000028995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.150{ec2a2542-2981-6254-b003-fdc6df550000}3859/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-40ea-a84eac550000}3856/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000028994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.150{ec2a2542-2981-6254-0000-000000000000}3857-root 534500x800000000000000028998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.153{ec2a2542-2981-6254-40ea-a84eac550000}3856/usr/bin/dpkg-debroot 534500x800000000000000028997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.153{ec2a2542-2981-6254-b003-fdc6df550000}3859/bin/tarroot 154100x800000000000000028999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.168{ec2a2542-2981-6254-40ca-670a7a550000}3860/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/017-msr-tools_1.3-2build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.170{ec2a2542-2981-6254-0000-000000000000}3861-root 534500x800000000000000029002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.172{ec2a2542-2981-6254-40ca-670a7a550000}3860/usr/bin/dpkg-debroot 534500x800000000000000029001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.172{ec2a2542-2981-6254-0000-000000000000}3862-root 154100x800000000000000029003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.251{ec2a2542-2981-6254-7003-f7f668550000}3863/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.252{ec2a2542-2981-6254-7003-f7f668550000}3863/bin/rmroot 23542300x800000000000000029004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.252{ec2a2542-2981-6254-7003-f7f668550000}3863root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.253{ec2a2542-2981-6254-d8ef-096807560000}3864/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/018-cpu-checker_0.7-0ubuntu7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.254{ec2a2542-2981-6254-403a-909a5d550000}3865/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/018-cpu-checker_0.7-0ubuntu7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.254{ec2a2542-2981-6254-d8ef-096807560000}3864/usr/bin/dpkg-splitroot 154100x800000000000000029011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.257{ec2a2542-2981-6254-b0b3-68404c560000}3868/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-403a-909a5d550000}3865/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.257{ec2a2542-2981-6254-0000-000000000000}3867-root 534500x800000000000000029009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.257{ec2a2542-2981-6254-0000-000000000000}3866-root 534500x800000000000000029013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.259{ec2a2542-2981-6254-403a-909a5d550000}3865/usr/bin/dpkg-debroot 534500x800000000000000029012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.259{ec2a2542-2981-6254-b0b3-68404c560000}3868/bin/tarroot 154100x800000000000000029014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.274{ec2a2542-2981-6254-401a-d5afa6550000}3869/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/018-cpu-checker_0.7-0ubuntu7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.276{ec2a2542-2981-6254-0000-000000000000}3870-root 534500x800000000000000029017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.277{ec2a2542-2981-6254-401a-d5afa6550000}3869/usr/bin/dpkg-debroot 534500x800000000000000029016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.277{ec2a2542-2981-6254-0000-000000000000}3871-root 154100x800000000000000029018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.295{ec2a2542-2981-6254-70f3-2424c5550000}3872/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.296{ec2a2542-2981-6254-70f3-2424c5550000}3872/bin/rmroot 23542300x800000000000000029019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.296{ec2a2542-2981-6254-70f3-2424c5550000}3872root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.297{ec2a2542-2981-6254-d8bf-4c9c0d560000}3873/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/019-libdconf1_0.26.0-2ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.298{ec2a2542-2981-6254-40ca-844635560000}3874/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/019-libdconf1_0.26.0-2ubuntu3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.298{ec2a2542-2981-6254-d8bf-4c9c0d560000}3873/usr/bin/dpkg-splitroot 154100x800000000000000029025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.300{ec2a2542-2981-6254-b0a3-db9da2550000}3877/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-40ca-844635560000}3874/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.300{ec2a2542-2981-6254-0000-000000000000}3875-root 534500x800000000000000029026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.301{ec2a2542-2981-6254-0000-000000000000}3876-root 534500x800000000000000029027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.302{ec2a2542-2981-6254-b0a3-db9da2550000}3877/bin/tarroot 534500x800000000000000029028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.303{ec2a2542-2981-6254-40ca-844635560000}3874/usr/bin/dpkg-debroot 154100x800000000000000029029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.326{ec2a2542-2981-6254-40ba-c208d1550000}3878/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/019-libdconf1_0.26.0-2ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.328{ec2a2542-2981-6254-0000-000000000000}3879-root 534500x800000000000000029032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.332{ec2a2542-2981-6254-40ba-c208d1550000}3878/usr/bin/dpkg-debroot 534500x800000000000000029031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.332{ec2a2542-2981-6254-0000-000000000000}3880-root 154100x800000000000000029033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.351{ec2a2542-2981-6254-70a3-0abc03560000}3881/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.352{ec2a2542-2981-6254-d81f-9b23dc550000}3882/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/020-dconf-service_0.26.0-2ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.352{ec2a2542-2981-6254-70a3-0abc03560000}3881/bin/rmroot 23542300x800000000000000029034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.352{ec2a2542-2981-6254-70a3-0abc03560000}3881root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.354{ec2a2542-2981-6254-401a-14ee12560000}3883/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/020-dconf-service_0.26.0-2ubuntu3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.354{ec2a2542-2981-6254-d81f-9b23dc550000}3882/usr/bin/dpkg-splitroot 534500x800000000000000029039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.356{ec2a2542-2981-6254-0000-000000000000}3884-root 154100x800000000000000029041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.357{ec2a2542-2981-6254-b043-926033560000}3886/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-401a-14ee12560000}3883/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.357{ec2a2542-2981-6254-0000-000000000000}3885-root 534500x800000000000000029043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.359{ec2a2542-2981-6254-401a-14ee12560000}3883/usr/bin/dpkg-debroot 534500x800000000000000029042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.359{ec2a2542-2981-6254-b043-926033560000}3886/bin/tarroot 154100x800000000000000029044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.375{ec2a2542-2981-6254-406a-20cd09560000}3887/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/020-dconf-service_0.26.0-2ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.378{ec2a2542-2981-6254-0000-000000000000}3888-root 534500x800000000000000029047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.383{ec2a2542-2981-6254-406a-20cd09560000}3887/usr/bin/dpkg-debroot 534500x800000000000000029046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.383{00000000-0000-0000-0000-000000000000}3889<unknown process>root 154100x800000000000000029048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.400{ec2a2542-2981-6254-70e3-947df3550000}3890/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.401{ec2a2542-2981-6254-70e3-947df3550000}3890root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.402{ec2a2542-2981-6254-70e3-947df3550000}3890/bin/rmroot 154100x800000000000000029051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.403{ec2a2542-2981-6254-d89f-80ba3f560000}3891/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/021-dconf-gsettings-backend_0.26.0-2ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.406{ec2a2542-2981-6254-404a-1b206c550000}3892/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/021-dconf-gsettings-backend_0.26.0-2ubuntu3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.406{ec2a2542-2981-6254-d89f-80ba3f560000}3891/usr/bin/dpkg-splitroot 154100x800000000000000029055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.409{ec2a2542-2981-6254-b043-960124560000}3895/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-404a-1b206c550000}3892/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.409{ec2a2542-2981-6254-0000-000000000000}3893-root 534500x800000000000000029056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.410{ec2a2542-2981-6254-0000-000000000000}3894-root 534500x800000000000000029057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.413{ec2a2542-2981-6254-b043-960124560000}3895/bin/tarroot 534500x800000000000000029058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.414{ec2a2542-2981-6254-404a-1b206c550000}3892/usr/bin/dpkg-debroot 154100x800000000000000029059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.431{ec2a2542-2981-6254-409a-9ac7a5550000}3896/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/021-dconf-gsettings-backend_0.26.0-2ubuntu3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.433{ec2a2542-2981-6254-0000-000000000000}3897-root 534500x800000000000000029061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.442{00000000-0000-0000-0000-000000000000}3898<unknown process>root 534500x800000000000000029062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.443{ec2a2542-2981-6254-409a-9ac7a5550000}3896/usr/bin/dpkg-debroot 154100x800000000000000029063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.464{ec2a2542-2981-6254-70f3-a70f33560000}3899/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.465{ec2a2542-2981-6254-70f3-a70f33560000}3899/bin/rmroot 23542300x800000000000000029064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.465{ec2a2542-2981-6254-70f3-a70f33560000}3899root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.466{ec2a2542-2981-6254-d8df-051de8550000}3900/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/022-libproxy1v5_0.4.15-1ubuntu0.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.467{ec2a2542-2981-6254-409a-38eb17560000}3901/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/022-libproxy1v5_0.4.15-1ubuntu0.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.467{ec2a2542-2981-6254-d8df-051de8550000}3900/usr/bin/dpkg-splitroot 154100x800000000000000029070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.469{ec2a2542-2981-6254-b0b3-7799f5550000}3904/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-409a-38eb17560000}3901/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.469{ec2a2542-2981-6254-0000-000000000000}3902-root 534500x800000000000000029071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.470{ec2a2542-2981-6254-0000-000000000000}3903-root 534500x800000000000000029072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.471{ec2a2542-2981-6254-b0b3-7799f5550000}3904/bin/tarroot 534500x800000000000000029073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.472{ec2a2542-2981-6254-409a-38eb17560000}3901/usr/bin/dpkg-debroot 154100x800000000000000029074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.491{ec2a2542-2981-6254-402a-661267550000}3905/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/022-libproxy1v5_0.4.15-1ubuntu0.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.493{ec2a2542-2981-6254-0000-000000000000}3906-root 534500x800000000000000029077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.498{ec2a2542-2981-6254-402a-661267550000}3905/usr/bin/dpkg-debroot 534500x800000000000000029076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.498{ec2a2542-2981-6254-0000-000000000000}3907-root 154100x800000000000000029078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.515{ec2a2542-2981-6254-7003-77bdc2550000}3908/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.516{ec2a2542-2981-6254-d82f-df716f550000}3909/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/023-glib-networking-common_2.56.0-1ubuntu0.1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.516{ec2a2542-2981-6254-7003-77bdc2550000}3908/bin/rmroot 23542300x800000000000000029079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.516{ec2a2542-2981-6254-7003-77bdc2550000}3908root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.518{ec2a2542-2981-6254-402a-1c5599550000}3910/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/023-glib-networking-common_2.56.0-1ubuntu0.1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.518{ec2a2542-2981-6254-d82f-df716f550000}3909/usr/bin/dpkg-splitroot 154100x800000000000000029085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.520{ec2a2542-2981-6254-b043-29d78b550000}3913/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-402a-1c5599550000}3910/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.520{ec2a2542-2981-6254-0000-000000000000}3911-root 534500x800000000000000029086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.521{ec2a2542-2981-6254-0000-000000000000}3912-root 534500x800000000000000029088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.526{ec2a2542-2981-6254-402a-1c5599550000}3910/usr/bin/dpkg-debroot 534500x800000000000000029087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.526{ec2a2542-2981-6254-b043-29d78b550000}3913/bin/tarroot 154100x800000000000000029089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.543{ec2a2542-2981-6254-407a-0dbde1550000}3914/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/023-glib-networking-common_2.56.0-1ubuntu0.1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.545{ec2a2542-2981-6254-0000-000000000000}3915-root 534500x800000000000000029092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.547{ec2a2542-2981-6254-407a-0dbde1550000}3914/usr/bin/dpkg-debroot 534500x800000000000000029091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.547{ec2a2542-2981-6254-0000-000000000000}3916-root 154100x800000000000000029093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.564{ec2a2542-2981-6254-7053-080df3550000}3917/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.566{ec2a2542-2981-6254-d82f-f01e63550000}3918/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/024-glib-networking-services_2.56.0-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.566{ec2a2542-2981-6254-7053-080df3550000}3917/bin/rmroot 23542300x800000000000000029094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.566{ec2a2542-2981-6254-7053-080df3550000}3917root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.567{ec2a2542-2981-6254-d82f-f01e63550000}3918/usr/bin/dpkg-splitroot 154100x800000000000000029098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.568{ec2a2542-2981-6254-40fa-2eac4c560000}3919/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/024-glib-networking-services_2.56.0-1ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.569{ec2a2542-2981-6254-b033-73c56a550000}3922/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-40fa-2eac4c560000}3919/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.569{ec2a2542-2981-6254-0000-000000000000}3920-root 534500x800000000000000029101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.570{ec2a2542-2981-6254-0000-000000000000}3921-root 534500x800000000000000029103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.572{ec2a2542-2981-6254-40fa-2eac4c560000}3919/usr/bin/dpkg-debroot 534500x800000000000000029102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.572{ec2a2542-2981-6254-b033-73c56a550000}3922/bin/tarroot 154100x800000000000000029104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.589{ec2a2542-2981-6254-40da-7ee8b8550000}3923/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/024-glib-networking-services_2.56.0-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.591{ec2a2542-2981-6254-0000-000000000000}3924-root 534500x800000000000000029106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.593{00000000-0000-0000-0000-000000000000}3925<unknown process>root 534500x800000000000000029107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.594{ec2a2542-2981-6254-40da-7ee8b8550000}3923/usr/bin/dpkg-debroot 154100x800000000000000029108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.611{ec2a2542-2981-6254-70d3-47cec1550000}3926/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.612{ec2a2542-2981-6254-d8ff-4617dd550000}3927/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/025-gsettings-desktop-schemas_3.28.0-1ubuntu1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.612{ec2a2542-2981-6254-70d3-47cec1550000}3926/bin/rmroot 23542300x800000000000000029109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.612{ec2a2542-2981-6254-70d3-47cec1550000}3926root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.614{ec2a2542-2981-6254-407a-463540560000}3928/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/025-gsettings-desktop-schemas_3.28.0-1ubuntu1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.614{ec2a2542-2981-6254-d8ff-4617dd550000}3927/usr/bin/dpkg-splitroot 154100x800000000000000029115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.616{ec2a2542-2981-6254-b043-2692de550000}3931/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-407a-463540560000}3928/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.616{ec2a2542-2981-6254-0000-000000000000}3929-root 534500x800000000000000029116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.617{ec2a2542-2981-6254-0000-000000000000}3930-root 534500x800000000000000029118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.618{ec2a2542-2981-6254-407a-463540560000}3928/usr/bin/dpkg-debroot 534500x800000000000000029117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.618{ec2a2542-2981-6254-b043-2692de550000}3931/bin/tarroot 154100x800000000000000029119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.635{ec2a2542-2981-6254-40ba-df2169550000}3932/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/025-gsettings-desktop-schemas_3.28.0-1ubuntu1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.637{ec2a2542-2981-6254-0000-000000000000}3933-root 534500x800000000000000029121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.653{00000000-0000-0000-0000-000000000000}3934<unknown process>root 534500x800000000000000029122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.654{ec2a2542-2981-6254-40ba-df2169550000}3932/usr/bin/dpkg-debroot 154100x800000000000000029123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.673{ec2a2542-2981-6254-7083-a87bde550000}3935/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.674{ec2a2542-2981-6254-7083-a87bde550000}3935/bin/rmroot 23542300x800000000000000029124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.674{ec2a2542-2981-6254-7083-a87bde550000}3935root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.675{ec2a2542-2981-6254-d8cf-b60593550000}3936/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/026-glib-networking_2.56.0-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.676{ec2a2542-2981-6254-403a-ad9b60550000}3937/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/026-glib-networking_2.56.0-1ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.676{ec2a2542-2981-6254-d8cf-b60593550000}3936/usr/bin/dpkg-splitroot 154100x800000000000000029130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.678{ec2a2542-2981-6254-b053-77f90b560000}3940/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-403a-ad9b60550000}3937/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.678{ec2a2542-2981-6254-0000-000000000000}3938-root 534500x800000000000000029131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.679{ec2a2542-2981-6254-0000-000000000000}3939-root 534500x800000000000000029132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.680{ec2a2542-2981-6254-b053-77f90b560000}3940/bin/tarroot 534500x800000000000000029133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.681{ec2a2542-2981-6254-403a-ad9b60550000}3937/usr/bin/dpkg-debroot 154100x800000000000000029134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.695{ec2a2542-2981-6254-402a-4033a9550000}3941/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/026-glib-networking_2.56.0-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.698{ec2a2542-2981-6254-0000-000000000000}3942-root 534500x800000000000000029136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.704{ec2a2542-2981-6254-0000-000000000000}3943-root 534500x800000000000000029137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.705{ec2a2542-2981-6254-402a-4033a9550000}3941/usr/bin/dpkg-debroot 154100x800000000000000029138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.721{ec2a2542-2981-6254-70e3-194a1f560000}3944/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.722{ec2a2542-2981-6254-70e3-194a1f560000}3944root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.723{ec2a2542-2981-6254-d88f-ab0fd8550000}3945/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/027-libcdparanoia0_3.10.2+debian-13_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.723{ec2a2542-2981-6254-70e3-194a1f560000}3944/bin/rmroot 534500x800000000000000029142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.724{ec2a2542-2981-6254-d88f-ab0fd8550000}3945/usr/bin/dpkg-splitroot 154100x800000000000000029143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.725{ec2a2542-2981-6254-403a-331332560000}3946/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/027-libcdparanoia0_3.10.2+debian-13_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.726{ec2a2542-2981-6254-b0e3-da27a3550000}3949/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-403a-331332560000}3946/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.726{ec2a2542-2981-6254-0000-000000000000}3947-root 534500x800000000000000029146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.728{ec2a2542-2981-6254-0000-000000000000}3948-root 534500x800000000000000029148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.729{ec2a2542-2981-6254-403a-331332560000}3946/usr/bin/dpkg-debroot 534500x800000000000000029147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.729{ec2a2542-2981-6254-b0e3-da27a3550000}3949/bin/tarroot 154100x800000000000000029149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.749{ec2a2542-2981-6254-40fa-cf9a53560000}3950/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/027-libcdparanoia0_3.10.2+debian-13_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.751{ec2a2542-2981-6254-0000-000000000000}3951-root 534500x800000000000000029151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.756{ec2a2542-2981-6254-0000-000000000000}3952-root 534500x800000000000000029152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.757{ec2a2542-2981-6254-40fa-cf9a53560000}3950/usr/bin/dpkg-debroot 154100x800000000000000029153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.774{ec2a2542-2981-6254-7023-270957550000}3953/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.776{ec2a2542-2981-6254-d84f-036efa550000}3954/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/028-libgstreamer1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.776{ec2a2542-2981-6254-7023-270957550000}3953/bin/rmroot 23542300x800000000000000029154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.776{ec2a2542-2981-6254-7023-270957550000}3953root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.777{ec2a2542-2981-6254-d84f-036efa550000}3954/usr/bin/dpkg-splitroot 154100x800000000000000029158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.778{ec2a2542-2981-6254-401a-494a24560000}3955/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/028-libgstreamer1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.780{ec2a2542-2981-6254-b013-569423560000}3958/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-401a-494a24560000}3955/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.780{ec2a2542-2981-6254-0000-000000000000}3956-root 534500x800000000000000029163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.786{ec2a2542-2981-6254-401a-494a24560000}3955/usr/bin/dpkg-debroot 534500x800000000000000029162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.786{ec2a2542-2981-6254-b013-569423560000}3958/bin/tarroot 534500x800000000000000029161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.786{ec2a2542-2981-6254-0000-000000000000}3957-root 154100x800000000000000029164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.812{ec2a2542-2981-6254-405a-8785b9550000}3959/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/028-libgstreamer1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.817{ec2a2542-2981-6254-6884-400281550000}3962/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 354300x800000000000000029166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.826{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54746-false10.0.1.12-8000- 534500x800000000000000029167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.828{ec2a2542-2981-6254-6884-400281550000}3962/bin/psroot 534500x800000000000000029168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.890{ec2a2542-2981-6254-0000-000000000000}3960-root 534500x800000000000000029170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.899{ec2a2542-2981-6254-405a-8785b9550000}3959/usr/bin/dpkg-debroot 534500x800000000000000029169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.899{ec2a2542-2981-6254-0000-000000000000}3961-root 154100x800000000000000029171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.934{ec2a2542-2981-6254-7073-357e1e560000}3963/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.936{ec2a2542-2981-6254-7073-357e1e560000}3963/bin/rmroot 23542300x800000000000000029172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.936{ec2a2542-2981-6254-7073-357e1e560000}3963root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.937{ec2a2542-2981-6254-d86f-8cd72e560000}3964/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/029-liborc-0.4-0_1%3a0.4.28-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.938{ec2a2542-2981-6254-d86f-8cd72e560000}3964/usr/bin/dpkg-splitroot 154100x800000000000000029176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.939{ec2a2542-2981-6254-409a-d2f769550000}3965/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/029-liborc-0.4-0_1%3a0.4.28-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.940{ec2a2542-2981-6254-b0d3-42d764550000}3968/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2981-6254-409a-d2f769550000}3965/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.940{ec2a2542-2981-6254-0000-000000000000}3966-root 534500x800000000000000029179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.941{ec2a2542-2981-6254-0000-000000000000}3967-root 534500x800000000000000029181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.943{ec2a2542-2981-6254-409a-d2f769550000}3965/usr/bin/dpkg-debroot 534500x800000000000000029180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.943{ec2a2542-2981-6254-b0d3-42d764550000}3968/bin/tarroot 154100x800000000000000029182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.962{ec2a2542-2981-6254-40ba-1db11c560000}3969/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/029-liborc-0.4-0_1%3a0.4.28-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.972{ec2a2542-2981-6254-0000-000000000000}3970-root 534500x800000000000000029185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.979{ec2a2542-2981-6254-40ba-1db11c560000}3969/usr/bin/dpkg-debroot 534500x800000000000000029184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:37.979{00000000-0000-0000-0000-000000000000}3971<unknown process>root 154100x800000000000000029186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.018{ec2a2542-2982-6254-7093-c08d80550000}3972/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.020{ec2a2542-2982-6254-d8cf-ccd646560000}3973/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/030-libgstreamer-plugins-base1.0-0_1.14.5-0ubuntu1~18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.020{ec2a2542-2982-6254-7093-c08d80550000}3972/bin/rmroot 23542300x800000000000000029187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.020{ec2a2542-2982-6254-7093-c08d80550000}3972root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.021{ec2a2542-2982-6254-d8cf-ccd646560000}3973/usr/bin/dpkg-splitroot 154100x800000000000000029191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.022{ec2a2542-2982-6254-402a-ee3dae550000}3974/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/030-libgstreamer-plugins-base1.0-0_1.14.5-0ubuntu1~18.04.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.023{ec2a2542-2982-6254-b0a3-04844c560000}3977/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-402a-ee3dae550000}3974/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.023{ec2a2542-2982-6254-0000-000000000000}3975-root 534500x800000000000000029196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.026{ec2a2542-2982-6254-402a-ee3dae550000}3974/usr/bin/dpkg-debroot 534500x800000000000000029195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.026{ec2a2542-2982-6254-b0a3-04844c560000}3977/bin/tarroot 534500x800000000000000029194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.026{ec2a2542-2982-6254-0000-000000000000}3976-root 154100x800000000000000029197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.049{ec2a2542-2982-6254-404a-90a077550000}3978/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/030-libgstreamer-plugins-base1.0-0_1.14.5-0ubuntu1~18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.131{ec2a2542-2982-6254-0000-000000000000}3979-root 534500x800000000000000029199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.146{ec2a2542-2982-6254-0000-000000000000}3980-root 534500x800000000000000029200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.148{ec2a2542-2982-6254-404a-90a077550000}3978/usr/bin/dpkg-debroot 154100x800000000000000029201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.168{ec2a2542-2982-6254-7083-8d3216560000}3981/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.169{ec2a2542-2982-6254-7083-8d3216560000}3981/bin/rmroot 23542300x800000000000000029202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.169{ec2a2542-2982-6254-7083-8d3216560000}3981root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.170{ec2a2542-2982-6254-d82f-a00290550000}3982/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/031-libopus0_1.1.2-1ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.171{ec2a2542-2982-6254-40aa-82b9d0550000}3983/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/031-libopus0_1.1.2-1ubuntu1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.171{ec2a2542-2982-6254-d82f-a00290550000}3982/usr/bin/dpkg-splitroot 534500x800000000000000029209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.174{ec2a2542-2982-6254-0000-000000000000}3985-root 154100x800000000000000029208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.174{ec2a2542-2982-6254-b093-7ab6a6550000}3986/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-40aa-82b9d0550000}3983/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.174{ec2a2542-2982-6254-0000-000000000000}3984-root 534500x800000000000000029211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.176{ec2a2542-2982-6254-40aa-82b9d0550000}3983/usr/bin/dpkg-debroot 534500x800000000000000029210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.176{ec2a2542-2982-6254-b093-7ab6a6550000}3986/bin/tarroot 154100x800000000000000029212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.200{ec2a2542-2982-6254-40ea-fb1845560000}3987/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/031-libopus0_1.1.2-1ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.211{ec2a2542-2982-6254-0000-000000000000}3988-root 534500x800000000000000029215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.218{ec2a2542-2982-6254-40ea-fb1845560000}3987/usr/bin/dpkg-debroot 534500x800000000000000029214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.218{00000000-0000-0000-0000-000000000000}3989<unknown process>root 154100x800000000000000029216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.235{ec2a2542-2982-6254-7093-6099a0550000}3990/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.237{ec2a2542-2982-6254-d8bf-07aaed550000}3991/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/032-libpixman-1-0_0.34.0-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.237{ec2a2542-2982-6254-7093-6099a0550000}3990/bin/rmroot 23542300x800000000000000029217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.237{ec2a2542-2982-6254-7093-6099a0550000}3990root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.238{ec2a2542-2982-6254-d8bf-07aaed550000}3991/usr/bin/dpkg-splitroot 154100x800000000000000029221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.239{ec2a2542-2982-6254-408a-969721560000}3992/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/032-libpixman-1-0_0.34.0-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.240{ec2a2542-2982-6254-b0a3-3cc5b8550000}3995/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-408a-969721560000}3992/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.240{ec2a2542-2982-6254-0000-000000000000}3993-root 534500x800000000000000029224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.242{ec2a2542-2982-6254-0000-000000000000}3994-root 534500x800000000000000029226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.243{ec2a2542-2982-6254-408a-969721560000}3992/usr/bin/dpkg-debroot 534500x800000000000000029225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.243{ec2a2542-2982-6254-b0a3-3cc5b8550000}3995/bin/tarroot 154100x800000000000000029227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.269{ec2a2542-2982-6254-408a-f620d0550000}3996/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/032-libpixman-1-0_0.34.0-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.286{ec2a2542-2982-6254-0000-000000000000}3997-root 534500x800000000000000029230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.296{ec2a2542-2982-6254-408a-f620d0550000}3996/usr/bin/dpkg-debroot 534500x800000000000000029229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.296{00000000-0000-0000-0000-000000000000}3998<unknown process>root 154100x800000000000000029231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.344{ec2a2542-2982-6254-7073-d69f87550000}3999/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.345{ec2a2542-2982-6254-7073-d69f87550000}3999/bin/rmroot 23542300x800000000000000029232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.345{ec2a2542-2982-6254-7073-d69f87550000}3999root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.346{ec2a2542-2982-6254-d88f-03411f560000}4000/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/033-libxcb-render0_1.13-2~ubuntu18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.347{ec2a2542-2982-6254-40fa-fe9d61550000}4001/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/033-libxcb-render0_1.13-2~ubuntu18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.347{ec2a2542-2982-6254-d88f-03411f560000}4000/usr/bin/dpkg-splitroot 154100x800000000000000029238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.349{ec2a2542-2982-6254-b0e3-1952ea550000}4004/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-40fa-fe9d61550000}4001/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.349{ec2a2542-2982-6254-0000-000000000000}4002-root 534500x800000000000000029239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.350{ec2a2542-2982-6254-0000-000000000000}4003-root 534500x800000000000000029240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.351{ec2a2542-2982-6254-b0e3-1952ea550000}4004/bin/tarroot 534500x800000000000000029241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.352{ec2a2542-2982-6254-40fa-fe9d61550000}4001/usr/bin/dpkg-debroot 154100x800000000000000029242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.378{ec2a2542-2982-6254-404a-139375550000}4005/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/033-libxcb-render0_1.13-2~ubuntu18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.380{ec2a2542-2982-6254-0000-000000000000}4006-root 534500x800000000000000029244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.382{ec2a2542-2982-6254-0000-000000000000}4007-root 534500x800000000000000029245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.383{ec2a2542-2982-6254-404a-139375550000}4005/usr/bin/dpkg-debroot 154100x800000000000000029246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.402{ec2a2542-2982-6254-70f3-8cf5ec550000}4008/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.404{ec2a2542-2982-6254-d8bf-3e2861550000}4009/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/034-libxcb-shm0_1.13-2~ubuntu18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.404{ec2a2542-2982-6254-70f3-8cf5ec550000}4008/bin/rmroot 23542300x800000000000000029247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.404{ec2a2542-2982-6254-70f3-8cf5ec550000}4008root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.405{ec2a2542-2982-6254-40da-aa8cce550000}4010/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/034-libxcb-shm0_1.13-2~ubuntu18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.405{ec2a2542-2982-6254-d8bf-3e2861550000}4009/usr/bin/dpkg-splitroot 154100x800000000000000029253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.409{ec2a2542-2982-6254-b063-ac1e3a560000}4013/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-40da-aa8cce550000}4010/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.409{ec2a2542-2982-6254-0000-000000000000}4011-root 534500x800000000000000029254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.410{ec2a2542-2982-6254-0000-000000000000}4012-root 534500x800000000000000029256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.411{ec2a2542-2982-6254-40da-aa8cce550000}4010/usr/bin/dpkg-debroot 534500x800000000000000029255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.411{ec2a2542-2982-6254-b063-ac1e3a560000}4013/bin/tarroot 154100x800000000000000029257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.437{ec2a2542-2982-6254-402a-21f1e4550000}4014/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/034-libxcb-shm0_1.13-2~ubuntu18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.440{ec2a2542-2982-6254-0000-000000000000}4015-root 534500x800000000000000029260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.441{ec2a2542-2982-6254-402a-21f1e4550000}4014/usr/bin/dpkg-debroot 534500x800000000000000029259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.441{00000000-0000-0000-0000-000000000000}4016<unknown process>root 154100x800000000000000029261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.483{ec2a2542-2982-6254-7043-f8a6a1550000}4017/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.484{ec2a2542-2982-6254-d86f-fd88de550000}4018/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/035-libxrender1_1%3a0.9.10-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.484{ec2a2542-2982-6254-7043-f8a6a1550000}4017/bin/rmroot 23542300x800000000000000029262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.484{ec2a2542-2982-6254-7043-f8a6a1550000}4017root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.486{ec2a2542-2982-6254-404a-8a3377550000}4019/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/035-libxrender1_1%3a0.9.10-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.486{ec2a2542-2982-6254-d86f-fd88de550000}4018/usr/bin/dpkg-splitroot 154100x800000000000000029269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.488{ec2a2542-2982-6254-b0f3-dddb19560000}4022/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-404a-8a3377550000}4019/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.488{ec2a2542-2982-6254-0000-000000000000}4020-root 534500x800000000000000029268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.489{ec2a2542-2982-6254-0000-000000000000}4021-root 534500x800000000000000029271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.492{ec2a2542-2982-6254-404a-8a3377550000}4019/usr/bin/dpkg-debroot 534500x800000000000000029270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.492{ec2a2542-2982-6254-b0f3-dddb19560000}4022/bin/tarroot 154100x800000000000000029272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.514{ec2a2542-2982-6254-40da-f180cb550000}4023/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/035-libxrender1_1%3a0.9.10-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.516{00000000-0000-0000-0000-000000000000}4024<unknown process>root 534500x800000000000000029274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.519{00000000-0000-0000-0000-000000000000}4025<unknown process>root 534500x800000000000000029275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.520{ec2a2542-2982-6254-40da-f180cb550000}4023/usr/bin/dpkg-debroot 154100x800000000000000029276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.539{ec2a2542-2982-6254-7043-b43c99550000}4026/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.540{ec2a2542-2982-6254-7043-b43c99550000}4026/bin/rmroot 23542300x800000000000000029277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.540{ec2a2542-2982-6254-7043-b43c99550000}4026root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.541{ec2a2542-2982-6254-d8bf-0acd3d560000}4027/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/036-libcairo2_1.15.10-2ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.542{ec2a2542-2982-6254-406a-e4cc69550000}4028/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/036-libcairo2_1.15.10-2ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.542{ec2a2542-2982-6254-d8bf-0acd3d560000}4027/usr/bin/dpkg-splitroot 154100x800000000000000029283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.544{ec2a2542-2982-6254-b0a3-7df8c3550000}4031/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-406a-e4cc69550000}4028/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.544{ec2a2542-2982-6254-0000-000000000000}4029-root 534500x800000000000000029284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.546{ec2a2542-2982-6254-0000-000000000000}4030-root 534500x800000000000000029286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.547{ec2a2542-2982-6254-406a-e4cc69550000}4028/usr/bin/dpkg-debroot 534500x800000000000000029285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.547{ec2a2542-2982-6254-b0a3-7df8c3550000}4031/bin/tarroot 154100x800000000000000029287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.570{ec2a2542-2982-6254-40fa-755919560000}4032/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/036-libcairo2_1.15.10-2ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.632{ec2a2542-2982-6254-0000-000000000000}4033-root 534500x800000000000000029289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.635{ec2a2542-2982-6254-0000-000000000000}4034-root 534500x800000000000000029290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.636{ec2a2542-2982-6254-40fa-755919560000}4032/usr/bin/dpkg-debroot 154100x800000000000000029291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.655{ec2a2542-2982-6254-7003-296130560000}4035/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.656{ec2a2542-2982-6254-7003-296130560000}4035/bin/rmroot 23542300x800000000000000029292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.656{ec2a2542-2982-6254-7003-296130560000}4035root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.657{ec2a2542-2982-6254-d82f-95f4e1550000}4036/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/037-libtheora0_1.1.1+dfsg.1-14_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.658{ec2a2542-2982-6254-401a-8b87ae550000}4037/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/037-libtheora0_1.1.1+dfsg.1-14_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.658{ec2a2542-2982-6254-d82f-95f4e1550000}4036/usr/bin/dpkg-splitroot 154100x800000000000000029298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.660{ec2a2542-2982-6254-b003-a035fa550000}4040/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-401a-8b87ae550000}4037/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.660{ec2a2542-2982-6254-0000-000000000000}4038-root 534500x800000000000000029299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.661{ec2a2542-2982-6254-0000-000000000000}4039-root 534500x800000000000000029301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.663{ec2a2542-2982-6254-401a-8b87ae550000}4037/usr/bin/dpkg-debroot 534500x800000000000000029300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.663{ec2a2542-2982-6254-b003-a035fa550000}4040/bin/tarroot 154100x800000000000000029302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.689{ec2a2542-2982-6254-409a-6f7459550000}4041/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/037-libtheora0_1.1.1+dfsg.1-14_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.701{ec2a2542-2982-6254-0000-000000000000}4042-root 534500x800000000000000029305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.713{ec2a2542-2982-6254-409a-6f7459550000}4041/usr/bin/dpkg-debroot 534500x800000000000000029304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.713{ec2a2542-2982-6254-0000-000000000000}4043-root 154100x800000000000000029306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.755{ec2a2542-2982-6254-7013-9d3833560000}4044/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.756{ec2a2542-2982-6254-7013-9d3833560000}4044root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.757{ec2a2542-2982-6254-d89f-19db14560000}4045/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/038-libvisual-0.4-0_0.4.0-11_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.757{ec2a2542-2982-6254-7013-9d3833560000}4044/bin/rmroot 154100x800000000000000029311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.758{ec2a2542-2982-6254-400a-303729560000}4046/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/038-libvisual-0.4-0_0.4.0-11_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.758{ec2a2542-2982-6254-d89f-19db14560000}4045/usr/bin/dpkg-splitroot 154100x800000000000000029313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.760{ec2a2542-2982-6254-b003-c1feed550000}4049/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-400a-303729560000}4046/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.760{ec2a2542-2982-6254-0000-000000000000}4047-root 534500x800000000000000029314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.761{ec2a2542-2982-6254-0000-000000000000}4048-root 534500x800000000000000029315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.762{ec2a2542-2982-6254-b003-c1feed550000}4049/bin/tarroot 534500x800000000000000029316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.763{ec2a2542-2982-6254-400a-303729560000}4046/usr/bin/dpkg-debroot 154100x800000000000000029317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.784{ec2a2542-2982-6254-401a-89a247560000}4050/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/038-libvisual-0.4-0_0.4.0-11_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.792{ec2a2542-2982-6254-0000-000000000000}4051-root 534500x800000000000000029320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.797{ec2a2542-2982-6254-401a-89a247560000}4050/usr/bin/dpkg-debroot 534500x800000000000000029319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.797{00000000-0000-0000-0000-000000000000}4052<unknown process>root 154100x800000000000000029321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.816{ec2a2542-2982-6254-7023-6fefff550000}4053/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.817{ec2a2542-2982-6254-7023-6fefff550000}4053/bin/rmroot 23542300x800000000000000029322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.817{ec2a2542-2982-6254-7023-6fefff550000}4053root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.818{ec2a2542-2982-6254-d84f-b70f73550000}4054/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/039-libvorbis0a_1.3.5-4.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.819{ec2a2542-2982-6254-40ca-94791b560000}4055/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/039-libvorbis0a_1.3.5-4.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.819{ec2a2542-2982-6254-d84f-b70f73550000}4054/usr/bin/dpkg-splitroot 154100x800000000000000029328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.821{ec2a2542-2982-6254-b0f3-72f257550000}4058/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-40ca-94791b560000}4055/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.821{ec2a2542-2982-6254-0000-000000000000}4056-root 534500x800000000000000029329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.822{ec2a2542-2982-6254-0000-000000000000}4057-root 534500x800000000000000029330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.823{ec2a2542-2982-6254-b0f3-72f257550000}4058/bin/tarroot 534500x800000000000000029331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.824{ec2a2542-2982-6254-40ca-94791b560000}4055/usr/bin/dpkg-debroot 154100x800000000000000029332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.846{ec2a2542-2982-6254-403a-7e8c6b550000}4059/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/039-libvorbis0a_1.3.5-4.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.851{ec2a2542-2982-6254-0000-000000000000}4060-root 534500x800000000000000029335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.858{ec2a2542-2982-6254-403a-7e8c6b550000}4059/usr/bin/dpkg-debroot 534500x800000000000000029334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.858{ec2a2542-2982-6254-0000-000000000000}4061-root 154100x800000000000000029336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.875{ec2a2542-2982-6254-70c3-c7a2e2550000}4062/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.876{ec2a2542-2982-6254-d82f-100383550000}4063/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/040-libvorbisenc2_1.3.5-4.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.876{ec2a2542-2982-6254-70c3-c7a2e2550000}4062/bin/rmroot 23542300x800000000000000029337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.876{ec2a2542-2982-6254-70c3-c7a2e2550000}4062root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.878{ec2a2542-2982-6254-40ba-e31959550000}4064/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/040-libvorbisenc2_1.3.5-4.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.878{ec2a2542-2982-6254-d82f-100383550000}4063/usr/bin/dpkg-splitroot 154100x800000000000000029343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.880{ec2a2542-2982-6254-b0b3-480f3e560000}4067/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-40ba-e31959550000}4064/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.880{ec2a2542-2982-6254-0000-000000000000}4065-root 534500x800000000000000029344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.881{ec2a2542-2982-6254-0000-000000000000}4066-root 534500x800000000000000029346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.882{ec2a2542-2982-6254-40ba-e31959550000}4064/usr/bin/dpkg-debroot 534500x800000000000000029345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.882{ec2a2542-2982-6254-b0b3-480f3e560000}4067/bin/tarroot 154100x800000000000000029347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.908{ec2a2542-2982-6254-401a-a9777b550000}4068/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/040-libvorbisenc2_1.3.5-4.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.913{ec2a2542-2982-6254-0000-000000000000}4069-root 534500x800000000000000029350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.924{ec2a2542-2982-6254-401a-a9777b550000}4068/usr/bin/dpkg-debroot 534500x800000000000000029349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.924{00000000-0000-0000-0000-000000000000}4070<unknown process>root 154100x800000000000000029351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.975{ec2a2542-2982-6254-70b3-e0f6dd550000}4071/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.977{ec2a2542-2982-6254-d88f-14dc38560000}4072/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/041-gstreamer1.0-plugins-base_1.14.5-0ubuntu1~18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.977{ec2a2542-2982-6254-70b3-e0f6dd550000}4071/bin/rmroot 23542300x800000000000000029352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.977{ec2a2542-2982-6254-70b3-e0f6dd550000}4071root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.978{ec2a2542-2982-6254-407a-59c293550000}4073/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/041-gstreamer1.0-plugins-base_1.14.5-0ubuntu1~18.04.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.978{ec2a2542-2982-6254-d88f-14dc38560000}4072/usr/bin/dpkg-splitroot 154100x800000000000000029358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.981{ec2a2542-2982-6254-b0d3-e7379e550000}4076/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2982-6254-407a-59c293550000}4073/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.981{ec2a2542-2982-6254-0000-000000000000}4074-root 534500x800000000000000029359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.982{ec2a2542-2982-6254-0000-000000000000}4075-root 534500x800000000000000029360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.983{ec2a2542-2982-6254-b0d3-e7379e550000}4076/bin/tarroot 534500x800000000000000029361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:38.987{ec2a2542-2982-6254-407a-59c293550000}4073/usr/bin/dpkg-debroot 154100x800000000000000029362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.003{ec2a2542-2983-6254-404a-fc7952560000}4077/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/041-gstreamer1.0-plugins-base_1.14.5-0ubuntu1~18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.072{ec2a2542-2982-6254-0000-000000000000}4078-root 534500x800000000000000029365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.084{ec2a2542-2983-6254-404a-fc7952560000}4077/usr/bin/dpkg-debroot 534500x800000000000000029364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.084{00000000-0000-0000-0000-000000000000}4079<unknown process>root 154100x800000000000000029366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.107{ec2a2542-2983-6254-70f3-2911ba550000}4080/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.108{ec2a2542-2983-6254-70f3-2911ba550000}4080/bin/rmroot 23542300x800000000000000029367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.108{ec2a2542-2983-6254-70f3-2911ba550000}4080root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.109{ec2a2542-2983-6254-d8ff-9d5a45560000}4081/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/042-libaa1_1.4p5-44build2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.110{ec2a2542-2983-6254-400a-51f745560000}4082/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/042-libaa1_1.4p5-44build2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.110{ec2a2542-2983-6254-d8ff-9d5a45560000}4081/usr/bin/dpkg-splitroot 154100x800000000000000029373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.112{ec2a2542-2983-6254-b073-689030560000}4085/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-400a-51f745560000}4082/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.112{ec2a2542-2983-6254-0000-000000000000}4083-root 534500x800000000000000029374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.113{ec2a2542-2983-6254-0000-000000000000}4084-root 534500x800000000000000029376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.115{ec2a2542-2983-6254-400a-51f745560000}4082/usr/bin/dpkg-debroot 534500x800000000000000029375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.115{ec2a2542-2983-6254-b073-689030560000}4085/bin/tarroot 154100x800000000000000029377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.137{ec2a2542-2983-6254-40ca-93b7c0550000}4086/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/042-libaa1_1.4p5-44build2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.139{ec2a2542-2983-6254-0000-000000000000}4087-root 534500x800000000000000029379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.144{00000000-0000-0000-0000-000000000000}4088<unknown process>root 534500x800000000000000029380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.145{ec2a2542-2983-6254-40ca-93b7c0550000}4086/usr/bin/dpkg-debroot 154100x800000000000000029381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.166{ec2a2542-2983-6254-7083-355ab2550000}4089/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.168{ec2a2542-2983-6254-d85f-c64c33560000}4090/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/043-libraw1394-11_2.1.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.168{ec2a2542-2983-6254-7083-355ab2550000}4089/bin/rmroot 23542300x800000000000000029382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.168{ec2a2542-2983-6254-7083-355ab2550000}4089root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.170{ec2a2542-2983-6254-408a-9d1b8c550000}4091/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/043-libraw1394-11_2.1.2-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.170{ec2a2542-2983-6254-d85f-c64c33560000}4090/usr/bin/dpkg-splitroot 154100x800000000000000029388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.174{ec2a2542-2983-6254-b0d3-67f04d560000}4094/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-408a-9d1b8c550000}4091/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.174{ec2a2542-2983-6254-0000-000000000000}4092-root 534500x800000000000000029389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.175{ec2a2542-2983-6254-0000-000000000000}4093-root 534500x800000000000000029391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.177{ec2a2542-2983-6254-408a-9d1b8c550000}4091/usr/bin/dpkg-debroot 534500x800000000000000029390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.177{ec2a2542-2983-6254-b0d3-67f04d560000}4094/bin/tarroot 154100x800000000000000029392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.199{ec2a2542-2983-6254-40ea-0f58ff550000}4095/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/043-libraw1394-11_2.1.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.201{ec2a2542-2983-6254-0000-000000000000}4096-root 534500x800000000000000029395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.205{ec2a2542-2983-6254-40ea-0f58ff550000}4095/usr/bin/dpkg-debroot 534500x800000000000000029394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.205{00000000-0000-0000-0000-000000000000}4097<unknown process>root 154100x800000000000000029396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.226{ec2a2542-2983-6254-7093-b49170550000}4098/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.227{ec2a2542-2983-6254-d8df-06aea4550000}4099/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/044-libavc1394-0_0.5.4-4build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.227{ec2a2542-2983-6254-7093-b49170550000}4098/bin/rmroot 23542300x800000000000000029397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.227{ec2a2542-2983-6254-7093-b49170550000}4098root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.229{ec2a2542-2983-6254-401a-1d7e26560000}4100/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/044-libavc1394-0_0.5.4-4build1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.229{ec2a2542-2983-6254-d8df-06aea4550000}4099/usr/bin/dpkg-splitroot 154100x800000000000000029403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.231{ec2a2542-2983-6254-b013-02b543560000}4103/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-401a-1d7e26560000}4100/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.231{ec2a2542-2983-6254-0000-000000000000}4101-root 534500x800000000000000029404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.232{ec2a2542-2983-6254-0000-000000000000}4102-root 534500x800000000000000029406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.233{ec2a2542-2983-6254-401a-1d7e26560000}4100/usr/bin/dpkg-debroot 534500x800000000000000029405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.233{ec2a2542-2983-6254-b013-02b543560000}4103/bin/tarroot 154100x800000000000000029407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.259{ec2a2542-2983-6254-40da-4e3e1b560000}4104/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/044-libavc1394-0_0.5.4-4build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.261{ec2a2542-2983-6254-0000-000000000000}4105-root 534500x800000000000000029410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.263{ec2a2542-2983-6254-40da-4e3e1b560000}4104/usr/bin/dpkg-debroot 534500x800000000000000029409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.263{00000000-0000-0000-0000-000000000000}4106<unknown process>root 154100x800000000000000029411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.285{ec2a2542-2983-6254-70c3-a9e2cd550000}4107/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.286{ec2a2542-2983-6254-70c3-a9e2cd550000}4107root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.287{ec2a2542-2983-6254-d89f-e5a0d0550000}4108/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/045-libcaca0_0.99.beta19-2ubuntu0.18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.287{ec2a2542-2983-6254-70c3-a9e2cd550000}4107/bin/rmroot 154100x800000000000000029416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.288{ec2a2542-2983-6254-40ba-178dec550000}4109/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/045-libcaca0_0.99.beta19-2ubuntu0.18.04.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.288{ec2a2542-2983-6254-d89f-e5a0d0550000}4108/usr/bin/dpkg-splitroot 154100x800000000000000029418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.291{ec2a2542-2983-6254-b043-c7d088550000}4112/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-40ba-178dec550000}4109/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.291{ec2a2542-2983-6254-0000-000000000000}4110-root 534500x800000000000000029419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.292{ec2a2542-2983-6254-0000-000000000000}4111-root 534500x800000000000000029421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.293{ec2a2542-2983-6254-40ba-178dec550000}4109/usr/bin/dpkg-debroot 534500x800000000000000029420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.293{ec2a2542-2983-6254-b043-c7d088550000}4112/bin/tarroot 154100x800000000000000029422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.316{ec2a2542-2983-6254-405a-101ae1550000}4113/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/045-libcaca0_0.99.beta19-2ubuntu0.18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.334{ec2a2542-2983-6254-0000-000000000000}4114-root 534500x800000000000000029425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.343{ec2a2542-2983-6254-405a-101ae1550000}4113/usr/bin/dpkg-debroot 534500x800000000000000029424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.343{00000000-0000-0000-0000-000000000000}4115<unknown process>root 154100x800000000000000029426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.394{ec2a2542-2983-6254-70b3-08557d550000}4116/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.395{ec2a2542-2983-6254-d8ef-42e4ab550000}4117/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/046-libcairo-gobject2_1.15.10-2ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.395{ec2a2542-2983-6254-70b3-08557d550000}4116/bin/rmroot 23542300x800000000000000029427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.395{ec2a2542-2983-6254-70b3-08557d550000}4116root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.397{ec2a2542-2983-6254-406a-dc526d550000}4118/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/046-libcairo-gobject2_1.15.10-2ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.397{ec2a2542-2983-6254-d8ef-42e4ab550000}4117/usr/bin/dpkg-splitroot 154100x800000000000000029433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.399{ec2a2542-2983-6254-b023-d94774550000}4121/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-406a-dc526d550000}4118/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.399{ec2a2542-2983-6254-0000-000000000000}4119-root 534500x800000000000000029434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.400{ec2a2542-2983-6254-0000-000000000000}4120-root 534500x800000000000000029436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.402{ec2a2542-2983-6254-406a-dc526d550000}4118/usr/bin/dpkg-debroot 534500x800000000000000029435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.402{ec2a2542-2983-6254-b023-d94774550000}4121/bin/tarroot 154100x800000000000000029437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.425{ec2a2542-2983-6254-405a-08d7a5550000}4122/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/046-libcairo-gobject2_1.15.10-2ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.428{ec2a2542-2983-6254-0000-000000000000}4123-root 534500x800000000000000029439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.435{ec2a2542-2983-6254-0000-000000000000}4124-root 534500x800000000000000029440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.437{ec2a2542-2983-6254-405a-08d7a5550000}4122/usr/bin/dpkg-debroot 154100x800000000000000029441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.455{ec2a2542-2983-6254-70f3-48a5b8550000}4125/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.457{ec2a2542-2983-6254-d88f-9d7727560000}4126/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/047-libdv4_1.0.0-11_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.457{ec2a2542-2983-6254-70f3-48a5b8550000}4125/bin/rmroot 23542300x800000000000000029442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.457{ec2a2542-2983-6254-70f3-48a5b8550000}4125root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.458{ec2a2542-2983-6254-d88f-9d7727560000}4126/usr/bin/dpkg-splitroot 154100x800000000000000029446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.459{ec2a2542-2983-6254-408a-4847fb550000}4127/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/047-libdv4_1.0.0-11_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.461{ec2a2542-2983-6254-0000-000000000000}4129-root 154100x800000000000000029448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.461{ec2a2542-2983-6254-b043-5d8e07560000}4130/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-408a-4847fb550000}4127/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.461{ec2a2542-2983-6254-0000-000000000000}4128-root 534500x800000000000000029451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.463{ec2a2542-2983-6254-408a-4847fb550000}4127/usr/bin/dpkg-debroot 534500x800000000000000029450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.463{ec2a2542-2983-6254-b043-5d8e07560000}4130/bin/tarroot 154100x800000000000000029452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.490{ec2a2542-2983-6254-40aa-158f96550000}4131/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/047-libdv4_1.0.0-11_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.492{ec2a2542-2983-6254-0000-000000000000}4132-root 534500x800000000000000029454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.500{00000000-0000-0000-0000-000000000000}4133<unknown process>root 534500x800000000000000029455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.501{ec2a2542-2983-6254-40aa-158f96550000}4131/usr/bin/dpkg-debroot 154100x800000000000000029456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.517{ec2a2542-2983-6254-7003-d00a28560000}4134/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.518{ec2a2542-2983-6254-d80f-63158c550000}4135/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/048-libflac8_1.3.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.518{ec2a2542-2983-6254-7003-d00a28560000}4134/bin/rmroot 23542300x800000000000000029457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.518{ec2a2542-2983-6254-7003-d00a28560000}4134root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.520{ec2a2542-2983-6254-40fa-13b3ad550000}4136/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/048-libflac8_1.3.2-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.520{ec2a2542-2983-6254-d80f-63158c550000}4135/usr/bin/dpkg-splitroot 534500x800000000000000029464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.522{ec2a2542-2983-6254-0000-000000000000}4138-root 154100x800000000000000029463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.522{ec2a2542-2983-6254-b063-54d512560000}4139/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-40fa-13b3ad550000}4136/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.522{ec2a2542-2983-6254-0000-000000000000}4137-root 534500x800000000000000029465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.524{ec2a2542-2983-6254-b063-54d512560000}4139/bin/tarroot 534500x800000000000000029466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.525{ec2a2542-2983-6254-40fa-13b3ad550000}4136/usr/bin/dpkg-debroot 154100x800000000000000029467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.545{ec2a2542-2983-6254-405a-fb08aa550000}4140/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/048-libflac8_1.3.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.563{ec2a2542-2983-6254-0000-000000000000}4141-root 534500x800000000000000029470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.572{ec2a2542-2983-6254-405a-fb08aa550000}4140/usr/bin/dpkg-debroot 534500x800000000000000029469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.572{00000000-0000-0000-0000-000000000000}4142<unknown process>root 154100x800000000000000029471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.591{ec2a2542-2983-6254-7033-d4d12a560000}4143/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.593{ec2a2542-2983-6254-d8cf-e01074550000}4144/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/049-libjpeg8_8c-2ubuntu8_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.593{ec2a2542-2983-6254-7033-d4d12a560000}4143/bin/rmroot 23542300x800000000000000029472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.593{ec2a2542-2983-6254-7033-d4d12a560000}4143root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.594{ec2a2542-2983-6254-d8cf-e01074550000}4144/usr/bin/dpkg-splitroot 154100x800000000000000029476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.595{ec2a2542-2983-6254-406a-fceef6550000}4145/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/049-libjpeg8_8c-2ubuntu8_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.596{ec2a2542-2983-6254-b083-dcbb6e550000}4148/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-406a-fceef6550000}4145/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.596{ec2a2542-2983-6254-0000-000000000000}4146-root 534500x800000000000000029478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.597{ec2a2542-2983-6254-0000-000000000000}4147-root 534500x800000000000000029481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.599{ec2a2542-2983-6254-406a-fceef6550000}4145/usr/bin/dpkg-debroot 534500x800000000000000029480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.599{ec2a2542-2983-6254-b083-dcbb6e550000}4148/bin/tarroot 154100x800000000000000029482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.615{ec2a2542-2983-6254-408a-f8664f560000}4149/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/049-libjpeg8_8c-2ubuntu8_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.618{ec2a2542-2983-6254-408a-f8664f560000}4149/usr/bin/dpkg-debroot 534500x800000000000000029484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.618{00000000-0000-0000-0000-000000000000}4151<unknown process>root 534500x800000000000000029483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.618{ec2a2542-2983-6254-0000-000000000000}4150-root 154100x800000000000000029486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.637{ec2a2542-2983-6254-70f3-2e6b0b560000}4152/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.638{ec2a2542-2983-6254-d84f-a277d7550000}4153/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/050-libjbig0_2.1-3.1build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.638{ec2a2542-2983-6254-70f3-2e6b0b560000}4152/bin/rmroot 23542300x800000000000000029487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.638{ec2a2542-2983-6254-70f3-2e6b0b560000}4152root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.640{ec2a2542-2983-6254-40fa-408a1e560000}4154/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/050-libjbig0_2.1-3.1build1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.640{ec2a2542-2983-6254-d84f-a277d7550000}4153/usr/bin/dpkg-splitroot 154100x800000000000000029493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.642{ec2a2542-2983-6254-b033-b62207560000}4157/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-40fa-408a1e560000}4154/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.642{ec2a2542-2983-6254-0000-000000000000}4155-root 534500x800000000000000029494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.646{ec2a2542-2983-6254-0000-000000000000}4156-root 534500x800000000000000029496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.647{ec2a2542-2983-6254-40fa-408a1e560000}4154/usr/bin/dpkg-debroot 534500x800000000000000029495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.647{ec2a2542-2983-6254-b033-b62207560000}4157/bin/tarroot 154100x800000000000000029497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.670{ec2a2542-2983-6254-406a-e16575550000}4158/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/050-libjbig0_2.1-3.1build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.672{ec2a2542-2983-6254-0000-000000000000}4159-root 534500x800000000000000029500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.675{ec2a2542-2983-6254-406a-e16575550000}4158/usr/bin/dpkg-debroot 534500x800000000000000029499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.675{00000000-0000-0000-0000-000000000000}4160<unknown process>root 154100x800000000000000029501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.697{ec2a2542-2983-6254-7013-a98957550000}4161/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.698{ec2a2542-2983-6254-7013-a98957550000}4161/bin/rmroot 23542300x800000000000000029502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.698{ec2a2542-2983-6254-7013-a98957550000}4161root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.699{ec2a2542-2983-6254-d82f-7f3259550000}4162/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/051-libtiff5_4.0.9-5ubuntu0.4_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.701{ec2a2542-2983-6254-401a-da6a89550000}4163/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/051-libtiff5_4.0.9-5ubuntu0.4_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.701{ec2a2542-2983-6254-d82f-7f3259550000}4162/usr/bin/dpkg-splitroot 154100x800000000000000029508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.703{ec2a2542-2983-6254-b0f3-cd330d560000}4166/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-401a-da6a89550000}4163/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.703{ec2a2542-2983-6254-0000-000000000000}4164-root 534500x800000000000000029509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.705{ec2a2542-2983-6254-0000-000000000000}4165-root 534500x800000000000000029511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.708{ec2a2542-2983-6254-401a-da6a89550000}4163/usr/bin/dpkg-debroot 534500x800000000000000029510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.708{ec2a2542-2983-6254-b0f3-cd330d560000}4166/bin/tarroot 154100x800000000000000029512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.731{ec2a2542-2983-6254-404a-950618560000}4167/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/051-libtiff5_4.0.9-5ubuntu0.4_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.741{ec2a2542-2983-6254-0000-000000000000}4168-root 534500x800000000000000029515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.748{ec2a2542-2983-6254-404a-950618560000}4167/usr/bin/dpkg-debroot 534500x800000000000000029514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.748{00000000-0000-0000-0000-000000000000}4169<unknown process>root 154100x800000000000000029516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.768{ec2a2542-2983-6254-7023-671481550000}4170/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.770{ec2a2542-2983-6254-d88f-3a1137560000}4171/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/052-libgdk-pixbuf2.0-common_2.36.11-2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.770{ec2a2542-2983-6254-7023-671481550000}4170/bin/rmroot 23542300x800000000000000029517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.770{ec2a2542-2983-6254-7023-671481550000}4170root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.772{ec2a2542-2983-6254-407a-6eabc9550000}4172/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/052-libgdk-pixbuf2.0-common_2.36.11-2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.772{ec2a2542-2983-6254-d88f-3a1137560000}4171/usr/bin/dpkg-splitroot 154100x800000000000000029523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.774{ec2a2542-2983-6254-b043-c95e90550000}4175/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-407a-6eabc9550000}4172/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.774{ec2a2542-2983-6254-0000-000000000000}4173-root 534500x800000000000000029524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.775{ec2a2542-2983-6254-0000-000000000000}4174-root 534500x800000000000000029525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.776{ec2a2542-2983-6254-b043-c95e90550000}4175/bin/tarroot 534500x800000000000000029526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.777{ec2a2542-2983-6254-407a-6eabc9550000}4172/usr/bin/dpkg-debroot 154100x800000000000000029527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.805{ec2a2542-2983-6254-40ca-9e26cb550000}4176/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/052-libgdk-pixbuf2.0-common_2.36.11-2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.807{ec2a2542-2983-6254-0000-000000000000}4177-root 534500x800000000000000029530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.809{ec2a2542-2983-6254-40ca-9e26cb550000}4176/usr/bin/dpkg-debroot 534500x800000000000000029529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.809{ec2a2542-2983-6254-0000-000000000000}4178-root 154100x800000000000000029531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.826{ec2a2542-2983-6254-7073-a41e9a550000}4179/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.828{ec2a2542-2983-6254-d83f-b960db550000}4180/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/053-libgdk-pixbuf2.0-0_2.36.11-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.828{ec2a2542-2983-6254-7073-a41e9a550000}4179/bin/rmroot 23542300x800000000000000029532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.828{ec2a2542-2983-6254-7073-a41e9a550000}4179root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.829{ec2a2542-2983-6254-40ca-e165d5550000}4181/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/053-libgdk-pixbuf2.0-0_2.36.11-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.829{ec2a2542-2983-6254-d83f-b960db550000}4180/usr/bin/dpkg-splitroot 154100x800000000000000029538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.831{ec2a2542-2983-6254-b083-22d01f560000}4184/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-40ca-e165d5550000}4181/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.831{ec2a2542-2983-6254-0000-000000000000}4182-root 534500x800000000000000029539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.833{ec2a2542-2983-6254-0000-000000000000}4183-root 534500x800000000000000029541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.834{ec2a2542-2983-6254-40ca-e165d5550000}4181/usr/bin/dpkg-debroot 534500x800000000000000029540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.834{ec2a2542-2983-6254-b083-22d01f560000}4184/bin/tarroot 154100x800000000000000029542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.861{ec2a2542-2983-6254-407a-35cd33560000}4185/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/053-libgdk-pixbuf2.0-0_2.36.11-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.876{ec2a2542-2983-6254-0000-000000000000}4186-root 534500x800000000000000029545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.882{ec2a2542-2983-6254-407a-35cd33560000}4185/usr/bin/dpkg-debroot 534500x800000000000000029544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.882{00000000-0000-0000-0000-000000000000}4187<unknown process>root 154100x800000000000000029546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.927{ec2a2542-2983-6254-7083-ec1b7c550000}4188/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.928{ec2a2542-2983-6254-7083-ec1b7c550000}4188/bin/rmroot 23542300x800000000000000029547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.928{ec2a2542-2983-6254-7083-ec1b7c550000}4188root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.929{ec2a2542-2983-6254-d8ff-94d76e550000}4189/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/054-libgstreamer-plugins-good1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.931{ec2a2542-2983-6254-40aa-b5dce5550000}4190/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/054-libgstreamer-plugins-good1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.931{ec2a2542-2983-6254-d8ff-94d76e550000}4189/usr/bin/dpkg-splitroot 154100x800000000000000029553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.933{ec2a2542-2983-6254-b0a3-6c575d550000}4193/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-40aa-b5dce5550000}4190/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.933{ec2a2542-2983-6254-0000-000000000000}4191-root 534500x800000000000000029554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.934{ec2a2542-2983-6254-0000-000000000000}4192-root 534500x800000000000000029555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.935{ec2a2542-2983-6254-b0a3-6c575d550000}4193/bin/tarroot 534500x800000000000000029556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.936{ec2a2542-2983-6254-40aa-b5dce5550000}4190/usr/bin/dpkg-debroot 154100x800000000000000029557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.955{ec2a2542-2983-6254-401a-5b066b550000}4194/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/054-libgstreamer-plugins-good1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.957{ec2a2542-2983-6254-0000-000000000000}4195-root 534500x800000000000000029559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.964{00000000-0000-0000-0000-000000000000}4196<unknown process>root 534500x800000000000000029560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.965{ec2a2542-2983-6254-401a-5b066b550000}4194/usr/bin/dpkg-debroot 154100x800000000000000029561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.984{ec2a2542-2983-6254-70e3-bbe01f560000}4197/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.985{ec2a2542-2983-6254-70e3-bbe01f560000}4197/bin/rmroot 23542300x800000000000000029562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.985{ec2a2542-2983-6254-70e3-bbe01f560000}4197root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.986{ec2a2542-2983-6254-d81f-554914560000}4198/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/055-libgudev-1.0-0_1%3a232-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.987{ec2a2542-2983-6254-40aa-d87238560000}4199/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/055-libgudev-1.0-0_1%3a232-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.987{ec2a2542-2983-6254-d81f-554914560000}4198/usr/bin/dpkg-splitroot 154100x800000000000000029568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.989{ec2a2542-2983-6254-b033-ed1720560000}4202/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2983-6254-40aa-d87238560000}4199/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.989{ec2a2542-2983-6254-0000-000000000000}4200-root 534500x800000000000000029569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.990{ec2a2542-2983-6254-0000-000000000000}4201-root 534500x800000000000000029570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.991{ec2a2542-2983-6254-b033-ed1720560000}4202/bin/tarroot 534500x800000000000000029571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:39.992{ec2a2542-2983-6254-40aa-d87238560000}4199/usr/bin/dpkg-debroot 154100x800000000000000029572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.018{ec2a2542-2984-6254-403a-9344bc550000}4203/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/055-libgudev-1.0-0_1%3a232-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.020{ec2a2542-2984-6254-0000-000000000000}4204-root 534500x800000000000000029575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.022{ec2a2542-2984-6254-403a-9344bc550000}4203/usr/bin/dpkg-debroot 534500x800000000000000029574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.022{ec2a2542-2984-6254-0000-000000000000}4205-root 154100x800000000000000029576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.044{ec2a2542-2984-6254-70e3-da7a9d550000}4206/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.046{ec2a2542-2984-6254-d89f-ca3d75550000}4207/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/056-libiec61883-0_1.2.0-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.046{ec2a2542-2984-6254-70e3-da7a9d550000}4206/bin/rmroot 23542300x800000000000000029577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.046{ec2a2542-2984-6254-70e3-da7a9d550000}4206root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.048{ec2a2542-2984-6254-40da-0ad8d0550000}4208/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/056-libiec61883-0_1.2.0-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.048{ec2a2542-2984-6254-d89f-ca3d75550000}4207/usr/bin/dpkg-splitroot 534500x800000000000000029584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.050{ec2a2542-2984-6254-0000-000000000000}4210-root 154100x800000000000000029583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.050{ec2a2542-2984-6254-b0b3-578f3a560000}4211/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-40da-0ad8d0550000}4208/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.050{ec2a2542-2984-6254-0000-000000000000}4209-root 534500x800000000000000029586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.052{ec2a2542-2984-6254-40da-0ad8d0550000}4208/usr/bin/dpkg-debroot 534500x800000000000000029585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.052{ec2a2542-2984-6254-b0b3-578f3a560000}4211/bin/tarroot 154100x800000000000000029587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.075{ec2a2542-2984-6254-40da-53ffed550000}4212/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/056-libiec61883-0_1.2.0-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.077{ec2a2542-2984-6254-0000-000000000000}4213-root 534500x800000000000000029590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.080{ec2a2542-2984-6254-40da-53ffed550000}4212/usr/bin/dpkg-debroot 534500x800000000000000029589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.080{ec2a2542-2984-6254-0000-000000000000}4214-root 154100x800000000000000029591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.098{ec2a2542-2984-6254-7073-e502c1550000}4215/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.099{ec2a2542-2984-6254-7073-e502c1550000}4215root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.100{ec2a2542-2984-6254-d8af-d607c1550000}4216/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/057-libsamplerate0_0.1.9-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.100{ec2a2542-2984-6254-7073-e502c1550000}4215/bin/rmroot 534500x800000000000000029595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.101{ec2a2542-2984-6254-d8af-d607c1550000}4216/usr/bin/dpkg-splitroot 154100x800000000000000029596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.102{ec2a2542-2984-6254-402a-3f011c560000}4217/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/057-libsamplerate0_0.1.9-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.105{ec2a2542-2984-6254-b0e3-dade36560000}4220/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-402a-3f011c560000}4217/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.105{ec2a2542-2984-6254-0000-000000000000}4219-root 534500x800000000000000029597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.105{ec2a2542-2984-6254-0000-000000000000}4218-root 534500x800000000000000029601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.108{ec2a2542-2984-6254-402a-3f011c560000}4217/usr/bin/dpkg-debroot 534500x800000000000000029600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.108{ec2a2542-2984-6254-b0e3-dade36560000}4220/bin/tarroot 154100x800000000000000029602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.131{ec2a2542-2984-6254-406a-d7516c550000}4221/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/057-libsamplerate0_0.1.9-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.274{ec2a2542-2984-6254-0000-000000000000}4222-root 534500x800000000000000029605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.282{ec2a2542-2984-6254-406a-d7516c550000}4221/usr/bin/dpkg-debroot 534500x800000000000000029604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.282{ec2a2542-2984-6254-0000-000000000000}4223-root 154100x800000000000000029606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.305{ec2a2542-2984-6254-70c3-7597c4550000}4224/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.307{ec2a2542-2984-6254-d89f-11459a550000}4225/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/058-libjack-jackd2-0_1.9.12~dfsg-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.307{ec2a2542-2984-6254-70c3-7597c4550000}4224/bin/rmroot 23542300x800000000000000029607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.307{ec2a2542-2984-6254-70c3-7597c4550000}4224root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.308{ec2a2542-2984-6254-d89f-11459a550000}4225/usr/bin/dpkg-splitroot 154100x800000000000000029611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.309{ec2a2542-2984-6254-405a-d1eb8f550000}4226/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/058-libjack-jackd2-0_1.9.12~dfsg-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.310{ec2a2542-2984-6254-b073-f31ac4550000}4229/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-405a-d1eb8f550000}4226/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.311{ec2a2542-2984-6254-0000-000000000000}4227-root 534500x800000000000000029614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.312{ec2a2542-2984-6254-0000-000000000000}4228-root 534500x800000000000000029615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.313{ec2a2542-2984-6254-b073-f31ac4550000}4229/bin/tarroot 534500x800000000000000029616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.314{ec2a2542-2984-6254-405a-d1eb8f550000}4226/usr/bin/dpkg-debroot 154100x800000000000000029617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.333{ec2a2542-2984-6254-40aa-e92dab550000}4230/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/058-libjack-jackd2-0_1.9.12~dfsg-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.358{ec2a2542-2984-6254-0000-000000000000}4231-root 534500x800000000000000029619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.368{00000000-0000-0000-0000-000000000000}4232<unknown process>root 534500x800000000000000029620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.369{ec2a2542-2984-6254-40aa-e92dab550000}4230/usr/bin/dpkg-debroot 154100x800000000000000029621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.412{ec2a2542-2984-6254-7093-6decf4550000}4233/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.413{ec2a2542-2984-6254-7093-6decf4550000}4233/bin/rmroot 23542300x800000000000000029622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.413{ec2a2542-2984-6254-7093-6decf4550000}4233root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.414{ec2a2542-2984-6254-d8cf-ecb364550000}4234/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/059-libmp3lame0_3.100-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.415{ec2a2542-2984-6254-402a-1420de550000}4235/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/059-libmp3lame0_3.100-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.415{ec2a2542-2984-6254-d8cf-ecb364550000}4234/usr/bin/dpkg-splitroot 154100x800000000000000029628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.417{ec2a2542-2984-6254-b0e3-1a15a1550000}4238/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-402a-1420de550000}4235/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.417{ec2a2542-2984-6254-0000-000000000000}4236-root 534500x800000000000000029629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.418{ec2a2542-2984-6254-0000-000000000000}4237-root 534500x800000000000000029630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.419{ec2a2542-2984-6254-b0e3-1a15a1550000}4238/bin/tarroot 534500x800000000000000029631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.420{ec2a2542-2984-6254-402a-1420de550000}4235/usr/bin/dpkg-debroot 154100x800000000000000029632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.440{ec2a2542-2984-6254-40ca-c52ea7550000}4239/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/059-libmp3lame0_3.100-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.451{ec2a2542-2984-6254-0000-000000000000}4240-root 534500x800000000000000029635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.460{ec2a2542-2984-6254-40ca-c52ea7550000}4239/usr/bin/dpkg-debroot 534500x800000000000000029634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.460{00000000-0000-0000-0000-000000000000}4241<unknown process>root 154100x800000000000000029636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.504{ec2a2542-2984-6254-70f3-6c1765550000}4242/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.506{ec2a2542-2984-6254-d8df-a7ca89550000}4243/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/060-libmpg123-0_1.25.10-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.506{ec2a2542-2984-6254-70f3-6c1765550000}4242/bin/rmroot 23542300x800000000000000029637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.506{ec2a2542-2984-6254-70f3-6c1765550000}4242root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.507{ec2a2542-2984-6254-408a-4ae3ab550000}4244/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/060-libmpg123-0_1.25.10-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.507{ec2a2542-2984-6254-d8df-a7ca89550000}4243/usr/bin/dpkg-splitroot 154100x800000000000000029643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.509{ec2a2542-2984-6254-b013-a87a0f560000}4247/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-408a-4ae3ab550000}4244/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.509{ec2a2542-2984-6254-0000-000000000000}4245-root 534500x800000000000000029644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.511{ec2a2542-2984-6254-0000-000000000000}4246-root 534500x800000000000000029646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.512{ec2a2542-2984-6254-408a-4ae3ab550000}4244/usr/bin/dpkg-debroot 534500x800000000000000029645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.512{ec2a2542-2984-6254-b013-a87a0f560000}4247/bin/tarroot 154100x800000000000000029647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.533{ec2a2542-2984-6254-405a-20896d550000}4248/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/060-libmpg123-0_1.25.10-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.541{ec2a2542-2984-6254-0000-000000000000}4249-root 534500x800000000000000029649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.548{00000000-0000-0000-0000-000000000000}4250<unknown process>root 534500x800000000000000029650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.549{ec2a2542-2984-6254-405a-20896d550000}4248/usr/bin/dpkg-debroot 154100x800000000000000029651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.588{ec2a2542-2984-6254-7093-98aa79550000}4251/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.590{ec2a2542-2984-6254-7093-98aa79550000}4251/bin/rmroot 23542300x800000000000000029652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.590{ec2a2542-2984-6254-7093-98aa79550000}4251root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.593{ec2a2542-2984-6254-d87f-78be13560000}4252/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/061-libspeex1_1.2~rc1.2-1ubuntu2.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.594{ec2a2542-2984-6254-d87f-78be13560000}4252/usr/bin/dpkg-splitroot 154100x800000000000000029656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.595{ec2a2542-2984-6254-405a-912282550000}4253/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/061-libspeex1_1.2~rc1.2-1ubuntu2.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.596{ec2a2542-2984-6254-b083-d6e4ba550000}4256/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-405a-912282550000}4253/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.596{ec2a2542-2984-6254-0000-000000000000}4254-root 534500x800000000000000029659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.597{ec2a2542-2984-6254-0000-000000000000}4255-root 534500x800000000000000029661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.599{ec2a2542-2984-6254-405a-912282550000}4253/usr/bin/dpkg-debroot 534500x800000000000000029660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.599{ec2a2542-2984-6254-b083-d6e4ba550000}4256/bin/tarroot 154100x800000000000000029662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.618{ec2a2542-2984-6254-406a-2e46f6550000}4257/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/061-libspeex1_1.2~rc1.2-1ubuntu2.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.621{ec2a2542-2984-6254-0000-000000000000}4258-root 534500x800000000000000029665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.628{ec2a2542-2984-6254-406a-2e46f6550000}4257/usr/bin/dpkg-debroot 534500x800000000000000029664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.628{00000000-0000-0000-0000-000000000000}4259<unknown process>root 154100x800000000000000029666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.646{ec2a2542-2984-6254-70f3-34aa40560000}4260/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.647{ec2a2542-2984-6254-70f3-34aa40560000}4260/bin/rmroot 23542300x800000000000000029667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.647{ec2a2542-2984-6254-70f3-34aa40560000}4260root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.648{ec2a2542-2984-6254-d8ff-d84e38560000}4261/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/062-libshout3_2.4.1-2build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.649{ec2a2542-2984-6254-403a-56e53c560000}4262/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/062-libshout3_2.4.1-2build1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.649{ec2a2542-2984-6254-d8ff-d84e38560000}4261/usr/bin/dpkg-splitroot 154100x800000000000000029673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.651{ec2a2542-2984-6254-b003-816d41560000}4265/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-403a-56e53c560000}4262/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.651{ec2a2542-2984-6254-0000-000000000000}4263-root 534500x800000000000000029674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.652{ec2a2542-2984-6254-0000-000000000000}4264-root 534500x800000000000000029676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.654{ec2a2542-2984-6254-403a-56e53c560000}4262/usr/bin/dpkg-debroot 534500x800000000000000029675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.654{ec2a2542-2984-6254-b003-816d41560000}4265/bin/tarroot 154100x800000000000000029677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.679{ec2a2542-2984-6254-406a-ab2722560000}4266/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/062-libshout3_2.4.1-2build1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.681{ec2a2542-2984-6254-0000-000000000000}4267-root 534500x800000000000000029679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.686{ec2a2542-2984-6254-0000-000000000000}4268-root 534500x800000000000000029680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.687{ec2a2542-2984-6254-406a-ab2722560000}4266/usr/bin/dpkg-debroot 154100x800000000000000029681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.708{ec2a2542-2984-6254-70e3-d801e8550000}4269/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.709{ec2a2542-2984-6254-70e3-d801e8550000}4269/bin/rmroot 23542300x800000000000000029682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.709{ec2a2542-2984-6254-70e3-d801e8550000}4269root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.710{ec2a2542-2984-6254-d82f-1505ad550000}4270/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/063-libsoup2.4-1_2.62.1-1ubuntu0.4_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.711{ec2a2542-2984-6254-407a-162f54560000}4271/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/063-libsoup2.4-1_2.62.1-1ubuntu0.4_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.711{ec2a2542-2984-6254-d82f-1505ad550000}4270/usr/bin/dpkg-splitroot 154100x800000000000000029688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.713{ec2a2542-2984-6254-b033-6f24a0550000}4274/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-407a-162f54560000}4271/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.713{ec2a2542-2984-6254-0000-000000000000}4272-root 534500x800000000000000029689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.715{ec2a2542-2984-6254-0000-000000000000}4273-root 534500x800000000000000029691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.716{ec2a2542-2984-6254-407a-162f54560000}4271/usr/bin/dpkg-debroot 534500x800000000000000029690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.716{ec2a2542-2984-6254-b033-6f24a0550000}4274/bin/tarroot 154100x800000000000000029692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.743{ec2a2542-2984-6254-404a-92b87d550000}4275/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/063-libsoup2.4-1_2.62.1-1ubuntu0.4_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.770{ec2a2542-2984-6254-0000-000000000000}4276-root 534500x800000000000000029695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.776{ec2a2542-2984-6254-404a-92b87d550000}4275/usr/bin/dpkg-debroot 534500x800000000000000029694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.776{ec2a2542-2984-6254-0000-000000000000}4277-root 154100x800000000000000029696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.818{ec2a2542-2984-6254-7073-f39545560000}4278/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.820{ec2a2542-2984-6254-d8ff-f4dad6550000}4279/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/064-libtag1v5-vanilla_1.11.1+dfsg.1-0.2build2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.820{ec2a2542-2984-6254-7073-f39545560000}4278/bin/rmroot 23542300x800000000000000029697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.820{ec2a2542-2984-6254-7073-f39545560000}4278root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.821{ec2a2542-2984-6254-d8ff-f4dad6550000}4279/usr/bin/dpkg-splitroot 154100x800000000000000029701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.822{ec2a2542-2984-6254-40da-275c79550000}4280/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/064-libtag1v5-vanilla_1.11.1+dfsg.1-0.2build2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.825{ec2a2542-2984-6254-b0b3-414604560000}4283/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-40da-275c79550000}4280/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.825{ec2a2542-2984-6254-0000-000000000000}4281-root 534500x800000000000000029706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.828{ec2a2542-2984-6254-40da-275c79550000}4280/usr/bin/dpkg-debroot 534500x800000000000000029705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.828{ec2a2542-2984-6254-b0b3-414604560000}4283/bin/tarroot 534500x800000000000000029704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.828{ec2a2542-2984-6254-0000-000000000000}4282-root 154100x800000000000000029707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.855{ec2a2542-2984-6254-40ca-7f2d53560000}4284/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/064-libtag1v5-vanilla_1.11.1+dfsg.1-0.2build2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.877{ec2a2542-2984-6254-0000-000000000000}4285-root 534500x800000000000000029709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.886{ec2a2542-2984-6254-0000-000000000000}4286-root 534500x800000000000000029710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.889{ec2a2542-2984-6254-40ca-7f2d53560000}4284/usr/bin/dpkg-debroot 154100x800000000000000029711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.930{ec2a2542-2984-6254-70a3-956c09560000}4287/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.931{ec2a2542-2984-6254-d8af-ac72dd550000}4288/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/065-libtag1v5_1.11.1+dfsg.1-0.2build2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.931{ec2a2542-2984-6254-70a3-956c09560000}4287/bin/rmroot 23542300x800000000000000029712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.931{ec2a2542-2984-6254-70a3-956c09560000}4287root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.933{ec2a2542-2984-6254-408a-024ead550000}4289/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/065-libtag1v5_1.11.1+dfsg.1-0.2build2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.933{ec2a2542-2984-6254-d8af-ac72dd550000}4288/usr/bin/dpkg-splitroot 154100x800000000000000029718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.935{ec2a2542-2984-6254-b073-7057ca550000}4292/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-408a-024ead550000}4289/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.935{ec2a2542-2984-6254-0000-000000000000}4290-root 534500x800000000000000029719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.936{ec2a2542-2984-6254-0000-000000000000}4291-root 534500x800000000000000029721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.938{ec2a2542-2984-6254-408a-024ead550000}4289/usr/bin/dpkg-debroot 534500x800000000000000029720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.938{ec2a2542-2984-6254-b073-7057ca550000}4292/bin/tarroot 154100x800000000000000029722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.955{ec2a2542-2984-6254-406a-6af4ba550000}4293/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/065-libtag1v5_1.11.1+dfsg.1-0.2build2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.957{00000000-0000-0000-0000-000000000000}4294<unknown process>root 534500x800000000000000029725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.959{ec2a2542-2984-6254-406a-6af4ba550000}4293/usr/bin/dpkg-debroot 534500x800000000000000029724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.959{00000000-0000-0000-0000-000000000000}4295<unknown process>root 154100x800000000000000029726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.979{ec2a2542-2984-6254-7073-cedb1c560000}4296/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.980{ec2a2542-2984-6254-d8df-243521560000}4297/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/066-libtwolame0_0.3.13-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.980{ec2a2542-2984-6254-7073-cedb1c560000}4296/bin/rmroot 23542300x800000000000000029727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.980{ec2a2542-2984-6254-7073-cedb1c560000}4296root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.982{ec2a2542-2984-6254-407a-c39352560000}4298/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/066-libtwolame0_0.3.13-3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.982{ec2a2542-2984-6254-d8df-243521560000}4297/usr/bin/dpkg-splitroot 154100x800000000000000029733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.984{ec2a2542-2984-6254-b053-874a2b560000}4301/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2984-6254-407a-c39352560000}4298/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.984{ec2a2542-2984-6254-0000-000000000000}4299-root 534500x800000000000000029734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.985{ec2a2542-2984-6254-0000-000000000000}4300-root 534500x800000000000000029736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.986{ec2a2542-2984-6254-407a-c39352560000}4298/usr/bin/dpkg-debroot 534500x800000000000000029735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:40.986{ec2a2542-2984-6254-b053-874a2b560000}4301/bin/tarroot 154100x800000000000000029737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.008{ec2a2542-2985-6254-407a-d45c38560000}4302/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/066-libtwolame0_0.3.13-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.010{ec2a2542-2985-6254-0000-000000000000}4303-root 534500x800000000000000029739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.015{ec2a2542-2985-6254-0000-000000000000}4304-root 534500x800000000000000029740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.016{ec2a2542-2985-6254-407a-d45c38560000}4302/usr/bin/dpkg-debroot 154100x800000000000000029741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.037{ec2a2542-2985-6254-7093-e17058550000}4305/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.038{ec2a2542-2985-6254-7093-e17058550000}4305root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.039{ec2a2542-2985-6254-d80f-0c95a2550000}4306/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/067-libv4lconvert0_1.14.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.039{ec2a2542-2985-6254-7093-e17058550000}4305/bin/rmroot 154100x800000000000000029746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.040{ec2a2542-2985-6254-403a-c73055560000}4307/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/067-libv4lconvert0_1.14.2-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.040{ec2a2542-2985-6254-d80f-0c95a2550000}4306/usr/bin/dpkg-splitroot 154100x800000000000000029748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.042{ec2a2542-2985-6254-b0b3-c19ed0550000}4310/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-403a-c73055560000}4307/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.042{ec2a2542-2985-6254-0000-000000000000}4308-root 534500x800000000000000029749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.043{ec2a2542-2985-6254-0000-000000000000}4309-root 534500x800000000000000029751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.045{ec2a2542-2985-6254-403a-c73055560000}4307/usr/bin/dpkg-debroot 534500x800000000000000029750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.045{ec2a2542-2985-6254-b0b3-c19ed0550000}4310/bin/tarroot 154100x800000000000000029752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.089{ec2a2542-2985-6254-40ea-e26a2b560000}4311/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/067-libv4lconvert0_1.14.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.094{ec2a2542-2985-6254-0000-000000000000}4312-root 534500x800000000000000029755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.106{ec2a2542-2985-6254-40ea-e26a2b560000}4311/usr/bin/dpkg-debroot 534500x800000000000000029754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.106{00000000-0000-0000-0000-000000000000}4313<unknown process>root 154100x800000000000000029756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.153{ec2a2542-2985-6254-70f3-c035e8550000}4314/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.154{ec2a2542-2985-6254-d82f-c4de1d560000}4315/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/068-libv4l-0_1.14.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.154{ec2a2542-2985-6254-70f3-c035e8550000}4314/bin/rmroot 23542300x800000000000000029757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.154{ec2a2542-2985-6254-70f3-c035e8550000}4314root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.156{ec2a2542-2985-6254-40aa-cf7fcd550000}4316/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/068-libv4l-0_1.14.2-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.156{ec2a2542-2985-6254-d82f-c4de1d560000}4315/usr/bin/dpkg-splitroot 154100x800000000000000029763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.158{ec2a2542-2985-6254-b003-506e88550000}4319/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-40aa-cf7fcd550000}4316/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.158{ec2a2542-2985-6254-0000-000000000000}4317-root 534500x800000000000000029764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.159{ec2a2542-2985-6254-0000-000000000000}4318-root 534500x800000000000000029765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.161{ec2a2542-2985-6254-b003-506e88550000}4319/bin/tarroot 534500x800000000000000029766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.162{ec2a2542-2985-6254-40aa-cf7fcd550000}4316/usr/bin/dpkg-debroot 154100x800000000000000029767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.184{ec2a2542-2985-6254-402a-54edf9550000}4320/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/068-libv4l-0_1.14.2-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.186{ec2a2542-2985-6254-0000-000000000000}4321-root 534500x800000000000000029770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.195{ec2a2542-2985-6254-402a-54edf9550000}4320/usr/bin/dpkg-debroot 534500x800000000000000029769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.195{00000000-0000-0000-0000-000000000000}4322<unknown process>root 154100x800000000000000029771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.211{ec2a2542-2985-6254-7063-30ed21560000}4323/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.213{ec2a2542-2985-6254-7063-30ed21560000}4323/bin/rmroot 23542300x800000000000000029772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.213{ec2a2542-2985-6254-7063-30ed21560000}4323root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.214{ec2a2542-2985-6254-d83f-8bd4fa550000}4324/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/069-libvpx5_1.7.0-3ubuntu0.18.04.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.216{ec2a2542-2985-6254-409a-ce1043560000}4325/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/069-libvpx5_1.7.0-3ubuntu0.18.04.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.216{ec2a2542-2985-6254-d83f-8bd4fa550000}4324/usr/bin/dpkg-splitroot 154100x800000000000000029778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.218{ec2a2542-2985-6254-b043-2ecb06560000}4328/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-409a-ce1043560000}4325/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.218{ec2a2542-2985-6254-0000-000000000000}4326-root 534500x800000000000000029779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.219{ec2a2542-2985-6254-0000-000000000000}4327-root 534500x800000000000000029781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.221{ec2a2542-2985-6254-409a-ce1043560000}4325/usr/bin/dpkg-debroot 534500x800000000000000029780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.221{ec2a2542-2985-6254-b043-2ecb06560000}4328/bin/tarroot 154100x800000000000000029782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.245{ec2a2542-2985-6254-403a-fdc903560000}4329/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/069-libvpx5_1.7.0-3ubuntu0.18.04.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.328{ec2a2542-2985-6254-0000-000000000000}4330-root 534500x800000000000000029785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.338{ec2a2542-2985-6254-403a-fdc903560000}4329/usr/bin/dpkg-debroot 534500x800000000000000029784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.338{ec2a2542-2985-6254-0000-000000000000}4331-root 154100x800000000000000029786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.397{ec2a2542-2985-6254-70e3-36029d550000}4332/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.398{ec2a2542-2985-6254-70e3-36029d550000}4332root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.399{ec2a2542-2985-6254-d8ff-99c23b560000}4333/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/070-libwavpack1_5.1.0-2ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.399{ec2a2542-2985-6254-70e3-36029d550000}4332/bin/rmroot 154100x800000000000000029791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.401{ec2a2542-2985-6254-406a-eb6cb2550000}4334/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/070-libwavpack1_5.1.0-2ubuntu1.5_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.401{ec2a2542-2985-6254-d8ff-99c23b560000}4333/usr/bin/dpkg-splitroot 154100x800000000000000029793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.403{ec2a2542-2985-6254-b0d3-2ff1ee550000}4337/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-406a-eb6cb2550000}4334/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.403{ec2a2542-2985-6254-0000-000000000000}4335-root 534500x800000000000000029794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.405{ec2a2542-2985-6254-0000-000000000000}4336-root 534500x800000000000000029796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.406{ec2a2542-2985-6254-406a-eb6cb2550000}4334/usr/bin/dpkg-debroot 534500x800000000000000029795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.406{ec2a2542-2985-6254-b0d3-2ff1ee550000}4337/bin/tarroot 154100x800000000000000029797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.426{ec2a2542-2985-6254-404a-cc7910560000}4338/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/070-libwavpack1_5.1.0-2ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.436{ec2a2542-2985-6254-0000-000000000000}4339-root 534500x800000000000000029800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.440{ec2a2542-2985-6254-404a-cc7910560000}4338/usr/bin/dpkg-debroot 534500x800000000000000029799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.440{00000000-0000-0000-0000-000000000000}4340<unknown process>root 154100x800000000000000029801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.457{ec2a2542-2985-6254-7033-cc7f75550000}4341/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.458{ec2a2542-2985-6254-7033-cc7f75550000}4341/bin/rmroot 23542300x800000000000000029802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.458{ec2a2542-2985-6254-7033-cc7f75550000}4341root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.459{ec2a2542-2985-6254-d80f-9bbe4c560000}4342/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/071-libxdamage1_1%3a1.1.4-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.460{ec2a2542-2985-6254-40ca-4c2d5e550000}4343/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/071-libxdamage1_1%3a1.1.4-3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.460{ec2a2542-2985-6254-d80f-9bbe4c560000}4342/usr/bin/dpkg-splitroot 534500x800000000000000029809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.462{ec2a2542-2985-6254-0000-000000000000}4345-root 154100x800000000000000029808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.462{ec2a2542-2985-6254-b063-71c149560000}4346/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-40ca-4c2d5e550000}4343/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.462{ec2a2542-2985-6254-0000-000000000000}4344-root 534500x800000000000000029810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.464{ec2a2542-2985-6254-b063-71c149560000}4346/bin/tarroot 534500x800000000000000029811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.465{ec2a2542-2985-6254-40ca-4c2d5e550000}4343/usr/bin/dpkg-debroot 154100x800000000000000029812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.485{ec2a2542-2985-6254-406a-cd34bb550000}4347/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/071-libxdamage1_1%3a1.1.4-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.487{ec2a2542-2985-6254-0000-000000000000}4348-root 534500x800000000000000029815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.489{ec2a2542-2985-6254-406a-cd34bb550000}4347/usr/bin/dpkg-debroot 534500x800000000000000029814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.489{ec2a2542-2985-6254-0000-000000000000}4349-root 154100x800000000000000029816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.509{ec2a2542-2985-6254-7013-209841560000}4350/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.510{ec2a2542-2985-6254-7013-209841560000}4350/bin/rmroot 23542300x800000000000000029817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.510{ec2a2542-2985-6254-7013-209841560000}4350root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.511{ec2a2542-2985-6254-d87f-87dc8e550000}4351/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/072-libxfixes3_1%3a5.0.3-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.512{ec2a2542-2985-6254-405a-e1ab80550000}4352/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/072-libxfixes3_1%3a5.0.3-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.512{ec2a2542-2985-6254-d87f-87dc8e550000}4351/usr/bin/dpkg-splitroot 534500x800000000000000029824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.514{ec2a2542-2985-6254-0000-000000000000}4354-root 154100x800000000000000029823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.514{ec2a2542-2985-6254-b023-09f43a560000}4355/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-405a-e1ab80550000}4352/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.514{ec2a2542-2985-6254-0000-000000000000}4353-root 534500x800000000000000029826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.517{ec2a2542-2985-6254-405a-e1ab80550000}4352/usr/bin/dpkg-debroot 534500x800000000000000029825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.517{ec2a2542-2985-6254-b023-09f43a560000}4355/bin/tarroot 154100x800000000000000029827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.540{ec2a2542-2985-6254-402a-106486550000}4356/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/072-libxfixes3_1%3a5.0.3-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.541{ec2a2542-2985-6254-0000-000000000000}4357-root 534500x800000000000000029830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.543{ec2a2542-2985-6254-402a-106486550000}4356/usr/bin/dpkg-debroot 534500x800000000000000029829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.543{ec2a2542-2985-6254-0000-000000000000}4358-root 154100x800000000000000029831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.561{ec2a2542-2985-6254-70c3-d3bc55550000}4359/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.563{ec2a2542-2985-6254-70c3-d3bc55550000}4359/bin/rmroot 23542300x800000000000000029832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.563{ec2a2542-2985-6254-70c3-d3bc55550000}4359root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.564{ec2a2542-2985-6254-d8df-80211b560000}4360/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/073-gstreamer1.0-plugins-good_1.14.5-0ubuntu1~18.04.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.565{ec2a2542-2985-6254-409a-e3950c560000}4361/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/073-gstreamer1.0-plugins-good_1.14.5-0ubuntu1~18.04.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.565{ec2a2542-2985-6254-d8df-80211b560000}4360/usr/bin/dpkg-splitroot 154100x800000000000000029838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.567{ec2a2542-2985-6254-b073-2c01f0550000}4364/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-409a-e3950c560000}4361/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.567{ec2a2542-2985-6254-0000-000000000000}4362-root 534500x800000000000000029840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.569{ec2a2542-2985-6254-b073-2c01f0550000}4364/bin/tarroot 534500x800000000000000029839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.569{ec2a2542-2985-6254-0000-000000000000}4363-root 534500x800000000000000029841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.570{ec2a2542-2985-6254-409a-e3950c560000}4361/usr/bin/dpkg-debroot 154100x800000000000000029842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.585{ec2a2542-2985-6254-40da-900467550000}4365/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/073-gstreamer1.0-plugins-good_1.14.5-0ubuntu1~18.04.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.809{ec2a2542-2985-6254-0000-000000000000}4366-root 534500x800000000000000029844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.837{00000000-0000-0000-0000-000000000000}4367<unknown process>root 534500x800000000000000029845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.838{ec2a2542-2985-6254-40da-900467550000}4365/usr/bin/dpkg-debroot 154100x800000000000000029846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.873{ec2a2542-2985-6254-7033-a3d81c560000}4368/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.874{ec2a2542-2985-6254-7033-a3d81c560000}4368/bin/rmroot 23542300x800000000000000029847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.874{ec2a2542-2985-6254-7033-a3d81c560000}4368root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.875{ec2a2542-2985-6254-d8ff-825986550000}4369/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/074-libthai-data_0.1.27-2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.876{ec2a2542-2985-6254-40fa-8a77f9550000}4370/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/074-libthai-data_0.1.27-2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.876{ec2a2542-2985-6254-d8ff-825986550000}4369/usr/bin/dpkg-splitroot 154100x800000000000000029853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.878{ec2a2542-2985-6254-b073-75347f550000}4373/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-40fa-8a77f9550000}4370/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.878{ec2a2542-2985-6254-0000-000000000000}4371-root 534500x800000000000000029854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.879{ec2a2542-2985-6254-0000-000000000000}4372-root 534500x800000000000000029855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.880{ec2a2542-2985-6254-b073-75347f550000}4373/bin/tarroot 534500x800000000000000029856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.881{ec2a2542-2985-6254-40fa-8a77f9550000}4370/usr/bin/dpkg-debroot 154100x800000000000000029857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.906{ec2a2542-2985-6254-409a-230a03560000}4374/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/074-libthai-data_0.1.27-2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.920{ec2a2542-2985-6254-0000-000000000000}4375-root 534500x800000000000000029860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.931{ec2a2542-2985-6254-409a-230a03560000}4374/usr/bin/dpkg-debroot 534500x800000000000000029859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.931{00000000-0000-0000-0000-000000000000}4376<unknown process>root 154100x800000000000000029861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.953{ec2a2542-2985-6254-7013-8d86fd550000}4377/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.954{ec2a2542-2985-6254-7013-8d86fd550000}4377/bin/rmroot 23542300x800000000000000029862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.954{ec2a2542-2985-6254-7013-8d86fd550000}4377root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.955{ec2a2542-2985-6254-d80f-90fbe1550000}4378/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/075-libdatrie1_0.2.10-7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.956{ec2a2542-2985-6254-404a-5a8445560000}4379/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/075-libdatrie1_0.2.10-7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.956{ec2a2542-2985-6254-d80f-90fbe1550000}4378/usr/bin/dpkg-splitroot 154100x800000000000000029868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.958{ec2a2542-2985-6254-b0e3-e2cb09560000}4382/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2985-6254-404a-5a8445560000}4379/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.958{ec2a2542-2985-6254-0000-000000000000}4380-root 534500x800000000000000029869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.959{ec2a2542-2985-6254-0000-000000000000}4381-root 534500x800000000000000029870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.960{ec2a2542-2985-6254-b0e3-e2cb09560000}4382/bin/tarroot 534500x800000000000000029871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.961{ec2a2542-2985-6254-404a-5a8445560000}4379/usr/bin/dpkg-debroot 154100x800000000000000029872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.985{ec2a2542-2985-6254-409a-74f8ee550000}4383/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/075-libdatrie1_0.2.10-7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.987{ec2a2542-2985-6254-0000-000000000000}4384-root 534500x800000000000000029875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.990{ec2a2542-2985-6254-409a-74f8ee550000}4383/usr/bin/dpkg-debroot 534500x800000000000000029874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:41.990{00000000-0000-0000-0000-000000000000}4385<unknown process>root 154100x800000000000000029876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.011{ec2a2542-2986-6254-7033-9deeca550000}4386/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.012{ec2a2542-2986-6254-7033-9deeca550000}4386/bin/rmroot 23542300x800000000000000029877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.012{ec2a2542-2986-6254-7033-9deeca550000}4386root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.013{ec2a2542-2986-6254-d8bf-d2cc04560000}4387/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/076-libthai0_0.1.27-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.014{ec2a2542-2986-6254-408a-87e60f560000}4388/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/076-libthai0_0.1.27-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.014{ec2a2542-2986-6254-d8bf-d2cc04560000}4387/usr/bin/dpkg-splitroot 154100x800000000000000029883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.016{ec2a2542-2986-6254-b063-4c1041560000}4391/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-408a-87e60f560000}4388/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.016{ec2a2542-2986-6254-0000-000000000000}4389-root 534500x800000000000000029884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.017{ec2a2542-2986-6254-0000-000000000000}4390-root 534500x800000000000000029885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.019{ec2a2542-2986-6254-b063-4c1041560000}4391/bin/tarroot 534500x800000000000000029886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.020{ec2a2542-2986-6254-408a-87e60f560000}4388/usr/bin/dpkg-debroot 154100x800000000000000029887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.042{ec2a2542-2986-6254-401a-522023560000}4392/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/076-libthai0_0.1.27-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.045{ec2a2542-2986-6254-0000-000000000000}4393-root 534500x800000000000000029890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.047{ec2a2542-2986-6254-401a-522023560000}4392/usr/bin/dpkg-debroot 534500x800000000000000029889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.047{ec2a2542-2986-6254-0000-000000000000}4394-root 154100x800000000000000029891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.065{ec2a2542-2986-6254-7073-b1e1df550000}4395/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.067{ec2a2542-2986-6254-d8ff-2034c7550000}4396/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/077-libpango-1.0-0_1.40.14-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.067{ec2a2542-2986-6254-7073-b1e1df550000}4395/bin/rmroot 23542300x800000000000000029892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.067{ec2a2542-2986-6254-7073-b1e1df550000}4395root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.069{ec2a2542-2986-6254-d8ff-2034c7550000}4396/usr/bin/dpkg-splitroot 154100x800000000000000029896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.070{ec2a2542-2986-6254-404a-517392550000}4397/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/077-libpango-1.0-0_1.40.14-1ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.072{ec2a2542-2986-6254-b043-89abd3550000}4400/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-404a-517392550000}4397/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.072{ec2a2542-2986-6254-0000-000000000000}4398-root 534500x800000000000000029899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.074{ec2a2542-2986-6254-0000-000000000000}4399-root 534500x800000000000000029901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.075{ec2a2542-2986-6254-404a-517392550000}4397/usr/bin/dpkg-debroot 534500x800000000000000029900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.075{ec2a2542-2986-6254-b043-89abd3550000}4400/bin/tarroot 154100x800000000000000029902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.096{ec2a2542-2986-6254-40ca-c0f48b550000}4401/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/077-libpango-1.0-0_1.40.14-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.108{ec2a2542-2986-6254-0000-000000000000}4402-root 534500x800000000000000029905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.117{ec2a2542-2986-6254-40ca-c0f48b550000}4401/usr/bin/dpkg-debroot 534500x800000000000000029904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.117{00000000-0000-0000-0000-000000000000}4403<unknown process>root 154100x800000000000000029906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.151{ec2a2542-2986-6254-7073-2dfe9f550000}4404/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000029907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.152{ec2a2542-2986-6254-7073-2dfe9f550000}4404root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.153{ec2a2542-2986-6254-d85f-d64cbf550000}4405/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/078-libgraphite2-3_1.3.11-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.153{ec2a2542-2986-6254-7073-2dfe9f550000}4404/bin/rmroot 534500x800000000000000029910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.154{ec2a2542-2986-6254-d85f-d64cbf550000}4405/usr/bin/dpkg-splitroot 154100x800000000000000029911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.155{ec2a2542-2986-6254-403a-8ad0f3550000}4406/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/078-libgraphite2-3_1.3.11-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.157{ec2a2542-2986-6254-b083-d96c43560000}4409/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-403a-8ad0f3550000}4406/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.157{ec2a2542-2986-6254-0000-000000000000}4407-root 534500x800000000000000029914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.158{ec2a2542-2986-6254-0000-000000000000}4408-root 534500x800000000000000029916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.159{ec2a2542-2986-6254-403a-8ad0f3550000}4406/usr/bin/dpkg-debroot 534500x800000000000000029915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.159{ec2a2542-2986-6254-b083-d96c43560000}4409/bin/tarroot 154100x800000000000000029917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.178{ec2a2542-2986-6254-404a-610f88550000}4410/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/078-libgraphite2-3_1.3.11-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.182{ec2a2542-2986-6254-0000-000000000000}4411-root 534500x800000000000000029920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.188{ec2a2542-2986-6254-404a-610f88550000}4410/usr/bin/dpkg-debroot 534500x800000000000000029919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.188{00000000-0000-0000-0000-000000000000}4412<unknown process>root 154100x800000000000000029921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.205{ec2a2542-2986-6254-7013-8fdf11560000}4413/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.206{ec2a2542-2986-6254-7013-8fdf11560000}4413/bin/rmroot 23542300x800000000000000029922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.206{ec2a2542-2986-6254-7013-8fdf11560000}4413root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.207{ec2a2542-2986-6254-d8af-49206b550000}4414/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/079-libharfbuzz0b_1.7.2-1ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.208{ec2a2542-2986-6254-40da-8a5ff4550000}4415/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/079-libharfbuzz0b_1.7.2-1ubuntu1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.208{ec2a2542-2986-6254-d8af-49206b550000}4414/usr/bin/dpkg-splitroot 154100x800000000000000029928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.210{ec2a2542-2986-6254-b0a3-1a4f78550000}4418/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-40da-8a5ff4550000}4415/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.211{ec2a2542-2986-6254-0000-000000000000}4416-root 534500x800000000000000029929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.212{ec2a2542-2986-6254-0000-000000000000}4417-root 534500x800000000000000029931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.213{ec2a2542-2986-6254-40da-8a5ff4550000}4415/usr/bin/dpkg-debroot 534500x800000000000000029930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.213{ec2a2542-2986-6254-b0a3-1a4f78550000}4418/bin/tarroot 154100x800000000000000029932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.234{ec2a2542-2986-6254-409a-2210b2550000}4419/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/079-libharfbuzz0b_1.7.2-1ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.251{ec2a2542-2986-6254-0000-000000000000}4420-root 534500x800000000000000029934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.259{00000000-0000-0000-0000-000000000000}4421<unknown process>root 534500x800000000000000029935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.260{ec2a2542-2986-6254-409a-2210b2550000}4419/usr/bin/dpkg-debroot 154100x800000000000000029936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.277{ec2a2542-2986-6254-70c3-874150560000}4422/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.279{ec2a2542-2986-6254-d8ff-578df2550000}4423/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/080-libpangoft2-1.0-0_1.40.14-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.279{ec2a2542-2986-6254-70c3-874150560000}4422/bin/rmroot 23542300x800000000000000029937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.279{ec2a2542-2986-6254-70c3-874150560000}4422root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000029940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.280{ec2a2542-2986-6254-d8ff-578df2550000}4423/usr/bin/dpkg-splitroot 154100x800000000000000029941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.281{ec2a2542-2986-6254-403a-d6c116560000}4424/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/080-libpangoft2-1.0-0_1.40.14-1ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.283{ec2a2542-2986-6254-b023-c1b103560000}4427/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-403a-d6c116560000}4424/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.283{ec2a2542-2986-6254-0000-000000000000}4425-root 534500x800000000000000029944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.284{ec2a2542-2986-6254-0000-000000000000}4426-root 534500x800000000000000029946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.286{ec2a2542-2986-6254-403a-d6c116560000}4424/usr/bin/dpkg-debroot 534500x800000000000000029945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.286{ec2a2542-2986-6254-b023-c1b103560000}4427/bin/tarroot 154100x800000000000000029947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.308{ec2a2542-2986-6254-409a-f4d578550000}4428/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/080-libpangoft2-1.0-0_1.40.14-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.310{ec2a2542-2986-6254-0000-000000000000}4429-root 534500x800000000000000029950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.314{ec2a2542-2986-6254-409a-f4d578550000}4428/usr/bin/dpkg-debroot 534500x800000000000000029949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.314{ec2a2542-2986-6254-0000-000000000000}4430-root 154100x800000000000000029951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.331{ec2a2542-2986-6254-70f3-598ef2550000}4431/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.332{ec2a2542-2986-6254-70f3-598ef2550000}4431/bin/rmroot 23542300x800000000000000029952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.332{ec2a2542-2986-6254-70f3-598ef2550000}4431root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000029954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.333{ec2a2542-2986-6254-d8ef-444a66550000}4432/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/081-libpangocairo-1.0-0_1.40.14-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000029956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.334{ec2a2542-2986-6254-404a-0b2140560000}4433/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/081-libpangocairo-1.0-0_1.40.14-1ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000029955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.334{ec2a2542-2986-6254-d8ef-444a66550000}4432/usr/bin/dpkg-splitroot 154100x800000000000000029958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.336{ec2a2542-2986-6254-b0d3-556951560000}4436/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-404a-0b2140560000}4433/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000029957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.336{ec2a2542-2986-6254-0000-000000000000}4434-root 534500x800000000000000029959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.337{ec2a2542-2986-6254-0000-000000000000}4435-root 534500x800000000000000029960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.338{ec2a2542-2986-6254-b0d3-556951560000}4436/bin/tarroot 534500x800000000000000029961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.339{ec2a2542-2986-6254-404a-0b2140560000}4433/usr/bin/dpkg-debroot 23542300x800000000000000029962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.368{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000029980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000029979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000029978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000029977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000029976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000029975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000029974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000029973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000029972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000029971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000029970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000029969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000029968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000029967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000029966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000029965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000029964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000029963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.370{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000030032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0069--- 23542300x800000000000000030031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0068--- 23542300x800000000000000030030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0067--- 23542300x800000000000000030029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0066--- 23542300x800000000000000030028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0065--- 23542300x800000000000000030027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0064--- 23542300x800000000000000030026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0063--- 23542300x800000000000000030025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0062--- 23542300x800000000000000030024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0061--- 23542300x800000000000000030023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0060--- 23542300x800000000000000030022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0059--- 23542300x800000000000000030021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000030020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000030019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000030018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000030017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000030016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000030015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000030014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000030013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000030012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000030011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000030010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000030009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000030008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000030007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000030006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000030005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000030004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000030003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000030002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000030001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000030000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000029999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000029998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000029997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000029996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000029995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000029994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000029993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000029992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000029991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000029990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000029989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000029988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000029987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000029986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000029985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000029984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000029983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000029982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000029981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.371{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000030088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0125--- 23542300x800000000000000030087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0124--- 23542300x800000000000000030086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0123--- 23542300x800000000000000030085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0122--- 23542300x800000000000000030084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0121--- 23542300x800000000000000030083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0120--- 23542300x800000000000000030082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0119--- 23542300x800000000000000030081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0118--- 23542300x800000000000000030080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0117--- 23542300x800000000000000030079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0116--- 23542300x800000000000000030078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0115--- 23542300x800000000000000030077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0114--- 23542300x800000000000000030076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0113--- 23542300x800000000000000030075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0112--- 23542300x800000000000000030074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0111--- 23542300x800000000000000030073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0110--- 23542300x800000000000000030072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0109--- 23542300x800000000000000030071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0108--- 23542300x800000000000000030070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0107--- 23542300x800000000000000030069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0106--- 23542300x800000000000000030068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0105--- 23542300x800000000000000030067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0104--- 23542300x800000000000000030066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0103--- 23542300x800000000000000030065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0102--- 23542300x800000000000000030064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0101--- 23542300x800000000000000030063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0100--- 23542300x800000000000000030062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0099--- 23542300x800000000000000030061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0098--- 23542300x800000000000000030060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0097--- 23542300x800000000000000030059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0096--- 23542300x800000000000000030058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0095--- 23542300x800000000000000030057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0094--- 23542300x800000000000000030056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0093--- 23542300x800000000000000030055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0092--- 23542300x800000000000000030054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0091--- 23542300x800000000000000030053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0090--- 23542300x800000000000000030052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0089--- 23542300x800000000000000030051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0088--- 23542300x800000000000000030050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0087--- 23542300x800000000000000030049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0086--- 23542300x800000000000000030048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0085--- 23542300x800000000000000030047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0084--- 23542300x800000000000000030046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0083--- 23542300x800000000000000030045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0082--- 23542300x800000000000000030044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0081--- 23542300x800000000000000030043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0080--- 23542300x800000000000000030042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0079--- 23542300x800000000000000030041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0078--- 23542300x800000000000000030040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0077--- 23542300x800000000000000030039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0076--- 23542300x800000000000000030038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0075--- 23542300x800000000000000030037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0074--- 23542300x800000000000000030036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0073--- 23542300x800000000000000030035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0072--- 23542300x800000000000000030034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0071--- 23542300x800000000000000030033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.372{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0070--- 23542300x800000000000000030142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0179--- 23542300x800000000000000030141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0178--- 23542300x800000000000000030140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0177--- 23542300x800000000000000030139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0176--- 23542300x800000000000000030138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0175--- 23542300x800000000000000030137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0174--- 23542300x800000000000000030136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0173--- 23542300x800000000000000030135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0172--- 23542300x800000000000000030134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0171--- 23542300x800000000000000030133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0170--- 23542300x800000000000000030132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0169--- 23542300x800000000000000030131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0168--- 23542300x800000000000000030130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0167--- 23542300x800000000000000030129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0166--- 23542300x800000000000000030128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0165--- 23542300x800000000000000030127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0164--- 23542300x800000000000000030126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0163--- 23542300x800000000000000030125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0162--- 23542300x800000000000000030124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0161--- 23542300x800000000000000030123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0160--- 23542300x800000000000000030122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0159--- 23542300x800000000000000030121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0158--- 23542300x800000000000000030120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0157--- 23542300x800000000000000030119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0156--- 23542300x800000000000000030118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0155--- 23542300x800000000000000030117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0154--- 23542300x800000000000000030116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0153--- 23542300x800000000000000030115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0152--- 23542300x800000000000000030114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0151--- 23542300x800000000000000030113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0150--- 23542300x800000000000000030112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0149--- 23542300x800000000000000030111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0148--- 23542300x800000000000000030110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0147--- 23542300x800000000000000030109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0146--- 23542300x800000000000000030108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0145--- 23542300x800000000000000030107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0144--- 23542300x800000000000000030106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0143--- 23542300x800000000000000030105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0142--- 23542300x800000000000000030104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0141--- 23542300x800000000000000030103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0140--- 23542300x800000000000000030102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0139--- 23542300x800000000000000030101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0138--- 23542300x800000000000000030100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0137--- 23542300x800000000000000030099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0136--- 23542300x800000000000000030098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0135--- 23542300x800000000000000030097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0134--- 23542300x800000000000000030096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0133--- 23542300x800000000000000030095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0132--- 23542300x800000000000000030094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0131--- 23542300x800000000000000030093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0130--- 23542300x800000000000000030092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0129--- 23542300x800000000000000030091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0128--- 23542300x800000000000000030090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0127--- 23542300x800000000000000030089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.373{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0126--- 23542300x800000000000000030197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0234--- 23542300x800000000000000030196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0233--- 23542300x800000000000000030195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0232--- 23542300x800000000000000030194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0231--- 23542300x800000000000000030193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0230--- 23542300x800000000000000030192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0229--- 23542300x800000000000000030191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0228--- 23542300x800000000000000030190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0227--- 23542300x800000000000000030189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0226--- 23542300x800000000000000030188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0225--- 23542300x800000000000000030187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0224--- 23542300x800000000000000030186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0223--- 23542300x800000000000000030185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0222--- 23542300x800000000000000030184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0221--- 23542300x800000000000000030183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0220--- 23542300x800000000000000030182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0219--- 23542300x800000000000000030181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0218--- 23542300x800000000000000030180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0217--- 23542300x800000000000000030179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0216--- 23542300x800000000000000030178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0215--- 23542300x800000000000000030177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0214--- 23542300x800000000000000030176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0213--- 23542300x800000000000000030175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0212--- 23542300x800000000000000030174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0211--- 23542300x800000000000000030173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0210--- 23542300x800000000000000030172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0209--- 23542300x800000000000000030171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0208--- 23542300x800000000000000030170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0207--- 23542300x800000000000000030169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0206--- 23542300x800000000000000030168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0205--- 23542300x800000000000000030167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0204--- 23542300x800000000000000030166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0203--- 23542300x800000000000000030165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0202--- 23542300x800000000000000030164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0201--- 23542300x800000000000000030163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0200--- 23542300x800000000000000030162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0199--- 23542300x800000000000000030161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0198--- 23542300x800000000000000030160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0197--- 23542300x800000000000000030159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0196--- 23542300x800000000000000030158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0195--- 23542300x800000000000000030157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0194--- 23542300x800000000000000030156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0193--- 23542300x800000000000000030155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0192--- 23542300x800000000000000030154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0191--- 23542300x800000000000000030153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0190--- 23542300x800000000000000030152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0189--- 23542300x800000000000000030151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0188--- 23542300x800000000000000030150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0187--- 23542300x800000000000000030149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0186--- 23542300x800000000000000030148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0185--- 23542300x800000000000000030147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0184--- 23542300x800000000000000030146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0183--- 23542300x800000000000000030145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0182--- 23542300x800000000000000030144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0181--- 23542300x800000000000000030143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.374{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0180--- 23542300x800000000000000030213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0250--- 23542300x800000000000000030212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0249--- 23542300x800000000000000030211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0248--- 23542300x800000000000000030210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0247--- 23542300x800000000000000030209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0246--- 23542300x800000000000000030208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0245--- 23542300x800000000000000030207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0244--- 23542300x800000000000000030206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0243--- 23542300x800000000000000030205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0242--- 23542300x800000000000000030204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0241--- 23542300x800000000000000030203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0240--- 23542300x800000000000000030202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0239--- 23542300x800000000000000030201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0238--- 23542300x800000000000000030200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0237--- 23542300x800000000000000030199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0236--- 23542300x800000000000000030198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.375{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0235--- 154100x800000000000000030214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.378{ec2a2542-2986-6254-408a-b1cae8550000}4437/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/081-libpangocairo-1.0-0_1.40.14-1ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.380{ec2a2542-2986-6254-0000-000000000000}4438-root 534500x800000000000000030217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.388{ec2a2542-2986-6254-408a-b1cae8550000}4437/usr/bin/dpkg-debroot 534500x800000000000000030216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.388{ec2a2542-2986-6254-0000-000000000000}4439-root 154100x800000000000000030218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.406{ec2a2542-2986-6254-70f3-c53cb0550000}4440/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.407{ec2a2542-2986-6254-70f3-c53cb0550000}4440/bin/rmroot 23542300x800000000000000030219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.407{ec2a2542-2986-6254-70f3-c53cb0550000}4440root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.408{ec2a2542-2986-6254-d8cf-56e2ee550000}4441/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/082-libxv1_2%3a1.0.11-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.409{ec2a2542-2986-6254-407a-969857550000}4442/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/082-libxv1_2%3a1.0.11-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.409{ec2a2542-2986-6254-d8cf-56e2ee550000}4441/usr/bin/dpkg-splitroot 534500x800000000000000030226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.412{ec2a2542-2986-6254-0000-000000000000}4444-root 154100x800000000000000030225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.412{ec2a2542-2986-6254-b033-baf40c560000}4445/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-407a-969857550000}4442/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.412{ec2a2542-2986-6254-0000-000000000000}4443-root 534500x800000000000000030228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.414{ec2a2542-2986-6254-407a-969857550000}4442/usr/bin/dpkg-debroot 534500x800000000000000030227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.414{ec2a2542-2986-6254-b033-baf40c560000}4445/bin/tarroot 154100x800000000000000030229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.438{ec2a2542-2986-6254-407a-712c82550000}4446/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/082-libxv1_2%3a1.0.11-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.440{ec2a2542-2986-6254-0000-000000000000}4447-root 534500x800000000000000030231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.442{00000000-0000-0000-0000-000000000000}4448<unknown process>root 534500x800000000000000030232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.443{ec2a2542-2986-6254-407a-712c82550000}4446/usr/bin/dpkg-debroot 154100x800000000000000030233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.465{ec2a2542-2986-6254-7083-e52975550000}4449/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.466{ec2a2542-2986-6254-7083-e52975550000}4449/bin/rmroot 23542300x800000000000000030234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.466{ec2a2542-2986-6254-7083-e52975550000}4449root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.467{ec2a2542-2986-6254-d8ff-f731ed550000}4450/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/083-gstreamer1.0-x_1.14.5-0ubuntu1~18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.468{ec2a2542-2986-6254-40ea-cf6adc550000}4451/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/083-gstreamer1.0-x_1.14.5-0ubuntu1~18.04.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.468{ec2a2542-2986-6254-d8ff-f731ed550000}4450/usr/bin/dpkg-splitroot 154100x800000000000000030240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.470{ec2a2542-2986-6254-b093-7387c6550000}4454/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-40ea-cf6adc550000}4451/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.471{ec2a2542-2986-6254-0000-000000000000}4452-root 534500x800000000000000030242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.472{ec2a2542-2986-6254-b093-7387c6550000}4454/bin/tarroot 534500x800000000000000030241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.472{ec2a2542-2986-6254-0000-000000000000}4453-root 534500x800000000000000030243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.473{ec2a2542-2986-6254-40ea-cf6adc550000}4451/usr/bin/dpkg-debroot 154100x800000000000000030244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.489{ec2a2542-2986-6254-406a-28ae35560000}4455/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/083-gstreamer1.0-x_1.14.5-0ubuntu1~18.04.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.493{ec2a2542-2986-6254-0000-000000000000}4456-root 534500x800000000000000030246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.501{00000000-0000-0000-0000-000000000000}4457<unknown process>root 534500x800000000000000030247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.502{ec2a2542-2986-6254-406a-28ae35560000}4455/usr/bin/dpkg-debroot 154100x800000000000000030248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.543{ec2a2542-2986-6254-70a3-9b80ab550000}4458/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.545{ec2a2542-2986-6254-d80f-74cbaf550000}4459/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/084-ibverbs-providers_17.1-1ubuntu0.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.545{ec2a2542-2986-6254-70a3-9b80ab550000}4458/bin/rmroot 23542300x800000000000000030249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.545{ec2a2542-2986-6254-70a3-9b80ab550000}4458root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000030252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.546{ec2a2542-2986-6254-d80f-74cbaf550000}4459/usr/bin/dpkg-splitroot 154100x800000000000000030253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.547{ec2a2542-2986-6254-408a-9c3ec7550000}4460/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/084-ibverbs-providers_17.1-1ubuntu0.2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.549{ec2a2542-2986-6254-b0d3-c7b513560000}4463/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-408a-9c3ec7550000}4460/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.549{ec2a2542-2986-6254-0000-000000000000}4461-root 534500x800000000000000030256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.550{ec2a2542-2986-6254-0000-000000000000}4462-root 534500x800000000000000030258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.551{ec2a2542-2986-6254-408a-9c3ec7550000}4460/usr/bin/dpkg-debroot 534500x800000000000000030257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.551{ec2a2542-2986-6254-b0d3-c7b513560000}4463/bin/tarroot 154100x800000000000000030259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.573{ec2a2542-2986-6254-401a-f3240b560000}4464/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/084-ibverbs-providers_17.1-1ubuntu0.2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.589{ec2a2542-2986-6254-0000-000000000000}4465-root 534500x800000000000000030262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.596{ec2a2542-2986-6254-401a-f3240b560000}4464/usr/bin/dpkg-debroot 534500x800000000000000030261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.596{00000000-0000-0000-0000-000000000000}4466<unknown process>root 154100x800000000000000030263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.618{ec2a2542-2986-6254-70f3-c5454e560000}4467/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000030264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.619{ec2a2542-2986-6254-70f3-c5454e560000}4467root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.620{ec2a2542-2986-6254-d8ef-1f2119560000}4468/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/085-ipxe-qemu_1.0.0+git-20180124.fbe8c52d-0ubuntu2.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.620{ec2a2542-2986-6254-70f3-c5454e560000}4467/bin/rmroot 154100x800000000000000030268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.621{ec2a2542-2986-6254-40da-c02966550000}4469/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/085-ipxe-qemu_1.0.0+git-20180124.fbe8c52d-0ubuntu2.2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.621{ec2a2542-2986-6254-d8ef-1f2119560000}4468/usr/bin/dpkg-splitroot 154100x800000000000000030270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.623{ec2a2542-2986-6254-b023-fa5dd5550000}4472/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-40da-c02966550000}4469/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.623{ec2a2542-2986-6254-0000-000000000000}4470-root 534500x800000000000000030271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.628{ec2a2542-2986-6254-0000-000000000000}4471-root 534500x800000000000000030273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.629{ec2a2542-2986-6254-40da-c02966550000}4469/usr/bin/dpkg-debroot 534500x800000000000000030272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.629{ec2a2542-2986-6254-b023-fa5dd5550000}4472/bin/tarroot 154100x800000000000000030274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.648{ec2a2542-2986-6254-406a-f0f011560000}4473/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/085-ipxe-qemu_1.0.0+git-20180124.fbe8c52d-0ubuntu2.2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.739{ec2a2542-2986-6254-0000-000000000000}4474-root 534500x800000000000000030277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.751{ec2a2542-2986-6254-406a-f0f011560000}4473/usr/bin/dpkg-debroot 534500x800000000000000030276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.751{00000000-0000-0000-0000-000000000000}4475<unknown process>root 154100x800000000000000030278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.801{ec2a2542-2986-6254-70e3-1dc7a8550000}4476/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.802{ec2a2542-2986-6254-70e3-1dc7a8550000}4476/bin/rmroot 23542300x800000000000000030279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.802{ec2a2542-2986-6254-70e3-1dc7a8550000}4476root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.803{ec2a2542-2986-6254-d88f-21d0cd550000}4477/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/086-ipxe-qemu-256k-compat-efi-roms_1.0.0+git-20150424.a25a16d-0ubuntu2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.804{ec2a2542-2986-6254-405a-ffe69a550000}4478/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/086-ipxe-qemu-256k-compat-efi-roms_1.0.0+git-20150424.a25a16d-0ubuntu2_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.804{ec2a2542-2986-6254-d88f-21d0cd550000}4477/usr/bin/dpkg-splitroot 154100x800000000000000030285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.806{ec2a2542-2986-6254-b063-4c7366550000}4481/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-405a-ffe69a550000}4478/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.806{ec2a2542-2986-6254-0000-000000000000}4479-root 534500x800000000000000030286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.807{ec2a2542-2986-6254-0000-000000000000}4480-root 534500x800000000000000030288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.809{ec2a2542-2986-6254-405a-ffe69a550000}4478/usr/bin/dpkg-debroot 534500x800000000000000030287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.809{ec2a2542-2986-6254-b063-4c7366550000}4481/bin/tarroot 154100x800000000000000030289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.824{ec2a2542-2986-6254-40ea-258703560000}4482/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/086-ipxe-qemu-256k-compat-efi-roms_1.0.0+git-20150424.a25a16d-0ubuntu2_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.868{ec2a2542-2986-6254-0000-000000000000}4483-root 534500x800000000000000030291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.875{00000000-0000-0000-0000-000000000000}4484<unknown process>root 534500x800000000000000030292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.877{ec2a2542-2986-6254-40ea-258703560000}4482/usr/bin/dpkg-debroot 154100x800000000000000030293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.904{ec2a2542-2986-6254-7033-19e237560000}4485/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.906{ec2a2542-2986-6254-d89f-7696cd550000}4486/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/087-libaio1_0.3.110-5ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.906{ec2a2542-2986-6254-7033-19e237560000}4485/bin/rmroot 23542300x800000000000000030294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.906{ec2a2542-2986-6254-7033-19e237560000}4485root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.908{ec2a2542-2986-6254-406a-40a11b560000}4487/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/087-libaio1_0.3.110-5ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.908{ec2a2542-2986-6254-d89f-7696cd550000}4486/usr/bin/dpkg-splitroot 154100x800000000000000030300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.910{ec2a2542-2986-6254-b033-40d710560000}4490/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-406a-40a11b560000}4487/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.910{ec2a2542-2986-6254-0000-000000000000}4488-root 534500x800000000000000030301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.911{ec2a2542-2986-6254-0000-000000000000}4489-root 534500x800000000000000030303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.912{ec2a2542-2986-6254-406a-40a11b560000}4487/usr/bin/dpkg-debroot 534500x800000000000000030302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.912{ec2a2542-2986-6254-b033-40d710560000}4490/bin/tarroot 154100x800000000000000030304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.935{ec2a2542-2986-6254-40fa-42d313560000}4491/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/087-libaio1_0.3.110-5ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.937{ec2a2542-2986-6254-0000-000000000000}4492-root 534500x800000000000000030306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.940{00000000-0000-0000-0000-000000000000}4493<unknown process>root 534500x800000000000000030307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.941{ec2a2542-2986-6254-40fa-42d313560000}4491/usr/bin/dpkg-debroot 154100x800000000000000030308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.960{ec2a2542-2986-6254-7083-a16aa7550000}4494/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.962{ec2a2542-2986-6254-d88f-d504ce550000}4495/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/088-libasound2-data_1.1.3-5ubuntu0.6_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.962{ec2a2542-2986-6254-7083-a16aa7550000}4494/bin/rmroot 23542300x800000000000000030309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.962{ec2a2542-2986-6254-7083-a16aa7550000}4494root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.963{ec2a2542-2986-6254-409a-cf06f1550000}4496/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/088-libasound2-data_1.1.3-5ubuntu0.6_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.963{ec2a2542-2986-6254-d88f-d504ce550000}4495/usr/bin/dpkg-splitroot 154100x800000000000000030315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.965{ec2a2542-2986-6254-b013-0b7a35560000}4499/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2986-6254-409a-cf06f1550000}4496/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.965{ec2a2542-2986-6254-0000-000000000000}4497-root 534500x800000000000000030316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.966{ec2a2542-2986-6254-0000-000000000000}4498-root 534500x800000000000000030318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.968{ec2a2542-2986-6254-409a-cf06f1550000}4496/usr/bin/dpkg-debroot 534500x800000000000000030317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.968{ec2a2542-2986-6254-b013-0b7a35560000}4499/bin/tarroot 154100x800000000000000030319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.985{ec2a2542-2986-6254-404a-79926c550000}4500/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/088-libasound2-data_1.1.3-5ubuntu0.6_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:42.987{ec2a2542-2986-6254-0000-000000000000}4501-root 534500x800000000000000030322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.039{ec2a2542-2986-6254-404a-79926c550000}4500/usr/bin/dpkg-debroot 534500x800000000000000030321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.039{00000000-0000-0000-0000-000000000000}4502<unknown process>root 154100x800000000000000030323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.068{ec2a2542-2987-6254-7003-c67c9f550000}4503/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.069{ec2a2542-2987-6254-7003-c67c9f550000}4503/bin/rmroot 23542300x800000000000000030324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.069{ec2a2542-2987-6254-7003-c67c9f550000}4503root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.070{ec2a2542-2987-6254-d82f-0a9825560000}4504/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/089-libasound2_1.1.3-5ubuntu0.6_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.071{ec2a2542-2987-6254-d82f-0a9825560000}4504/usr/bin/dpkg-splitroot 154100x800000000000000030328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.072{ec2a2542-2987-6254-40aa-291bfd550000}4505/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/089-libasound2_1.1.3-5ubuntu0.6_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.073{ec2a2542-2987-6254-b033-3aa07e550000}4508/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2987-6254-40aa-291bfd550000}4505/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.074{ec2a2542-2987-6254-0000-000000000000}4506-root 534500x800000000000000030333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.076{ec2a2542-2987-6254-40aa-291bfd550000}4505/usr/bin/dpkg-debroot 534500x800000000000000030332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.076{ec2a2542-2987-6254-b033-3aa07e550000}4508/bin/tarroot 534500x800000000000000030331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.076{ec2a2542-2987-6254-0000-000000000000}4507-root 154100x800000000000000030334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.106{ec2a2542-2987-6254-408a-99efee550000}4509/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/089-libasound2_1.1.3-5ubuntu0.6_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.136{ec2a2542-2987-6254-0000-000000000000}4510-root 534500x800000000000000030337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.145{ec2a2542-2987-6254-408a-99efee550000}4509/usr/bin/dpkg-debroot 534500x800000000000000030336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.145{ec2a2542-2987-6254-0000-000000000000}4511-root 154100x800000000000000030338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.226{ec2a2542-2987-6254-70f3-a2251f560000}4512/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.227{ec2a2542-2987-6254-d8af-59d0ab550000}4513/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/090-libasyncns0_0.8-6_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.227{ec2a2542-2987-6254-70f3-a2251f560000}4512/bin/rmroot 23542300x800000000000000030339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.227{ec2a2542-2987-6254-70f3-a2251f560000}4512root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.229{ec2a2542-2987-6254-405a-2234e9550000}4514/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/090-libasyncns0_0.8-6_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.229{ec2a2542-2987-6254-d8af-59d0ab550000}4513/usr/bin/dpkg-splitroot 154100x800000000000000030345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.231{ec2a2542-2987-6254-b063-ff941c560000}4517/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2987-6254-405a-2234e9550000}4514/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.231{ec2a2542-2987-6254-0000-000000000000}4515-root 534500x800000000000000030346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.232{ec2a2542-2987-6254-0000-000000000000}4516-root 534500x800000000000000030347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.234{ec2a2542-2987-6254-b063-ff941c560000}4517/bin/tarroot 534500x800000000000000030348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.235{ec2a2542-2987-6254-405a-2234e9550000}4514/usr/bin/dpkg-debroot 154100x800000000000000030349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.255{ec2a2542-2987-6254-406a-9d9490550000}4518/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/090-libasyncns0_0.8-6_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.257{ec2a2542-2987-6254-0000-000000000000}4519-root 534500x800000000000000030352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.260{ec2a2542-2987-6254-406a-9d9490550000}4518/usr/bin/dpkg-debroot 534500x800000000000000030351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.260{ec2a2542-2987-6254-0000-000000000000}4520-root 154100x800000000000000030353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.282{ec2a2542-2987-6254-70d3-f71349560000}4521/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.283{ec2a2542-2987-6254-d84f-a57a6e550000}4522/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/091-libbluetooth3_5.48-0ubuntu3.8_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.283{ec2a2542-2987-6254-70d3-f71349560000}4521/bin/rmroot 23542300x800000000000000030354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.283{ec2a2542-2987-6254-70d3-f71349560000}4521root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000030357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.285{ec2a2542-2987-6254-d84f-a57a6e550000}4522/usr/bin/dpkg-splitroot 154100x800000000000000030358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.286{ec2a2542-2987-6254-407a-5aa2e9550000}4523/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/091-libbluetooth3_5.48-0ubuntu3.8_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.290{ec2a2542-2987-6254-b0d3-2d8655550000}4526/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2987-6254-407a-5aa2e9550000}4523/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.290{ec2a2542-2987-6254-0000-000000000000}4524-root 534500x800000000000000030361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.291{ec2a2542-2987-6254-0000-000000000000}4525-root 534500x800000000000000030363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.293{ec2a2542-2987-6254-407a-5aa2e9550000}4523/usr/bin/dpkg-debroot 534500x800000000000000030362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.293{ec2a2542-2987-6254-b0d3-2d8655550000}4526/bin/tarroot 154100x800000000000000030364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.319{ec2a2542-2987-6254-409a-7decff550000}4527/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/091-libbluetooth3_5.48-0ubuntu3.8_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.321{ec2a2542-2987-6254-0000-000000000000}4528-root 534500x800000000000000030367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.328{ec2a2542-2987-6254-409a-7decff550000}4527/usr/bin/dpkg-debroot 534500x800000000000000030366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.328{00000000-0000-0000-0000-000000000000}4529<unknown process>root 154100x800000000000000030368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.350{ec2a2542-2987-6254-7083-42718c550000}4530/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.352{ec2a2542-2987-6254-d80f-464b79550000}4531/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/092-libcacard0_1%3a2.5.0-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.352{ec2a2542-2987-6254-7083-42718c550000}4530/bin/rmroot 23542300x800000000000000030369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.352{ec2a2542-2987-6254-7083-42718c550000}4530root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.354{ec2a2542-2987-6254-407a-3181d4550000}4532/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/092-libcacard0_1%3a2.5.0-3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.354{ec2a2542-2987-6254-d80f-464b79550000}4531/usr/bin/dpkg-splitroot 534500x800000000000000030376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.356{ec2a2542-2987-6254-0000-000000000000}4534-root 154100x800000000000000030375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.356{ec2a2542-2987-6254-b0b3-077414560000}4535/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2987-6254-407a-3181d4550000}4532/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:43.356{ec2a2542-2987-6254-0000-000000000000}4533-root 534500x800000000000000030591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.335{ec2a2542-2989-6254-0000-000000000000}4663-root 534500x800000000000000030593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.347{ec2a2542-2989-6254-408a-882942560000}4662/usr/bin/dpkg-debroot 534500x800000000000000030592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.347{00000000-0000-0000-0000-000000000000}4664<unknown process>root 154100x800000000000000030594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.398{ec2a2542-298a-6254-7073-f6e959550000}4665/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.399{ec2a2542-298a-6254-7073-f6e959550000}4665/bin/rmroot 23542300x800000000000000030595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.399{ec2a2542-298a-6254-7073-f6e959550000}4665root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.400{ec2a2542-298a-6254-d87f-8dcc4f560000}4666/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/107-qemu-slof_20170724+dfsg-1ubuntu1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.401{ec2a2542-298a-6254-40fa-dff5e1550000}4667/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/107-qemu-slof_20170724+dfsg-1ubuntu1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.401{ec2a2542-298a-6254-d87f-8dcc4f560000}4666/usr/bin/dpkg-splitroot 154100x800000000000000030601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.403{ec2a2542-298a-6254-b0e3-56b6c4550000}4670/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298a-6254-40fa-dff5e1550000}4667/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.403{ec2a2542-298a-6254-0000-000000000000}4668-root 534500x800000000000000030602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.404{ec2a2542-298a-6254-0000-000000000000}4669-root 534500x800000000000000030603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.405{ec2a2542-298a-6254-b0e3-56b6c4550000}4670/bin/tarroot 534500x800000000000000030604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.406{ec2a2542-298a-6254-40fa-dff5e1550000}4667/usr/bin/dpkg-debroot 154100x800000000000000030605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.420{ec2a2542-298a-6254-40aa-17bd7c550000}4671/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/107-qemu-slof_20170724+dfsg-1ubuntu1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.433{ec2a2542-298a-6254-0000-000000000000}4672-root 534500x800000000000000030608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.442{ec2a2542-298a-6254-40aa-17bd7c550000}4671/usr/bin/dpkg-debroot 534500x800000000000000030607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.442{ec2a2542-298a-6254-0000-000000000000}4673-root 154100x800000000000000030609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.461{ec2a2542-298a-6254-70c3-3a7916560000}4674/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.462{ec2a2542-298a-6254-70c3-3a7916560000}4674/bin/rmroot 23542300x800000000000000030610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.462{ec2a2542-298a-6254-70c3-3a7916560000}4674root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.463{ec2a2542-298a-6254-d80f-350c57550000}4675/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/108-qemu-system-ppc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.464{ec2a2542-298a-6254-408a-c1b130560000}4676/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/108-qemu-system-ppc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.464{ec2a2542-298a-6254-d80f-350c57550000}4675/usr/bin/dpkg-splitroot 154100x800000000000000030616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.466{ec2a2542-298a-6254-b083-974cd5550000}4679/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298a-6254-408a-c1b130560000}4676/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.466{ec2a2542-298a-6254-0000-000000000000}4677-root 534500x800000000000000030617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.467{ec2a2542-298a-6254-0000-000000000000}4678-root 534500x800000000000000030619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.469{ec2a2542-298a-6254-408a-c1b130560000}4676/usr/bin/dpkg-debroot 534500x800000000000000030618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.469{ec2a2542-298a-6254-b083-974cd5550000}4679/bin/tarroot 154100x800000000000000030620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:46.484{ec2a2542-298a-6254-400a-867360550000}4680/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/108-qemu-system-ppc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.292{ec2a2542-298a-6254-0000-000000000000}4681-root 534500x800000000000000030622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.306{ec2a2542-298a-6254-0000-000000000000}4682-root 534500x800000000000000030623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.307{ec2a2542-298a-6254-400a-867360550000}4680/usr/bin/dpkg-debroot 154100x800000000000000030624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.380{ec2a2542-298b-6254-7063-357fdf550000}4683/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.382{ec2a2542-298b-6254-d8ef-2e63b6550000}4684/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/109-qemu-system-sparc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.382{ec2a2542-298b-6254-7063-357fdf550000}4683/bin/rmroot 23542300x800000000000000030625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.382{ec2a2542-298b-6254-7063-357fdf550000}4683root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.384{ec2a2542-298b-6254-40aa-68c3fd550000}4685/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/109-qemu-system-sparc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.384{ec2a2542-298b-6254-d8ef-2e63b6550000}4684/usr/bin/dpkg-splitroot 154100x800000000000000030631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.386{ec2a2542-298b-6254-b0d3-74c7a7550000}4688/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-40aa-68c3fd550000}4685/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.386{ec2a2542-298b-6254-0000-000000000000}4686-root 534500x800000000000000030632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.387{ec2a2542-298b-6254-0000-000000000000}4687-root 534500x800000000000000030633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.389{ec2a2542-298b-6254-b0d3-74c7a7550000}4688/bin/tarroot 534500x800000000000000030634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.390{ec2a2542-298b-6254-40aa-68c3fd550000}4685/usr/bin/dpkg-debroot 154100x800000000000000030635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.406{ec2a2542-298b-6254-409a-0c6d41560000}4689/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/109-qemu-system-sparc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.711{ec2a2542-298b-6254-0000-000000000000}4690-root 534500x800000000000000030638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.724{ec2a2542-298b-6254-409a-0c6d41560000}4689/usr/bin/dpkg-debroot 534500x800000000000000030637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.724{ec2a2542-298b-6254-0000-000000000000}4691-root 154100x800000000000000030639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.781{ec2a2542-298b-6254-7023-dcb16d550000}4692/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000030640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.782{ec2a2542-298b-6254-7023-dcb16d550000}4692root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.783{ec2a2542-298b-6254-d83f-22584a560000}4693/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/110-seabios_1.10.2-1ubuntu1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.783{ec2a2542-298b-6254-7023-dcb16d550000}4692/bin/rmroot 154100x800000000000000030644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.784{ec2a2542-298b-6254-405a-a6ae94550000}4694/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/110-seabios_1.10.2-1ubuntu1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.784{ec2a2542-298b-6254-d83f-22584a560000}4693/usr/bin/dpkg-splitroot 154100x800000000000000030647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.786{ec2a2542-298b-6254-b053-dbe2a2550000}4697/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-405a-a6ae94550000}4694/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.786{ec2a2542-298b-6254-0000-000000000000}4695-root 534500x800000000000000030646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.787{ec2a2542-298b-6254-0000-000000000000}4696-root 534500x800000000000000030649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.789{ec2a2542-298b-6254-405a-a6ae94550000}4694/usr/bin/dpkg-debroot 534500x800000000000000030648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.789{ec2a2542-298b-6254-b053-dbe2a2550000}4697/bin/tarroot 154100x800000000000000030650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.810{ec2a2542-298b-6254-40ba-4164fa550000}4698/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/110-seabios_1.10.2-1ubuntu1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.823{ec2a2542-298b-6254-0000-000000000000}4699-root 534500x800000000000000030653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.833{ec2a2542-298b-6254-40ba-4164fa550000}4698/usr/bin/dpkg-debroot 534500x800000000000000030652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.833{00000000-0000-0000-0000-000000000000}4700<unknown process>root 154100x800000000000000030654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.852{ec2a2542-298b-6254-7013-bd4e6a550000}4701/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.854{ec2a2542-298b-6254-d8ef-e4b8aa550000}4702/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/111-qemu-system-x86_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.854{ec2a2542-298b-6254-7013-bd4e6a550000}4701/bin/rmroot 23542300x800000000000000030655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.854{ec2a2542-298b-6254-7013-bd4e6a550000}4701root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000030658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.855{ec2a2542-298b-6254-d8ef-e4b8aa550000}4702/usr/bin/dpkg-splitroot 154100x800000000000000030659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.856{ec2a2542-298b-6254-406a-e41428560000}4703/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/111-qemu-system-x86_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.857{ec2a2542-298b-6254-b0b3-17fd54560000}4706/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-406a-e41428560000}4703/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.858{ec2a2542-298b-6254-0000-000000000000}4704-root 534500x800000000000000030662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.859{ec2a2542-298b-6254-0000-000000000000}4705-root 534500x800000000000000030664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.860{ec2a2542-298b-6254-406a-e41428560000}4703/usr/bin/dpkg-debroot 534500x800000000000000030663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.860{ec2a2542-298b-6254-b0b3-17fd54560000}4706/bin/tarroot 154100x800000000000000030665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.887{ec2a2542-298b-6254-68f2-70a145560000}4707/bin/dash-----/bin/sh /var/lib/dpkg/tmp.ci/preinst install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.890{ec2a2542-298b-6254-68e2-fa5ae9550000}4708/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init.d/qemu-system-x86 1:2.2+dfsg-3~ -- install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-68f2-70a145560000}4707/bin/dash/bin/shroot 154100x800000000000000030667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.891{ec2a2542-298b-6254-e8cb-10fe08560000}4709/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-68e2-fa5ae9550000}4708/bin/dash/bin/shroot 154100x800000000000000030669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.892{ec2a2542-298b-6254-7091-9f7baf550000}4710/usr/bin/dpkg-----dpkg --validate-version -- 1:2.2+dfsg-3~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-68e2-fa5ae9550000}4708/bin/dash/bin/shroot 534500x800000000000000030668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.892{ec2a2542-298b-6254-e8cb-10fe08560000}4709/usr/bin/basenameroot 534500x800000000000000030670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.895{ec2a2542-298b-6254-7091-9f7baf550000}4710/usr/bin/dpkgroot 154100x800000000000000030672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.896{ec2a2542-298b-6254-68c2-a98092550000}4711/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/qemu/target-x86_64.conf 1:2.4+dfsg-1~ -- install/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-68f2-70a145560000}4707/bin/dash/bin/shroot 534500x800000000000000030671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.896{ec2a2542-298b-6254-68e2-fa5ae9550000}4708/bin/dashroot 154100x800000000000000030673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.897{ec2a2542-298b-6254-e86b-8f0239560000}4712/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-68c2-a98092550000}4711/bin/dash/bin/shroot 154100x800000000000000030675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.898{ec2a2542-298b-6254-7081-dd22ca550000}4713/usr/bin/dpkg-----dpkg --validate-version -- 1:2.4+dfsg-1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298b-6254-68c2-a98092550000}4711/bin/dash/bin/shroot 534500x800000000000000030674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.898{ec2a2542-298b-6254-e86b-8f0239560000}4712/usr/bin/basenameroot 534500x800000000000000030677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.900{ec2a2542-298b-6254-68c2-a98092550000}4711/bin/dashroot 534500x800000000000000030676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.900{ec2a2542-298b-6254-7081-dd22ca550000}4713/usr/bin/dpkgroot 154100x800000000000000030679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.901{ec2a2542-298b-6254-40ea-4cb479550000}4714/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/111-qemu-system-x86_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:47.901{ec2a2542-298b-6254-68f2-70a145560000}4707/bin/dashroot 534500x800000000000000030680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.507{ec2a2542-298b-6254-0000-000000000000}4715-root 534500x800000000000000030681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.517{ec2a2542-298b-6254-0000-000000000000}4716-root 534500x800000000000000030682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.518{ec2a2542-298b-6254-40ea-4cb479550000}4714/usr/bin/dpkg-debroot 154100x800000000000000030683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.603{ec2a2542-298c-6254-7053-708d42560000}4717/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000030684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.604{ec2a2542-298c-6254-7053-708d42560000}4717root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.605{ec2a2542-298c-6254-d81f-542f78550000}4718/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/112-qemu-system-s390x_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.605{ec2a2542-298c-6254-7053-708d42560000}4717/bin/rmroot 534500x800000000000000030687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.606{ec2a2542-298c-6254-d81f-542f78550000}4718/usr/bin/dpkg-splitroot 154100x800000000000000030688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.607{ec2a2542-298c-6254-407a-481551560000}4719/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/112-qemu-system-s390x_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.609{ec2a2542-298c-6254-0000-000000000000}4720-root 154100x800000000000000030690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.610{ec2a2542-298c-6254-b0d3-4cb271550000}4722/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298c-6254-407a-481551560000}4719/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.611{ec2a2542-298c-6254-0000-000000000000}4721-root 534500x800000000000000030693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.613{ec2a2542-298c-6254-407a-481551560000}4719/usr/bin/dpkg-debroot 534500x800000000000000030692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.613{ec2a2542-298c-6254-b0d3-4cb271550000}4722/bin/tarroot 154100x800000000000000030694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.629{ec2a2542-298c-6254-404a-a26173550000}4723/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/112-qemu-system-s390x_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 354300x800000000000000030695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.751{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54750-false10.0.1.12-8000- 534500x800000000000000030696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.841{ec2a2542-298c-6254-0000-000000000000}4724-root 534500x800000000000000030698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.852{ec2a2542-298c-6254-404a-a26173550000}4723/usr/bin/dpkg-debroot 534500x800000000000000030697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.852{ec2a2542-298c-6254-0000-000000000000}4725-root 154100x800000000000000030699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.908{ec2a2542-298c-6254-7053-183cad550000}4726/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.909{ec2a2542-298c-6254-7053-183cad550000}4726/bin/rmroot 23542300x800000000000000030700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.909{ec2a2542-298c-6254-7053-183cad550000}4726root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.910{ec2a2542-298c-6254-d88f-17aada550000}4727/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/113-qemu-system-misc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.911{ec2a2542-298c-6254-40da-3d750d560000}4728/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/113-qemu-system-misc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.911{ec2a2542-298c-6254-d88f-17aada550000}4727/usr/bin/dpkg-splitroot 154100x800000000000000030706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.913{ec2a2542-298c-6254-b0e3-511f2a560000}4731/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298c-6254-40da-3d750d560000}4728/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.913{ec2a2542-298c-6254-0000-000000000000}4729-root 534500x800000000000000030707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.914{ec2a2542-298c-6254-0000-000000000000}4730-root 534500x800000000000000030709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.916{ec2a2542-298c-6254-40da-3d750d560000}4728/usr/bin/dpkg-debroot 534500x800000000000000030708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.916{ec2a2542-298c-6254-b0e3-511f2a560000}4731/bin/tarroot 154100x800000000000000030710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:48.933{ec2a2542-298c-6254-407a-deaa95550000}4732/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/113-qemu-system-misc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.578{ec2a2542-298c-6254-0000-000000000000}4733-root 534500x800000000000000030713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.592{ec2a2542-298c-6254-407a-deaa95550000}4732/usr/bin/dpkg-debroot 534500x800000000000000030712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.592{00000000-0000-0000-0000-000000000000}4734<unknown process>root 154100x800000000000000030714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.640{ec2a2542-298e-6254-70e3-5164c2550000}4735/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000030715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.641{ec2a2542-298e-6254-70e3-5164c2550000}4735root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.642{ec2a2542-298e-6254-d84f-913478550000}4736/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/114-qemu-system_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.642{ec2a2542-298e-6254-70e3-5164c2550000}4735/bin/rmroot 534500x800000000000000030718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.643{ec2a2542-298e-6254-d84f-913478550000}4736/usr/bin/dpkg-splitroot 154100x800000000000000030719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.644{ec2a2542-298e-6254-400a-8d0d6e550000}4737/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/114-qemu-system_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.647{ec2a2542-298e-6254-b023-7a238f550000}4740/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298e-6254-400a-8d0d6e550000}4737/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.647{ec2a2542-298e-6254-0000-000000000000}4738-root 534500x800000000000000030722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.649{ec2a2542-298e-6254-0000-000000000000}4739-root 534500x800000000000000030724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.650{ec2a2542-298e-6254-400a-8d0d6e550000}4737/usr/bin/dpkg-debroot 534500x800000000000000030723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.650{ec2a2542-298e-6254-b023-7a238f550000}4740/bin/tarroot 154100x800000000000000030725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.666{ec2a2542-298e-6254-40fa-c679bd550000}4741/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/114-qemu-system_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.668{ec2a2542-298e-6254-0000-000000000000}4742-root 534500x800000000000000030728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.670{ec2a2542-298e-6254-40fa-c679bd550000}4741/usr/bin/dpkg-debroot 534500x800000000000000030727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.670{00000000-0000-0000-0000-000000000000}4743<unknown process>root 154100x800000000000000030729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.689{ec2a2542-298e-6254-7083-594c0f560000}4744/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.691{ec2a2542-298e-6254-d88f-ea00ec550000}4745/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/115-qemu-user_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.691{ec2a2542-298e-6254-7083-594c0f560000}4744/bin/rmroot 23542300x800000000000000030730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.691{ec2a2542-298e-6254-7083-594c0f560000}4744root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.693{ec2a2542-298e-6254-402a-275e6d550000}4746/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/115-qemu-user_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.693{ec2a2542-298e-6254-d88f-ea00ec550000}4745/usr/bin/dpkg-splitroot 154100x800000000000000030736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.695{ec2a2542-298e-6254-b043-0e48b5550000}4749/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298e-6254-402a-275e6d550000}4746/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.695{ec2a2542-298e-6254-0000-000000000000}4747-root 534500x800000000000000030737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.696{ec2a2542-298e-6254-0000-000000000000}4748-root 534500x800000000000000030739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.697{ec2a2542-298e-6254-402a-275e6d550000}4746/usr/bin/dpkg-debroot 534500x800000000000000030738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.697{ec2a2542-298e-6254-b043-0e48b5550000}4749/bin/tarroot 154100x800000000000000030740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:50.714{ec2a2542-298e-6254-406a-fb6136560000}4750/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/115-qemu-user_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.586{ec2a2542-298e-6254-0000-000000000000}4751-root 534500x800000000000000030743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.595{ec2a2542-298e-6254-406a-fb6136560000}4750/usr/bin/dpkg-debroot 534500x800000000000000030742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.595{ec2a2542-298e-6254-0000-000000000000}4752-root 154100x800000000000000030744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.653{ec2a2542-298f-6254-70c3-6210cd550000}4753/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.655{ec2a2542-298f-6254-d89f-cd09b7550000}4754/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/116-qemu-utils_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.655{ec2a2542-298f-6254-70c3-6210cd550000}4753/bin/rmroot 23542300x800000000000000030745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.655{ec2a2542-298f-6254-70c3-6210cd550000}4753root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.657{ec2a2542-298f-6254-40da-1c53b8550000}4755/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/116-qemu-utils_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.657{ec2a2542-298f-6254-d89f-cd09b7550000}4754/usr/bin/dpkg-splitroot 154100x800000000000000030751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.659{ec2a2542-298f-6254-b0d3-a9ed50560000}4758/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298f-6254-40da-1c53b8550000}4755/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.659{ec2a2542-298f-6254-0000-000000000000}4756-root 534500x800000000000000030752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.660{ec2a2542-298f-6254-0000-000000000000}4757-root 534500x800000000000000030754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.661{ec2a2542-298f-6254-40da-1c53b8550000}4755/usr/bin/dpkg-debroot 534500x800000000000000030753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.661{ec2a2542-298f-6254-b0d3-a9ed50560000}4758/bin/tarroot 154100x800000000000000030755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.677{ec2a2542-298f-6254-407a-070c20560000}4759/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/116-qemu-utils_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.781{ec2a2542-298f-6254-0000-000000000000}4760-root 534500x800000000000000030757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.791{00000000-0000-0000-0000-000000000000}4761<unknown process>root 534500x800000000000000030758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.792{ec2a2542-298f-6254-407a-070c20560000}4759/usr/bin/dpkg-debroot 154100x800000000000000030759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.840{ec2a2542-298f-6254-7033-fb05f2550000}4762/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.841{ec2a2542-298f-6254-7033-fb05f2550000}4762/bin/rmroot 23542300x800000000000000030760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.841{ec2a2542-298f-6254-7033-fb05f2550000}4762root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.842{ec2a2542-298f-6254-d8ff-7d9b82550000}4763/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/117-qemu_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.844{ec2a2542-298f-6254-401a-e0769b550000}4764/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/117-qemu_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.844{ec2a2542-298f-6254-d8ff-7d9b82550000}4763/usr/bin/dpkg-splitroot 154100x800000000000000030766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.846{ec2a2542-298f-6254-b093-d33b7a550000}4767/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298f-6254-401a-e0769b550000}4764/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.846{ec2a2542-298f-6254-0000-000000000000}4765-root 534500x800000000000000030768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.851{ec2a2542-298f-6254-b093-d33b7a550000}4767/bin/tarroot 534500x800000000000000030767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.851{ec2a2542-298f-6254-0000-000000000000}4766-root 534500x800000000000000030769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.852{ec2a2542-298f-6254-401a-e0769b550000}4764/usr/bin/dpkg-debroot 154100x800000000000000030770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.867{ec2a2542-298f-6254-40ca-28a161550000}4768/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/117-qemu_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.884{ec2a2542-298f-6254-0000-000000000000}4769-root 534500x800000000000000030773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.888{ec2a2542-298f-6254-40ca-28a161550000}4768/usr/bin/dpkg-debroot 534500x800000000000000030772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.888{ec2a2542-298f-6254-0000-000000000000}4770-root 154100x800000000000000030774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.908{ec2a2542-298f-6254-7033-81eabf550000}4771/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.910{ec2a2542-298f-6254-d83f-44ff08560000}4772/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/118-qemu-user-static_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.910{ec2a2542-298f-6254-7033-81eabf550000}4771/bin/rmroot 23542300x800000000000000030775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.910{ec2a2542-298f-6254-7033-81eabf550000}4771root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000030778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.911{ec2a2542-298f-6254-d83f-44ff08560000}4772/usr/bin/dpkg-splitroot 154100x800000000000000030779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.912{ec2a2542-298f-6254-40da-5049f3550000}4773/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/118-qemu-user-static_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.913{ec2a2542-298f-6254-b0c3-a826d1550000}4776/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-298f-6254-40da-5049f3550000}4773/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.915{ec2a2542-298f-6254-0000-000000000000}4774-root 534500x800000000000000030781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.915{ec2a2542-298f-6254-0000-000000000000}4775-root 534500x800000000000000030784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.917{ec2a2542-298f-6254-40da-5049f3550000}4773/usr/bin/dpkg-debroot 534500x800000000000000030783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.917{ec2a2542-298f-6254-b0c3-a826d1550000}4776/bin/tarroot 154100x800000000000000030785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:51.937{ec2a2542-298f-6254-40ea-c2e256550000}4777/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/118-qemu-user-static_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.331{ec2a2542-298f-6254-0000-000000000000}4778-root 534500x800000000000000030787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.343{ec2a2542-298f-6254-0000-000000000000}4779-root 534500x800000000000000030788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.344{ec2a2542-298f-6254-40ea-c2e256550000}4777/usr/bin/dpkg-debroot 154100x800000000000000030789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.398{ec2a2542-2991-6254-70e3-88166e550000}4780/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000030792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.399{ec2a2542-2991-6254-d83f-0372ef550000}4781/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-7NsVNE/119-sharutils_1%3a4.15.2-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.399{ec2a2542-2991-6254-70e3-88166e550000}4780/bin/rmroot 23542300x800000000000000030790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.399{ec2a2542-2991-6254-70e3-88166e550000}4780root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000030794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.401{ec2a2542-2991-6254-40da-95c6ba550000}4782/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-7NsVNE/119-sharutils_1%3a4.15.2-3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.401{ec2a2542-2991-6254-d83f-0372ef550000}4781/usr/bin/dpkg-splitroot 154100x800000000000000030797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.403{ec2a2542-2991-6254-b033-f65d22560000}4785/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-40da-95c6ba550000}4782/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000030795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.403{ec2a2542-2991-6254-0000-000000000000}4783-root 534500x800000000000000030796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.404{ec2a2542-2991-6254-0000-000000000000}4784-root 534500x800000000000000030799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.407{ec2a2542-2991-6254-40da-95c6ba550000}4782/usr/bin/dpkg-debroot 534500x800000000000000030798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.407{ec2a2542-2991-6254-b033-f65d22560000}4785/bin/tarroot 154100x800000000000000030800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.422{ec2a2542-2991-6254-40ca-fe21b3550000}4786/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-7NsVNE/119-sharutils_1%3a4.15.2-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.434{ec2a2542-2991-6254-0000-000000000000}4787-root 534500x800000000000000030803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.443{ec2a2542-2991-6254-40ca-fe21b3550000}4786/usr/bin/dpkg-debroot 534500x800000000000000030802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.443{00000000-0000-0000-0000-000000000000}4788<unknown process>root 154100x800000000000000030804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.495{ec2a2542-2991-6254-70a3-891f99550000}4789/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000030806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.496{ec2a2542-2991-6254-70a3-891f99550000}4789/bin/rmroot 23542300x800000000000000030805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.496{ec2a2542-2991-6254-70a3-891f99550000}4789root/bin/rm/var/lib/dpkg/tmp.ci/control--- 23542300x800000000000000030807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.503{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000030841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000030840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000030839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000030838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000030837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000030836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000030835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000030834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000030833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000030832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000030831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000030830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000030829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000030828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000030827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000030826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000030825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000030824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000030823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000030822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000030821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000030820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000030819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000030818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000030817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000030816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000030815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000030814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000030813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000030812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000030811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000030810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000030809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000030808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.505{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000030896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0088--- 23542300x800000000000000030895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0087--- 23542300x800000000000000030894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0086--- 23542300x800000000000000030893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0085--- 23542300x800000000000000030892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0084--- 23542300x800000000000000030891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0083--- 23542300x800000000000000030890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0082--- 23542300x800000000000000030889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0081--- 23542300x800000000000000030888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0080--- 23542300x800000000000000030887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0079--- 23542300x800000000000000030886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0078--- 23542300x800000000000000030885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0077--- 23542300x800000000000000030884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0076--- 23542300x800000000000000030883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0075--- 23542300x800000000000000030882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0074--- 23542300x800000000000000030881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0073--- 23542300x800000000000000030880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0072--- 23542300x800000000000000030879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0071--- 23542300x800000000000000030878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0070--- 23542300x800000000000000030877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0069--- 23542300x800000000000000030876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0068--- 23542300x800000000000000030875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0067--- 23542300x800000000000000030874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0066--- 23542300x800000000000000030873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0065--- 23542300x800000000000000030872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0064--- 23542300x800000000000000030871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0063--- 23542300x800000000000000030870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0062--- 23542300x800000000000000030869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0061--- 23542300x800000000000000030868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0060--- 23542300x800000000000000030867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0059--- 23542300x800000000000000030866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000030865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000030864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000030863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000030862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000030861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000030860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000030859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000030858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000030857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000030856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000030855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000030854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000030853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000030852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000030851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000030850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000030849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000030848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000030847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000030846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000030845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000030844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000030843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000030842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.506{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000030924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0116--- 23542300x800000000000000030923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0115--- 23542300x800000000000000030922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0114--- 23542300x800000000000000030921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0113--- 23542300x800000000000000030920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0112--- 23542300x800000000000000030919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0111--- 23542300x800000000000000030918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0110--- 23542300x800000000000000030917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0109--- 23542300x800000000000000030916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0108--- 23542300x800000000000000030915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0107--- 23542300x800000000000000030914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0106--- 23542300x800000000000000030913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0105--- 23542300x800000000000000030912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0104--- 23542300x800000000000000030911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0103--- 23542300x800000000000000030910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0102--- 23542300x800000000000000030909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0101--- 23542300x800000000000000030908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0100--- 23542300x800000000000000030907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0099--- 23542300x800000000000000030906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0098--- 23542300x800000000000000030905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0097--- 23542300x800000000000000030904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0096--- 23542300x800000000000000030903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0095--- 23542300x800000000000000030902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0094--- 23542300x800000000000000030901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0093--- 23542300x800000000000000030900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0092--- 23542300x800000000000000030899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0091--- 23542300x800000000000000030898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0090--- 23542300x800000000000000030897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.507{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/0089--- 23542300x800000000000000030925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.511{ec2a2542-297f-6254-7041-77738e550000}3684root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 23542300x800000000000000030930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.514{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/093-libgdk-pixbuf2.0-bin_2.36.11-2_amd64.deb--- 23542300x800000000000000030929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.514{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/002-libfontconfig1_2.12.6-0ubuntu2_amd64.deb--- 23542300x800000000000000030928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.514{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/083-gstreamer1.0-x_1.14.5-0ubuntu1~18.04.3_amd64.deb--- 23542300x800000000000000030927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.514{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/024-glib-networking-services_2.56.0-1ubuntu0.1_amd64.deb--- 534500x800000000000000030926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.514{ec2a2542-297f-6254-7041-77738e550000}3684/usr/bin/dpkgroot 23542300x800000000000000030937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/114-qemu-system_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/041-gstreamer1.0-plugins-base_1.14.5-0ubuntu1~18.04.3_amd64.deb--- 23542300x800000000000000030935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/073-gstreamer1.0-plugins-good_1.14.5-0ubuntu1~18.04.2_amd64.deb--- 23542300x800000000000000030934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/004-libjpeg-turbo8_1.5.2-0ubuntu5.18.04.4_amd64.deb--- 23542300x800000000000000030933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/092-libcacard0_1%3a2.5.0-3_amd64.deb--- 23542300x800000000000000030932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/072-libxfixes3_1%3a5.0.3-1_amd64.deb--- 23542300x800000000000000030931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.515{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/074-libthai-data_0.1.27-2_all.deb--- 23542300x800000000000000030965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/034-libxcb-shm0_1.13-2~ubuntu18.04_amd64.deb--- 23542300x800000000000000030964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/000-fonts-dejavu-core_2.37-1_all.deb--- 23542300x800000000000000030963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/042-libaa1_1.4p5-44build2_amd64.deb--- 23542300x800000000000000030962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/108-qemu-system-ppc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/039-libvorbis0a_1.3.5-4.2_amd64.deb--- 23542300x800000000000000030960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/016-binfmt-support_2.1.8-2_amd64.deb--- 23542300x800000000000000030959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/055-libgudev-1.0-0_1%3a232-2_amd64.deb--- 23542300x800000000000000030958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/006-libiscsi7_1.17.0-1.1_amd64.deb--- 23542300x800000000000000030957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/082-libxv1_2%3a1.0.11-1_amd64.deb--- 23542300x800000000000000030956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/022-libproxy1v5_0.4.15-1ubuntu0.2_amd64.deb--- 23542300x800000000000000030955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/080-libpangoft2-1.0-0_1.40.14-1ubuntu0.1_amd64.deb--- 23542300x800000000000000030954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/026-glib-networking_2.56.0-1ubuntu0.1_amd64.deb--- 23542300x800000000000000030953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/071-libxdamage1_1%3a1.1.4-3_amd64.deb--- 23542300x800000000000000030952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/098-libusbredirparser1_0.7.1-1_amd64.deb--- 23542300x800000000000000030951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/117-qemu_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/076-libthai0_0.1.27-2_amd64.deb--- 23542300x800000000000000030949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/078-libgraphite2-3_1.3.11-2_amd64.deb--- 23542300x800000000000000030948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/084-ibverbs-providers_17.1-1ubuntu0.2_amd64.deb--- 23542300x800000000000000030947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/060-libmpg123-0_1.25.10-1_amd64.deb--- 23542300x800000000000000030946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/097-libspice-server1_0.14.0-1ubuntu2.5_amd64.deb--- 23542300x800000000000000030945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/091-libbluetooth3_5.48-0ubuntu3.8_amd64.deb--- 23542300x800000000000000030944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/063-libsoup2.4-1_2.62.1-1ubuntu0.4_amd64.deb--- 23542300x800000000000000030943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/057-libsamplerate0_0.1.9-1_amd64.deb--- 23542300x800000000000000030942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/020-dconf-service_0.26.0-2ubuntu3_amd64.deb--- 23542300x800000000000000030941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/048-libflac8_1.3.2-1_amd64.deb--- 23542300x800000000000000030940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/021-dconf-gsettings-backend_0.26.0-2ubuntu3_amd64.deb--- 23542300x800000000000000030939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/096-libsdl1.2debian_1.2.15+dfsg2-0.1ubuntu0.1_amd64.deb--- 23542300x800000000000000030938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.516{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/111-qemu-system-x86_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/011-libnss3_2%3a3.35-2ubuntu2.13_amd64.deb--- 23542300x800000000000000031016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/025-gsettings-desktop-schemas_3.28.0-1ubuntu1_all.deb--- 23542300x800000000000000031015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/036-libcairo2_1.15.10-2ubuntu0.1_amd64.deb--- 23542300x800000000000000031014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/119-sharutils_1%3a4.15.2-3_amd64.deb--- 23542300x800000000000000031013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/088-libasound2-data_1.1.3-5ubuntu0.6_all.deb--- 23542300x800000000000000031012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/086-ipxe-qemu-256k-compat-efi-roms_1.0.0+git-20150424.a25a16d-0ubuntu2_all.deb--- 23542300x800000000000000031011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/010-libnspr4_2%3a4.18-1ubuntu1_amd64.deb--- 23542300x800000000000000031010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/099-libxenstore3.0_4.9.2-0ubuntu1_amd64.deb--- 23542300x800000000000000031009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/109-qemu-system-sparc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/075-libdatrie1_0.2.10-7_amd64.deb--- 23542300x800000000000000031007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/103-libfdt1_1.4.5-3_amd64.deb--- 23542300x800000000000000031006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/028-libgstreamer1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb--- 23542300x800000000000000031005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/087-libaio1_0.3.110-5ubuntu0.1_amd64.deb--- 23542300x800000000000000031004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/077-libpango-1.0-0_1.40.14-1ubuntu0.1_amd64.deb--- 23542300x800000000000000031003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/066-libtwolame0_0.3.13-3_amd64.deb--- 23542300x800000000000000031002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/107-qemu-slof_20170724+dfsg-1ubuntu1_all.deb--- 23542300x800000000000000031001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/104-librdmacm1_17.1-1ubuntu0.2_amd64.deb--- 23542300x800000000000000031000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/116-qemu-utils_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/090-libasyncns0_0.8-6_amd64.deb--- 23542300x800000000000000030998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/009-libibverbs1_17.1-1ubuntu0.2_amd64.deb--- 23542300x800000000000000030997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/001-fontconfig-config_2.12.6-0ubuntu2_all.deb--- 23542300x800000000000000030996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/052-libgdk-pixbuf2.0-common_2.36.11-2_all.deb--- 23542300x800000000000000030995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/040-libvorbisenc2_1.3.5-4.2_amd64.deb--- 23542300x800000000000000030994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/051-libtiff5_4.0.9-5ubuntu0.4_amd64.deb--- 23542300x800000000000000030993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/012-librados2_12.2.13-0ubuntu0.18.04.10_amd64.deb--- 23542300x800000000000000030992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/029-liborc-0.4-0_1%3a0.4.28-1_amd64.deb--- 23542300x800000000000000030991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/031-libopus0_1.1.2-1ubuntu1_amd64.deb--- 23542300x800000000000000030990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/019-libdconf1_0.26.0-2ubuntu3_amd64.deb--- 23542300x800000000000000030989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/113-qemu-system-misc_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/110-seabios_1.10.2-1ubuntu1_all.deb--- 23542300x800000000000000030987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/067-libv4lconvert0_1.14.2-1_amd64.deb--- 23542300x800000000000000030986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/081-libpangocairo-1.0-0_1.40.14-1ubuntu0.1_amd64.deb--- 23542300x800000000000000030985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/118-qemu-user-static_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/013-librbd1_12.2.13-0ubuntu0.18.04.10_amd64.deb--- 23542300x800000000000000030983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/085-ipxe-qemu_1.0.0+git-20180124.fbe8c52d-0ubuntu2.2_all.deb--- 23542300x800000000000000030982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/105-qemu-system-arm_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000030981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/100-libyajl2_2.1.0-2build1_amd64.deb--- 23542300x800000000000000030980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/050-libjbig0_2.1-3.1build1_amd64.deb--- 23542300x800000000000000030979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/095-libpulse0_1%3a11.1-1ubuntu7.11_amd64.deb--- 23542300x800000000000000030978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/035-libxrender1_1%3a0.9.10-1_amd64.deb--- 23542300x800000000000000030977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/018-cpu-checker_0.7-0ubuntu7_amd64.deb--- 23542300x800000000000000030976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/062-libshout3_2.4.1-2build1_amd64.deb--- 23542300x800000000000000030975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/005-libogg0_1.3.2-1_amd64.deb--- 23542300x800000000000000030974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/043-libraw1394-11_2.1.2-1_amd64.deb--- 23542300x800000000000000030973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/046-libcairo-gobject2_1.15.10-2ubuntu0.1_amd64.deb--- 23542300x800000000000000030972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/059-libmp3lame0_3.100-2_amd64.deb--- 23542300x800000000000000030971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/061-libspeex1_1.2~rc1.2-1ubuntu2.1_amd64.deb--- 23542300x800000000000000030970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/008-libnl-route-3-200_3.2.29-0ubuntu3_amd64.deb--- 23542300x800000000000000030969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/032-libpixman-1-0_0.34.0-2_amd64.deb--- 23542300x800000000000000030968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/017-msr-tools_1.3-2build1_amd64.deb--- 23542300x800000000000000030967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/038-libvisual-0.4-0_0.4.0-11_amd64.deb--- 23542300x800000000000000030966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.517{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/064-libtag1v5-vanilla_1.11.1+dfsg.1-0.2build2_amd64.deb--- 23542300x800000000000000031046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/007-libnl-3-200_3.2.29-0ubuntu3_amd64.deb--- 23542300x800000000000000031045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/033-libxcb-render0_1.13-2~ubuntu18.04_amd64.deb--- 23542300x800000000000000031044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/037-libtheora0_1.1.1+dfsg.1-14_amd64.deb--- 23542300x800000000000000031043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/015-qemu-system-common_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/027-libcdparanoia0_3.10.2+debian-13_amd64.deb--- 23542300x800000000000000031041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/049-libjpeg8_8c-2ubuntu8_amd64.deb--- 23542300x800000000000000031040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/112-qemu-system-s390x_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/047-libdv4_1.0.0-11_amd64.deb--- 23542300x800000000000000031038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/023-glib-networking-common_2.56.0-1ubuntu0.1_all.deb--- 23542300x800000000000000031037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/069-libvpx5_1.7.0-3ubuntu0.18.04.1_amd64.deb--- 23542300x800000000000000031036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/053-libgdk-pixbuf2.0-0_2.36.11-2_amd64.deb--- 23542300x800000000000000031035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/056-libiec61883-0_1.2.0-2_amd64.deb--- 23542300x800000000000000031034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/003-fontconfig_2.12.6-0ubuntu2_amd64.deb--- 23542300x800000000000000031033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/094-libsndfile1_1.0.28-4ubuntu0.18.04.2_amd64.deb--- 23542300x800000000000000031032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/101-libxen-4.9_4.9.2-0ubuntu1_amd64.deb--- 23542300x800000000000000031031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/102-libbrlapi0.6_5.5-4ubuntu2.0.1_amd64.deb--- 23542300x800000000000000031030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/070-libwavpack1_5.1.0-2ubuntu1.5_amd64.deb--- 23542300x800000000000000031029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/044-libavc1394-0_0.5.4-4build1_amd64.deb--- 23542300x800000000000000031028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/065-libtag1v5_1.11.1+dfsg.1-0.2build2_amd64.deb--- 23542300x800000000000000031027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/089-libasound2_1.1.3-5ubuntu0.6_amd64.deb--- 23542300x800000000000000031026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/068-libv4l-0_1.14.2-1_amd64.deb--- 23542300x800000000000000031025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/054-libgstreamer-plugins-good1.0-0_1.14.5-0ubuntu1~18.04.2_amd64.deb--- 23542300x800000000000000031024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/014-qemu-block-extra_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/115-qemu-user_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/045-libcaca0_0.99.beta19-2ubuntu0.18.04.3_amd64.deb--- 23542300x800000000000000031021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/106-qemu-system-mips_1%3a2.11+dfsg-1ubuntu7.39_amd64.deb--- 23542300x800000000000000031020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/079-libharfbuzz0b_1.7.2-1ubuntu1_amd64.deb--- 23542300x800000000000000031019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/030-libgstreamer-plugins-base1.0-0_1.14.5-0ubuntu1~18.04.3_amd64.deb--- 23542300x800000000000000031018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.518{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/apt-dpkg-install-7NsVNE/058-libjack-jackd2-0_1.9.12~dfsg-2_amd64.deb--- 154100x800000000000000031047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.519{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --configure --pending/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000031048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.568{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash-----/bin/sh /var/lib/dpkg/info/binfmt-support.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.569{ec2a2542-2991-6254-685f-ac3a65550000}4792/usr/sbin/update-binfmts-----update-binfmts --import/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 154100x800000000000000031050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.572{ec2a2542-2991-6254-a862-627e07560000}4793/bin/mount-----/bin/mount binfmt_misc /proc/sys/fs/binfmt_misc -t binfmt_misc/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-0ff1-6254-58a9-8a1e10560000}1/lib/systemd/systemd/sbin/initroot 534500x800000000000000031051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.577{00000000-0000-0000-0000-000000000000}4794<unknown process>root 534500x800000000000000031053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.578{ec2a2542-2991-6254-a862-627e07560000}4793/bin/mountroot 23542300x800000000000000031052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.578{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452root/lib/systemd/systemd-journald/run/systemd/journal/streams/9:36691--- 154100x800000000000000031055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.580{ec2a2542-2991-6254-70b1-e51163550000}4795/usr/bin/dpkg-----dpkg --compare-versions lt 2.0.0/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.580{ec2a2542-2991-6254-685f-ac3a65550000}4792/usr/sbin/update-binfmtsroot 154100x800000000000000031057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.583{ec2a2542-2991-6254-7083-6e0ca3550000}4802/bin/rm-----rm -rf /var/cache/binfmts/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.583{ec2a2542-2991-6254-70b1-e51163550000}4795/usr/bin/dpkgroot 534500x800000000000000031058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.584{ec2a2542-2991-6254-7083-6e0ca3550000}4802/bin/rmroot 154100x800000000000000031060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.586{ec2a2542-2991-6254-98d7-961c85550000}4806/usr/bin/perl-----perl /usr/bin/deb-systemd-helper unmask binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 154100x800000000000000031059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.586{ec2a2542-2991-6254-787c-4a58de550000}4806/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-helper unmask binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 23542300x800000000000000031061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.587{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000031069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4801<unknown process>root 534500x800000000000000031068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4804<unknown process>root 534500x800000000000000031067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4797<unknown process>root 534500x800000000000000031066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4796<unknown process>root 534500x800000000000000031065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4803<unknown process>root 534500x800000000000000031064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4798<unknown process>root 534500x800000000000000031063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4805<unknown process>root 534500x800000000000000031062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.588{00000000-0000-0000-0000-000000000000}4800<unknown process>root 534500x800000000000000031070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.590{ec2a2542-2991-6254-0000-000000000000}4799-root 154100x800000000000000031073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.639{ec2a2542-2991-6254-98b7-58ad7e550000}4807/usr/bin/perl-----perl /usr/bin/deb-systemd-helper --quiet was-enabled binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 154100x800000000000000031072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.639{ec2a2542-2991-6254-789c-89919a550000}4807/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-helper --quiet was-enabled binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.639{ec2a2542-2991-6254-787c-4a58de550000}4806/usr/bin/envroot 154100x800000000000000031076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.684{ec2a2542-2991-6254-9877-680b67550000}4808/usr/bin/perl-----perl /usr/bin/deb-systemd-helper enable binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 154100x800000000000000031075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.684{ec2a2542-2991-6254-784c-74f51d560000}4808/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-helper enable binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.684{ec2a2542-2991-6254-789c-89919a550000}4807/usr/bin/envroot 154100x800000000000000031077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.723{ec2a2542-2991-6254-d03c-1efc91550000}4809/bin/systemctl-----/bin/systemctl --preset-mode=enable-only preset binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-784c-74f51d560000}4808/usr/bin/env/usr/bin/envroot 23542300x800000000000000031084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000031083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000031082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/netplan.stamp--- 23542300x800000000000000031081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/-.mount--- 23542300x800000000000000031080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service--- 23542300x800000000000000031079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.requires/-.mount--- 23542300x800000000000000031078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.773{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/getty.target.wants/serial-getty@ttyS0.service--- 23542300x800000000000000031096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunkd.service--- 23542300x800000000000000031095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/grub-common.service--- 23542300x800000000000000031094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/grub-common.service--- 23542300x800000000000000031093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/splunk.service--- 23542300x800000000000000031092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/apport.service--- 23542300x800000000000000031091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/grub-common.service--- 23542300x800000000000000031090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/splunk.service--- 23542300x800000000000000031089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/apport.service--- 23542300x800000000000000031088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunk.service--- 23542300x800000000000000031087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/apport.service--- 23542300x800000000000000031086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/hibagent.service--- 23542300x800000000000000031085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.774{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.early/multi-user.target.wants/cloud-init.target--- 154100x800000000000000031097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.775{ec2a2542-2991-6254-38c3-b379ae550000}4811/usr/lib/systemd/system-environment-generators/snapd-env-generator-----/usr/lib/systemd/system-environment-generators/snapd-env-generator/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4810--- 534500x800000000000000031098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.776{ec2a2542-2991-6254-38c3-b379ae550000}4811/usr/lib/systemd/system-environment-generators/snapd-env-generatorroot 534500x800000000000000031099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.777{ec2a2542-2991-6254-0000-000000000000}4810-root 154100x800000000000000031101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.778{ec2a2542-2991-6254-68e2-09d5ef550000}4814/bin/dash-----/bin/sh /lib/systemd/system-generators/friendly-recovery /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.778{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dash-----/bin/sh /lib/systemd/system-generators/cloud-init-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.779{ec2a2542-2991-6254-b85e-700fcc550000}4819/lib/systemd/system-generators/systemd-cryptsetup-generator-----/lib/systemd/system-generators/systemd-cryptsetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.779{ec2a2542-2991-6254-30cc-00d65a550000}4815/lib/systemd/system-generators/lvm2-activation-generator-----/lib/systemd/system-generators/lvm2-activation-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.779{ec2a2542-2991-6254-c075-e4dbde550000}4817/lib/systemd/system-generators/snapd-generator-----/lib/systemd/system-generators/snapd-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.779{ec2a2542-2991-6254-d0c9-6a4381550000}4818/bin/cat-----cat /proc/cmdline/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-68e2-09d5ef550000}4814/bin/dash/bin/shroot 154100x800000000000000031102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.779{ec2a2542-2991-6254-9807-7e455b550000}4816/lib/netplan/generate-----/lib/systemd/system-generators/netplan /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-d0de-9ed018560000}4823/lib/systemd/system-generators/systemd-getty-generator-----/lib/systemd/system-generators/systemd-getty-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-8856-663d44560000}4821/lib/systemd/system-generators/systemd-fstab-generator-----/lib/systemd/system-generators/systemd-fstab-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-689c-993aab550000}4820/lib/systemd/system-generators/systemd-debug-generator-----/lib/systemd/system-generators/systemd-debug-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 534500x800000000000000031109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-c075-e4dbde550000}4817/lib/systemd/system-generators/snapd-generatorroot 154100x800000000000000031108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-78d6-379615560000}4822/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dash/bin/shroot 534500x800000000000000031107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-68e2-09d5ef550000}4814/bin/dashroot 534500x800000000000000031106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.780{ec2a2542-2991-6254-d0c9-6a4381550000}4818/bin/catroot 154100x800000000000000031135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.781{ec2a2542-2991-6254-a0b2-dede07560000}4826/lib/systemd/system-generators/systemd-rc-local-generator-----/lib/systemd/system-generators/systemd-rc-local-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.781{ec2a2542-2991-6254-f0fb-1afba7550000}4824/lib/systemd/system-generators/systemd-gpt-auto-generator-----/lib/systemd/system-generators/systemd-gpt-auto-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.781{ec2a2542-2991-6254-88d4-66c702560000}4825/lib/systemd/system-generators/systemd-hibernate-resume-generator-----/lib/systemd/system-generators/systemd-hibernate-resume-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-8064-5d7e4f560000}4829/lib/systemd/system-generators/systemd-veritysetup-generator-----/lib/systemd/system-generators/systemd-veritysetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-20e5-c1ff16560000}4827/lib/systemd/system-generators/systemd-system-update-generator-----/lib/systemd/system-generators/systemd-system-update-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 154100x800000000000000031117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-d8dc-8b3df1550000}4828/lib/systemd/system-generators/systemd-sysv-generator-----/lib/systemd/system-generators/systemd-sysv-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4812--- 23542300x800000000000000031116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-9807-7e455b550000}4816root/lib/netplan/generate/run/NetworkManager/conf.d/netplan.conf--- 23542300x800000000000000031115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-9807-7e455b550000}4816root/lib/netplan/generate//run/udev/rules.d/99-netplan-ens5.rules--- 23542300x800000000000000031114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-9807-7e455b550000}4816root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.network--- 23542300x800000000000000031113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.782{ec2a2542-2991-6254-9807-7e455b550000}4816root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.link--- 154100x800000000000000031121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.783{ec2a2542-2991-6254-3833-20880a560000}4830/bin/udevadm-----/sbin/udevadm control --reload/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-9807-7e455b550000}4816/lib/netplan/generate/lib/systemd/system-generators/netplanroot 534500x800000000000000031120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.783{ec2a2542-2991-6254-30cc-00d65a550000}4815/lib/systemd/system-generators/lvm2-activation-generatorroot 534500x800000000000000031119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.784{ec2a2542-2991-6254-689c-993aab550000}4820/lib/systemd/system-generators/systemd-debug-generatorroot 534500x800000000000000031118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.784{ec2a2542-2991-6254-78d6-379615560000}4822/usr/bin/systemd-detect-virtroot 534500x800000000000000031126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.785{ec2a2542-2991-6254-b85e-700fcc550000}4819/lib/systemd/system-generators/systemd-cryptsetup-generatorroot 534500x800000000000000031124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.785{ec2a2542-2991-6254-8856-663d44560000}4821/lib/systemd/system-generators/systemd-fstab-generatorroot 534500x800000000000000031129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.786{ec2a2542-2991-6254-3833-20880a560000}4830/bin/udevadmroot 534500x800000000000000031130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.787{ec2a2542-2991-6254-9807-7e455b550000}4816/lib/netplan/generateroot 534500x800000000000000031134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.788{ec2a2542-2991-6254-d0de-9ed018560000}4823/lib/systemd/system-generators/systemd-getty-generatorroot 534500x800000000000000031133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.788{ec2a2542-2991-6254-88d4-66c702560000}4825/lib/systemd/system-generators/systemd-hibernate-resume-generatorroot 154100x800000000000000031132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.788{ec2a2542-2991-6254-7856-1644d9550000}4831/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dash/bin/shroot 534500x800000000000000031131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.788{ec2a2542-2991-6254-20e5-c1ff16560000}4827/lib/systemd/system-generators/systemd-system-update-generatorroot 534500x800000000000000031138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.790{ec2a2542-2991-6254-7856-1644d9550000}4831/usr/bin/systemd-detect-virtroot 534500x800000000000000031137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.790{ec2a2542-2991-6254-8064-5d7e4f560000}4829/lib/systemd/system-generators/systemd-veritysetup-generatorroot 924900x800000000000000031136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.790{ec2a2542-2991-6254-f0fb-1afba7550000}4824/lib/systemd/system-generators/systemd-gpt-auto-generator/dev/nvme0n1root 154100x800000000000000031141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.791{ec2a2542-2991-6254-6862-e01734560000}4832/bin/dash-----/bin/sh /usr/lib/cloud-init/ds-identify/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dash/bin/shroot 534500x800000000000000031140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.791{ec2a2542-2991-6254-f0fb-1afba7550000}4824/lib/systemd/system-generators/systemd-gpt-auto-generatorroot 534500x800000000000000031139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.791{ec2a2542-2991-6254-a0b2-dede07560000}4826/lib/systemd/system-generators/systemd-rc-local-generatorroot 154100x800000000000000031143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.793{ec2a2542-2991-6254-789f-22114f560000}4833/bin/mkdir-----mkdir -p /run/systemd/generator.early/multi-user.target.wants/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dash/bin/shroot 534500x800000000000000031142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.793{ec2a2542-2991-6254-6862-e01734560000}4832/bin/dashroot 154100x800000000000000031145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.795{ec2a2542-2991-6254-987d-b218a7550000}4834/bin/ln-----ln -snf /lib/systemd/system/cloud-init.target /run/systemd/generator.early/multi-user.target.wants/cloud-init.target/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dash/bin/shroot 534500x800000000000000031144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.795{ec2a2542-2991-6254-789f-22114f560000}4833/bin/mkdirroot 534500x800000000000000031147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.797{ec2a2542-2991-6254-6882-5f7c1e560000}4813/bin/dashroot 534500x800000000000000031146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.797{ec2a2542-2991-6254-987d-b218a7550000}4834/bin/lnroot 534500x800000000000000031149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.805{ec2a2542-2991-6254-0000-000000000000}4812-root 534500x800000000000000031148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.805{ec2a2542-2991-6254-d8dc-8b3df1550000}4828/lib/systemd/system-generators/systemd-sysv-generatorroot 534500x800000000000000031150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.901{ec2a2542-2991-6254-d03c-1efc91550000}4809/bin/systemctlroot 154100x800000000000000031152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.904{ec2a2542-2991-6254-6812-b93d05560000}4835/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init/binfmt-support.conf 2.1.8-1~ -- configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.904{ec2a2542-2991-6254-784c-74f51d560000}4808/usr/bin/envroot 154100x800000000000000031153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.905{ec2a2542-2991-6254-e8ab-63b22e560000}4836/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-b93d05560000}4835/bin/dash/bin/shroot 154100x800000000000000031155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.906{ec2a2542-2991-6254-70e1-ffd8ca550000}4837/usr/bin/dpkg-----dpkg --validate-version -- 2.1.8-1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-b93d05560000}4835/bin/dash/bin/shroot 534500x800000000000000031154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.906{ec2a2542-2991-6254-e8ab-63b22e560000}4836/usr/bin/basenameroot 154100x800000000000000031158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.908{ec2a2542-2991-6254-9857-cf8586550000}4838/usr/bin/perl-----/usr/bin/perl /usr/sbin/update-rc.d binfmt-support defaults/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.908{ec2a2542-2991-6254-6812-b93d05560000}4835/bin/dashroot 534500x800000000000000031156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.908{ec2a2542-2991-6254-70e1-ffd8ca550000}4837/usr/bin/dpkgroot 154100x800000000000000031159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.917{ec2a2542-2991-6254-d01c-65a6bf550000}4839/bin/systemctl-----systemctl daemon-reload/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-9857-cf8586550000}4838/usr/bin/perl/usr/bin/perlroot 23542300x800000000000000031178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunkd.service--- 23542300x800000000000000031177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/grub-common.service--- 23542300x800000000000000031176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/grub-common.service--- 23542300x800000000000000031175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/splunk.service--- 23542300x800000000000000031174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/apport.service--- 23542300x800000000000000031173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/grub-common.service--- 23542300x800000000000000031172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/splunk.service--- 23542300x800000000000000031171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/apport.service--- 23542300x800000000000000031170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/hibagent.service--- 23542300x800000000000000031169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunk.service--- 23542300x800000000000000031168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/apport.service--- 23542300x800000000000000031167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.early/multi-user.target.wants/cloud-init.target--- 23542300x800000000000000031166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/-.mount--- 23542300x800000000000000031165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service--- 23542300x800000000000000031164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.requires/-.mount--- 23542300x800000000000000031163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000031162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000031161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/netplan.stamp--- 23542300x800000000000000031160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.970{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/getty.target.wants/serial-getty@ttyS0.service--- 154100x800000000000000031179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.972{ec2a2542-2991-6254-38b3-a50623560000}4842/usr/lib/systemd/system-environment-generators/snapd-env-generator-----/usr/lib/systemd/system-environment-generators/snapd-env-generator/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4841--- 534500x800000000000000031181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.973{00000000-0000-0000-0000-000000000000}4841<unknown process>root 534500x800000000000000031180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.973{ec2a2542-2991-6254-38b3-a50623560000}4842/usr/lib/systemd/system-environment-generators/snapd-env-generatorroot 154100x800000000000000031182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.974{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dash-----/bin/sh /lib/systemd/system-generators/cloud-init-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.975{ec2a2542-2991-6254-c0f5-e3c14c560000}4848/lib/systemd/system-generators/snapd-generator-----/lib/systemd/system-generators/snapd-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.975{ec2a2542-2991-6254-d059-e3745e550000}4849/bin/cat-----cat /proc/cmdline/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6862-a6862f560000}4845/bin/dash/bin/shroot 154100x800000000000000031185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.975{ec2a2542-2991-6254-98c7-29a06b550000}4847/lib/netplan/generate-----/lib/systemd/system-generators/netplan /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.975{ec2a2542-2991-6254-30dc-f8d469550000}4846/lib/systemd/system-generators/lvm2-activation-generator-----/lib/systemd/system-generators/lvm2-activation-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.975{ec2a2542-2991-6254-6862-a6862f560000}4845/bin/dash-----/bin/sh /lib/systemd/system-generators/friendly-recovery /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.976{ec2a2542-2991-6254-681c-da2d88550000}4852/lib/systemd/system-generators/systemd-debug-generator-----/lib/systemd/system-generators/systemd-debug-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.976{ec2a2542-2991-6254-b8ee-ec415d550000}4851/lib/systemd/system-generators/systemd-cryptsetup-generator-----/lib/systemd/system-generators/systemd-cryptsetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 534500x800000000000000031188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.976{ec2a2542-2991-6254-d059-e3745e550000}4849/bin/catroot 154100x800000000000000031187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.976{ec2a2542-2991-6254-78a6-9627e5550000}4850/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dash/bin/shroot 154100x800000000000000031200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.977{ec2a2542-2991-6254-8826-08de18560000}4853/lib/systemd/system-generators/systemd-fstab-generator-----/lib/systemd/system-generators/systemd-fstab-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 534500x800000000000000031190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.977{ec2a2542-2991-6254-6862-a6862f560000}4845/bin/dashroot 154100x800000000000000031206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.978{ec2a2542-2991-6254-f09b-2df976550000}4855/lib/systemd/system-generators/systemd-gpt-auto-generator-----/lib/systemd/system-generators/systemd-gpt-auto-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.978{ec2a2542-2991-6254-d09e-9ee57f550000}4854/lib/systemd/system-generators/systemd-getty-generator-----/lib/systemd/system-generators/systemd-getty-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 23542300x800000000000000031195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.978{ec2a2542-2991-6254-98c7-29a06b550000}4847root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.network--- 23542300x800000000000000031194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.978{ec2a2542-2991-6254-98c7-29a06b550000}4847root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.link--- 534500x800000000000000031193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.978{ec2a2542-2991-6254-c0f5-e3c14c560000}4848/lib/systemd/system-generators/snapd-generatorroot 154100x800000000000000031208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.979{ec2a2542-2991-6254-a062-b55d4a560000}4858/lib/systemd/system-generators/systemd-rc-local-generator-----/lib/systemd/system-generators/systemd-rc-local-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.979{ec2a2542-2991-6254-38d3-3a2e90550000}4857/bin/udevadm-----/sbin/udevadm control --reload/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-98c7-29a06b550000}4847/lib/netplan/generate/lib/systemd/system-generators/netplanroot 154100x800000000000000031202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.979{ec2a2542-2991-6254-8834-20e6d2550000}4856/lib/systemd/system-generators/systemd-hibernate-resume-generator-----/lib/systemd/system-generators/systemd-hibernate-resume-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 534500x800000000000000031198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.979{ec2a2542-2991-6254-78a6-9627e5550000}4850/usr/bin/systemd-detect-virtroot 23542300x800000000000000031197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.979{ec2a2542-2991-6254-98c7-29a06b550000}4847root/lib/netplan/generate/run/NetworkManager/conf.d/netplan.conf--- 23542300x800000000000000031196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.979{ec2a2542-2991-6254-98c7-29a06b550000}4847root/lib/netplan/generate//run/udev/rules.d/99-netplan-ens5.rules--- 154100x800000000000000031211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.980{ec2a2542-2991-6254-20a5-0c72ec550000}4859/lib/systemd/system-generators/systemd-system-update-generator-----/lib/systemd/system-generators/systemd-system-update-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.980{ec2a2542-2991-6254-d87c-79641e560000}4860/lib/systemd/system-generators/systemd-sysv-generator-----/lib/systemd/system-generators/systemd-sysv-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 154100x800000000000000031205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.980{ec2a2542-2991-6254-80d4-a32de6550000}4861/lib/systemd/system-generators/systemd-veritysetup-generator-----/lib/systemd/system-generators/systemd-veritysetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4843--- 534500x800000000000000031204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.980{ec2a2542-2991-6254-681c-da2d88550000}4852/lib/systemd/system-generators/systemd-debug-generatorroot 534500x800000000000000031203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.980{ec2a2542-2991-6254-30dc-f8d469550000}4846/lib/systemd/system-generators/lvm2-activation-generatorroot 534500x800000000000000031201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.980{ec2a2542-2991-6254-b8ee-ec415d550000}4851/lib/systemd/system-generators/systemd-cryptsetup-generatorroot 154100x800000000000000031212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.982{ec2a2542-2991-6254-78d6-7138c1550000}4862/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dash/bin/shroot 534500x800000000000000031210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.982{ec2a2542-2991-6254-d09e-9ee57f550000}4854/lib/systemd/system-generators/systemd-getty-generatorroot 534500x800000000000000031213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.984{ec2a2542-2991-6254-8826-08de18560000}4853/lib/systemd/system-generators/systemd-fstab-generatorroot 534500x800000000000000031217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.985{ec2a2542-2991-6254-80d4-a32de6550000}4861/lib/systemd/system-generators/systemd-veritysetup-generatorroot 534500x800000000000000031216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.985{ec2a2542-2991-6254-98c7-29a06b550000}4847/lib/netplan/generateroot 534500x800000000000000031215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.985{ec2a2542-2991-6254-8834-20e6d2550000}4856/lib/systemd/system-generators/systemd-hibernate-resume-generatorroot 534500x800000000000000031214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.985{ec2a2542-2991-6254-38d3-3a2e90550000}4857/bin/udevadmroot 534500x800000000000000031220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.986{ec2a2542-2991-6254-78d6-7138c1550000}4862/usr/bin/systemd-detect-virtroot 534500x800000000000000031219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.986{ec2a2542-2991-6254-20a5-0c72ec550000}4859/lib/systemd/system-generators/systemd-system-update-generatorroot 924900x800000000000000031218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.986{ec2a2542-2991-6254-f09b-2df976550000}4855/lib/systemd/system-generators/systemd-gpt-auto-generator/dev/nvme0n1root 154100x800000000000000031222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.987{ec2a2542-2991-6254-68e2-e7bc75550000}4863/bin/dash-----/bin/sh /usr/lib/cloud-init/ds-identify/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dash/bin/shroot 534500x800000000000000031221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.987{ec2a2542-2991-6254-a062-b55d4a560000}4858/lib/systemd/system-generators/systemd-rc-local-generatorroot 534500x800000000000000031223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.988{ec2a2542-2991-6254-f09b-2df976550000}4855/lib/systemd/system-generators/systemd-gpt-auto-generatorroot 154100x800000000000000031225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.989{ec2a2542-2991-6254-78af-8fdc68550000}4864/bin/mkdir-----mkdir -p /run/systemd/generator.early/multi-user.target.wants/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dash/bin/shroot 534500x800000000000000031224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.989{ec2a2542-2991-6254-68e2-e7bc75550000}4863/bin/dashroot 154100x800000000000000031227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.991{ec2a2542-2991-6254-988d-df7d66550000}4865/bin/ln-----ln -snf /lib/systemd/system/cloud-init.target /run/systemd/generator.early/multi-user.target.wants/cloud-init.target/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dash/bin/shroot 534500x800000000000000031226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.991{ec2a2542-2991-6254-78af-8fdc68550000}4864/bin/mkdirroot 534500x800000000000000031229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.992{ec2a2542-2991-6254-6862-29b4cd550000}4844/bin/dashroot 534500x800000000000000031228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:53.992{ec2a2542-2991-6254-988d-df7d66550000}4865/bin/lnroot 534500x800000000000000031230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.002{ec2a2542-2991-6254-d87c-79641e560000}4860/lib/systemd/system-generators/systemd-sysv-generatorroot 534500x800000000000000031231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.003{ec2a2542-2991-6254-0000-000000000000}4843-root 534500x800000000000000031232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.091{ec2a2542-2991-6254-d01c-65a6bf550000}4839/bin/systemctlroot 154100x800000000000000031234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.092{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash-----/bin/sh /usr/sbin/invoke-rc.d binfmt-support start/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dash/bin/shroot 534500x800000000000000031233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.092{ec2a2542-2991-6254-9857-cf8586550000}4838/usr/bin/perlroot 154100x800000000000000031235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.094{ec2a2542-2992-6254-d03c-250d22560000}4867/bin/systemctl-----/sbin/runlevel/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash/bin/shroot 154100x800000000000000031237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.097{ec2a2542-2992-6254-d0cc-26153e560000}4868/bin/systemctl-----systemctl --quiet is-enabled binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash/bin/shroot 534500x800000000000000031236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.097{ec2a2542-2992-6254-d03c-250d22560000}4867/bin/systemctlroot 534500x800000000000000031238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.103{ec2a2542-2992-6254-d0cc-26153e560000}4868/bin/systemctlroot 154100x800000000000000031239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.104{ec2a2542-2992-6254-d0bc-fc20db550000}4869/bin/systemctl-----systemctl daemon-reload/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash/bin/shroot 23542300x800000000000000031258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunkd.service--- 23542300x800000000000000031257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunk.service--- 23542300x800000000000000031256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/splunk.service--- 23542300x800000000000000031255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/apport.service--- 23542300x800000000000000031254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/grub-common.service--- 23542300x800000000000000031253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/splunk.service--- 23542300x800000000000000031252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/apport.service--- 23542300x800000000000000031251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/grub-common.service--- 23542300x800000000000000031250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/apport.service--- 23542300x800000000000000031249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/hibagent.service--- 23542300x800000000000000031248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/grub-common.service--- 23542300x800000000000000031247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.early/multi-user.target.wants/cloud-init.target--- 23542300x800000000000000031246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/getty.target.wants/serial-getty@ttyS0.service--- 23542300x800000000000000031245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/-.mount--- 23542300x800000000000000031244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service--- 23542300x800000000000000031243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.requires/-.mount--- 23542300x800000000000000031242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000031241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000031240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.157{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/netplan.stamp--- 154100x800000000000000031259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.159{ec2a2542-2992-6254-3863-7ba601560000}4871/usr/lib/systemd/system-environment-generators/snapd-env-generator-----/usr/lib/systemd/system-environment-generators/snapd-env-generator/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4870--- 534500x800000000000000031260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.160{ec2a2542-2992-6254-3863-7ba601560000}4871/usr/lib/systemd/system-environment-generators/snapd-env-generatorroot 534500x800000000000000031261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.162{ec2a2542-2991-6254-0000-000000000000}4870-root 154100x800000000000000031280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.163{ec2a2542-2992-6254-6872-082578550000}4874/bin/dash-----/bin/sh /lib/systemd/system-generators/friendly-recovery /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.163{ec2a2542-2992-6254-301c-e42b05560000}4875/lib/systemd/system-generators/lvm2-activation-generator-----/lib/systemd/system-generators/lvm2-activation-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.163{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dash-----/bin/sh /lib/systemd/system-generators/cloud-init-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.164{ec2a2542-2992-6254-b8ce-48810b560000}4879/lib/systemd/system-generators/systemd-cryptsetup-generator-----/lib/systemd/system-generators/systemd-cryptsetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.164{ec2a2542-2992-6254-7866-511725560000}4878/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dash/bin/shroot 154100x800000000000000031264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.164{ec2a2542-2992-6254-c075-28a244560000}4877/lib/systemd/system-generators/snapd-generator-----/lib/systemd/system-generators/snapd-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.164{ec2a2542-2992-6254-98d7-c221de550000}4876/lib/netplan/generate-----/lib/systemd/system-generators/netplan /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.165{ec2a2542-2992-6254-d0be-cfdf95550000}4882/lib/systemd/system-generators/systemd-getty-generator-----/lib/systemd/system-generators/systemd-getty-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.165{ec2a2542-2992-6254-682c-30fced550000}4880/lib/systemd/system-generators/systemd-debug-generator-----/lib/systemd/system-generators/systemd-debug-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.165{ec2a2542-2992-6254-88c6-8559dc550000}4881/lib/systemd/system-generators/systemd-fstab-generator-----/lib/systemd/system-generators/systemd-fstab-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.166{ec2a2542-2992-6254-a0d2-bb94c4550000}4885/lib/systemd/system-generators/systemd-rc-local-generator-----/lib/systemd/system-generators/systemd-rc-local-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.166{ec2a2542-2992-6254-88b4-9d28c4550000}4884/lib/systemd/system-generators/systemd-hibernate-resume-generator-----/lib/systemd/system-generators/systemd-hibernate-resume-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.166{ec2a2542-2992-6254-f07b-618482550000}4883/lib/systemd/system-generators/systemd-gpt-auto-generator-----/lib/systemd/system-generators/systemd-gpt-auto-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 534500x800000000000000031266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.166{ec2a2542-2992-6254-c075-28a244560000}4877/lib/systemd/system-generators/snapd-generatorroot 154100x800000000000000031294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.167{ec2a2542-2992-6254-d8cc-452a43560000}4887/lib/systemd/system-generators/systemd-sysv-generator-----/lib/systemd/system-generators/systemd-sysv-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 154100x800000000000000031287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.167{ec2a2542-2992-6254-2025-e2b2b3550000}4886/lib/systemd/system-generators/systemd-system-update-generator-----/lib/systemd/system-generators/systemd-system-update-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 23542300x800000000000000031268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.167{ec2a2542-2992-6254-98d7-c221de550000}4876root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.link--- 534500x800000000000000031273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.168{ec2a2542-2992-6254-7866-511725560000}4878/usr/bin/systemd-detect-virtroot 154100x800000000000000031272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.168{ec2a2542-2992-6254-8004-3f5340560000}4888/lib/systemd/system-generators/systemd-veritysetup-generator-----/lib/systemd/system-generators/systemd-veritysetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4872--- 23542300x800000000000000031271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.168{ec2a2542-2992-6254-98d7-c221de550000}4876root/lib/netplan/generate//run/udev/rules.d/99-netplan-ens5.rules--- 23542300x800000000000000031270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.168{ec2a2542-2992-6254-98d7-c221de550000}4876root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.network--- 154100x800000000000000031295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.169{ec2a2542-2992-6254-38a3-66f230560000}4890/bin/udevadm-----/sbin/udevadm control --reload/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-98d7-c221de550000}4876/lib/netplan/generate/lib/systemd/system-generators/netplanroot 154100x800000000000000031285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.169{ec2a2542-2992-6254-78a6-cb3a96550000}4889/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dash/bin/shroot 23542300x800000000000000031275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.169{ec2a2542-2992-6254-98d7-c221de550000}4876root/lib/netplan/generate/run/NetworkManager/conf.d/netplan.conf--- 154100x800000000000000031282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.172{ec2a2542-2992-6254-d0a9-a27f31560000}4891/bin/cat-----cat /proc/cmdline/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-6872-082578550000}4874/bin/dash/bin/shroot 534500x800000000000000031281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.172{ec2a2542-2992-6254-8004-3f5340560000}4888/lib/systemd/system-generators/systemd-veritysetup-generatorroot 534500x800000000000000031279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.172{ec2a2542-2992-6254-88c6-8559dc550000}4881/lib/systemd/system-generators/systemd-fstab-generatorroot 924900x800000000000000031286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.173{ec2a2542-2992-6254-f07b-618482550000}4883/lib/systemd/system-generators/systemd-gpt-auto-generator/dev/nvme0n1root 534500x800000000000000031284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.173{ec2a2542-2992-6254-d0be-cfdf95550000}4882/lib/systemd/system-generators/systemd-getty-generatorroot 534500x800000000000000031291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.174{ec2a2542-2992-6254-682c-30fced550000}4880/lib/systemd/system-generators/systemd-debug-generatorroot 534500x800000000000000031290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.174{ec2a2542-2992-6254-6872-082578550000}4874/bin/dashroot 534500x800000000000000031289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.174{ec2a2542-2992-6254-88b4-9d28c4550000}4884/lib/systemd/system-generators/systemd-hibernate-resume-generatorroot 534500x800000000000000031288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.174{ec2a2542-2992-6254-d0a9-a27f31560000}4891/bin/catroot 534500x800000000000000031293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.175{ec2a2542-2992-6254-f07b-618482550000}4883/lib/systemd/system-generators/systemd-gpt-auto-generatorroot 534500x800000000000000031297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.176{ec2a2542-2992-6254-b8ce-48810b560000}4879/lib/systemd/system-generators/systemd-cryptsetup-generatorroot 534500x800000000000000031296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.176{ec2a2542-2992-6254-78a6-cb3a96550000}4889/usr/bin/systemd-detect-virtroot 534500x800000000000000031300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.177{ec2a2542-2992-6254-38a3-66f230560000}4890/bin/udevadmroot 534500x800000000000000031299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.177{ec2a2542-2992-6254-2025-e2b2b3550000}4886/lib/systemd/system-generators/systemd-system-update-generatorroot 154100x800000000000000031298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.177{ec2a2542-2992-6254-68a2-56d72b560000}4892/bin/dash-----/bin/sh /usr/lib/cloud-init/ds-identify/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dash/bin/shroot 534500x800000000000000031302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.178{ec2a2542-2992-6254-98d7-c221de550000}4876/lib/netplan/generateroot 534500x800000000000000031301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.178{ec2a2542-2992-6254-a0d2-bb94c4550000}4885/lib/systemd/system-generators/systemd-rc-local-generatorroot 154100x800000000000000031305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.179{ec2a2542-2992-6254-786f-0d867f550000}4893/bin/mkdir-----mkdir -p /run/systemd/generator.early/multi-user.target.wants/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dash/bin/shroot 534500x800000000000000031304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.179{ec2a2542-2992-6254-68a2-56d72b560000}4892/bin/dashroot 534500x800000000000000031303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.179{ec2a2542-2992-6254-301c-e42b05560000}4875/lib/systemd/system-generators/lvm2-activation-generatorroot 154100x800000000000000031307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.180{ec2a2542-2992-6254-98ad-b61024560000}4894/bin/ln-----ln -snf /lib/systemd/system/cloud-init.target /run/systemd/generator.early/multi-user.target.wants/cloud-init.target/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dash/bin/shroot 534500x800000000000000031306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.180{ec2a2542-2992-6254-786f-0d867f550000}4893/bin/mkdirroot 534500x800000000000000031308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.181{ec2a2542-2992-6254-98ad-b61024560000}4894/bin/lnroot 534500x800000000000000031309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.182{ec2a2542-2992-6254-6832-d55b62550000}4873/bin/dashroot 534500x800000000000000031310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.195{ec2a2542-2992-6254-d8cc-452a43560000}4887/lib/systemd/system-generators/systemd-sysv-generatorroot 534500x800000000000000031311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.196{ec2a2542-2991-6254-0000-000000000000}4872-root 154100x800000000000000031313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.276{ec2a2542-2992-6254-d09c-0f9442560000}4895/bin/systemctl-----systemctl -p LoadState show binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash/bin/shroot 534500x800000000000000031312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.276{ec2a2542-2992-6254-d0bc-fc20db550000}4869/bin/systemctlroot 154100x800000000000000031315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.283{ec2a2542-2992-6254-d0dc-7d93b6550000}4896/bin/systemctl-----systemctl --quiet is-active multi-user.target/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash/bin/shroot 534500x800000000000000031314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.283{ec2a2542-2992-6254-d09c-0f9442560000}4895/bin/systemctlroot 154100x800000000000000031317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.288{ec2a2542-2992-6254-d0cc-17b202560000}4897/bin/systemctl-----systemctl start binfmt-support.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dash/bin/shroot 534500x800000000000000031316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.288{ec2a2542-2992-6254-d0dc-7d93b6550000}4896/bin/systemctlroot 154100x800000000000000031318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.291{ec2a2542-2992-6254-5806-781b02560000}4898/bin/systemd-tty-ask-password-agent-----/bin/systemd-tty-ask-password-agent --watch/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-d0cc-17b202560000}4897/bin/systemctlsystemctlroot 154100x800000000000000031319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.293{ec2a2542-2992-6254-683f-7a3ec8550000}4899/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --enable/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-0ff1-6254-58a9-8a1e10560000}1/lib/systemd/systemd/sbin/initroot 23542300x800000000000000031321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.296{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452root/lib/systemd/systemd-journald/run/systemd/journal/streams/9:38782--- 534500x800000000000000031320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.296{ec2a2542-2992-6254-683f-7a3ec8550000}4899/usr/sbin/update-binfmtsroot 534500x800000000000000031323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.304{ec2a2542-2992-6254-d0cc-17b202560000}4897/bin/systemctlroot 534500x800000000000000031322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.304{ec2a2542-2992-6254-5806-781b02560000}4898/bin/systemd-tty-ask-password-agentroot 534500x800000000000000031325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.305{ec2a2542-2991-6254-6812-20b929560000}4791/bin/dashroot 534500x800000000000000031324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.305{ec2a2542-2992-6254-6862-0f7c7b550000}4866/bin/dashroot 534500x800000000000000031332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{00000000-0000-0000-0000-000000000000}4905<unknown process>root 534500x800000000000000031331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{00000000-0000-0000-0000-000000000000}4901<unknown process>root 534500x800000000000000031330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{00000000-0000-0000-0000-000000000000}4904<unknown process>root 534500x800000000000000031329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{00000000-0000-0000-0000-000000000000}4903<unknown process>root 534500x800000000000000031328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{00000000-0000-0000-0000-000000000000}4900<unknown process>root 534500x800000000000000031327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{ec2a2542-2991-6254-0000-000000000000}4902-root 23542300x800000000000000031326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.310{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000031333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.311{ec2a2542-2992-6254-0000-000000000000}4906-root 534500x800000000000000031335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.352{ec2a2542-2992-6254-0000-000000000000}4913-root 23542300x800000000000000031334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.352{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000031340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.353{ec2a2542-2992-6254-0000-000000000000}4912-root 534500x800000000000000031339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.353{00000000-0000-0000-0000-000000000000}4908<unknown process>root 534500x800000000000000031338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.353{00000000-0000-0000-0000-000000000000}4914<unknown process>root 534500x800000000000000031337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.353{ec2a2542-2992-6254-0000-000000000000}4910-root 534500x800000000000000031336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.353{ec2a2542-2992-6254-0000-000000000000}4909-root 534500x800000000000000031341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.354{ec2a2542-2992-6254-0000-000000000000}4911-root 154100x800000000000000031342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.424{ec2a2542-2992-6254-6832-821148560000}4916/bin/dash-----/bin/sh /var/lib/dpkg/info/libgstreamer1.0-0:amd64.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.425{ec2a2542-2992-6254-8067-e8789d550000}4917/sbin/setcap-----setcap cap_net_bind_service,cap_net_admin+ep /usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-ptp-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6832-821148560000}4916/bin/dash/bin/shroot 534500x800000000000000031345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.426{ec2a2542-2992-6254-6832-821148560000}4916/bin/dashroot 534500x800000000000000031344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.426{ec2a2542-2992-6254-8067-e8789d550000}4917/sbin/setcaproot 354300x800000000000000031346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.640{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54752-false10.0.1.12-8000- 154100x800000000000000031347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.808{ec2a2542-2992-6254-6812-24cfd2550000}4918/bin/dash-----/bin/sh /var/lib/dpkg/info/libogg0:amd64.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.809{ec2a2542-2992-6254-6872-a315e7550000}4919/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6812-24cfd2550000}4918/bin/dash/bin/shroot 154100x800000000000000031349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.810{ec2a2542-2992-6254-48b2-aacc3d560000}4920/usr/bin/dpkg-trigger-----dpkg-trigger --check-supported/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6872-a315e7550000}4919/bin/dash/bin/shroot 154100x800000000000000031351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.812{ec2a2542-2992-6254-48b2-ac2664550000}4921/usr/bin/dpkg-trigger-----dpkg-trigger --no-await ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-6872-a315e7550000}4919/bin/dash/bin/shroot 534500x800000000000000031350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.812{ec2a2542-2992-6254-48b2-aacc3d560000}4920/usr/bin/dpkg-triggerroot 534500x800000000000000031352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.815{ec2a2542-2992-6254-48b2-ac2664550000}4921/usr/bin/dpkg-triggerroot 534500x800000000000000031354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.816{ec2a2542-2992-6254-6812-24cfd2550000}4918/bin/dashroot 534500x800000000000000031353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.816{ec2a2542-2992-6254-6872-a315e7550000}4919/bin/dashroot 154100x800000000000000031355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.905{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash-----/bin/sh /var/lib/dpkg/info/qemu-user-static.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.906{ec2a2542-2992-6254-50ec-2d0d28560000}4923/bin/grep-----grep -zqs ^container= /proc/1/environ/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 154100x800000000000000031358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.908{ec2a2542-2992-6254-681f-b67905560000}4924/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-aarch64 /usr/bin/qemu-aarch64-static --magic \x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.908{ec2a2542-2992-6254-50ec-2d0d28560000}4923/bin/greproot 154100x800000000000000031360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.909{ec2a2542-2992-6254-684f-89e6d1550000}4925/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-alpha /usr/bin/qemu-alpha-static --magic \x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.909{ec2a2542-2992-6254-681f-b67905560000}4924/usr/sbin/update-binfmtsroot 154100x800000000000000031362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.910{ec2a2542-2992-6254-68ef-a7cada550000}4926/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-arm /usr/bin/qemu-arm-static --magic \x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.910{ec2a2542-2992-6254-684f-89e6d1550000}4925/usr/sbin/update-binfmtsroot 154100x800000000000000031364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.911{ec2a2542-2992-6254-685f-5f8ee6550000}4927/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-armeb /usr/bin/qemu-armeb-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.911{ec2a2542-2992-6254-68ef-a7cada550000}4926/usr/sbin/update-binfmtsroot 154100x800000000000000031366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.912{ec2a2542-2992-6254-68ef-0fb479550000}4928/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-cris /usr/bin/qemu-cris-static --magic \x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x4c\x00 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.912{ec2a2542-2992-6254-685f-5f8ee6550000}4927/usr/sbin/update-binfmtsroot 154100x800000000000000031368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.913{ec2a2542-2992-6254-684f-19f36d550000}4929/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-m68k /usr/bin/qemu-m68k-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x04 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.913{ec2a2542-2992-6254-68ef-0fb479550000}4928/usr/sbin/update-binfmtsroot 154100x800000000000000031370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.914{ec2a2542-2992-6254-687f-2d4ca9550000}4930/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-microblaze /usr/bin/qemu-microblaze-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\xba\xab --mask \xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.914{ec2a2542-2992-6254-684f-19f36d550000}4929/usr/sbin/update-binfmtsroot 154100x800000000000000031372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.915{ec2a2542-2992-6254-689f-7f82a9550000}4931/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-mips /usr/bin/qemu-mips-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.915{ec2a2542-2992-6254-687f-2d4ca9550000}4930/usr/sbin/update-binfmtsroot 154100x800000000000000031374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.916{ec2a2542-2992-6254-683f-172989550000}4932/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-mipsel /usr/bin/qemu-mipsel-static --magic \x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xfe\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.916{ec2a2542-2992-6254-689f-7f82a9550000}4931/usr/sbin/update-binfmtsroot 154100x800000000000000031376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.917{ec2a2542-2992-6254-68ef-04198a550000}4933/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-mips64 /usr/bin/qemu-mips64-static --magic \x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.917{ec2a2542-2992-6254-683f-172989550000}4932/usr/sbin/update-binfmtsroot 154100x800000000000000031378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.918{ec2a2542-2992-6254-681f-f5a293550000}4934/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-mips64el /usr/bin/qemu-mips64el-static --magic \x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00 --mask \xff\xff\xff\xff\xff\xff\xff\x00\xfe\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.918{ec2a2542-2992-6254-68ef-04198a550000}4933/usr/sbin/update-binfmtsroot 154100x800000000000000031380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.920{ec2a2542-2992-6254-681f-52fb69550000}4935/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-ppc /usr/bin/qemu-ppc-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.920{ec2a2542-2992-6254-681f-f5a293550000}4934/usr/sbin/update-binfmtsroot 154100x800000000000000031382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.921{ec2a2542-2992-6254-68bf-c97cb2550000}4936/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-ppc64 /usr/bin/qemu-ppc64-static --magic \x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.921{ec2a2542-2992-6254-681f-52fb69550000}4935/usr/sbin/update-binfmtsroot 154100x800000000000000031384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.922{ec2a2542-2992-6254-680f-b36fd6550000}4937/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-ppc64abi32 /usr/bin/qemu-ppc64abi32-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.922{ec2a2542-2992-6254-68bf-c97cb2550000}4936/usr/sbin/update-binfmtsroot 154100x800000000000000031386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.923{ec2a2542-2992-6254-682f-7ae85c550000}4938/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-ppc64le /usr/bin/qemu-ppc64le-static --magic \x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15\x00 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\x00 --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.923{ec2a2542-2992-6254-680f-b36fd6550000}4937/usr/sbin/update-binfmtsroot 534500x800000000000000031387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.924{ec2a2542-2992-6254-682f-7ae85c550000}4938/usr/sbin/update-binfmtsroot 154100x800000000000000031388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.925{ec2a2542-2992-6254-682f-0d1d4d560000}4939/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-s390x /usr/bin/qemu-s390x-static --magic \x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 154100x800000000000000031390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.926{ec2a2542-2992-6254-68cf-460c35560000}4940/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-sh4 /usr/bin/qemu-sh4-static --magic \x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.926{ec2a2542-2992-6254-682f-0d1d4d560000}4939/usr/sbin/update-binfmtsroot 154100x800000000000000031392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.927{ec2a2542-2992-6254-686f-c388d8550000}4941/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-sh4eb /usr/bin/qemu-sh4eb-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.927{ec2a2542-2992-6254-68cf-460c35560000}4940/usr/sbin/update-binfmtsroot 154100x800000000000000031394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.928{ec2a2542-2992-6254-689f-f78b50560000}4942/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-sparc /usr/bin/qemu-sparc-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.928{ec2a2542-2992-6254-686f-c388d8550000}4941/usr/sbin/update-binfmtsroot 154100x800000000000000031396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.929{ec2a2542-2992-6254-68ef-dcb17d550000}4943/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-sparc32plus /usr/bin/qemu-sparc32plus-static --magic \x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x12 --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.929{ec2a2542-2992-6254-689f-f78b50560000}4942/usr/sbin/update-binfmtsroot 534500x800000000000000031397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.930{ec2a2542-2992-6254-68ef-dcb17d550000}4943/usr/sbin/update-binfmtsroot 154100x800000000000000031398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.931{ec2a2542-2992-6254-68ff-b87839560000}4944/usr/sbin/update-binfmts-----update-binfmts --package qemu-user-static --install qemu-sparc64 /usr/bin/qemu-sparc64-static --magic \x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2b --mask \xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff --offset 0 --credential yes/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dash/bin/shroot 534500x800000000000000031400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.932{ec2a2542-2992-6254-68d2-bb8d2a560000}4922/bin/dashroot 534500x800000000000000031399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:54.932{ec2a2542-2992-6254-68ff-b87839560000}4944/usr/sbin/update-binfmtsroot 23542300x800000000000000031401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.507{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000031410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000031409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000031408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000031407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000031406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000031405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000031404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000031403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000031402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.508{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000031462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0060--- 23542300x800000000000000031461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0059--- 23542300x800000000000000031460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000031459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000031458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000031457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000031456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000031455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000031454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000031453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000031452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000031451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000031450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000031449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000031448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000031447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000031446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000031445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000031444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000031443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000031442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000031441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000031440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000031439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000031438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000031437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000031436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000031435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000031434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000031433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000031432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000031431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000031430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000031429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000031428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000031427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000031426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000031425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000031424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000031423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000031422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000031421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000031420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000031419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000031418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000031417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000031416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000031415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000031414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000031413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000031412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000031411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.509{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000031516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0114--- 23542300x800000000000000031515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0113--- 23542300x800000000000000031514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0112--- 23542300x800000000000000031513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0111--- 23542300x800000000000000031512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0110--- 23542300x800000000000000031511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0109--- 23542300x800000000000000031510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0108--- 23542300x800000000000000031509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0107--- 23542300x800000000000000031508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0106--- 23542300x800000000000000031507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0105--- 23542300x800000000000000031506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0104--- 23542300x800000000000000031505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0103--- 23542300x800000000000000031504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0102--- 23542300x800000000000000031503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0101--- 23542300x800000000000000031502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0100--- 23542300x800000000000000031501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0099--- 23542300x800000000000000031500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0098--- 23542300x800000000000000031499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0097--- 23542300x800000000000000031498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0096--- 23542300x800000000000000031497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0095--- 23542300x800000000000000031496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0094--- 23542300x800000000000000031495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0093--- 23542300x800000000000000031494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0092--- 23542300x800000000000000031493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0091--- 23542300x800000000000000031492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0090--- 23542300x800000000000000031491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0089--- 23542300x800000000000000031490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0088--- 23542300x800000000000000031489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0087--- 23542300x800000000000000031488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0086--- 23542300x800000000000000031487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0085--- 23542300x800000000000000031486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0084--- 23542300x800000000000000031485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0083--- 23542300x800000000000000031484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0082--- 23542300x800000000000000031483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0081--- 23542300x800000000000000031482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0080--- 23542300x800000000000000031481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0079--- 23542300x800000000000000031480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0078--- 23542300x800000000000000031479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0077--- 23542300x800000000000000031478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0076--- 23542300x800000000000000031477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0075--- 23542300x800000000000000031476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0074--- 23542300x800000000000000031475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0073--- 23542300x800000000000000031474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0072--- 23542300x800000000000000031473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0071--- 23542300x800000000000000031472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0070--- 23542300x800000000000000031471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0069--- 23542300x800000000000000031470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0068--- 23542300x800000000000000031469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0067--- 23542300x800000000000000031468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0066--- 23542300x800000000000000031467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0065--- 23542300x800000000000000031466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0064--- 23542300x800000000000000031465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0063--- 23542300x800000000000000031464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0062--- 23542300x800000000000000031463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.510{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0061--- 23542300x800000000000000031570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0168--- 23542300x800000000000000031569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0167--- 23542300x800000000000000031568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0166--- 23542300x800000000000000031567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0165--- 23542300x800000000000000031566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0164--- 23542300x800000000000000031565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0163--- 23542300x800000000000000031564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0162--- 23542300x800000000000000031563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0161--- 23542300x800000000000000031562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0160--- 23542300x800000000000000031561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0159--- 23542300x800000000000000031560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0158--- 23542300x800000000000000031559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0157--- 23542300x800000000000000031558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0156--- 23542300x800000000000000031557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0155--- 23542300x800000000000000031556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0154--- 23542300x800000000000000031555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0153--- 23542300x800000000000000031554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0152--- 23542300x800000000000000031553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0151--- 23542300x800000000000000031552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0150--- 23542300x800000000000000031551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0149--- 23542300x800000000000000031550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0148--- 23542300x800000000000000031549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0147--- 23542300x800000000000000031548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0146--- 23542300x800000000000000031547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0145--- 23542300x800000000000000031546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0144--- 23542300x800000000000000031545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0143--- 23542300x800000000000000031544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0142--- 23542300x800000000000000031543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0141--- 23542300x800000000000000031542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0140--- 23542300x800000000000000031541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0139--- 23542300x800000000000000031540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0138--- 23542300x800000000000000031539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0137--- 23542300x800000000000000031538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0136--- 23542300x800000000000000031537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0135--- 23542300x800000000000000031536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0134--- 23542300x800000000000000031535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0133--- 23542300x800000000000000031534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0132--- 23542300x800000000000000031533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0131--- 23542300x800000000000000031532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0130--- 23542300x800000000000000031531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0129--- 23542300x800000000000000031530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0128--- 23542300x800000000000000031529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0127--- 23542300x800000000000000031528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0126--- 23542300x800000000000000031527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0125--- 23542300x800000000000000031526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0124--- 23542300x800000000000000031525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0123--- 23542300x800000000000000031524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0122--- 23542300x800000000000000031523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0121--- 23542300x800000000000000031522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0120--- 23542300x800000000000000031521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0119--- 23542300x800000000000000031520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0118--- 23542300x800000000000000031519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0117--- 23542300x800000000000000031518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0116--- 23542300x800000000000000031517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.511{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0115--- 23542300x800000000000000031619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0217--- 23542300x800000000000000031618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0216--- 23542300x800000000000000031617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0215--- 23542300x800000000000000031616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0214--- 23542300x800000000000000031615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0213--- 23542300x800000000000000031614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0212--- 23542300x800000000000000031613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0211--- 23542300x800000000000000031612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0210--- 23542300x800000000000000031611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0209--- 23542300x800000000000000031610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0208--- 23542300x800000000000000031609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0207--- 23542300x800000000000000031608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0206--- 23542300x800000000000000031607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0205--- 23542300x800000000000000031606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0204--- 23542300x800000000000000031605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0203--- 23542300x800000000000000031604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0202--- 23542300x800000000000000031603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0201--- 23542300x800000000000000031602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0200--- 23542300x800000000000000031601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0199--- 23542300x800000000000000031600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0198--- 23542300x800000000000000031599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0197--- 23542300x800000000000000031598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0196--- 23542300x800000000000000031597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0195--- 23542300x800000000000000031596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0194--- 23542300x800000000000000031595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0193--- 23542300x800000000000000031594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0192--- 23542300x800000000000000031593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0191--- 23542300x800000000000000031592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0190--- 23542300x800000000000000031591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0189--- 23542300x800000000000000031590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0188--- 23542300x800000000000000031589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0187--- 23542300x800000000000000031588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0186--- 23542300x800000000000000031587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0185--- 23542300x800000000000000031586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0184--- 23542300x800000000000000031585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0183--- 23542300x800000000000000031584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0182--- 23542300x800000000000000031583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0181--- 23542300x800000000000000031582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0180--- 23542300x800000000000000031581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0179--- 23542300x800000000000000031580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0178--- 23542300x800000000000000031579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0177--- 23542300x800000000000000031578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0176--- 23542300x800000000000000031577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0175--- 23542300x800000000000000031576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0174--- 23542300x800000000000000031575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0173--- 23542300x800000000000000031574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0172--- 23542300x800000000000000031573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0171--- 23542300x800000000000000031572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0170--- 23542300x800000000000000031571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.512{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0169--- 23542300x800000000000000031652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0250--- 23542300x800000000000000031651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0249--- 23542300x800000000000000031650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0248--- 23542300x800000000000000031649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0247--- 23542300x800000000000000031648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0246--- 23542300x800000000000000031647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0245--- 23542300x800000000000000031646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0244--- 23542300x800000000000000031645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0243--- 23542300x800000000000000031644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0242--- 23542300x800000000000000031643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0241--- 23542300x800000000000000031642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0240--- 23542300x800000000000000031641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0239--- 23542300x800000000000000031640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0238--- 23542300x800000000000000031639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0237--- 23542300x800000000000000031638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0236--- 23542300x800000000000000031637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0235--- 23542300x800000000000000031636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0234--- 23542300x800000000000000031635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0233--- 23542300x800000000000000031634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0232--- 23542300x800000000000000031633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0231--- 23542300x800000000000000031632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0230--- 23542300x800000000000000031631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0229--- 23542300x800000000000000031630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0228--- 23542300x800000000000000031629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0227--- 23542300x800000000000000031628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0226--- 23542300x800000000000000031627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0225--- 23542300x800000000000000031626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0224--- 23542300x800000000000000031625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0223--- 23542300x800000000000000031624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0222--- 23542300x800000000000000031623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0221--- 23542300x800000000000000031622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0220--- 23542300x800000000000000031621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0219--- 23542300x800000000000000031620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.513{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0218--- 154100x800000000000000031653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.528{ec2a2542-2993-6254-6872-970781550000}4945/bin/dash-----/bin/sh /var/lib/dpkg/info/fontconfig-config.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.529{ec2a2542-2993-6254-78df-b0fb02560000}4946/bin/mkdir-----mkdir /usr/local/share/fonts/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-6872-970781550000}4945/bin/dash/bin/shroot 154100x800000000000000031659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.530{ec2a2542-2993-6254-e041-d2f715560000}4947/bin/chmod-----chmod 2775 /usr/local/share/fonts/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-6872-970781550000}4945/bin/dash/bin/shroot 534500x800000000000000031656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.530{ec2a2542-2993-6254-78df-b0fb02560000}4946/bin/mkdirroot 534500x800000000000000031660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.532{ec2a2542-2993-6254-e041-d2f715560000}4947/bin/chmodroot 154100x800000000000000031657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.532{ec2a2542-2993-6254-60d9-17f51c560000}4948/bin/chown-----chown root:staff /usr/local/share/fonts/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-6872-970781550000}4945/bin/dash/bin/shroot 534500x800000000000000031658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.534{ec2a2542-2993-6254-60d9-17f51c560000}4948/bin/chownroot 534500x800000000000000031654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.534{ec2a2542-2993-6254-6872-970781550000}4945/bin/dashroot 154100x800000000000000031661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.735{ec2a2542-2993-6254-6872-98cee9550000}4949/bin/dash-----/bin/sh /var/lib/dpkg/info/libibverbs1:amd64.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.736{ec2a2542-2993-6254-682a-b05f60550000}4950/usr/bin/getent-----getent group rdma/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-6872-98cee9550000}4949/bin/dash/bin/shroot 154100x800000000000000031664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.738{ec2a2542-2993-6254-9827-c4452a560000}4951/usr/bin/perl-----/usr/bin/perl /usr/sbin/addgroup --system --quiet rdma/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-6872-98cee9550000}4949/bin/dash/bin/shroot 534500x800000000000000031663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.738{ec2a2542-2993-6254-682a-b05f60550000}4950/usr/bin/getentroot 154100x800000000000000031665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.775{ec2a2542-2993-6254-509d-01e2d2550000}4952/usr/sbin/groupadd-----/usr/sbin/groupadd -g 116 rdma/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-9827-c4452a560000}4951/usr/bin/perl/usr/bin/perlroot 23542300x800000000000000031667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.779{ec2a2542-2993-6254-509d-01e2d2550000}4952root/usr/sbin/groupadd/etc/gshadow.4952--- 23542300x800000000000000031666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.779{ec2a2542-2993-6254-509d-01e2d2550000}4952root/usr/sbin/groupadd/etc/group.4952--- 23542300x800000000000000031668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.785{ec2a2542-2993-6254-509d-01e2d2550000}4952root/usr/sbin/groupadd/etc/group.lock--- 23542300x800000000000000031669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.790{ec2a2542-2993-6254-509d-01e2d2550000}4952root/usr/sbin/groupadd/etc/gshadow.lock--- 534500x800000000000000031670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.793{ec2a2542-2993-6254-0000-000000000000}4953-root 534500x800000000000000031671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.795{ec2a2542-2993-6254-0000-000000000000}4954-root 534500x800000000000000031673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.796{ec2a2542-2993-6254-509d-01e2d2550000}4952/usr/sbin/groupaddroot 534500x800000000000000031672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.796{ec2a2542-2993-6254-0000-000000000000}4955-root 534500x800000000000000031674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.799{ec2a2542-2993-6254-9827-c4452a560000}4951/usr/bin/perlroot 534500x800000000000000031675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.800{ec2a2542-2993-6254-6872-98cee9550000}4949/bin/dashroot 154100x800000000000000031676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.857{ec2a2542-2993-6254-6852-f28be7550000}4956/bin/dash-----/bin/sh /var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.858{ec2a2542-2993-6254-181a-c240c6550000}4959/usr/bin/sort-----sort/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}4957--- 154100x800000000000000031677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.858{ec2a2542-2993-6254-9050-73cec6550000}4958/usr/bin/find-----find /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders /usr/lib/gdk-pixbuf-2.0/2.10.0/loaders -name *.so/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}4957--- 154100x800000000000000031682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.860{ec2a2542-2993-6254-203e-4857f1550000}4960/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders-----/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-ani.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-bmp.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-gif.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-icns.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-ico.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-jpeg.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-pnm.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-qtif.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-tga.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-tiff.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-xbm.so /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-xpm.so/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2993-6254-6852-f28be7550000}4956/bin/dash/bin/shroot 534500x800000000000000031681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.860{00000000-0000-0000-0000-000000000000}4957<unknown process>root 534500x800000000000000031680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.860{ec2a2542-2993-6254-181a-c240c6550000}4959/usr/bin/sortroot 534500x800000000000000031679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.860{ec2a2542-2993-6254-9050-73cec6550000}4958/usr/bin/findroot 534500x800000000000000031683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.870{ec2a2542-2993-6254-203e-4857f1550000}4960/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/gdk-pixbuf-query-loadersroot 534500x800000000000000031684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:55.872{ec2a2542-2993-6254-6852-f28be7550000}4956/bin/dashroot 154100x800000000000000031685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.007{ec2a2542-2994-6254-6842-980c8a550000}4961/bin/dash-----/bin/sh /var/lib/dpkg/info/fontconfig.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.008{ec2a2542-2994-6254-783f-1a6b97550000}4962/bin/mkdir-----mkdir -p /var/cache/fontconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2994-6254-6842-980c8a550000}4961/bin/dash/bin/shroot 154100x800000000000000031688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.009{ec2a2542-2994-6254-e078-a4c550560000}4963/usr/bin/fc-cache-----fc-cache -s -f -v/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2994-6254-6842-980c8a550000}4961/bin/dash/bin/shroot 534500x800000000000000031687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.009{ec2a2542-2994-6254-783f-1a6b97550000}4962/bin/mkdirroot 23542300x800000000000000031693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.023{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//7ef2298fde41cc6eeb7af42e48b7d293-le64.cache-7.TMP-WYYSbB--- 23542300x800000000000000031692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.023{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//4c599c202bc5c08e2d34565a40eac3b2-le64.cache-7.LCK--- 23542300x800000000000000031691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.023{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//4c599c202bc5c08e2d34565a40eac3b2-le64.cache-7.TMP-bJl6RC--- 23542300x800000000000000031690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.023{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//3830d5c3ddfd5cd38a049b759396e72e-le64.cache-7.LCK--- 23542300x800000000000000031689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.023{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//3830d5c3ddfd5cd38a049b759396e72e-le64.cache-7.TMP-YnTlyE--- 23542300x800000000000000031694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.024{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//7ef2298fde41cc6eeb7af42e48b7d293-le64.cache-7.LCK--- 23542300x800000000000000031698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.053{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//3830d5c3ddfd5cd38a049b759396e72e-le64.cache-7.LCK--- 23542300x800000000000000031697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.053{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//3830d5c3ddfd5cd38a049b759396e72e-le64.cache-7.TMP-258tZx--- 23542300x800000000000000031696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.053{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//d589a48862398ed80a3d6066f4f56f4c-le64.cache-7.LCK--- 23542300x800000000000000031695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.053{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//d589a48862398ed80a3d6066f4f56f4c-le64.cache-7.TMP-x7NEAz--- 23542300x800000000000000031700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.054{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//7ef2298fde41cc6eeb7af42e48b7d293-le64.cache-7.LCK--- 23542300x800000000000000031699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.054{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//7ef2298fde41cc6eeb7af42e48b7d293-le64.cache-7.TMP-LVYlow--- 23542300x800000000000000031701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.077{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//d589a48862398ed80a3d6066f4f56f4c-le64.cache-7.TMP-GUhgRu--- 23542300x800000000000000031706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.078{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig/CACHEDIR.TAG.LCK--- 23542300x800000000000000031705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.078{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig/CACHEDIR.TAG.TMP-QCmfNr--- 23542300x800000000000000031704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.078{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//4c599c202bc5c08e2d34565a40eac3b2-le64.cache-7.LCK--- 23542300x800000000000000031703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.078{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//4c599c202bc5c08e2d34565a40eac3b2-le64.cache-7.TMP-jHEekt--- 23542300x800000000000000031702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:56.078{ec2a2542-2994-6254-e078-a4c550560000}4963root/usr/bin/fc-cache/var/cache/fontconfig//d589a48862398ed80a3d6066f4f56f4c-le64.cache-7.LCK--- 534500x800000000000000031708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.079{ec2a2542-2994-6254-6842-980c8a550000}4961/bin/dashroot 534500x800000000000000031707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.079{ec2a2542-2994-6254-e078-a4c550560000}4963/usr/bin/fc-cacheroot 154100x800000000000000031709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.235{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash-----/bin/sh /var/lib/dpkg/info/qemu-system-common.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.236{ec2a2542-2996-6254-687a-41a632560000}4965/usr/bin/getent-----getent group kvm/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 154100x800000000000000031713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.237{ec2a2542-2996-6254-98f7-82530c560000}4966/usr/bin/perl-----perl /usr/bin/deb-systemd-helper unmask qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 154100x800000000000000031712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.237{ec2a2542-2996-6254-78dc-e60136560000}4966/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-helper unmask qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.237{ec2a2542-2996-6254-687a-41a632560000}4965/usr/bin/getentroot 154100x800000000000000031716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.292{ec2a2542-2996-6254-98b7-d574a6550000}4967/usr/bin/perl-----perl /usr/bin/deb-systemd-helper --quiet was-enabled qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 154100x800000000000000031715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.292{ec2a2542-2996-6254-78ac-2d7584550000}4967/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-helper --quiet was-enabled qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.292{ec2a2542-2996-6254-78dc-e60136560000}4966/usr/bin/envroot 154100x800000000000000031719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.340{ec2a2542-2996-6254-9867-998694550000}4968/usr/bin/perl-----perl /usr/bin/deb-systemd-helper enable qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 154100x800000000000000031718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.340{ec2a2542-2996-6254-784c-2c7be2550000}4968/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-helper enable qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.340{ec2a2542-2996-6254-78ac-2d7584550000}4967/usr/bin/envroot 154100x800000000000000031720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.420{ec2a2542-2996-6254-d08c-caf7de550000}4969/bin/systemctl-----/bin/systemctl --preset-mode=enable-only preset qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-784c-2c7be2550000}4968/usr/bin/env/usr/bin/envroot 23542300x800000000000000031739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunkd.service--- 23542300x800000000000000031738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/grub-common.service--- 23542300x800000000000000031737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/grub-common.service--- 23542300x800000000000000031736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/splunk.service--- 23542300x800000000000000031735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/apport.service--- 23542300x800000000000000031734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/grub-common.service--- 23542300x800000000000000031733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/splunk.service--- 23542300x800000000000000031732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/apport.service--- 23542300x800000000000000031731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunk.service--- 23542300x800000000000000031730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/apport.service--- 23542300x800000000000000031729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/hibagent.service--- 23542300x800000000000000031728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.early/multi-user.target.wants/cloud-init.target--- 23542300x800000000000000031727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/-.mount--- 23542300x800000000000000031726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service--- 23542300x800000000000000031725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.requires/-.mount--- 23542300x800000000000000031724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/getty.target.wants/serial-getty@ttyS0.service--- 23542300x800000000000000031723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000031722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000031721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.481{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/netplan.stamp--- 154100x800000000000000031740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.483{ec2a2542-2996-6254-3823-b71ad6550000}4971/usr/lib/systemd/system-environment-generators/snapd-env-generator-----/usr/lib/systemd/system-environment-generators/snapd-env-generator/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4970--- 534500x800000000000000031741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.486{ec2a2542-2996-6254-3823-b71ad6550000}4971/usr/lib/systemd/system-environment-generators/snapd-env-generatorroot 534500x800000000000000031742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.487{00000000-0000-0000-0000-000000000000}4970<unknown process>root 154100x800000000000000031745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.488{ec2a2542-2996-6254-306c-9513b4550000}4975/lib/systemd/system-generators/lvm2-activation-generator-----/lib/systemd/system-generators/lvm2-activation-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.488{ec2a2542-2996-6254-68b2-04a8bb550000}4974/bin/dash-----/bin/sh /lib/systemd/system-generators/friendly-recovery /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.488{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dash-----/bin/sh /lib/systemd/system-generators/cloud-init-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.489{ec2a2542-2996-6254-68ac-d4b7f8550000}4981/lib/systemd/system-generators/systemd-debug-generator-----/lib/systemd/system-generators/systemd-debug-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.489{ec2a2542-2996-6254-b89e-d71510560000}4978/lib/systemd/system-generators/systemd-cryptsetup-generator-----/lib/systemd/system-generators/systemd-cryptsetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.489{ec2a2542-2996-6254-c0a5-e2c65f550000}4977/lib/systemd/system-generators/snapd-generator-----/lib/systemd/system-generators/snapd-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.489{ec2a2542-2996-6254-7846-240c66550000}4980/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dash/bin/shroot 154100x800000000000000031747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.489{ec2a2542-2996-6254-d029-9aa66e550000}4979/bin/cat-----cat /proc/cmdline/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68b2-04a8bb550000}4974/bin/dash/bin/shroot 154100x800000000000000031746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.489{ec2a2542-2996-6254-9877-e72323560000}4976/lib/netplan/generate-----/lib/systemd/system-generators/netplan /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.490{ec2a2542-2996-6254-f0eb-6d4630560000}4984/lib/systemd/system-generators/systemd-gpt-auto-generator-----/lib/systemd/system-generators/systemd-gpt-auto-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.490{ec2a2542-2996-6254-d07e-d1ecf0550000}4983/lib/systemd/system-generators/systemd-getty-generator-----/lib/systemd/system-generators/systemd-getty-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.490{ec2a2542-2996-6254-88f6-398c54560000}4982/lib/systemd/system-generators/systemd-fstab-generator-----/lib/systemd/system-generators/systemd-fstab-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 534500x800000000000000031751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.490{ec2a2542-2996-6254-c0a5-e2c65f550000}4977/lib/systemd/system-generators/snapd-generatorroot 154100x800000000000000031765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.491{ec2a2542-2996-6254-8864-ebb5fe550000}4985/lib/systemd/system-generators/systemd-hibernate-resume-generator-----/lib/systemd/system-generators/systemd-hibernate-resume-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.491{ec2a2542-2996-6254-a0f2-195ffe550000}4986/lib/systemd/system-generators/systemd-rc-local-generator-----/lib/systemd/system-generators/systemd-rc-local-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 534500x800000000000000031753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.491{ec2a2542-2996-6254-68b2-04a8bb550000}4974/bin/dashroot 534500x800000000000000031752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.491{ec2a2542-2996-6254-d029-9aa66e550000}4979/bin/catroot 23542300x800000000000000031755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.492{ec2a2542-2996-6254-9877-e72323560000}4976root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.link--- 154100x800000000000000031762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-38a3-5ffdb3550000}4987/bin/udevadm-----/sbin/udevadm control --reload/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-9877-e72323560000}4976/lib/netplan/generate/lib/systemd/system-generators/netplanroot 534500x800000000000000031761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-b89e-d71510560000}4978/lib/systemd/system-generators/systemd-cryptsetup-generatorroot 534500x800000000000000031760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-7846-240c66550000}4980/usr/bin/systemd-detect-virtroot 534500x800000000000000031759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-306c-9513b4550000}4975/lib/systemd/system-generators/lvm2-activation-generatorroot 23542300x800000000000000031758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-9877-e72323560000}4976root/lib/netplan/generate/run/NetworkManager/conf.d/netplan.conf--- 23542300x800000000000000031757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-9877-e72323560000}4976root/lib/netplan/generate//run/udev/rules.d/99-netplan-ens5.rules--- 23542300x800000000000000031756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.493{ec2a2542-2996-6254-9877-e72323560000}4976root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.network--- 154100x800000000000000031767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.494{ec2a2542-2996-6254-78a6-cc2a08560000}4988/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dash/bin/shroot 154100x800000000000000031768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.495{ec2a2542-2996-6254-20d5-7a0521560000}4989/lib/systemd/system-generators/systemd-system-update-generator-----/lib/systemd/system-generators/systemd-system-update-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 154100x800000000000000031775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.497{ec2a2542-2996-6254-d8ec-1d8ca4550000}4990/lib/systemd/system-generators/systemd-sysv-generator-----/lib/systemd/system-generators/systemd-sysv-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 534500x800000000000000031769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.497{ec2a2542-2996-6254-88f6-398c54560000}4982/lib/systemd/system-generators/systemd-fstab-generatorroot 534500x800000000000000031773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.498{ec2a2542-2996-6254-38a3-5ffdb3550000}4987/bin/udevadmroot 154100x800000000000000031772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.498{ec2a2542-2996-6254-80f4-54ebcd550000}4991/lib/systemd/system-generators/systemd-veritysetup-generator-----/lib/systemd/system-generators/systemd-veritysetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4972--- 534500x800000000000000031771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.498{ec2a2542-2996-6254-a0f2-195ffe550000}4986/lib/systemd/system-generators/systemd-rc-local-generatorroot 534500x800000000000000031774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.499{ec2a2542-2996-6254-9877-e72323560000}4976/lib/netplan/generateroot 924900x800000000000000031776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.500{ec2a2542-2996-6254-f0eb-6d4630560000}4984/lib/systemd/system-generators/systemd-gpt-auto-generator/dev/nvme0n1root 534500x800000000000000031777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.501{ec2a2542-2996-6254-8864-ebb5fe550000}4985/lib/systemd/system-generators/systemd-hibernate-resume-generatorroot 534500x800000000000000031781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.502{ec2a2542-2996-6254-d07e-d1ecf0550000}4983/lib/systemd/system-generators/systemd-getty-generatorroot 534500x800000000000000031780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.502{ec2a2542-2996-6254-80f4-54ebcd550000}4991/lib/systemd/system-generators/systemd-veritysetup-generatorroot 534500x800000000000000031779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.502{ec2a2542-2996-6254-f0eb-6d4630560000}4984/lib/systemd/system-generators/systemd-gpt-auto-generatorroot 534500x800000000000000031778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.502{ec2a2542-2996-6254-68ac-d4b7f8550000}4981/lib/systemd/system-generators/systemd-debug-generatorroot 534500x800000000000000031782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.504{ec2a2542-2996-6254-20d5-7a0521560000}4989/lib/systemd/system-generators/systemd-system-update-generatorroot 534500x800000000000000031783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.505{ec2a2542-2996-6254-78a6-cc2a08560000}4988/usr/bin/systemd-detect-virtroot 154100x800000000000000031784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.507{ec2a2542-2996-6254-68f2-444d77550000}4992/bin/dash-----/bin/sh /usr/lib/cloud-init/ds-identify/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dash/bin/shroot 534500x800000000000000031785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.508{ec2a2542-2996-6254-68f2-444d77550000}4992/bin/dashroot 154100x800000000000000031786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.509{ec2a2542-2996-6254-789f-dcf460550000}4993/bin/mkdir-----mkdir -p /run/systemd/generator.early/multi-user.target.wants/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dash/bin/shroot 534500x800000000000000031787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.510{ec2a2542-2996-6254-789f-dcf460550000}4993/bin/mkdirroot 534500x800000000000000031789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.511{ec2a2542-2996-6254-983d-3df7c6550000}4994/bin/lnroot 154100x800000000000000031788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.511{ec2a2542-2996-6254-983d-3df7c6550000}4994/bin/ln-----ln -snf /lib/systemd/system/cloud-init.target /run/systemd/generator.early/multi-user.target.wants/cloud-init.target/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dash/bin/shroot 534500x800000000000000031790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.512{ec2a2542-2996-6254-68c2-8391cf550000}4973/bin/dashroot 534500x800000000000000031791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.529{ec2a2542-2996-6254-d8ec-1d8ca4550000}4990/lib/systemd/system-generators/systemd-sysv-generatorroot 534500x800000000000000031792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.530{ec2a2542-2996-6254-0000-000000000000}4972-root 534500x800000000000000031793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.657{ec2a2542-2996-6254-d08c-caf7de550000}4969/bin/systemctlroot 154100x800000000000000031795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.659{ec2a2542-2996-6254-d08c-547a29560000}4995/bin/systemctl-----systemctl --system daemon-reload/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.659{ec2a2542-2996-6254-784c-2c7be2550000}4968/usr/bin/envroot 23542300x800000000000000031814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunkd.service--- 23542300x800000000000000031813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/hibagent.service--- 23542300x800000000000000031812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/apport.service--- 23542300x800000000000000031811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/apport.service--- 23542300x800000000000000031810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/grub-common.service--- 23542300x800000000000000031809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/splunk.service--- 23542300x800000000000000031808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/apport.service--- 23542300x800000000000000031807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/grub-common.service--- 23542300x800000000000000031806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/splunk.service--- 23542300x800000000000000031805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/grub-common.service--- 23542300x800000000000000031804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunk.service--- 23542300x800000000000000031803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.early/multi-user.target.wants/cloud-init.target--- 23542300x800000000000000031802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/-.mount--- 23542300x800000000000000031801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service--- 23542300x800000000000000031800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.requires/-.mount--- 23542300x800000000000000031799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000031798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000031797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/netplan.stamp--- 23542300x800000000000000031796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.731{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/getty.target.wants/serial-getty@ttyS0.service--- 154100x800000000000000031815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.732{ec2a2542-2996-6254-38d3-067d90550000}4997/usr/lib/systemd/system-environment-generators/snapd-env-generator-----/usr/lib/systemd/system-environment-generators/snapd-env-generator/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4996--- 534500x800000000000000031816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.733{ec2a2542-2996-6254-38d3-067d90550000}4997/usr/lib/systemd/system-environment-generators/snapd-env-generatorroot 534500x800000000000000031817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.734{ec2a2542-2996-6254-0000-000000000000}4996-root 154100x800000000000000031818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.735{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dash-----/bin/sh /lib/systemd/system-generators/cloud-init-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.736{ec2a2542-2996-6254-6812-396f90550000}5000/bin/dash-----/bin/sh /lib/systemd/system-generators/friendly-recovery /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.737{ec2a2542-2996-6254-c0b5-1ed358550000}5005/lib/systemd/system-generators/snapd-generator-----/lib/systemd/system-generators/snapd-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.737{ec2a2542-2996-6254-9837-471180550000}5003/lib/netplan/generate-----/lib/systemd/system-generators/netplan /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.737{ec2a2542-2996-6254-7866-975c90550000}5004/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dash/bin/shroot 154100x800000000000000031823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.737{ec2a2542-2996-6254-30bc-f33b9b550000}5001/lib/systemd/system-generators/lvm2-activation-generator-----/lib/systemd/system-generators/lvm2-activation-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.737{ec2a2542-2996-6254-d059-74694e560000}5002/bin/cat-----cat /proc/cmdline/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-6812-396f90550000}5000/bin/dash/bin/shroot 154100x800000000000000031827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.738{ec2a2542-2996-6254-687c-0aa4d9550000}5007/lib/systemd/system-generators/systemd-debug-generator-----/lib/systemd/system-generators/systemd-debug-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.738{ec2a2542-2996-6254-b80e-4cb28a550000}5006/lib/systemd/system-generators/systemd-cryptsetup-generator-----/lib/systemd/system-generators/systemd-cryptsetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 534500x800000000000000031821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.738{ec2a2542-2996-6254-d059-74694e560000}5002/bin/catroot 154100x800000000000000031833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.739{ec2a2542-2996-6254-d0ee-37fdbc550000}5009/lib/systemd/system-generators/systemd-getty-generator-----/lib/systemd/system-generators/systemd-getty-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.739{ec2a2542-2996-6254-8856-fba7ab550000}5008/lib/systemd/system-generators/systemd-fstab-generator-----/lib/systemd/system-generators/systemd-fstab-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 534500x800000000000000031822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.739{ec2a2542-2996-6254-6812-396f90550000}5000/bin/dashroot 154100x800000000000000031834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.740{ec2a2542-2996-6254-88d4-df21e0550000}5011/lib/systemd/system-generators/systemd-hibernate-resume-generator-----/lib/systemd/system-generators/systemd-hibernate-resume-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.740{ec2a2542-2996-6254-f0bb-70b3a9550000}5010/lib/systemd/system-generators/systemd-gpt-auto-generator-----/lib/systemd/system-generators/systemd-gpt-auto-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.741{ec2a2542-2996-6254-a0b2-f8ec1d560000}5012/lib/systemd/system-generators/systemd-rc-local-generator-----/lib/systemd/system-generators/systemd-rc-local-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 534500x800000000000000031830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.741{ec2a2542-2996-6254-b80e-4cb28a550000}5006/lib/systemd/system-generators/systemd-cryptsetup-generatorroot 534500x800000000000000031828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.741{ec2a2542-2996-6254-30bc-f33b9b550000}5001/lib/systemd/system-generators/lvm2-activation-generatorroot 534500x800000000000000031831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.742{ec2a2542-2996-6254-7866-975c90550000}5004/usr/bin/systemd-detect-virtroot 154100x800000000000000031843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.744{ec2a2542-2996-6254-78e6-7a4b75550000}5013/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dash/bin/shroot 534500x800000000000000031836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.744{ec2a2542-2996-6254-687c-0aa4d9550000}5007/lib/systemd/system-generators/systemd-debug-generatorroot 154100x800000000000000031851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.745{ec2a2542-2996-6254-20c5-7418ef550000}5014/lib/systemd/system-generators/systemd-system-update-generator-----/lib/systemd/system-generators/systemd-system-update-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.745{ec2a2542-2996-6254-d8ec-f52740560000}5015/lib/systemd/system-generators/systemd-sysv-generator-----/lib/systemd/system-generators/systemd-sysv-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 154100x800000000000000031840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.745{ec2a2542-2996-6254-80d4-f2f362550000}5016/lib/systemd/system-generators/systemd-veritysetup-generator-----/lib/systemd/system-generators/systemd-veritysetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}4998--- 924900x800000000000000031838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.745{ec2a2542-2996-6254-f0bb-70b3a9550000}5010/lib/systemd/system-generators/systemd-gpt-auto-generator/dev/nvme0n1root 534500x800000000000000031837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.745{ec2a2542-2996-6254-8856-fba7ab550000}5008/lib/systemd/system-generators/systemd-fstab-generatorroot 534500x800000000000000031842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.746{ec2a2542-2996-6254-c0b5-1ed358550000}5005/lib/systemd/system-generators/snapd-generatorroot 534500x800000000000000031841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.746{ec2a2542-2996-6254-d0ee-37fdbc550000}5009/lib/systemd/system-generators/systemd-getty-generatorroot 23542300x800000000000000031847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.747{ec2a2542-2996-6254-9837-471180550000}5003root/lib/netplan/generate/run/NetworkManager/conf.d/netplan.conf--- 23542300x800000000000000031846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.747{ec2a2542-2996-6254-9837-471180550000}5003root/lib/netplan/generate//run/udev/rules.d/99-netplan-ens5.rules--- 23542300x800000000000000031845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.747{ec2a2542-2996-6254-9837-471180550000}5003root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.network--- 23542300x800000000000000031844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.747{ec2a2542-2996-6254-9837-471180550000}5003root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.link--- 154100x800000000000000031850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.748{ec2a2542-2996-6254-3823-123e14560000}5017/bin/udevadm-----/sbin/udevadm control --reload/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-9837-471180550000}5003/lib/netplan/generate/lib/systemd/system-generators/netplanroot 534500x800000000000000031849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.748{ec2a2542-2996-6254-f0bb-70b3a9550000}5010/lib/systemd/system-generators/systemd-gpt-auto-generatorroot 534500x800000000000000031852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.749{ec2a2542-2996-6254-88d4-df21e0550000}5011/lib/systemd/system-generators/systemd-hibernate-resume-generatorroot 534500x800000000000000031854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.750{ec2a2542-2996-6254-9837-471180550000}5003/lib/netplan/generateroot 534500x800000000000000031853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.750{ec2a2542-2996-6254-3823-123e14560000}5017/bin/udevadmroot 534500x800000000000000031856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.751{ec2a2542-2996-6254-80d4-f2f362550000}5016/lib/systemd/system-generators/systemd-veritysetup-generatorroot 534500x800000000000000031855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.751{ec2a2542-2996-6254-a0b2-f8ec1d560000}5012/lib/systemd/system-generators/systemd-rc-local-generatorroot 534500x800000000000000031858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.752{ec2a2542-2996-6254-78e6-7a4b75550000}5013/usr/bin/systemd-detect-virtroot 534500x800000000000000031857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.752{ec2a2542-2996-6254-20c5-7418ef550000}5014/lib/systemd/system-generators/systemd-system-update-generatorroot 154100x800000000000000031859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.754{ec2a2542-2996-6254-6852-3934b6550000}5018/bin/dash-----/bin/sh /usr/lib/cloud-init/ds-identify/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dash/bin/shroot 154100x800000000000000031861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.756{ec2a2542-2996-6254-78ff-da68dc550000}5019/bin/mkdir-----mkdir -p /run/systemd/generator.early/multi-user.target.wants/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dash/bin/shroot 534500x800000000000000031860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.756{ec2a2542-2996-6254-6852-3934b6550000}5018/bin/dashroot 154100x800000000000000031863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.759{ec2a2542-2996-6254-987d-d7848c550000}5020/bin/ln-----ln -snf /lib/systemd/system/cloud-init.target /run/systemd/generator.early/multi-user.target.wants/cloud-init.target/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dash/bin/shroot 534500x800000000000000031862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.759{ec2a2542-2996-6254-78ff-da68dc550000}5019/bin/mkdirroot 534500x800000000000000031865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.760{ec2a2542-2996-6254-6882-3f63d9550000}4999/bin/dashroot 534500x800000000000000031864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.760{ec2a2542-2996-6254-987d-d7848c550000}5020/bin/lnroot 534500x800000000000000031867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.771{ec2a2542-2996-6254-0000-000000000000}4998-root 534500x800000000000000031866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.771{ec2a2542-2996-6254-d8ec-f52740560000}5015/lib/systemd/system-generators/systemd-sysv-generatorroot 154100x800000000000000031877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.920{ec2a2542-2996-6254-d06c-657dfa550000}5021/bin/systemctl-----/bin/systemctl start qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 154100x800000000000000031870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.920{ec2a2542-2996-6254-98e7-b35753560000}5021/usr/bin/perl-----perl /usr/bin/deb-systemd-invoke start qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 154100x800000000000000031869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.920{ec2a2542-2996-6254-784c-1f9bac550000}5021/usr/bin/env-----/usr/bin/env perl /usr/bin/deb-systemd-invoke start qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.920{ec2a2542-2996-6254-d08c-547a29560000}4995/bin/systemctlroot 154100x800000000000000031872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.926{ec2a2542-2996-6254-d07c-639723560000}5023/bin/systemctl-----/bin/systemctl is-enabled -- qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6842-b9ab38560000}5022/bin/dashshroot 154100x800000000000000031871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.926{ec2a2542-2996-6254-6842-b9ab38560000}5022/bin/dash-----sh -c /bin/systemctl is-enabled -- 'qemu-kvm.service'/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-784c-1f9bac550000}5021/usr/bin/env/usr/bin/envroot 534500x800000000000000031874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.932{ec2a2542-2996-6254-6842-b9ab38560000}5022/bin/dashroot 534500x800000000000000031873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.932{ec2a2542-2996-6254-d07c-639723560000}5023/bin/systemctlroot 154100x800000000000000031875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.933{ec2a2542-2996-6254-d07c-5aff23560000}5024/bin/systemctl-----/bin/systemctl --quiet is-active -- qemu-kvm.service/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-784c-1f9bac550000}5021/usr/bin/env/usr/bin/envroot 534500x800000000000000031876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.937{ec2a2542-2996-6254-d07c-5aff23560000}5024/bin/systemctlroot 154100x800000000000000031878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.941{ec2a2542-2996-6254-58e6-1cae79550000}5025/bin/systemd-tty-ask-password-agent-----/bin/systemd-tty-ask-password-agent --watch/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-98e7-b35753560000}5021/usr/bin/perlperlroot 154100x800000000000000031879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.944{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dash-----/bin/sh /usr/share/qemu/init/qemu-kvm-init start/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-0ff1-6254-58a9-8a1e10560000}1/lib/systemd/systemd/sbin/initroot 154100x800000000000000031880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.946{ec2a2542-2996-6254-80ce-fd0a8e550000}5027/usr/bin/arch-----arch/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dash/bin/shroot 534500x800000000000000031881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.948{ec2a2542-2996-6254-80ce-fd0a8e550000}5027/usr/bin/archroot 154100x800000000000000031882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.949{ec2a2542-2996-6254-50bc-87e1d1550000}5028/bin/grep-----grep -qs ^flags.* vmx /proc/cpuinfo/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dash/bin/shroot 154100x800000000000000031884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.950{ec2a2542-2996-6254-505c-2e1fd5550000}5029/bin/grep-----grep -qs ^flags.* svm /proc/cpuinfo/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dash/bin/shroot 534500x800000000000000031883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.950{ec2a2542-2996-6254-50bc-87e1d1550000}5028/bin/greproot 154100x800000000000000031886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.952{ec2a2542-2996-6254-78c6-83d088550000}5031/usr/bin/systemd-detect-virt-----systemd-detect-virt --quiet --container/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dash/bin/shroot 534500x800000000000000031885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.952{ec2a2542-2996-6254-505c-2e1fd5550000}5029/bin/greproot 154100x800000000000000031888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.958{ec2a2542-2996-6254-7816-4d553d560000}5040/usr/bin/systemd-detect-virt-----systemd-detect-virt -vq/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dash/bin/shroot 534500x800000000000000031887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.958{ec2a2542-2996-6254-78c6-83d088550000}5031/usr/bin/systemd-detect-virtroot 534500x800000000000000031893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.961{00000000-0000-0000-0000-000000000000}5033<unknown process>root 534500x800000000000000031891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.961{ec2a2542-2996-6254-0000-000000000000}5030-root 534500x800000000000000031890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.961{ec2a2542-2996-6254-0000-000000000000}5035-root 23542300x800000000000000031889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.961{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000031898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.962{00000000-0000-0000-0000-000000000000}5038<unknown process>root 534500x800000000000000031897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.962{00000000-0000-0000-0000-000000000000}5036<unknown process>root 534500x800000000000000031896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.962{ec2a2542-2996-6254-0000-000000000000}5034-root 534500x800000000000000031895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.962{00000000-0000-0000-0000-000000000000}5039<unknown process>root 534500x800000000000000031894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.962{00000000-0000-0000-0000-000000000000}5037<unknown process>root 534500x800000000000000031892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.962{ec2a2542-2996-6254-0000-000000000000}5032-root 534500x800000000000000031902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.963{ec2a2542-2996-6254-0000-000000000000}5041-root 23542300x800000000000000031901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.963{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452root/lib/systemd/systemd-journald/run/systemd/journal/streams/9:39822--- 534500x800000000000000031900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.963{ec2a2542-2996-6254-68d2-de4655560000}5026/bin/dashroot 534500x800000000000000031899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.963{ec2a2542-2996-6254-7816-4d553d560000}5040/usr/bin/systemd-detect-virtroot 534500x800000000000000031903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.965{ec2a2542-2996-6254-58e6-1cae79550000}5025/bin/systemd-tty-ask-password-agentroot 154100x800000000000000031905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.966{ec2a2542-2996-6254-6842-4e326b550000}5042/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init/qemu-kvm.conf 1:2.8+dfsg-1ubuntu1~ -- configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.966{ec2a2542-2996-6254-98e7-b35753560000}5021/usr/bin/perlroot 154100x800000000000000031906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.969{ec2a2542-2996-6254-e82b-e8d92d560000}5043/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6842-4e326b550000}5042/bin/dash/bin/shroot 534500x800000000000000031907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.970{ec2a2542-2996-6254-e82b-e8d92d560000}5043/usr/bin/basenameroot 154100x800000000000000031908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.971{ec2a2542-2996-6254-7031-8490ac550000}5044/usr/bin/dpkg-----dpkg --validate-version -- 1:2.8+dfsg-1ubuntu1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6842-4e326b550000}5042/bin/dash/bin/shroot 154100x800000000000000031911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.973{ec2a2542-2996-6254-6842-382ae8550000}5045/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init.d/qemu-kvm 1:2.8+dfsg-1ubuntu1~ -- configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dash/bin/shroot 534500x800000000000000031910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.973{ec2a2542-2996-6254-6842-4e326b550000}5042/bin/dashroot 534500x800000000000000031909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.973{ec2a2542-2996-6254-7031-8490ac550000}5044/usr/bin/dpkgroot 154100x800000000000000031912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.974{ec2a2542-2996-6254-e85b-42109e550000}5046/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6842-382ae8550000}5045/bin/dash/bin/shroot 534500x800000000000000031913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.975{ec2a2542-2996-6254-e85b-42109e550000}5046/usr/bin/basenameroot 154100x800000000000000031914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.976{ec2a2542-2996-6254-7091-4160d5550000}5047/usr/bin/dpkg-----dpkg --validate-version -- 1:2.8+dfsg-1ubuntu1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2996-6254-6842-382ae8550000}5045/bin/dash/bin/shroot 534500x800000000000000031917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.978{ec2a2542-2996-6254-6822-ac55f0550000}4964/bin/dashroot 534500x800000000000000031916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.978{ec2a2542-2996-6254-6842-382ae8550000}5045/bin/dashroot 534500x800000000000000031915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:58.978{ec2a2542-2996-6254-7091-4160d5550000}5047/usr/bin/dpkgroot 534500x800000000000000031919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.020{ec2a2542-2997-6254-0000-000000000000}5051-root 23542300x800000000000000031918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.020{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000031925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.021{00000000-0000-0000-0000-000000000000}5056<unknown process>root 534500x800000000000000031924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.021{00000000-0000-0000-0000-000000000000}5052<unknown process>root 534500x800000000000000031923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.021{00000000-0000-0000-0000-000000000000}5058<unknown process>root 534500x800000000000000031922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.021{00000000-0000-0000-0000-000000000000}5057<unknown process>root 534500x800000000000000031921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.021{ec2a2542-2997-6254-0000-000000000000}5053-root 534500x800000000000000031920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.021{ec2a2542-2997-6254-0000-000000000000}5049-root 534500x800000000000000031928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.022{00000000-0000-0000-0000-000000000000}5054<unknown process>root 534500x800000000000000031927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.022{00000000-0000-0000-0000-000000000000}5050<unknown process>root 534500x800000000000000031926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.022{00000000-0000-0000-0000-000000000000}5055<unknown process>root 154100x800000000000000031929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.048{ec2a2542-2997-6254-6842-cdb685550000}5060/bin/dash-----/bin/sh /var/lib/dpkg/info/qemu-system-x86.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.049{ec2a2542-2997-6254-68b2-5ce56d550000}5061/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init.d/qemu-system-x86 1:2.2+dfsg-3~ -- configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6842-cdb685550000}5060/bin/dash/bin/shroot 154100x800000000000000031931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.050{ec2a2542-2997-6254-e82b-d293fe550000}5062/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-68b2-5ce56d550000}5061/bin/dash/bin/shroot 534500x800000000000000031932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.051{ec2a2542-2997-6254-e82b-d293fe550000}5062/usr/bin/basenameroot 154100x800000000000000031933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.052{ec2a2542-2997-6254-7091-ab6caf550000}5063/usr/bin/dpkg-----dpkg --validate-version -- 1:2.2+dfsg-3~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-68b2-5ce56d550000}5061/bin/dash/bin/shroot 154100x800000000000000031936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.054{ec2a2542-2997-6254-7031-9c2676550000}5064/usr/bin/dpkg-----dpkg --compare-versions le-nl 1:2.2+dfsg-3~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6842-cdb685550000}5060/bin/dash/bin/shroot 534500x800000000000000031935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.054{ec2a2542-2997-6254-68b2-5ce56d550000}5061/bin/dashroot 534500x800000000000000031934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.054{ec2a2542-2997-6254-7091-ab6caf550000}5063/usr/bin/dpkgroot 154100x800000000000000031938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.057{ec2a2542-2997-6254-68b2-a90474550000}5065/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/qemu/target-x86_64.conf 1:2.4+dfsg-1~ -- configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6842-cdb685550000}5060/bin/dash/bin/shroot 534500x800000000000000031937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.057{ec2a2542-2997-6254-7031-9c2676550000}5064/usr/bin/dpkgroot 154100x800000000000000031939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.058{ec2a2542-2997-6254-e84b-af3b8d550000}5066/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-68b2-a90474550000}5065/bin/dash/bin/shroot 154100x800000000000000031941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.059{ec2a2542-2997-6254-70d1-1810aa550000}5067/usr/bin/dpkg-----dpkg --validate-version -- 1:2.4+dfsg-1~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-68b2-a90474550000}5065/bin/dash/bin/shroot 534500x800000000000000031940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.059{ec2a2542-2997-6254-e84b-af3b8d550000}5066/usr/bin/basenameroot 154100x800000000000000031944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.065{ec2a2542-2997-6254-503c-016cca550000}5068/bin/grep-----grep -q kvm_intel /proc/modules/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6842-cdb685550000}5060/bin/dash/bin/shroot 534500x800000000000000031943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.065{ec2a2542-2997-6254-68b2-a90474550000}5065/bin/dashroot 534500x800000000000000031942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.065{ec2a2542-2997-6254-70d1-1810aa550000}5067/usr/bin/dpkgroot 534500x800000000000000031946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.066{ec2a2542-2997-6254-6842-cdb685550000}5060/bin/dashroot 534500x800000000000000031945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.066{ec2a2542-2997-6254-503c-016cca550000}5068/bin/greproot 154100x800000000000000031947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.378{ec2a2542-2997-6254-6832-9f098a550000}5069/bin/dash-----/bin/sh /var/lib/dpkg/info/libc-bin.postinst triggered ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.379{ec2a2542-2997-6254-b881-3096ca7f0000}5070/sbin/ldconfig.real-----/sbin/ldconfig.real/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6832-9f098a550000}5069/bin/dash/bin/shroot 154100x800000000000000031948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.379{ec2a2542-2997-6254-6892-46ad77550000}5070/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6832-9f098a550000}5069/bin/dash/bin/shroot 534500x800000000000000031951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.393{ec2a2542-2997-6254-6832-9f098a550000}5069/bin/dashroot 534500x800000000000000031950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.393{ec2a2542-2997-6254-6892-46ad77550000}5070/bin/dashroot 154100x800000000000000031952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.408{ec2a2542-2997-6254-6802-481079550000}5071/bin/dash-----/bin/sh /var/lib/dpkg/info/systemd.postinst triggered /etc/init.d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000031953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.410{ec2a2542-2997-6254-d0bc-712e6b550000}5072/bin/systemctl-----systemctl daemon-reload/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6802-481079550000}5071/bin/dash/bin/shroot 23542300x800000000000000031972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunkd.service--- 23542300x800000000000000031971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/hibagent.service--- 23542300x800000000000000031970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/grub-common.service--- 23542300x800000000000000031969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/grub-common.service--- 23542300x800000000000000031968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/splunk.service--- 23542300x800000000000000031967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/multi-user.target.wants/apport.service--- 23542300x800000000000000031966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/grub-common.service--- 23542300x800000000000000031965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/splunk.service--- 23542300x800000000000000031964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/graphical.target.wants/apport.service--- 23542300x800000000000000031963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/splunk.service--- 23542300x800000000000000031962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.late/apport.service--- 23542300x800000000000000031961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator.early/multi-user.target.wants/cloud-init.target--- 23542300x800000000000000031960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/-.mount--- 23542300x800000000000000031959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service--- 23542300x800000000000000031958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/local-fs.target.requires/-.mount--- 23542300x800000000000000031957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/getty.target.wants/serial-getty@ttyS0.service--- 23542300x800000000000000031956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000031955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000031954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.469{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/generator/netplan.stamp--- 154100x800000000000000031973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.471{ec2a2542-2997-6254-38d3-81021d560000}5074/usr/lib/systemd/system-environment-generators/snapd-env-generator-----/usr/lib/systemd/system-environment-generators/snapd-env-generator/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5073--- 534500x800000000000000031975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.472{ec2a2542-2997-6254-0000-000000000000}5073-root 534500x800000000000000031974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.472{ec2a2542-2997-6254-38d3-81021d560000}5074/usr/lib/systemd/system-environment-generators/snapd-env-generatorroot 154100x800000000000000031976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.473{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dash-----/bin/sh /lib/systemd/system-generators/cloud-init-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.474{ec2a2542-2997-6254-c025-d943a1550000}5080/lib/systemd/system-generators/snapd-generator-----/lib/systemd/system-generators/snapd-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.474{ec2a2542-2997-6254-9897-b0459b550000}5079/lib/netplan/generate-----/lib/systemd/system-generators/netplan /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.474{ec2a2542-2997-6254-301c-8e33f3550000}5078/lib/systemd/system-generators/lvm2-activation-generator-----/lib/systemd/system-generators/lvm2-activation-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.474{ec2a2542-2997-6254-6882-2dc6b5550000}5077/bin/dash-----/bin/sh /lib/systemd/system-generators/friendly-recovery /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.475{ec2a2542-2997-6254-88a6-290344560000}5085/lib/systemd/system-generators/systemd-fstab-generator-----/lib/systemd/system-generators/systemd-fstab-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.475{ec2a2542-2997-6254-7816-279c20560000}5081/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dash/bin/shroot 154100x800000000000000031983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.475{ec2a2542-2997-6254-687c-1f1b13560000}5084/lib/systemd/system-generators/systemd-debug-generator-----/lib/systemd/system-generators/systemd-debug-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.475{ec2a2542-2997-6254-d019-6200e8550000}5083/bin/cat-----cat /proc/cmdline/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-6882-2dc6b5550000}5077/bin/dash/bin/shroot 154100x800000000000000031981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.475{ec2a2542-2997-6254-b83e-500fc1550000}5082/lib/systemd/system-generators/systemd-cryptsetup-generator-----/lib/systemd/system-generators/systemd-cryptsetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000032010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.476{ec2a2542-2997-6254-8834-754996550000}5088/lib/systemd/system-generators/systemd-hibernate-resume-generator-----/lib/systemd/system-generators/systemd-hibernate-resume-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.476{ec2a2542-2997-6254-d0be-bc0765550000}5086/lib/systemd/system-generators/systemd-getty-generator-----/lib/systemd/system-generators/systemd-getty-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.476{ec2a2542-2997-6254-f0db-704f17560000}5087/lib/systemd/system-generators/systemd-gpt-auto-generator-----/lib/systemd/system-generators/systemd-gpt-auto-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 534500x800000000000000031986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.476{ec2a2542-2997-6254-d019-6200e8550000}5083/bin/catroot 534500x800000000000000031984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.476{ec2a2542-2997-6254-c025-d943a1550000}5080/lib/systemd/system-generators/snapd-generatorroot 154100x800000000000000032009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.477{ec2a2542-2997-6254-2005-29a20d560000}5090/lib/systemd/system-generators/systemd-system-update-generator-----/lib/systemd/system-generators/systemd-system-update-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.477{ec2a2542-2997-6254-a0e2-63345e550000}5089/lib/systemd/system-generators/systemd-rc-local-generator-----/lib/systemd/system-generators/systemd-rc-local-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 534500x800000000000000031987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.477{ec2a2542-2997-6254-6882-2dc6b5550000}5077/bin/dashroot 154100x800000000000000032002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-d8cc-953447560000}5091/lib/systemd/system-generators/systemd-sysv-generator-----/lib/systemd/system-generators/systemd-sysv-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 154100x800000000000000031999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-3863-f4be4d560000}5093/bin/udevadm-----/sbin/udevadm control --reload/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-9897-b0459b550000}5079/lib/netplan/generate/lib/systemd/system-generators/netplanroot 154100x800000000000000031996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-80b4-53d273550000}5092/lib/systemd/system-generators/systemd-veritysetup-generator-----/lib/systemd/system-generators/systemd-veritysetup-generator /run/systemd/generator /run/systemd/generator.early /run/systemd/generator.late/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}5075--- 534500x800000000000000031994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-301c-8e33f3550000}5078/lib/systemd/system-generators/lvm2-activation-generatorroot 23542300x800000000000000031993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-9897-b0459b550000}5079root/lib/netplan/generate/run/NetworkManager/conf.d/netplan.conf--- 23542300x800000000000000031992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-9897-b0459b550000}5079root/lib/netplan/generate//run/udev/rules.d/99-netplan-ens5.rules--- 23542300x800000000000000031991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-9897-b0459b550000}5079root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.network--- 23542300x800000000000000031990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.478{ec2a2542-2997-6254-9897-b0459b550000}5079root/lib/netplan/generate//run/systemd/network/10-netplan-ens5.link--- 534500x800000000000000031998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.479{ec2a2542-2997-6254-7816-279c20560000}5081/usr/bin/systemd-detect-virtroot 154100x800000000000000032006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.480{ec2a2542-2997-6254-78d6-e62a3a560000}5094/usr/bin/systemd-detect-virt-----systemd-detect-virt --container --quiet/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dash/bin/shroot 534500x800000000000000032001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.480{ec2a2542-2997-6254-687c-1f1b13560000}5084/lib/systemd/system-generators/systemd-debug-generatorroot 534500x800000000000000032000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.480{ec2a2542-2997-6254-b83e-500fc1550000}5082/lib/systemd/system-generators/systemd-cryptsetup-generatorroot 924900x800000000000000032003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.481{ec2a2542-2997-6254-f0db-704f17560000}5087/lib/systemd/system-generators/systemd-gpt-auto-generator/dev/nvme0n1root 534500x800000000000000032008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.482{ec2a2542-2997-6254-9897-b0459b550000}5079/lib/netplan/generateroot 534500x800000000000000032007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.482{ec2a2542-2997-6254-d0be-bc0765550000}5086/lib/systemd/system-generators/systemd-getty-generatorroot 534500x800000000000000032005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.482{ec2a2542-2997-6254-a0e2-63345e550000}5089/lib/systemd/system-generators/systemd-rc-local-generatorroot 534500x800000000000000032004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.482{ec2a2542-2997-6254-3863-f4be4d560000}5093/bin/udevadmroot 534500x800000000000000032012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.483{ec2a2542-2997-6254-80b4-53d273550000}5092/lib/systemd/system-generators/systemd-veritysetup-generatorroot 534500x800000000000000032011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.483{ec2a2542-2997-6254-f0db-704f17560000}5087/lib/systemd/system-generators/systemd-gpt-auto-generatorroot 534500x800000000000000032014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.484{ec2a2542-2997-6254-8834-754996550000}5088/lib/systemd/system-generators/systemd-hibernate-resume-generatorroot 534500x800000000000000032013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.484{ec2a2542-2997-6254-88a6-290344560000}5085/lib/systemd/system-generators/systemd-fstab-generatorroot 534500x800000000000000032015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.485{ec2a2542-2997-6254-2005-29a20d560000}5090/lib/systemd/system-generators/systemd-system-update-generatorroot 534500x800000000000000032016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.486{ec2a2542-2997-6254-78d6-e62a3a560000}5094/usr/bin/systemd-detect-virtroot 154100x800000000000000032017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.487{ec2a2542-2997-6254-68a2-e0aca6550000}5095/bin/dash-----/bin/sh /usr/lib/cloud-init/ds-identify/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dash/bin/shroot 154100x800000000000000032019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.488{ec2a2542-2997-6254-786f-19558b550000}5096/bin/mkdir-----mkdir -p /run/systemd/generator.early/multi-user.target.wants/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dash/bin/shroot 534500x800000000000000032018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.488{ec2a2542-2997-6254-68a2-e0aca6550000}5095/bin/dashroot 534500x800000000000000032020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.489{ec2a2542-2997-6254-786f-19558b550000}5096/bin/mkdirroot 534500x800000000000000032022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.490{ec2a2542-2997-6254-98ad-f0b253560000}5097/bin/lnroot 154100x800000000000000032021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.490{ec2a2542-2997-6254-98ad-f0b253560000}5097/bin/ln-----ln -snf /lib/systemd/system/cloud-init.target /run/systemd/generator.early/multi-user.target.wants/cloud-init.target/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dash/bin/shroot 534500x800000000000000032023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.491{ec2a2542-2997-6254-6892-eb56a5550000}5076/bin/dashroot 534500x800000000000000032024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.505{ec2a2542-2997-6254-d8cc-953447560000}5091/lib/systemd/system-generators/systemd-sysv-generatorroot 534500x800000000000000032025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.506{ec2a2542-2997-6254-0000-000000000000}5075-root 534500x800000000000000032027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.608{ec2a2542-2997-6254-6802-481079550000}5071/bin/dashroot 534500x800000000000000032026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.608{ec2a2542-2997-6254-d0bc-712e6b550000}5072/bin/systemctlroot 154100x800000000000000032028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.616{ec2a2542-2997-6254-6892-d09979550000}5098/bin/dash-----/bin/sh /var/lib/dpkg/info/man-db.postinst triggered /usr/share/man/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000032030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.617{ec2a2542-2997-6254-80ba-73071d560000}5099/usr/bin/mandb-----/usr/bin/mandb -pq/man{ec2a2542-0000-0000-0600-000001000000}64no level-{ec2a2542-2997-6254-6892-d09979550000}5098/bin/dash/bin/shroot 154100x800000000000000032029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.617{ec2a2542-2997-6254-98c7-708760550000}5099/usr/bin/perl-----perl -e @pwd = getpwnam("man"); $) = $( = $pwd[3]; $> = $< = $pwd[2]; exec "/usr/bin/mandb", @ARGV -- -pq/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2997-6254-6892-d09979550000}5098/bin/dash/bin/shroot 534500x800000000000000032031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.670{00000000-0000-0000-0000-000000000000}5100<unknown process>man 534500x800000000000000032032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.674{00000000-0000-0000-0000-000000000000}5101<unknown process>man 534500x800000000000000032033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.675{ec2a2542-2997-6254-0000-000000000000}5103-man 534500x800000000000000032034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.676{ec2a2542-2997-6254-0000-000000000000}5102-man 534500x800000000000000032035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.681{00000000-0000-0000-0000-000000000000}5104<unknown process>man 354300x800000000000000032036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.691{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54754-false10.0.1.12-8000- 534500x800000000000000032037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.692{00000000-0000-0000-0000-000000000000}5105<unknown process>man 534500x800000000000000032038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.693{ec2a2542-2997-6254-0000-000000000000}5107-man 534500x800000000000000032039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.695{00000000-0000-0000-0000-000000000000}5106<unknown process>man 534500x800000000000000032040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.699{00000000-0000-0000-0000-000000000000}5108<unknown process>man 534500x800000000000000032041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.702{00000000-0000-0000-0000-000000000000}5109<unknown process>man 534500x800000000000000032043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.703{00000000-0000-0000-0000-000000000000}5110<unknown process>man 534500x800000000000000032042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.703{ec2a2542-2997-6254-0000-000000000000}5111-man 534500x800000000000000032044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.716{00000000-0000-0000-0000-000000000000}5112<unknown process>man 534500x800000000000000032045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.719{00000000-0000-0000-0000-000000000000}5113<unknown process>man 534500x800000000000000032047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.720{ec2a2542-2997-6254-0000-000000000000}5114-man 534500x800000000000000032046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.720{ec2a2542-2997-6254-0000-000000000000}5115-man 534500x800000000000000032048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.724{ec2a2542-2997-6254-0000-000000000000}5116-man 534500x800000000000000032050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.728{ec2a2542-2997-6254-0000-000000000000}5119-man 534500x800000000000000032049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.728{ec2a2542-2997-6254-0000-000000000000}5117-man 534500x800000000000000032051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.729{ec2a2542-2997-6254-0000-000000000000}5118-man 534500x800000000000000032052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.749{00000000-0000-0000-0000-000000000000}5120<unknown process>man 534500x800000000000000032053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.758{ec2a2542-2997-6254-0000-000000000000}5121-man 534500x800000000000000032054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.759{ec2a2542-2997-6254-0000-000000000000}5123-man 534500x800000000000000032055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.760{ec2a2542-2997-6254-0000-000000000000}5122-man 534500x800000000000000032056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.763{ec2a2542-2997-6254-0000-000000000000}5124-man 534500x800000000000000032057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.771{ec2a2542-2997-6254-0000-000000000000}5125-man 534500x800000000000000032058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.773{ec2a2542-2997-6254-0000-000000000000}5127-man 534500x800000000000000032059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.774{00000000-0000-0000-0000-000000000000}5126<unknown process>man 534500x800000000000000032060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.778{ec2a2542-2997-6254-0000-000000000000}5128-man 534500x800000000000000032062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.782{ec2a2542-2997-6254-0000-000000000000}5131-man 534500x800000000000000032061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.782{ec2a2542-2997-6254-0000-000000000000}5129-man 534500x800000000000000032063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.783{ec2a2542-2997-6254-0000-000000000000}5130-man 534500x800000000000000032064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.810{00000000-0000-0000-0000-000000000000}5132<unknown process>man 534500x800000000000000032065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.815{ec2a2542-2997-6254-0000-000000000000}5133-man 534500x800000000000000032066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.816{ec2a2542-2997-6254-0000-000000000000}5135-man 534500x800000000000000032067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.817{ec2a2542-2997-6254-0000-000000000000}5134-man 534500x800000000000000032068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.823{00000000-0000-0000-0000-000000000000}5136<unknown process>man 534500x800000000000000032069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.829{ec2a2542-2997-6254-0000-000000000000}5137-man 534500x800000000000000032070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.830{ec2a2542-2997-6254-0000-000000000000}5139-man 534500x800000000000000032071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.831{ec2a2542-2997-6254-0000-000000000000}5138-man 534500x800000000000000032072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.835{00000000-0000-0000-0000-000000000000}5140<unknown process>man 534500x800000000000000032073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.846{ec2a2542-2997-6254-0000-000000000000}5141-man 534500x800000000000000032074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.850{ec2a2542-2997-6254-0000-000000000000}5143-man 534500x800000000000000032075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.851{ec2a2542-2997-6254-0000-000000000000}5142-man 534500x800000000000000032076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.855{00000000-0000-0000-0000-000000000000}5144<unknown process>man 534500x800000000000000032078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.861{ec2a2542-2997-6254-0000-000000000000}5147-man 534500x800000000000000032077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.861{00000000-0000-0000-0000-000000000000}5145<unknown process>man 534500x800000000000000032079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.865{00000000-0000-0000-0000-000000000000}5146<unknown process>man 534500x800000000000000032080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.870{ec2a2542-2997-6254-0000-000000000000}5148-man 534500x800000000000000032081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.874{00000000-0000-0000-0000-000000000000}5149<unknown process>man 534500x800000000000000032082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.875{ec2a2542-2997-6254-0000-000000000000}5151-man 534500x800000000000000032083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.876{ec2a2542-2997-6254-0000-000000000000}5150-man 534500x800000000000000032084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.880{00000000-0000-0000-0000-000000000000}5152<unknown process>man 534500x800000000000000032086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.884{ec2a2542-2997-6254-0000-000000000000}5155-man 534500x800000000000000032085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.884{ec2a2542-2997-6254-0000-000000000000}5153-man 534500x800000000000000032087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.885{00000000-0000-0000-0000-000000000000}5154<unknown process>man 534500x800000000000000032088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.888{ec2a2542-2997-6254-0000-000000000000}5156-man 534500x800000000000000032089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.892{ec2a2542-2997-6254-0000-000000000000}5157-man 534500x800000000000000032090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.894{ec2a2542-2997-6254-0000-000000000000}5159-man 534500x800000000000000032091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.895{ec2a2542-2997-6254-0000-000000000000}5158-man 534500x800000000000000032092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.899{ec2a2542-2997-6254-0000-000000000000}5160-man 534500x800000000000000032093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.902{ec2a2542-2997-6254-0000-000000000000}5161-man 534500x800000000000000032094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.903{ec2a2542-2997-6254-0000-000000000000}5163-man 534500x800000000000000032095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.904{ec2a2542-2997-6254-0000-000000000000}5162-man 534500x800000000000000032096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.908{ec2a2542-2997-6254-0000-000000000000}5164-man 534500x800000000000000032097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.911{ec2a2542-2997-6254-0000-000000000000}5165-man 534500x800000000000000032098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.915{ec2a2542-2997-6254-0000-000000000000}5167-man 534500x800000000000000032099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.916{ec2a2542-2997-6254-0000-000000000000}5166-man 534500x800000000000000032100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.919{ec2a2542-2997-6254-0000-000000000000}5168-man 534500x800000000000000032101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.928{ec2a2542-2997-6254-0000-000000000000}5169-man 534500x800000000000000032102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.929{ec2a2542-2997-6254-0000-000000000000}5171-man 534500x800000000000000032103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.930{00000000-0000-0000-0000-000000000000}5170<unknown process>man 534500x800000000000000032104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.937{ec2a2542-2997-6254-0000-000000000000}5172-man 534500x800000000000000032105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.943{ec2a2542-2997-6254-0000-000000000000}5173-man 534500x800000000000000032106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.944{ec2a2542-2997-6254-0000-000000000000}5175-man 534500x800000000000000032107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.946{ec2a2542-2997-6254-0000-000000000000}5174-man 534500x800000000000000032108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.951{ec2a2542-2997-6254-0000-000000000000}5176-man 534500x800000000000000032109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.965{ec2a2542-2997-6254-0000-000000000000}5177-man 534500x800000000000000032111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.966{00000000-0000-0000-0000-000000000000}5178<unknown process>man 534500x800000000000000032110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.966{ec2a2542-2997-6254-0000-000000000000}5180-man 534500x800000000000000032112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.970{ec2a2542-2997-6254-0000-000000000000}5181-man 534500x800000000000000032114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.978{ec2a2542-2997-6254-0000-000000000000}5184-man 534500x800000000000000032113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.978{ec2a2542-2997-6254-0000-000000000000}5182-man 534500x800000000000000032115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.980{ec2a2542-2997-6254-0000-000000000000}5183-man 534500x800000000000000032116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.988{00000000-0000-0000-0000-000000000000}5185<unknown process>man 534500x800000000000000032117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.991{ec2a2542-2997-6254-0000-000000000000}5186-man 534500x800000000000000032118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.992{ec2a2542-2997-6254-0000-000000000000}5188-man 534500x800000000000000032119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.993{00000000-0000-0000-0000-000000000000}5187<unknown process>man 534500x800000000000000032120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:13:59.997{ec2a2542-2997-6254-0000-000000000000}5189-man 534500x800000000000000032121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.002{ec2a2542-2997-6254-0000-000000000000}5190-man 534500x800000000000000032122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.003{ec2a2542-2997-6254-0000-000000000000}5192-man 534500x800000000000000032123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.004{ec2a2542-2997-6254-0000-000000000000}5191-man 534500x800000000000000032124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.008{ec2a2542-2997-6254-0000-000000000000}5193-man 534500x800000000000000032125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.011{ec2a2542-2997-6254-0000-000000000000}5194-man 534500x800000000000000032127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.012{ec2a2542-2998-6254-0000-000000000000}5195-man 534500x800000000000000032126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.012{ec2a2542-2998-6254-0000-000000000000}5196-man 534500x800000000000000032128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.015{00000000-0000-0000-0000-000000000000}5197<unknown process>man 534500x800000000000000032129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.018{ec2a2542-2998-6254-0000-000000000000}5198-man 534500x800000000000000032130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.019{ec2a2542-2998-6254-0000-000000000000}5200-man 534500x800000000000000032131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.020{ec2a2542-2998-6254-0000-000000000000}5199-man 534500x800000000000000032132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.025{00000000-0000-0000-0000-000000000000}5201<unknown process>man 534500x800000000000000032133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.028{ec2a2542-2998-6254-0000-000000000000}5202-man 534500x800000000000000032134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.029{ec2a2542-2998-6254-0000-000000000000}5204-man 534500x800000000000000032135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.030{ec2a2542-2998-6254-0000-000000000000}5203-man 534500x800000000000000032136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.034{ec2a2542-2998-6254-0000-000000000000}5205-man 534500x800000000000000032137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.037{ec2a2542-2998-6254-0000-000000000000}5206-man 534500x800000000000000032139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.038{ec2a2542-2998-6254-0000-000000000000}5207-man 534500x800000000000000032138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.038{ec2a2542-2998-6254-0000-000000000000}5208-man 534500x800000000000000032140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.042{ec2a2542-2998-6254-0000-000000000000}5209-man 534500x800000000000000032141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.045{ec2a2542-2998-6254-0000-000000000000}5210-man 534500x800000000000000032143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.046{00000000-0000-0000-0000-000000000000}5211<unknown process>man 534500x800000000000000032142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.046{ec2a2542-2998-6254-0000-000000000000}5212-man 534500x800000000000000032144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.050{ec2a2542-2998-6254-0000-000000000000}5213-man 534500x800000000000000032145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.053{ec2a2542-2998-6254-0000-000000000000}5214-man 534500x800000000000000032146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.054{ec2a2542-2998-6254-0000-000000000000}5216-man 534500x800000000000000032147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.055{ec2a2542-2998-6254-0000-000000000000}5215-man 534500x800000000000000032148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.058{00000000-0000-0000-0000-000000000000}5217<unknown process>man 534500x800000000000000032149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.061{ec2a2542-2998-6254-0000-000000000000}5218-man 534500x800000000000000032151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.062{ec2a2542-2998-6254-0000-000000000000}5219-man 534500x800000000000000032150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.062{ec2a2542-2998-6254-0000-000000000000}5220-man 534500x800000000000000032152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.065{ec2a2542-2998-6254-0000-000000000000}5221-man 534500x800000000000000032153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.069{ec2a2542-2998-6254-0000-000000000000}5222-man 534500x800000000000000032155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.070{ec2a2542-2998-6254-0000-000000000000}5223-man 534500x800000000000000032154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.070{ec2a2542-2998-6254-0000-000000000000}5224-man 534500x800000000000000032156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.074{ec2a2542-2998-6254-0000-000000000000}5225-man 534500x800000000000000032157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.079{ec2a2542-2998-6254-0000-000000000000}5226-man 534500x800000000000000032158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.082{ec2a2542-2998-6254-0000-000000000000}5228-man 534500x800000000000000032159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.084{ec2a2542-2998-6254-0000-000000000000}5227-man 534500x800000000000000032160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.087{ec2a2542-2998-6254-0000-000000000000}5229-man 534500x800000000000000032161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.091{ec2a2542-2998-6254-0000-000000000000}5230-man 534500x800000000000000032163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.094{ec2a2542-2998-6254-0000-000000000000}5231-man 534500x800000000000000032162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.094{ec2a2542-2998-6254-0000-000000000000}5232-man 534500x800000000000000032164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.098{ec2a2542-2998-6254-0000-000000000000}5233-man 534500x800000000000000032165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.110{ec2a2542-2998-6254-0000-000000000000}5234-man 534500x800000000000000032166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.111{ec2a2542-2998-6254-0000-000000000000}5236-man 534500x800000000000000032167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.112{ec2a2542-2998-6254-0000-000000000000}5235-man 534500x800000000000000032168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.129{00000000-0000-0000-0000-000000000000}5238<unknown process>man 534500x800000000000000032169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.134{00000000-0000-0000-0000-000000000000}5239<unknown process>man 534500x800000000000000032170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.135{ec2a2542-2998-6254-0000-000000000000}5241-man 534500x800000000000000032171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.136{00000000-0000-0000-0000-000000000000}5240<unknown process>man 534500x800000000000000032172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.143{00000000-0000-0000-0000-000000000000}5242<unknown process>man 534500x800000000000000032173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.147{ec2a2542-2998-6254-0000-000000000000}5243-man 534500x800000000000000032174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.161{ec2a2542-2998-6254-0000-000000000000}5245-man 534500x800000000000000032175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.162{00000000-0000-0000-0000-000000000000}5244<unknown process>man 534500x800000000000000032176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.166{00000000-0000-0000-0000-000000000000}5246<unknown process>man 534500x800000000000000032177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.169{ec2a2542-2998-6254-0000-000000000000}5247-man 534500x800000000000000032178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.171{ec2a2542-2998-6254-0000-000000000000}5249-man 534500x800000000000000032179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.172{ec2a2542-2998-6254-0000-000000000000}5248-man 534500x800000000000000032180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.175{00000000-0000-0000-0000-000000000000}5250<unknown process>man 534500x800000000000000032181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.179{ec2a2542-2998-6254-0000-000000000000}5251-man 534500x800000000000000032182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.180{ec2a2542-2998-6254-0000-000000000000}5253-man 534500x800000000000000032183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.181{ec2a2542-2998-6254-0000-000000000000}5252-man 534500x800000000000000032184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.186{00000000-0000-0000-0000-000000000000}5254<unknown process>man 534500x800000000000000032185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.190{00000000-0000-0000-0000-000000000000}5255<unknown process>man 534500x800000000000000032186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.196{00000000-0000-0000-0000-000000000000}5256<unknown process>man 534500x800000000000000032187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.197{ec2a2542-2998-6254-0000-000000000000}5258-man 534500x800000000000000032188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.199{ec2a2542-2998-6254-0000-000000000000}5257-man 534500x800000000000000032189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.203{00000000-0000-0000-0000-000000000000}5259<unknown process>man 534500x800000000000000032190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.206{ec2a2542-2998-6254-0000-000000000000}5260-man 534500x800000000000000032191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.208{ec2a2542-2998-6254-0000-000000000000}5262-man 534500x800000000000000032192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.209{ec2a2542-2998-6254-0000-000000000000}5261-man 534500x800000000000000032193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.213{ec2a2542-2998-6254-0000-000000000000}5263-man 534500x800000000000000032194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.216{ec2a2542-2998-6254-0000-000000000000}5264-man 534500x800000000000000032195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.221{ec2a2542-2998-6254-0000-000000000000}5266-man 534500x800000000000000032196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.222{ec2a2542-2998-6254-0000-000000000000}5265-man 534500x800000000000000032197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.226{00000000-0000-0000-0000-000000000000}5267<unknown process>man 534500x800000000000000032198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.231{00000000-0000-0000-0000-000000000000}5268<unknown process>man 534500x800000000000000032199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.232{00000000-0000-0000-0000-000000000000}5270<unknown process>man 534500x800000000000000032200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.234{00000000-0000-0000-0000-000000000000}5269<unknown process>man 534500x800000000000000032201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.238{ec2a2542-2998-6254-0000-000000000000}5271-man 534500x800000000000000032202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.242{ec2a2542-2998-6254-0000-000000000000}5272-man 534500x800000000000000032204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.246{ec2a2542-2998-6254-0000-000000000000}5273-man 534500x800000000000000032203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.246{ec2a2542-2998-6254-0000-000000000000}5274-man 534500x800000000000000032205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.256{00000000-0000-0000-0000-000000000000}5275<unknown process>man 534500x800000000000000032206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.266{00000000-0000-0000-0000-000000000000}5276<unknown process>man 534500x800000000000000032207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.267{ec2a2542-2998-6254-0000-000000000000}5278-man 534500x800000000000000032208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.280{00000000-0000-0000-0000-000000000000}5277<unknown process>man 534500x800000000000000032209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.284{00000000-0000-0000-0000-000000000000}5279<unknown process>man 534500x800000000000000032211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.289{ec2a2542-2998-6254-0000-000000000000}5282-man 534500x800000000000000032210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.289{00000000-0000-0000-0000-000000000000}5280<unknown process>man 534500x800000000000000032212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.290{ec2a2542-2998-6254-0000-000000000000}5281-man 534500x800000000000000032213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.296{ec2a2542-2998-6254-0000-000000000000}5283-man 534500x800000000000000032214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.309{00000000-0000-0000-0000-000000000000}5284<unknown process>man 534500x800000000000000032215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.314{00000000-0000-0000-0000-000000000000}5285<unknown process>man 534500x800000000000000032216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.316{ec2a2542-2998-6254-0000-000000000000}5287-man 534500x800000000000000032217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.318{ec2a2542-2998-6254-0000-000000000000}5286-man 534500x800000000000000032218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.322{ec2a2542-2998-6254-0000-000000000000}5288-man 534500x800000000000000032219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.324{ec2a2542-2998-6254-0000-000000000000}5289-man 534500x800000000000000032220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.331{00000000-0000-0000-0000-000000000000}5290<unknown process>man 534500x800000000000000032221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.332{ec2a2542-2998-6254-0000-000000000000}5292-man 534500x800000000000000032222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.333{ec2a2542-2998-6254-0000-000000000000}5291-man 534500x800000000000000032223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.339{00000000-0000-0000-0000-000000000000}5293<unknown process>man 534500x800000000000000032224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.343{00000000-0000-0000-0000-000000000000}5294<unknown process>man 534500x800000000000000032226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.353{ec2a2542-2998-6254-0000-000000000000}5297-man 534500x800000000000000032225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.353{00000000-0000-0000-0000-000000000000}5295<unknown process>man 534500x800000000000000032227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.354{ec2a2542-2998-6254-0000-000000000000}5296-man 534500x800000000000000032228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.359{00000000-0000-0000-0000-000000000000}5298<unknown process>man 534500x800000000000000032229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.364{00000000-0000-0000-0000-000000000000}5299<unknown process>man 534500x800000000000000032230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.369{ec2a2542-2998-6254-0000-000000000000}5300-man 534500x800000000000000032231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.372{ec2a2542-2998-6254-0000-000000000000}5302-man 534500x800000000000000032232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.373{ec2a2542-2998-6254-0000-000000000000}5301-man 534500x800000000000000032233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.377{00000000-0000-0000-0000-000000000000}5303<unknown process>man 534500x800000000000000032234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.382{00000000-0000-0000-0000-000000000000}5304<unknown process>man 534500x800000000000000032235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.397{00000000-0000-0000-0000-000000000000}5305<unknown process>man 534500x800000000000000032236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.398{ec2a2542-2998-6254-0000-000000000000}5307-man 534500x800000000000000032237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.402{00000000-0000-0000-0000-000000000000}5306<unknown process>man 534500x800000000000000032238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.408{ec2a2542-2998-6254-0000-000000000000}5308-man 534500x800000000000000032239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.416{00000000-0000-0000-0000-000000000000}5309<unknown process>man 534500x800000000000000032240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.422{ec2a2542-2998-6254-0000-000000000000}5310-man 534500x800000000000000032241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.425{ec2a2542-2998-6254-0000-000000000000}5312-man 534500x800000000000000032242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.426{ec2a2542-2998-6254-0000-000000000000}5311-man 534500x800000000000000032243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.430{00000000-0000-0000-0000-000000000000}5313<unknown process>man 534500x800000000000000032244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.434{00000000-0000-0000-0000-000000000000}5314<unknown process>man 534500x800000000000000032246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.440{ec2a2542-2998-6254-0000-000000000000}5317-man 534500x800000000000000032245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.440{ec2a2542-2998-6254-0000-000000000000}5315-man 534500x800000000000000032247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.442{ec2a2542-2998-6254-0000-000000000000}5316-man 534500x800000000000000032248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.446{00000000-0000-0000-0000-000000000000}5318<unknown process>man 534500x800000000000000032249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.450{00000000-0000-0000-0000-000000000000}5319<unknown process>man 534500x800000000000000032250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.457{00000000-0000-0000-0000-000000000000}5320<unknown process>man 534500x800000000000000032251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.458{ec2a2542-2998-6254-0000-000000000000}5322-man 534500x800000000000000032252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.460{ec2a2542-2998-6254-0000-000000000000}5321-man 534500x800000000000000032253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.465{00000000-0000-0000-0000-000000000000}5323<unknown process>man 534500x800000000000000032254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.469{00000000-0000-0000-0000-000000000000}5324<unknown process>man 534500x800000000000000032256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.477{ec2a2542-2998-6254-0000-000000000000}5327-man 534500x800000000000000032255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.477{ec2a2542-2998-6254-0000-000000000000}5325-man 534500x800000000000000032257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.480{00000000-0000-0000-0000-000000000000}5326<unknown process>man 534500x800000000000000032258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.484{00000000-0000-0000-0000-000000000000}5328<unknown process>man 534500x800000000000000032259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.487{00000000-0000-0000-0000-000000000000}5329<unknown process>man 534500x800000000000000032260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.492{00000000-0000-0000-0000-000000000000}5330<unknown process>man 534500x800000000000000032261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.493{ec2a2542-2998-6254-0000-000000000000}5332-man 534500x800000000000000032262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.494{00000000-0000-0000-0000-000000000000}5331<unknown process>man 534500x800000000000000032263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.500{00000000-0000-0000-0000-000000000000}5333<unknown process>man 534500x800000000000000032264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.504{00000000-0000-0000-0000-000000000000}5334<unknown process>man 534500x800000000000000032265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.511{00000000-0000-0000-0000-000000000000}5335<unknown process>man 534500x800000000000000032266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.512{ec2a2542-2998-6254-0000-000000000000}5337-man 534500x800000000000000032267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.514{00000000-0000-0000-0000-000000000000}5336<unknown process>man 534500x800000000000000032268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.517{ec2a2542-2998-6254-0000-000000000000}5338-man 534500x800000000000000032269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.521{00000000-0000-0000-0000-000000000000}5339<unknown process>man 534500x800000000000000032270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.528{00000000-0000-0000-0000-000000000000}5340<unknown process>man 534500x800000000000000032271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.529{ec2a2542-2998-6254-0000-000000000000}5342-man 534500x800000000000000032272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.530{ec2a2542-2998-6254-0000-000000000000}5341-man 534500x800000000000000032273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.535{ec2a2542-2998-6254-0000-000000000000}5343-man 534500x800000000000000032274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.539{00000000-0000-0000-0000-000000000000}5344<unknown process>man 534500x800000000000000032275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.543{00000000-0000-0000-0000-000000000000}5345<unknown process>man 534500x800000000000000032276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.544{00000000-0000-0000-0000-000000000000}5347<unknown process>man 534500x800000000000000032277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.546{00000000-0000-0000-0000-000000000000}5346<unknown process>man 534500x800000000000000032278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.550{00000000-0000-0000-0000-000000000000}5348<unknown process>man 534500x800000000000000032279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.557{00000000-0000-0000-0000-000000000000}5349<unknown process>man 534500x800000000000000032280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.562{00000000-0000-0000-0000-000000000000}5350<unknown process>man 534500x800000000000000032281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.563{ec2a2542-2998-6254-0000-000000000000}5352-man 534500x800000000000000032282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.564{00000000-0000-0000-0000-000000000000}5351<unknown process>man 534500x800000000000000032283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.570{00000000-0000-0000-0000-000000000000}5353<unknown process>man 534500x800000000000000032284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.574{00000000-0000-0000-0000-000000000000}5354<unknown process>man 534500x800000000000000032285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.580{00000000-0000-0000-0000-000000000000}5355<unknown process>man 534500x800000000000000032286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.581{ec2a2542-2998-6254-0000-000000000000}5357-man 534500x800000000000000032287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.582{ec2a2542-2998-6254-0000-000000000000}5356-man 534500x800000000000000032288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.586{00000000-0000-0000-0000-000000000000}5358<unknown process>man 534500x800000000000000032289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.594{00000000-0000-0000-0000-000000000000}5359<unknown process>man 534500x800000000000000032290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.600{ec2a2542-2998-6254-0000-000000000000}5360-man 534500x800000000000000032291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.602{ec2a2542-2998-6254-0000-000000000000}5362-man 534500x800000000000000032292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.608{00000000-0000-0000-0000-000000000000}5361<unknown process>man 534500x800000000000000032293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.612{ec2a2542-2998-6254-0000-000000000000}5363-man 534500x800000000000000032294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.616{00000000-0000-0000-0000-000000000000}5364<unknown process>man 534500x800000000000000032296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.626{ec2a2542-2998-6254-0000-000000000000}5367-man 534500x800000000000000032295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.626{00000000-0000-0000-0000-000000000000}5365<unknown process>man 534500x800000000000000032297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.628{ec2a2542-2998-6254-0000-000000000000}5366-man 534500x800000000000000032298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.636{ec2a2542-2998-6254-0000-000000000000}5368-man 534500x800000000000000032299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.639{ec2a2542-2998-6254-0000-000000000000}5369-man 534500x800000000000000032300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.647{00000000-0000-0000-0000-000000000000}5370<unknown process>man 534500x800000000000000032301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.648{ec2a2542-2998-6254-0000-000000000000}5372-man 534500x800000000000000032302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.652{00000000-0000-0000-0000-000000000000}5371<unknown process>man 534500x800000000000000032303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.655{00000000-0000-0000-0000-000000000000}5373<unknown process>man 534500x800000000000000032304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.663{00000000-0000-0000-0000-000000000000}5374<unknown process>man 534500x800000000000000032305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.669{ec2a2542-2998-6254-0000-000000000000}5375-man 534500x800000000000000032306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.670{ec2a2542-2998-6254-0000-000000000000}5377-man 534500x800000000000000032307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.671{ec2a2542-2998-6254-0000-000000000000}5376-man 534500x800000000000000032308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.675{00000000-0000-0000-0000-000000000000}5378<unknown process>man 534500x800000000000000032309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.679{00000000-0000-0000-0000-000000000000}5379<unknown process>man 534500x800000000000000032310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.696{00000000-0000-0000-0000-000000000000}5380<unknown process>man 534500x800000000000000032311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.697{ec2a2542-2998-6254-0000-000000000000}5382-man 534500x800000000000000032312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.698{00000000-0000-0000-0000-000000000000}5381<unknown process>man 534500x800000000000000032313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.709{ec2a2542-2998-6254-0000-000000000000}5383-man 534500x800000000000000032314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.715{00000000-0000-0000-0000-000000000000}5384<unknown process>man 534500x800000000000000032315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.725{00000000-0000-0000-0000-000000000000}5385<unknown process>man 534500x800000000000000032316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.726{ec2a2542-2998-6254-0000-000000000000}5387-man 534500x800000000000000032317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.728{00000000-0000-0000-0000-000000000000}5386<unknown process>man 534500x800000000000000032318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.735{00000000-0000-0000-0000-000000000000}5388<unknown process>man 534500x800000000000000032319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.739{00000000-0000-0000-0000-000000000000}5389<unknown process>man 534500x800000000000000032320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.743{00000000-0000-0000-0000-000000000000}5390<unknown process>man 534500x800000000000000032321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.744{ec2a2542-2998-6254-0000-000000000000}5392-man 534500x800000000000000032322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.745{00000000-0000-0000-0000-000000000000}5391<unknown process>man 534500x800000000000000032323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.749{00000000-0000-0000-0000-000000000000}5393<unknown process>man 534500x800000000000000032324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.752{00000000-0000-0000-0000-000000000000}5394<unknown process>man 534500x800000000000000032325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.758{00000000-0000-0000-0000-000000000000}5395<unknown process>man 534500x800000000000000032326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.759{ec2a2542-2998-6254-0000-000000000000}5397-man 534500x800000000000000032327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.760{00000000-0000-0000-0000-000000000000}5396<unknown process>man 534500x800000000000000032328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.763{00000000-0000-0000-0000-000000000000}5398<unknown process>man 534500x800000000000000032329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.767{00000000-0000-0000-0000-000000000000}5399<unknown process>man 534500x800000000000000032330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.772{00000000-0000-0000-0000-000000000000}5400<unknown process>man 534500x800000000000000032331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.773{ec2a2542-2998-6254-0000-000000000000}5402-man 534500x800000000000000032332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.774{ec2a2542-2998-6254-0000-000000000000}5401-man 534500x800000000000000032333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.778{00000000-0000-0000-0000-000000000000}5403<unknown process>man 534500x800000000000000032334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.788{00000000-0000-0000-0000-000000000000}5404<unknown process>man 534500x800000000000000032335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.795{00000000-0000-0000-0000-000000000000}5405<unknown process>man 534500x800000000000000032336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.796{ec2a2542-2998-6254-0000-000000000000}5407-man 534500x800000000000000032337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.797{00000000-0000-0000-0000-000000000000}5406<unknown process>man 534500x800000000000000032338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.802{ec2a2542-2998-6254-0000-000000000000}5408-man 534500x800000000000000032339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.805{00000000-0000-0000-0000-000000000000}5409<unknown process>man 534500x800000000000000032340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.812{ec2a2542-2998-6254-0000-000000000000}5410-man 534500x800000000000000032341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.814{ec2a2542-2998-6254-0000-000000000000}5412-man 534500x800000000000000032342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.815{00000000-0000-0000-0000-000000000000}5411<unknown process>man 534500x800000000000000032343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.819{ec2a2542-2998-6254-0000-000000000000}5413-man 534500x800000000000000032344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.823{00000000-0000-0000-0000-000000000000}5414<unknown process>man 534500x800000000000000032345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.829{00000000-0000-0000-0000-000000000000}5415<unknown process>man 534500x800000000000000032346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.830{ec2a2542-2998-6254-0000-000000000000}5417-man 534500x800000000000000032347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.832{ec2a2542-2998-6254-0000-000000000000}5416-man 534500x800000000000000032348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.836{00000000-0000-0000-0000-000000000000}5418<unknown process>man 534500x800000000000000032349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.840{ec2a2542-2998-6254-0000-000000000000}5419-man 534500x800000000000000032351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.847{ec2a2542-2998-6254-0000-000000000000}5422-man 534500x800000000000000032350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.847{00000000-0000-0000-0000-000000000000}5420<unknown process>man 534500x800000000000000032352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.850{ec2a2542-2998-6254-0000-000000000000}5421-man 534500x800000000000000032353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.856{ec2a2542-2998-6254-0000-000000000000}5423-man 534500x800000000000000032354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.861{00000000-0000-0000-0000-000000000000}5424<unknown process>man 534500x800000000000000032355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.862{ec2a2542-2998-6254-0000-000000000000}5426-man 534500x800000000000000032356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.864{ec2a2542-2998-6254-0000-000000000000}5425-man 534500x800000000000000032357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.869{ec2a2542-2998-6254-0000-000000000000}5427-man 534500x800000000000000032358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.876{00000000-0000-0000-0000-000000000000}5428<unknown process>man 534500x800000000000000032360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.877{ec2a2542-2998-6254-0000-000000000000}5429-man 534500x800000000000000032359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.877{ec2a2542-2998-6254-0000-000000000000}5430-man 23542300x800000000000000032362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.885{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/da/5099--- 23542300x800000000000000032361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.885{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/hu/5099--- 23542300x800000000000000032365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.886{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/ru/5099--- 23542300x800000000000000032364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.886{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/id/5099--- 23542300x800000000000000032363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.886{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/cs/5099--- 23542300x800000000000000032368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.887{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/zh_CN/5099--- 23542300x800000000000000032367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.887{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/tr/5099--- 23542300x800000000000000032366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.887{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/sl/5099--- 23542300x800000000000000032372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.889{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/ja/5099--- 23542300x800000000000000032371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.889{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/fi/5099--- 23542300x800000000000000032370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.889{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/ko/5099--- 23542300x800000000000000032369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.889{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/it/5099--- 23542300x800000000000000032375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.890{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/sv/5099--- 23542300x800000000000000032374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.890{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/pl/5099--- 23542300x800000000000000032373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.890{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/pt_BR/5099--- 23542300x800000000000000032379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.891{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/pt/5099--- 23542300x800000000000000032378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.891{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/nl/5099--- 23542300x800000000000000032377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.891{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/zh_TW/5099--- 23542300x800000000000000032376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.891{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/de/5099--- 23542300x800000000000000032380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.892{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/sr/5099--- 23542300x800000000000000032383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.893{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/oldlocal/5099--- 23542300x800000000000000032382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.893{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/fr/5099--- 23542300x800000000000000032381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.893{ec2a2542-2997-6254-98c7-708760550000}5099man/usr/bin/mandb/var/cache/man/es/5099--- 534500x800000000000000032385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.897{ec2a2542-2997-6254-6892-d09979550000}5098/bin/dashroot 534500x800000000000000032384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.897{ec2a2542-2997-6254-98c7-708760550000}5099/usr/bin/perlman 154100x800000000000000032386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.912{ec2a2542-2998-6254-6832-5eb39c550000}5431/bin/dash-----/bin/sh -e /var/lib/dpkg/info/ureadahead.postinst triggered /etc/init.d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000032387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.914{ec2a2542-2998-6254-68a2-01084c560000}5432/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init/ureadahead-other.conf 0.100.0-20~ ureadahead -- triggered /etc/init.d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6832-5eb39c550000}5431/bin/dash/bin/shroot 154100x800000000000000032388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.915{ec2a2542-2998-6254-e89b-80863c560000}5433/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68a2-01084c560000}5432/bin/dash/bin/shroot 534500x800000000000000032389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.916{ec2a2542-2998-6254-e89b-80863c560000}5433/usr/bin/basenameroot 154100x800000000000000032390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.917{ec2a2542-2998-6254-7011-7ce426560000}5434/usr/bin/dpkg-----dpkg --validate-version -- 0.100.0-20~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68a2-01084c560000}5432/bin/dash/bin/shroot 154100x800000000000000032393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.919{ec2a2542-2998-6254-6882-bbc15c550000}5435/bin/dash-----/bin/sh /usr/bin/dpkg-maintscript-helper rm_conffile /etc/init/ureadahead.conf 0.100.0-20~ ureadahead -- triggered /etc/init.d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6832-5eb39c550000}5431/bin/dash/bin/shroot 534500x800000000000000032392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.919{ec2a2542-2998-6254-68a2-01084c560000}5432/bin/dashroot 534500x800000000000000032391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.919{ec2a2542-2998-6254-7011-7ce426560000}5434/usr/bin/dpkgroot 154100x800000000000000032394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.920{ec2a2542-2998-6254-e8fb-c6bd73550000}5436/usr/bin/basename-----basename /usr/bin/dpkg-maintscript-helper/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6882-bbc15c550000}5435/bin/dash/bin/shroot 154100x800000000000000032396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.921{ec2a2542-2998-6254-70d1-a558c2550000}5437/usr/bin/dpkg-----dpkg --validate-version -- 0.100.0-20~/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6882-bbc15c550000}5435/bin/dash/bin/shroot 534500x800000000000000032395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.921{ec2a2542-2998-6254-e8fb-c6bd73550000}5436/usr/bin/basenameroot 534500x800000000000000032398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.923{ec2a2542-2998-6254-6882-bbc15c550000}5435/bin/dashroot 534500x800000000000000032397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.923{ec2a2542-2998-6254-70d1-a558c2550000}5437/usr/bin/dpkgroot 534500x800000000000000032399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.924{ec2a2542-2998-6254-6832-5eb39c550000}5431/bin/dashroot 154100x800000000000000032400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.934{ec2a2542-2998-6254-6822-c2e8b9550000}5438/bin/dash-----/bin/sh -e /var/lib/dpkg/info/install-info.postinst triggered /usr/share/info/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000032401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.936{ec2a2542-2998-6254-68e2-069282550000}5439/bin/dash-----/bin/sh /usr/sbin/update-info-dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6822-c2e8b9550000}5438/bin/dash/bin/shroot 154100x800000000000000032402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.937{ec2a2542-2998-6254-70a3-220ef0550000}5440/bin/rm-----rm -f /usr/share/info/dir.old/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68e2-069282550000}5439/bin/dash/bin/shroot 154100x800000000000000032405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.939{ec2a2542-2998-6254-981a-715664550000}5441/bin/cp-----cp /usr/share/info/dir /usr/share/info/dir.old/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68e2-069282550000}5439/bin/dash/bin/shroot 534500x800000000000000032404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.939{ec2a2542-2998-6254-70a3-220ef0550000}5440/bin/rmroot 23542300x800000000000000032403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.939{ec2a2542-2998-6254-70a3-220ef0550000}5440root/bin/rm/usr/share/info/dir.old--- 154100x800000000000000032407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.970{ec2a2542-2998-6254-7033-a15a3c560000}5442/bin/rm-----rm -f /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68e2-069282550000}5439/bin/dash/bin/shroot 534500x800000000000000032406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.970{ec2a2542-2998-6254-981a-715664550000}5441/bin/cproot 154100x800000000000000032410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.971{ec2a2542-2998-6254-90d0-44b674550000}5443/usr/bin/find-----find /usr/share/info -type f/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68e2-069282550000}5439/bin/dash/bin/shroot 534500x800000000000000032409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.971{ec2a2542-2998-6254-7033-a15a3c560000}5442/bin/rmroot 23542300x800000000000000032408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.971{ec2a2542-2998-6254-7033-a15a3c560000}5442root/bin/rm/usr/share/info/dir--- 154100x800000000000000032412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.973{ec2a2542-2998-6254-8047-a30fa1550000}5445/usr/bin/install-info-----install-info /usr/share/info/grep.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.973{ec2a2542-2998-6254-90d0-44b674550000}5443/usr/bin/findroot 154100x800000000000000032413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.976{ec2a2542-2998-6254-6892-162d97550000}5446/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-8047-a30fa1550000}5445/usr/bin/install-infoinstall-inforoot 154100x800000000000000032414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.977{ec2a2542-2998-6254-28ac-c4037b550000}5447/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6892-162d97550000}5446/bin/dashshroot 534500x800000000000000032416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.979{ec2a2542-2998-6254-6892-162d97550000}5446/bin/dashroot 534500x800000000000000032415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.979{ec2a2542-2998-6254-28ac-c4037b550000}5447/bin/gziproot 154100x800000000000000032418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.980{ec2a2542-2998-6254-8087-839a9e550000}5448/usr/bin/install-info-----install-info /usr/share/info/rluserman.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.980{ec2a2542-2998-6254-8047-a30fa1550000}5445/usr/bin/install-inforoot 154100x800000000000000032419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.981{ec2a2542-2998-6254-6832-79b40d560000}5449/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-8087-839a9e550000}5448/usr/bin/install-infoinstall-inforoot 154100x800000000000000032420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.983{ec2a2542-2998-6254-28ec-f31918560000}5450/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6832-79b40d560000}5449/bin/dashshroot 534500x800000000000000032422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.986{ec2a2542-2998-6254-6832-79b40d560000}5449/bin/dashroot 534500x800000000000000032421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.986{ec2a2542-2998-6254-28ec-f31918560000}5450/bin/gziproot 154100x800000000000000032424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.987{ec2a2542-2998-6254-8027-403775550000}5451/usr/bin/install-info-----install-info /usr/share/info/grub-dev.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.987{ec2a2542-2998-6254-8087-839a9e550000}5448/usr/bin/install-inforoot 154100x800000000000000032425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.989{ec2a2542-2998-6254-68e2-5d958f550000}5452/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-8027-403775550000}5451/usr/bin/install-infoinstall-inforoot 154100x800000000000000032426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.990{ec2a2542-2998-6254-281c-931d32560000}5453/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68e2-5d958f550000}5452/bin/dashshroot 534500x800000000000000032429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.992{ec2a2542-2998-6254-8027-403775550000}5451/usr/bin/install-inforoot 534500x800000000000000032428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.992{ec2a2542-2998-6254-68e2-5d958f550000}5452/bin/dashroot 534500x800000000000000032427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.992{ec2a2542-2998-6254-281c-931d32560000}5453/bin/gziproot 154100x800000000000000032430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.993{ec2a2542-2998-6254-80f7-ba79fe550000}5454/usr/bin/install-info-----install-info /usr/share/info/gnupg.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.994{ec2a2542-2998-6254-68b2-84b449560000}5455/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-80f7-ba79fe550000}5454/usr/bin/install-infoinstall-inforoot 534500x800000000000000032433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.995{ec2a2542-2998-6254-28ec-2d4621560000}5456/bin/gziproot 154100x800000000000000032432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.995{ec2a2542-2998-6254-28ec-2d4621560000}5456/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-68b2-84b449560000}5455/bin/dashshroot 154100x800000000000000032436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.996{ec2a2542-2998-6254-8067-9297e1550000}5457/usr/bin/install-info-----install-info /usr/share/info/wget.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.996{ec2a2542-2998-6254-80f7-ba79fe550000}5454/usr/bin/install-inforoot 534500x800000000000000032434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.996{ec2a2542-2998-6254-68b2-84b449560000}5455/bin/dashroot 154100x800000000000000032438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.998{ec2a2542-2998-6254-281c-e169b1550000}5459/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-6832-620d44560000}5458/bin/dashshroot 154100x800000000000000032437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:00.998{ec2a2542-2998-6254-6832-620d44560000}5458/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2998-6254-8067-9297e1550000}5457/usr/bin/install-infoinstall-inforoot 534500x800000000000000032440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.002{ec2a2542-2998-6254-6832-620d44560000}5458/bin/dashroot 534500x800000000000000032439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.002{ec2a2542-2998-6254-281c-e169b1550000}5459/bin/gziproot 154100x800000000000000032442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.004{ec2a2542-2999-6254-8067-6c6f50560000}5460/usr/bin/install-info-----install-info /usr/share/info/grub.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.004{ec2a2542-2998-6254-8067-9297e1550000}5457/usr/bin/install-inforoot 154100x800000000000000032443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.005{ec2a2542-2999-6254-68e2-aeb0c8550000}5461/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8067-6c6f50560000}5460/usr/bin/install-infoinstall-inforoot 154100x800000000000000032444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.006{ec2a2542-2999-6254-28ec-9cf64a560000}5462/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-68e2-aeb0c8550000}5461/bin/dashshroot 534500x800000000000000032446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.011{ec2a2542-2999-6254-68e2-aeb0c8550000}5461/bin/dashroot 534500x800000000000000032445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.011{ec2a2542-2999-6254-28ec-9cf64a560000}5462/bin/gziproot 154100x800000000000000032448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.012{ec2a2542-2999-6254-8047-fbaa7a550000}5463/usr/bin/install-info-----install-info /usr/share/info/bc.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.012{ec2a2542-2999-6254-8067-6c6f50560000}5460/usr/bin/install-inforoot 154100x800000000000000032449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.014{ec2a2542-2999-6254-6802-da0fe1550000}5464/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8047-fbaa7a550000}5463/usr/bin/install-infoinstall-inforoot 154100x800000000000000032450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.015{ec2a2542-2999-6254-288c-f99212560000}5465/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6802-da0fe1550000}5464/bin/dashshroot 154100x800000000000000032454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.016{ec2a2542-2999-6254-8017-ccff7a550000}5466/usr/bin/install-info-----install-info /usr/share/info/ed.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.016{ec2a2542-2999-6254-8047-fbaa7a550000}5463/usr/bin/install-inforoot 534500x800000000000000032452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.016{ec2a2542-2999-6254-6802-da0fe1550000}5464/bin/dashroot 534500x800000000000000032451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.016{ec2a2542-2999-6254-288c-f99212560000}5465/bin/gziproot 154100x800000000000000032456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.018{ec2a2542-2999-6254-280c-8446e0550000}5468/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-68a2-dc0df0550000}5467/bin/dashshroot 154100x800000000000000032455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.018{ec2a2542-2999-6254-68a2-dc0df0550000}5467/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8017-ccff7a550000}5466/usr/bin/install-infoinstall-inforoot 534500x800000000000000032459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.021{ec2a2542-2999-6254-8017-ccff7a550000}5466/usr/bin/install-inforoot 534500x800000000000000032458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.021{ec2a2542-2999-6254-68a2-dc0df0550000}5467/bin/dashroot 534500x800000000000000032457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.021{ec2a2542-2999-6254-280c-8446e0550000}5468/bin/gziproot 154100x800000000000000032460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.022{ec2a2542-2999-6254-80e7-6700cc550000}5469/usr/bin/install-info-----install-info /usr/share/info/find.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.023{ec2a2542-2999-6254-6892-55c837560000}5470/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-80e7-6700cc550000}5469/usr/bin/install-infoinstall-inforoot 154100x800000000000000032462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.024{ec2a2542-2999-6254-28dc-fdab65550000}5471/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6892-55c837560000}5470/bin/dashshroot 534500x800000000000000032464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.028{ec2a2542-2999-6254-6892-55c837560000}5470/bin/dashroot 534500x800000000000000032463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.028{ec2a2542-2999-6254-28dc-fdab65550000}5471/bin/gziproot 534500x800000000000000032465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.029{ec2a2542-2999-6254-80e7-6700cc550000}5469/usr/bin/install-inforoot 154100x800000000000000032466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.030{ec2a2542-2999-6254-8067-c81328560000}5472/usr/bin/install-info-----install-info /usr/share/info/find-maint.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.031{ec2a2542-2999-6254-6892-07f5a0550000}5473/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8067-c81328560000}5472/usr/bin/install-infoinstall-inforoot 154100x800000000000000032468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.032{ec2a2542-2999-6254-287c-0951bc550000}5474/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6892-07f5a0550000}5473/bin/dashshroot 154100x800000000000000032472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.034{ec2a2542-2999-6254-8037-b4e898550000}5475/usr/bin/install-info-----install-info /usr/share/info/screen.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.034{ec2a2542-2999-6254-8067-c81328560000}5472/usr/bin/install-inforoot 534500x800000000000000032470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.034{ec2a2542-2999-6254-6892-07f5a0550000}5473/bin/dashroot 534500x800000000000000032469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.034{ec2a2542-2999-6254-287c-0951bc550000}5474/bin/gziproot 154100x800000000000000032474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.036{ec2a2542-2999-6254-28fc-563d68550000}5477/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6842-4d61f2550000}5476/bin/dashshroot 154100x800000000000000032473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.036{ec2a2542-2999-6254-6842-4d61f2550000}5476/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8037-b4e898550000}5475/usr/bin/install-infoinstall-inforoot 534500x800000000000000032477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.037{ec2a2542-2999-6254-8037-b4e898550000}5475/usr/bin/install-inforoot 534500x800000000000000032476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.037{ec2a2542-2999-6254-6842-4d61f2550000}5476/bin/dashroot 534500x800000000000000032475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.037{ec2a2542-2999-6254-28fc-563d68550000}5477/bin/gziproot 154100x800000000000000032478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.038{ec2a2542-2999-6254-8007-0eb6d9550000}5478/usr/bin/install-info-----install-info /usr/share/info/time.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.039{ec2a2542-2999-6254-6832-a3d809560000}5479/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8007-0eb6d9550000}5478/usr/bin/install-infoinstall-inforoot 534500x800000000000000032481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.040{ec2a2542-2999-6254-288c-9d8d68550000}5480/bin/gziproot 154100x800000000000000032480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.040{ec2a2542-2999-6254-288c-9d8d68550000}5480/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6832-a3d809560000}5479/bin/dashshroot 154100x800000000000000032484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.041{ec2a2542-2999-6254-8097-b26048560000}5481/usr/bin/install-info-----install-info /usr/share/info/nano.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.041{ec2a2542-2999-6254-8007-0eb6d9550000}5478/usr/bin/install-inforoot 534500x800000000000000032482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.041{ec2a2542-2999-6254-6832-a3d809560000}5479/bin/dashroot 154100x800000000000000032485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.042{ec2a2542-2999-6254-6812-f1b8aa550000}5482/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8097-b26048560000}5481/usr/bin/install-infoinstall-inforoot 154100x800000000000000032486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.043{ec2a2542-2999-6254-28ac-36f50a560000}5483/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6812-f1b8aa550000}5482/bin/dashshroot 534500x800000000000000032489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.045{ec2a2542-2999-6254-8097-b26048560000}5481/usr/bin/install-inforoot 534500x800000000000000032488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.045{ec2a2542-2999-6254-6812-f1b8aa550000}5482/bin/dashroot 534500x800000000000000032487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.045{ec2a2542-2999-6254-28ac-36f50a560000}5483/bin/gziproot 154100x800000000000000032490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.046{ec2a2542-2999-6254-8027-a7cb85550000}5484/usr/bin/install-info-----install-info /usr/share/info/coreutils.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.047{ec2a2542-2999-6254-68b2-bb15a8550000}5485/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8027-a7cb85550000}5484/usr/bin/install-infoinstall-inforoot 154100x800000000000000032492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.048{ec2a2542-2999-6254-289c-600666550000}5486/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-68b2-bb15a8550000}5485/bin/dashshroot 534500x800000000000000032494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.059{ec2a2542-2999-6254-68b2-bb15a8550000}5485/bin/dashroot 534500x800000000000000032493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.059{ec2a2542-2999-6254-289c-600666550000}5486/bin/gziproot 534500x800000000000000032495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.063{ec2a2542-2999-6254-8027-a7cb85550000}5484/usr/bin/install-inforoot 154100x800000000000000032496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.064{ec2a2542-2999-6254-80a7-1381d1550000}5487/usr/bin/install-info-----install-info /usr/share/info/sharutils.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.065{ec2a2542-2999-6254-6852-1046a8550000}5488/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-80a7-1381d1550000}5487/usr/bin/install-infoinstall-inforoot 154100x800000000000000032498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.066{ec2a2542-2999-6254-28dc-02ac93550000}5489/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6852-1046a8550000}5488/bin/dashshroot 534500x800000000000000032500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.067{ec2a2542-2999-6254-6852-1046a8550000}5488/bin/dashroot 534500x800000000000000032499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.067{ec2a2542-2999-6254-28dc-02ac93550000}5489/bin/gziproot 154100x800000000000000032502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.068{ec2a2542-2999-6254-8037-446be8550000}5490/usr/bin/install-info-----install-info /usr/share/info/gzip.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.068{ec2a2542-2999-6254-80a7-1381d1550000}5487/usr/bin/install-inforoot 154100x800000000000000032504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.070{ec2a2542-2999-6254-288c-2db36f550000}5492/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6832-9975dd550000}5491/bin/dashshroot 154100x800000000000000032503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.070{ec2a2542-2999-6254-6832-9975dd550000}5491/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8037-446be8550000}5490/usr/bin/install-infoinstall-inforoot 534500x800000000000000032505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.071{ec2a2542-2999-6254-288c-2db36f550000}5492/bin/gziproot 154100x800000000000000032508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.072{ec2a2542-2999-6254-80b7-b38af1550000}5493/usr/bin/install-info-----install-info /usr/share/info/diffutils.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 534500x800000000000000032507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.072{ec2a2542-2999-6254-8037-446be8550000}5490/usr/bin/install-inforoot 534500x800000000000000032506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.072{ec2a2542-2999-6254-6832-9975dd550000}5491/bin/dashroot 154100x800000000000000032509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.073{ec2a2542-2999-6254-6812-8890b5550000}5494/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-80b7-b38af1550000}5493/usr/bin/install-infoinstall-inforoot 154100x800000000000000032510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.074{ec2a2542-2999-6254-281c-82a5a3550000}5495/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6812-8890b5550000}5494/bin/dashshroot 534500x800000000000000032512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.077{ec2a2542-2999-6254-6812-8890b5550000}5494/bin/dashroot 534500x800000000000000032511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.077{ec2a2542-2999-6254-281c-82a5a3550000}5495/bin/gziproot 534500x800000000000000032513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.078{ec2a2542-2999-6254-80b7-b38af1550000}5493/usr/bin/install-inforoot 154100x800000000000000032514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.079{ec2a2542-2999-6254-8027-039b6a550000}5496/usr/bin/install-info-----install-info /usr/share/info/sed.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}5444--- 154100x800000000000000032515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.080{ec2a2542-2999-6254-6872-f50d9d550000}5497/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-8027-039b6a550000}5496/usr/bin/install-infoinstall-inforoot 154100x800000000000000032516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.081{ec2a2542-2999-6254-288c-8e7174550000}5498/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6872-f50d9d550000}5497/bin/dashshroot 534500x800000000000000032518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.084{ec2a2542-2999-6254-6872-f50d9d550000}5497/bin/dashroot 534500x800000000000000032517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.084{ec2a2542-2999-6254-288c-8e7174550000}5498/bin/gziproot 534500x800000000000000032520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.086{00000000-0000-0000-0000-000000000000}5444<unknown process>root 534500x800000000000000032519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.086{ec2a2542-2999-6254-8027-039b6a550000}5496/usr/bin/install-inforoot 534500x800000000000000032522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.087{ec2a2542-2998-6254-6822-c2e8b9550000}5438/bin/dashroot 534500x800000000000000032521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.087{ec2a2542-2998-6254-68e2-069282550000}5439/bin/dashroot 154100x800000000000000032523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.101{ec2a2542-2999-6254-6882-dcaf5c550000}5499/bin/dash-----/bin/sh /var/lib/dpkg/info/libglib2.0-0:amd64.postinst triggered /usr/lib/x86_64-linux-gnu/gio/modules /usr/share/glib-2.0/schemas/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000032524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.102{ec2a2542-2999-6254-a03a-bfe261550000}5500/usr/lib/x86_64-linux-gnu/glib-2.0/gio-querymodules-----/usr/lib/x86_64-linux-gnu/glib-2.0/gio-querymodules /usr/lib/x86_64-linux-gnu/gio/modules/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6882-dcaf5c550000}5499/bin/dash/bin/shroot 154100x800000000000000032526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.112{ec2a2542-2999-6254-b0e9-0bc6b7550000}5501/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas-----/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas /usr/share/glib-2.0/schemas/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-6882-dcaf5c550000}5499/bin/dash/bin/shroot 534500x800000000000000032525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.112{ec2a2542-2999-6254-a03a-bfe261550000}5500/usr/lib/x86_64-linux-gnu/glib-2.0/gio-querymodulesroot 534500x800000000000000032528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.119{ec2a2542-2999-6254-6882-dcaf5c550000}5499/bin/dashroot 534500x800000000000000032527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.119{ec2a2542-2999-6254-b0e9-0bc6b7550000}5501/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemasroot 154100x800000000000000032529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.168{ec2a2542-2999-6254-68e2-a0aad5550000}5502/bin/dash-----/bin/sh /var/lib/dpkg/info/libc-bin.postinst triggered ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000032531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.169{ec2a2542-2999-6254-b8f1-f97cfb7f0000}5503/sbin/ldconfig.real-----/sbin/ldconfig.real/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-68e2-a0aad5550000}5502/bin/dash/bin/shroot 154100x800000000000000032530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.169{ec2a2542-2999-6254-6842-e76b3b560000}5503/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-2999-6254-68e2-a0aad5550000}5502/bin/dash/bin/shroot 534500x800000000000000032533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.182{ec2a2542-2999-6254-68e2-a0aad5550000}5502/bin/dashroot 534500x800000000000000032532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.182{ec2a2542-2999-6254-6842-e76b3b560000}5503/bin/dashroot 23542300x800000000000000032534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.252{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000032588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000032587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000032586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000032585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000032584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000032583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000032582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000032581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000032580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000032579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000032578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000032577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000032576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000032575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000032574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000032573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000032572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000032571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000032570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000032569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000032568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000032567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000032566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000032565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000032564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000032563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000032562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000032561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000032560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000032559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000032558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000032557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000032556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000032555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000032554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000032553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000032552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000032551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000032550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000032549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000032548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000032547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000032546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000032545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000032544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000032543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000032542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000032541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000032540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000032539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000032538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000032537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000032536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000032535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.254{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000032636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0101--- 23542300x800000000000000032635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0100--- 23542300x800000000000000032634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0099--- 23542300x800000000000000032633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0098--- 23542300x800000000000000032632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0097--- 23542300x800000000000000032631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0096--- 23542300x800000000000000032630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0095--- 23542300x800000000000000032629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0094--- 23542300x800000000000000032628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0093--- 23542300x800000000000000032627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0092--- 23542300x800000000000000032626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0091--- 23542300x800000000000000032625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0090--- 23542300x800000000000000032624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0089--- 23542300x800000000000000032623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0088--- 23542300x800000000000000032622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0087--- 23542300x800000000000000032621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0086--- 23542300x800000000000000032620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0085--- 23542300x800000000000000032619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0084--- 23542300x800000000000000032618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0083--- 23542300x800000000000000032617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0082--- 23542300x800000000000000032616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0081--- 23542300x800000000000000032615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0080--- 23542300x800000000000000032614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0079--- 23542300x800000000000000032613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0078--- 23542300x800000000000000032612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0077--- 23542300x800000000000000032611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0076--- 23542300x800000000000000032610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0075--- 23542300x800000000000000032609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0074--- 23542300x800000000000000032608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0073--- 23542300x800000000000000032607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0072--- 23542300x800000000000000032606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0071--- 23542300x800000000000000032605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0070--- 23542300x800000000000000032604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0069--- 23542300x800000000000000032603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0068--- 23542300x800000000000000032602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0067--- 23542300x800000000000000032601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0066--- 23542300x800000000000000032600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0065--- 23542300x800000000000000032599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0064--- 23542300x800000000000000032598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0063--- 23542300x800000000000000032597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0062--- 23542300x800000000000000032596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0061--- 23542300x800000000000000032595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0060--- 23542300x800000000000000032594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0059--- 23542300x800000000000000032593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000032592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000032591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000032590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000032589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.255{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000032665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0130--- 23542300x800000000000000032664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0129--- 23542300x800000000000000032663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0128--- 23542300x800000000000000032662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0127--- 23542300x800000000000000032661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0126--- 23542300x800000000000000032660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0125--- 23542300x800000000000000032659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0124--- 23542300x800000000000000032658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0123--- 23542300x800000000000000032657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0122--- 23542300x800000000000000032656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0121--- 23542300x800000000000000032655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0120--- 23542300x800000000000000032654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0119--- 23542300x800000000000000032653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0118--- 23542300x800000000000000032652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0117--- 23542300x800000000000000032651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0116--- 23542300x800000000000000032650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0115--- 23542300x800000000000000032649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0114--- 23542300x800000000000000032648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0113--- 23542300x800000000000000032647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0112--- 23542300x800000000000000032646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0111--- 23542300x800000000000000032645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0110--- 23542300x800000000000000032644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0109--- 23542300x800000000000000032643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0108--- 23542300x800000000000000032642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0107--- 23542300x800000000000000032641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0106--- 23542300x800000000000000032640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0105--- 23542300x800000000000000032639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0104--- 23542300x800000000000000032638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0103--- 23542300x800000000000000032637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.256{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0102--- 23542300x800000000000000032720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0185--- 23542300x800000000000000032719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0184--- 23542300x800000000000000032718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0183--- 23542300x800000000000000032717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0182--- 23542300x800000000000000032716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0181--- 23542300x800000000000000032715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0180--- 23542300x800000000000000032714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0179--- 23542300x800000000000000032713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0178--- 23542300x800000000000000032712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0177--- 23542300x800000000000000032711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0176--- 23542300x800000000000000032710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0175--- 23542300x800000000000000032709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0174--- 23542300x800000000000000032708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0173--- 23542300x800000000000000032707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0172--- 23542300x800000000000000032706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0171--- 23542300x800000000000000032705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0170--- 23542300x800000000000000032704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0169--- 23542300x800000000000000032703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0168--- 23542300x800000000000000032702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0167--- 23542300x800000000000000032701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0166--- 23542300x800000000000000032700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0165--- 23542300x800000000000000032699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0164--- 23542300x800000000000000032698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0163--- 23542300x800000000000000032697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0162--- 23542300x800000000000000032696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0161--- 23542300x800000000000000032695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0160--- 23542300x800000000000000032694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0159--- 23542300x800000000000000032693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0158--- 23542300x800000000000000032692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0157--- 23542300x800000000000000032691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0156--- 23542300x800000000000000032690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0155--- 23542300x800000000000000032689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0154--- 23542300x800000000000000032688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0153--- 23542300x800000000000000032687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0152--- 23542300x800000000000000032686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0151--- 23542300x800000000000000032685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0150--- 23542300x800000000000000032684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0149--- 23542300x800000000000000032683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0148--- 23542300x800000000000000032682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0147--- 23542300x800000000000000032681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0146--- 23542300x800000000000000032680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0145--- 23542300x800000000000000032679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0144--- 23542300x800000000000000032678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0143--- 23542300x800000000000000032677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0142--- 23542300x800000000000000032676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0141--- 23542300x800000000000000032675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0140--- 23542300x800000000000000032674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0139--- 23542300x800000000000000032673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0138--- 23542300x800000000000000032672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0137--- 23542300x800000000000000032671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0136--- 23542300x800000000000000032670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0135--- 23542300x800000000000000032669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0134--- 23542300x800000000000000032668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0133--- 23542300x800000000000000032667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0132--- 23542300x800000000000000032666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.257{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0131--- 23542300x800000000000000032733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0198--- 23542300x800000000000000032732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0197--- 23542300x800000000000000032731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0196--- 23542300x800000000000000032730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0195--- 23542300x800000000000000032729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0194--- 23542300x800000000000000032728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0193--- 23542300x800000000000000032727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0192--- 23542300x800000000000000032726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0191--- 23542300x800000000000000032725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0190--- 23542300x800000000000000032724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0189--- 23542300x800000000000000032723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0188--- 23542300x800000000000000032722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0187--- 23542300x800000000000000032721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.258{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/0186--- 23542300x800000000000000032734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.260{ec2a2542-2991-6254-7091-3f7926560000}4790root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 534500x800000000000000032735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.261{ec2a2542-2991-6254-7091-3f7926560000}4790/usr/bin/dpkgroot 23542300x800000000000000032737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.262{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.D1JZpR--- 23542300x800000000000000032736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.262{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/var/cache/apt/pkgcache.bin--- 23542300x800000000000000032738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.267{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.D9aT23--- 23542300x800000000000000032739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.271{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.rWGwGg--- 23542300x800000000000000032740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.273{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.b95skt--- 23542300x800000000000000032741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.274{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.5PdFYF--- 23542300x800000000000000032742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.279{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.HVMzDS--- 23542300x800000000000000032743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.280{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.1nPKi5--- 23542300x800000000000000032744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.286{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.Jr1VYh--- 23542300x800000000000000032745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.288{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.X26mFu--- 23542300x800000000000000032746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.289{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.piK1lH--- 23542300x800000000000000032747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.291{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.zku42T--- 23542300x800000000000000032748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.293{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.nbqkK6--- 23542300x800000000000000032749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.294{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.FMTNrj--- 23542300x800000000000000032750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.295{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.RpBw9v--- 23542300x800000000000000032751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.297{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.vD6uRI--- 23542300x800000000000000032752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.298{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.7DHIzV--- 23542300x800000000000000032753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.300{ec2a2542-297b-6254-ccef-29074c560000}3606root/usr/bin/apt-get/tmp/fileutl.message.9z7ci8--- 154100x800000000000000032754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.301{ec2a2542-2999-6254-70f1-b69e49560000}5504/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 534500x800000000000000032755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.304{ec2a2542-2999-6254-70f1-b69e49560000}5504/usr/bin/dpkgroot 154100x800000000000000032756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.351{ec2a2542-2999-6254-7051-aaf279550000}5505/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 534500x800000000000000032757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.354{ec2a2542-2999-6254-7051-aaf279550000}5505/usr/bin/dpkgroot 154100x800000000000000032758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.450{ec2a2542-2999-6254-70d1-1a458e550000}5506/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 534500x800000000000000032759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.454{ec2a2542-2999-6254-70d1-1a458e550000}5506/usr/bin/dpkgroot 154100x800000000000000032760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.476{ec2a2542-2999-6254-6822-2dfe40560000}5508/bin/dash-----sh -c if [ -d /var/lib/update-notifier ]; then touch /var/lib/update-notifier/dpkg-run-stamp; fi; /usr/lib/update-notifier/update-motd-updates-available 2>/dev/null || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5507--- 154100x800000000000000032761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.477{ec2a2542-2999-6254-10d0-17c14e560000}5509/bin/touch-----touch /var/lib/update-notifier/dpkg-run-stamp/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6822-2dfe40560000}5508/bin/dashshroot 534500x800000000000000032762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.478{ec2a2542-2999-6254-10d0-17c14e560000}5509/bin/touchroot 154100x800000000000000032764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.479{ec2a2542-2999-6254-7394-4e00e1550000}5511/usr/bin/apt-config-----apt-config shell StateDir Dir::State/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 154100x800000000000000032763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.479{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6822-2dfe40560000}5508/bin/dashshroot 154100x800000000000000032765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.484{ec2a2542-2999-6254-7021-584a10560000}5512/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-7394-4e00e1550000}5511/usr/bin/apt-configapt-configroot 534500x800000000000000032766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.490{ec2a2542-2999-6254-7021-584a10560000}5512/usr/bin/dpkgroot 154100x800000000000000032768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.491{ec2a2542-2999-6254-73f4-b2c4f9550000}5513/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 534500x800000000000000032767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.491{ec2a2542-2999-6254-7394-4e00e1550000}5511/usr/bin/apt-configroot 154100x800000000000000032769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.495{ec2a2542-2999-6254-70e1-e94e71550000}5514/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-73f4-b2c4f9550000}5513/usr/bin/apt-configapt-configroot 534500x800000000000000032771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.500{ec2a2542-2999-6254-73f4-b2c4f9550000}5513/usr/bin/apt-configroot 534500x800000000000000032770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.500{ec2a2542-2999-6254-70e1-e94e71550000}5514/usr/bin/dpkgroot 154100x800000000000000032772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.501{ec2a2542-2999-6254-7304-9e65f9550000}5515/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 154100x800000000000000032773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.506{ec2a2542-2999-6254-7051-c3f02e560000}5516/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-7304-9e65f9550000}5515/usr/bin/apt-configapt-configroot 534500x800000000000000032774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.508{ec2a2542-2999-6254-7051-c3f02e560000}5516/usr/bin/dpkgroot 154100x800000000000000032776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.512{ec2a2542-2999-6254-73b4-505e2b560000}5517/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 534500x800000000000000032775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.512{ec2a2542-2999-6254-7304-9e65f9550000}5515/usr/bin/apt-configroot 154100x800000000000000032777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.517{ec2a2542-2999-6254-70a1-a8807a550000}5518/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-73b4-505e2b560000}5517/usr/bin/apt-configapt-configroot 534500x800000000000000032778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.520{ec2a2542-2999-6254-70a1-a8807a550000}5518/usr/bin/dpkgroot 154100x800000000000000032780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.521{ec2a2542-2999-6254-7334-cdeffb550000}5519/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 534500x800000000000000032779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.521{ec2a2542-2999-6254-73b4-505e2b560000}5517/usr/bin/apt-configroot 154100x800000000000000032781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.526{ec2a2542-2999-6254-70b1-2b8112560000}5520/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-7334-cdeffb550000}5519/usr/bin/apt-configapt-configroot 534500x800000000000000032783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.528{ec2a2542-2999-6254-7334-cdeffb550000}5519/usr/bin/apt-configroot 534500x800000000000000032782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.528{ec2a2542-2999-6254-70b1-2b8112560000}5520/usr/bin/dpkgroot 154100x800000000000000032784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.529{ec2a2542-2999-6254-9030-54e7c1550000}5521/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/updates-available -print -quit/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 154100x800000000000000032788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.532{ec2a2542-2999-6254-a8c0-54ec10560000}5522/bin/mktemp-----mktemp -p /var/lib/update-notifier/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 154100x800000000000000032786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.532{ec2a2542-2999-6254-e8a8-fde1b2550000}5523/usr/bin/dirname-----dirname /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5522--- 534500x800000000000000032785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.532{ec2a2542-2999-6254-9030-54e7c1550000}5521/usr/bin/findroot 534500x800000000000000032787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.533{ec2a2542-2999-6254-e8a8-fde1b2550000}5523/usr/bin/dirnameroot 154100x800000000000000032790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.535{ec2a2542-2999-6254-a036-7b0000000000}5524/usr/bin/python3.6-----/usr/bin/python3 /usr/lib/update-notifier/apt-check --human-readable/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 534500x800000000000000032789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.535{ec2a2542-2999-6254-a8c0-54ec10560000}5522/bin/mktemproot 154100x800000000000000032791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.633{ec2a2542-2999-6254-70f1-6e3799550000}5525/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-a036-7b0000000000}5524/usr/bin/python3.6/usr/bin/python3root 23542300x800000000000000032793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.635{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.3atQSq--- 534500x800000000000000032792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.635{ec2a2542-2999-6254-70f1-6e3799550000}5525/usr/bin/dpkgroot 23542300x800000000000000032794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.641{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.pB6ZwE--- 23542300x800000000000000032795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.645{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Dv1VbS--- 23542300x800000000000000032796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.650{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Z9DHR5--- 23542300x800000000000000032797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.652{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.7avMxj--- 23542300x800000000000000032798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.657{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.7o9Dex--- 23542300x800000000000000032799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.662{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.THKpWK--- 23542300x800000000000000032800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.667{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.PPCXEY--- 23542300x800000000000000032801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.668{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.5o3Mnc--- 23542300x800000000000000032802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.670{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.b3YQ6p--- 23542300x800000000000000032803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.671{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Lag9PD--- 23542300x800000000000000032804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.673{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.7EdHzR--- 23542300x800000000000000032805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.674{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.xyqtj5--- 23542300x800000000000000032806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.675{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.RMWv3i--- 23542300x800000000000000032807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.677{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.XBDPNw--- 23542300x800000000000000032808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.679{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.lktpyK--- 23542300x800000000000000032809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.680{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.bmPhjY--- 154100x800000000000000032810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.681{ec2a2542-2999-6254-7021-4cbf4e560000}5526/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-a036-7b0000000000}5524/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000032811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.685{ec2a2542-2999-6254-7021-4cbf4e560000}5526/usr/bin/dpkgroot 23542300x800000000000000032812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:01.822{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 23542300x800000000000000032813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.143{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.d9gokd--- 23542300x800000000000000032814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.147{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Ppiems--- 23542300x800000000000000032815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.151{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.xdiLoH--- 23542300x800000000000000032816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.153{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.xDFzrW--- 23542300x800000000000000032817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.154{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.nq2Dub--- 23542300x800000000000000032818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.158{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Tz2oyq--- 23542300x800000000000000032819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.160{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.TblrCF--- 23542300x800000000000000032820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.164{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.xfS9GU--- 23542300x800000000000000032821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.166{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Ttj9L9--- 23542300x800000000000000032822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.167{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.38qmRo--- 23542300x800000000000000032823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.168{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.TdxNWD--- 23542300x800000000000000032824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.170{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.t39r2S--- 23542300x800000000000000032825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.171{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.Nxnk87--- 23542300x800000000000000032826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.173{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.dVLsen--- 23542300x800000000000000032827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.174{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.nRVQkC--- 23542300x800000000000000032828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.176{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.5bjvrR--- 23542300x800000000000000032829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.177{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.987qy6--- 154100x800000000000000032830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.178{ec2a2542-299a-6254-7081-335ad3550000}5527/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-a036-7b0000000000}5524/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000032831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.181{ec2a2542-299a-6254-7081-335ad3550000}5527/usr/bin/dpkgroot 23542300x800000000000000032832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.457{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.rb8Lqm--- 23542300x800000000000000032833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.462{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.riOUjC--- 23542300x800000000000000032834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.466{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.nnoLdS--- 23542300x800000000000000032835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.468{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.NJZS77--- 23542300x800000000000000032836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.470{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.RfNg2n--- 23542300x800000000000000032837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.474{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.HRLlXD--- 23542300x800000000000000032838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.475{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.JITGST--- 23542300x800000000000000032839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.479{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.HmuIO9--- 23542300x800000000000000032840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.481{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.BKh0Kp--- 23542300x800000000000000032841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.482{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.dRZvHF--- 23542300x800000000000000032842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.483{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.vFufEV--- 23542300x800000000000000032843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.485{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.jjVbBb--- 23542300x800000000000000032844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.486{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.pmxlyr--- 23542300x800000000000000032845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.487{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.PSAKvH--- 23542300x800000000000000032846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.489{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.NJPotX--- 23542300x800000000000000032847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.490{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.feHird--- 23542300x800000000000000032848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.492{ec2a2542-2999-6254-a036-7b0000000000}5524root/usr/bin/python3.6/tmp/fileutl.message.DcDtpt--- 154100x800000000000000032850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.645{ec2a2542-299a-6254-886b-b8aaee550000}5528/bin/mv-----mv /var/lib/update-notifier/tmp.vasjAFu71Y /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 534500x800000000000000032849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.645{ec2a2542-2999-6254-a036-7b0000000000}5524/usr/bin/python3.6root 534500x800000000000000032851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.646{ec2a2542-299a-6254-886b-b8aaee550000}5528/bin/mvroot 154100x800000000000000032852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.647{ec2a2542-299a-6254-7053-a6a46e550000}5529/bin/rm-----rm -f /var/lib/update-notifier/tmp.vasjAFu71Y/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dash/bin/shroot 534500x800000000000000032855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.648{ec2a2542-2999-6254-6822-2dfe40560000}5508/bin/dashroot 534500x800000000000000032854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.648{ec2a2542-2999-6254-6832-9407de550000}5510/bin/dashroot 534500x800000000000000032853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.648{ec2a2542-299a-6254-7053-a6a46e550000}5529/bin/rmroot 23542300x800000000000000032858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.649{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/4.ref--- 23542300x800000000000000032857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.649{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/4--- 534500x800000000000000032856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.649{ec2a2542-2999-6254-0000-000000000000}5507-root 154100x800000000000000032859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.651{ec2a2542-299a-6254-68c2-2474bb550000}5531/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5530--- 154100x800000000000000032860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.652{ec2a2542-299a-6254-ea5e-ed432d560000}5532/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-68c2-2474bb550000}5531/bin/dashshroot 534500x800000000000000032863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.655{ec2a2542-299a-6254-0000-000000000000}5530-root 534500x800000000000000032862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.655{ec2a2542-299a-6254-68c2-2474bb550000}5531/bin/dashroot 534500x800000000000000032861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.655{ec2a2542-299a-6254-ea5e-ed432d560000}5532/usr/lib/ubuntu-advantage/apt-esm-hookroot 154100x800000000000000032864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.657{ec2a2542-299a-6254-6852-76fc20560000}5533/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getapt-getroot 154100x800000000000000032873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.659{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-6852-76fc20560000}5533/bin/dash/bin/shroot 154100x800000000000000032865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.659{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-6852-76fc20560000}5533/bin/dash/bin/shroot 534500x800000000000000032872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.675{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.698{ec2a2542-299a-6254-7058-aa4596550000}5534/usr/bin/snaproot 534500x800000000000000032882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.700{ec2a2542-299a-6254-6852-76fc20560000}5533/bin/dashroot 534500x800000000000000032881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.700{ec2a2542-299a-6254-e424-68078f550000}5534/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.713{ec2a2542-297b-6254-ccef-29074c560000}3606/usr/bin/apt-getroot 154100x800000000000000032885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.715{ec2a2542-299a-6254-08ae-fe7639560000}5549/usr/bin/sudo-----sudo apt-get install gdb-multiarch -y/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2766--- 534500x800000000000000032884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.715{ec2a2542-297b-6254-088e-a66bce550000}3605/usr/bin/sudoroot 354300x800000000000000032886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.719{ec2a2542-299a-6254-08ae-fe7639560000}5549/usr/bin/sudoubuntuudptruefalse127.0.0.1-52068-false127.0.0.53-53- 354300x800000000000000032892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.721{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-56798- 354300x800000000000000032891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.721{ec2a2542-299a-6254-08ae-fe7639560000}5549/usr/bin/sudoubuntuudptruefalse127.0.0.1-56798-false127.0.0.53-53- 354300x800000000000000032890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.721{ec2a2542-299a-6254-08ae-fe7639560000}5549/usr/bin/sudoubuntuudpfalsefalse127.0.0.53-53-false127.0.0.1-56798- 354300x800000000000000032889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.721{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-52068- 354300x800000000000000032888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.721{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-41089-false10.0.0.2-53- 354300x800000000000000032887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.721{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-60169-false10.0.0.2-53- 154100x800000000000000032893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.724{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-get-----apt-get install gdb-multiarch -y/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-08ae-fe7639560000}5549/usr/bin/sudosudoubuntu 154100x800000000000000032894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.729{ec2a2542-299a-6254-70f1-9d1d12560000}5551/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 23542300x800000000000000032896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.731{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.ygs5MA--- 534500x800000000000000032895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.731{ec2a2542-299a-6254-70f1-9d1d12560000}5551/usr/bin/dpkgroot 23542300x800000000000000032897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.736{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.OPNwqR--- 23542300x800000000000000032898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.740{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.ymrG47--- 23542300x800000000000000032899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.742{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.8aN5Io--- 23542300x800000000000000032900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.743{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.cpgKnF--- 23542300x800000000000000032901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.747{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.G1N52V--- 23542300x800000000000000032902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.749{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.k1bHIc--- 23542300x800000000000000032903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.753{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.Oh2Yot--- 23542300x800000000000000032904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.754{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.Euaw5J--- 23542300x800000000000000032905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.755{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.wpDgM0--- 23542300x800000000000000032906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.757{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.sN6dth--- 23542300x800000000000000032907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.758{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.w4zoay--- 23542300x800000000000000032908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.759{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.UDWLRO--- 23542300x800000000000000032909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.761{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.iSSoz5--- 23542300x800000000000000032910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.762{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.Gzchhm--- 23542300x800000000000000032911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.764{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.ec0oZC--- 23542300x800000000000000032912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.765{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.8pNNHT--- 154100x800000000000000032913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.766{ec2a2542-299a-6254-7011-e7cea3550000}5552/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 534500x800000000000000032914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:02.768{ec2a2542-299a-6254-7011-e7cea3550000}5552/usr/bin/dpkgroot 154100x800000000000000032915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.213{ec2a2542-299b-6254-6802-3c9e08560000}5553/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000032923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.215{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-6802-3c9e08560000}5553/bin/dash/bin/shroot 154100x800000000000000032916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.215{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-6802-3c9e08560000}5553/bin/dash/bin/shroot 534500x800000000000000032922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.245{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.245{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.245{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.245{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.245{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.245{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.282{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.282{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.282{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.282{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.282{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.282{ec2a2542-299b-6254-7038-c6fbfb550000}5554/usr/bin/snaproot 534500x800000000000000032930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.284{ec2a2542-299b-6254-e454-8855fa550000}5554/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.295{ec2a2542-299b-6254-6802-3c9e08560000}5553/bin/dashroot 154100x800000000000000032932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.296{ec2a2542-299b-6254-68e2-b5cc45560000}5568/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5567--- 154100x800000000000000032933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.297{ec2a2542-299b-6254-eade-15d77d550000}5569/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-68e2-b5cc45560000}5568/bin/dashshroot 534500x800000000000000032934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.301{ec2a2542-299b-6254-eade-15d77d550000}5569/usr/lib/ubuntu-advantage/apt-esm-hookroot 534500x800000000000000032936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.303{00000000-0000-0000-0000-000000000000}5567<unknown process>root 534500x800000000000000032935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.303{ec2a2542-299b-6254-68e2-b5cc45560000}5568/bin/dashroot 154100x800000000000000032937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.322{ec2a2542-299b-6254-b933-43faf1550000}5570/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 534500x800000000000000032938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.335{ec2a2542-299b-6254-b933-43faf1550000}5570/usr/lib/apt/methods/httproot 154100x800000000000000032939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.347{ec2a2542-299b-6254-68d2-1de1de550000}5571/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000032947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.349{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-68d2-1de1de550000}5571/bin/dash/bin/shroot 154100x800000000000000032940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.349{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-68d2-1de1de550000}5571/bin/dash/bin/shroot 534500x800000000000000032946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.381{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.381{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.381{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.381{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.381{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.381{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.402{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.402{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.402{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.402{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.402{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.402{ec2a2542-299b-6254-7028-cb62a5550000}5572/usr/bin/snaproot 534500x800000000000000032955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.403{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.403{ec2a2542-299b-6254-e484-005839560000}5572/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.404{ec2a2542-299b-6254-68d2-1de1de550000}5571/bin/dashroot 154100x800000000000000032957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.414{ec2a2542-299b-6254-6852-7ceda8550000}5586/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000032967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.416{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-6852-7ceda8550000}5586/bin/dash/bin/shroot 154100x800000000000000032958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.416{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-6852-7ceda8550000}5586/bin/dash/bin/shroot 534500x800000000000000032966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.431{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 534500x800000000000000032974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000032968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.451{ec2a2542-299b-6254-7018-2930b8550000}5587/usr/bin/snaproot 23542300x800000000000000032979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.452{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.SA7PtN--- 23542300x800000000000000032978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.452{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Wgv9Su--- 23542300x800000000000000032977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.452{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.wEftic--- 534500x800000000000000032976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.452{ec2a2542-299b-6254-6852-7ceda8550000}5586/bin/dashroot 534500x800000000000000032975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.452{ec2a2542-299b-6254-e484-70f2c7550000}5587/snap/snapd/15177/usr/bin/snaproot 154100x800000000000000032983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.453{ec2a2542-299b-6254-b9c3-cdc507560000}5603/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 23542300x800000000000000032982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.453{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.6kRVfH--- 23542300x800000000000000032981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.453{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.KrheFo--- 23542300x800000000000000032980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.453{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.M41w45--- 354300x800000000000000032985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.461{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-52408- 354300x800000000000000032984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.461{ec2a2542-299b-6254-b9c3-cdc507560000}5603/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-52408-false127.0.0.53-53- 354300x800000000000000032987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.462{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-47293- 354300x800000000000000032986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.462{ec2a2542-299b-6254-b9c3-cdc507560000}5603/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-47293-false127.0.0.53-53- 354300x800000000000000032988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.464{ec2a2542-299b-6254-b9c3-cdc507560000}5603/usr/lib/apt/methods/httproottcptruefalse10.0.1.20-50810-false52.15.102.108-80- 23542300x800000000000000032990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.819{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/log/apt/eipp.log.xz--- 534500x800000000000000032989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.819{ec2a2542-299b-6254-b9c3-cdc507560000}5603/usr/lib/apt/methods/http_apt 154100x800000000000000032991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.923{ec2a2542-299b-6254-6862-68e993550000}5604/bin/dash-----/bin/sh -c /usr/sbin/dpkg-preconfigure --apt || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000032992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.925{ec2a2542-299b-6254-9817-12386d550000}5605/usr/bin/perl-----/usr/bin/perl -w /usr/sbin/dpkg-preconfigure --apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-6862-68e993550000}5604/bin/dash/bin/shroot 154100x800000000000000032993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.957{ec2a2542-299b-6254-3010-800117560000}5606/usr/bin/locale-----locale charmap/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-9817-12386d550000}5605/usr/bin/perl/usr/bin/perlroot 534500x800000000000000032994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:03.958{ec2a2542-299b-6254-3010-800117560000}5606/usr/bin/localeroot 154100x800000000000000032995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.024{ec2a2542-299c-6254-68e2-9b76df550000}5607/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-9817-12386d550000}5605/usr/bin/perl/usr/bin/perlroot 154100x800000000000000032996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.025{ec2a2542-299c-6254-f04e-bc0396550000}5608/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299c-6254-68e2-9b76df550000}5607/bin/dashshroot 154100x800000000000000032999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.026{ec2a2542-299c-6254-68a2-487cfc550000}5609/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299b-6254-9817-12386d550000}5605/usr/bin/perl/usr/bin/perlroot 534500x800000000000000032998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.026{ec2a2542-299c-6254-68e2-9b76df550000}5607/bin/dashroot 534500x800000000000000032997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.026{ec2a2542-299c-6254-f04e-bc0396550000}5608/bin/sttyroot 154100x800000000000000033000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.027{ec2a2542-299c-6254-f02e-3f6596550000}5610/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299c-6254-68a2-487cfc550000}5609/bin/dashshroot 534500x800000000000000033002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.028{ec2a2542-299c-6254-68a2-487cfc550000}5609/bin/dashroot 534500x800000000000000033001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.028{ec2a2542-299c-6254-f02e-3f6596550000}5610/bin/sttyroot 154100x800000000000000033003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.029{ec2a2542-299c-6254-3351-bc04e2550000}5612/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/libdw1_0.170-0.4ubuntu0.1_amd64.deb /var/cache/apt/archives/libbabeltrace1_1.5.5-1_amd64.deb /var/cache/apt/archives/gdb_8.1.1-0ubuntu1_amd64.deb /var/cache/apt/archives/gdb-multiarch_8.1.1-0ubuntu1_amd64.deb /var/cache/apt/archives/gdbserver_8.1.1-0ubuntu1_amd64.deb /var/cache/apt/archives/libc6-dbg_2.27-3ubuntu1.5_amd64.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5611--- 154100x800000000000000033004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.034{ec2a2542-299c-6254-7041-196ba2550000}5613/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299c-6254-3351-bc04e2550000}5612/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000033006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.037{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.tCZiZY--- 534500x800000000000000033005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.037{ec2a2542-299c-6254-7041-196ba2550000}5613/usr/bin/dpkgroot 23542300x800000000000000033007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.042{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.p64Gbj--- 23542300x800000000000000033008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.046{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.pgJNoD--- 23542300x800000000000000033009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.048{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.jrgaCX--- 23542300x800000000000000033010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.049{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.t00LPh--- 23542300x800000000000000033011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.053{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.r4v33B--- 23542300x800000000000000033012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.055{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.7QmBiW--- 23542300x800000000000000033013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.059{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Fi7Pxg--- 23542300x800000000000000033014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.060{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.rO4kNA--- 23542300x800000000000000033015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.061{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.rrM32U--- 23542300x800000000000000033016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.063{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.Vk2Zif--- 23542300x800000000000000033017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.064{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.py39yz--- 23542300x800000000000000033018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.065{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.9nLxPT--- 23542300x800000000000000033019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.067{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.lIfb6d--- 23542300x800000000000000033020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.068{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.5MV4my--- 23542300x800000000000000033021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.070{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.tnreES--- 154100x800000000000000033023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.072{ec2a2542-299c-6254-7051-22e93f560000}5614/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299c-6254-3351-bc04e2550000}5612/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000033022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.072{ec2a2542-299c-6254-3351-bc04e2550000}5612root/usr/bin/apt-extracttemplates/tmp/fileutl.message.NsvFVc--- 534500x800000000000000033024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.075{ec2a2542-299c-6254-7051-22e93f560000}5614/usr/bin/dpkgroot 154100x800000000000000033025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.096{ec2a2542-299c-6254-7081-d62148560000}5615/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299c-6254-3351-bc04e2550000}5612/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000033026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.099{ec2a2542-299c-6254-7081-d62148560000}5615/usr/bin/dpkgroot 534500x800000000000000033027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.120{ec2a2542-299c-6254-3351-bc04e2550000}5612/usr/bin/apt-extracttemplatesroot 534500x800000000000000033028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.130{ec2a2542-299c-6254-0000-000000000000}5611-root 534500x800000000000000033030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.136{ec2a2542-299b-6254-6862-68e993550000}5604/bin/dashroot 534500x800000000000000033029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.136{ec2a2542-299b-6254-9817-12386d550000}5605/usr/bin/perlroot 154100x800000000000000033031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.157{ec2a2542-299c-6254-7061-e767de550000}5616/usr/bin/dpkg-----/usr/bin/dpkg --assert-multi-arch/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 534500x800000000000000033032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.169{ec2a2542-299c-6254-7061-e767de550000}5616/usr/bin/dpkgroot 154100x800000000000000033033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.170{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --no-triggers --unpack --auto-deconfigure --recursive /tmp/apt-dpkg-install-CF7fgm/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000033034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.184{ec2a2542-299c-6254-d87f-d4348c550000}5618/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-CF7fgm/0-libdw1_0.170-0.4ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.185{ec2a2542-299c-6254-403a-9e524e560000}5619/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-CF7fgm/0-libdw1_0.170-0.4ubuntu0.1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.185{ec2a2542-299c-6254-d87f-d4348c550000}5618/usr/bin/dpkg-splitroot 154100x800000000000000033038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.187{ec2a2542-299c-6254-b043-b3e04a560000}5622/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-403a-9e524e560000}5619/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.187{ec2a2542-299c-6254-0000-000000000000}5620-root 534500x800000000000000033039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.188{ec2a2542-299c-6254-0000-000000000000}5621-root 534500x800000000000000033041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.189{ec2a2542-299c-6254-403a-9e524e560000}5619/usr/bin/dpkg-debroot 534500x800000000000000033040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.189{ec2a2542-299c-6254-b043-b3e04a560000}5622/bin/tarroot 154100x800000000000000033042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.255{ec2a2542-299c-6254-40da-55eebd550000}5623/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-CF7fgm/0-libdw1_0.170-0.4ubuntu0.1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.274{ec2a2542-299c-6254-0000-000000000000}5624-root 534500x800000000000000033045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.282{ec2a2542-299c-6254-40da-55eebd550000}5623/usr/bin/dpkg-debroot 534500x800000000000000033044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.282{00000000-0000-0000-0000-000000000000}5625<unknown process>root 154100x800000000000000033046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.336{ec2a2542-299c-6254-7053-154b1c560000}5626/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.337{ec2a2542-299c-6254-7053-154b1c560000}5626/bin/rmroot 23542300x800000000000000033047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.337{ec2a2542-299c-6254-7053-154b1c560000}5626root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.338{ec2a2542-299c-6254-d8df-9cfaca550000}5627/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-CF7fgm/1-libbabeltrace1_1.5.5-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.340{ec2a2542-299c-6254-402a-7eabac550000}5628/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-CF7fgm/1-libbabeltrace1_1.5.5-1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.340{ec2a2542-299c-6254-d8df-9cfaca550000}5627/usr/bin/dpkg-splitroot 154100x800000000000000033053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.342{ec2a2542-299c-6254-b0b3-fff1cd550000}5631/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-402a-7eabac550000}5628/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.342{ec2a2542-299c-6254-0000-000000000000}5629-root 534500x800000000000000033054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.343{ec2a2542-299c-6254-0000-000000000000}5630-root 534500x800000000000000033055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.344{ec2a2542-299c-6254-b0b3-fff1cd550000}5631/bin/tarroot 534500x800000000000000033056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.345{ec2a2542-299c-6254-402a-7eabac550000}5628/usr/bin/dpkg-debroot 154100x800000000000000033057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.365{ec2a2542-299c-6254-40ea-349964550000}5632/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-CF7fgm/1-libbabeltrace1_1.5.5-1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.375{ec2a2542-299c-6254-0000-000000000000}5633-root 534500x800000000000000033059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.381{00000000-0000-0000-0000-000000000000}5634<unknown process>root 534500x800000000000000033060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.382{ec2a2542-299c-6254-40ea-349964550000}5632/usr/bin/dpkg-debroot 154100x800000000000000033061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.401{ec2a2542-299c-6254-7063-f5c88e550000}5635/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.402{ec2a2542-299c-6254-7063-f5c88e550000}5635/bin/rmroot 23542300x800000000000000033062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.402{ec2a2542-299c-6254-7063-f5c88e550000}5635root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.403{ec2a2542-299c-6254-d88f-8c921b560000}5636/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-CF7fgm/2-gdb_8.1.1-0ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.404{ec2a2542-299c-6254-400a-8ca2c9550000}5637/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-CF7fgm/2-gdb_8.1.1-0ubuntu1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.404{ec2a2542-299c-6254-d88f-8c921b560000}5636/usr/bin/dpkg-splitroot 154100x800000000000000033068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.406{ec2a2542-299c-6254-b043-46c805560000}5640/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-400a-8ca2c9550000}5637/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.406{ec2a2542-299c-6254-0000-000000000000}5638-root 534500x800000000000000033069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.408{ec2a2542-299c-6254-0000-000000000000}5639-root 534500x800000000000000033071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.409{ec2a2542-299c-6254-400a-8ca2c9550000}5637/usr/bin/dpkg-debroot 534500x800000000000000033070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.409{ec2a2542-299c-6254-b043-46c805560000}5640/bin/tarroot 154100x800000000000000033072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.432{ec2a2542-299c-6254-40ba-a6815f550000}5641/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-CF7fgm/2-gdb_8.1.1-0ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.721{ec2a2542-299c-6254-0000-000000000000}5642-root 534500x800000000000000033075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.730{ec2a2542-299c-6254-40ba-a6815f550000}5641/usr/bin/dpkg-debroot 534500x800000000000000033074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.730{00000000-0000-0000-0000-000000000000}5643<unknown process>root 154100x800000000000000033076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.759{ec2a2542-299c-6254-7053-be00b5550000}5644/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.760{ec2a2542-299c-6254-7053-be00b5550000}5644/bin/rmroot 23542300x800000000000000033077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.760{ec2a2542-299c-6254-7053-be00b5550000}5644root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.761{ec2a2542-299c-6254-d89f-153d26560000}5645/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-CF7fgm/3-gdb-multiarch_8.1.1-0ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.762{ec2a2542-299c-6254-409a-01bb1c560000}5646/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-CF7fgm/3-gdb-multiarch_8.1.1-0ubuntu1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.762{ec2a2542-299c-6254-d89f-153d26560000}5645/usr/bin/dpkg-splitroot 154100x800000000000000033083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.764{ec2a2542-299c-6254-b043-0e2b3d560000}5649/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-409a-01bb1c560000}5646/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.764{ec2a2542-299c-6254-0000-000000000000}5647-root 534500x800000000000000033084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.766{ec2a2542-299c-6254-0000-000000000000}5648-root 534500x800000000000000033085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.767{ec2a2542-299c-6254-b043-0e2b3d560000}5649/bin/tarroot 534500x800000000000000033086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.768{ec2a2542-299c-6254-409a-01bb1c560000}5646/usr/bin/dpkg-debroot 154100x800000000000000033087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:04.786{ec2a2542-299c-6254-408a-f00cd1550000}5650/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-CF7fgm/3-gdb-multiarch_8.1.1-0ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.134{ec2a2542-299c-6254-0000-000000000000}5651-root 534500x800000000000000033089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.143{ec2a2542-299c-6254-0000-000000000000}5652-root 534500x800000000000000033090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.144{ec2a2542-299c-6254-408a-f00cd1550000}5650/usr/bin/dpkg-debroot 154100x800000000000000033091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.245{ec2a2542-299d-6254-7093-36c1ec550000}5653/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.246{ec2a2542-299d-6254-d8bf-3eb433560000}5654/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-CF7fgm/4-gdbserver_8.1.1-0ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.246{ec2a2542-299d-6254-7093-36c1ec550000}5653/bin/rmroot 23542300x800000000000000033092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.246{ec2a2542-299d-6254-7093-36c1ec550000}5653root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.248{ec2a2542-299d-6254-406a-408a81550000}5655/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-CF7fgm/4-gdbserver_8.1.1-0ubuntu1_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.248{ec2a2542-299d-6254-d8bf-3eb433560000}5654/usr/bin/dpkg-splitroot 154100x800000000000000033098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.250{ec2a2542-299d-6254-b0b3-53a72d560000}5658/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299d-6254-406a-408a81550000}5655/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.250{ec2a2542-299d-6254-0000-000000000000}5656-root 534500x800000000000000033099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.251{ec2a2542-299d-6254-0000-000000000000}5657-root 534500x800000000000000033101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.252{ec2a2542-299d-6254-406a-408a81550000}5655/usr/bin/dpkg-debroot 534500x800000000000000033100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.252{ec2a2542-299d-6254-b0b3-53a72d560000}5658/bin/tarroot 154100x800000000000000033102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.271{ec2a2542-299d-6254-402a-31d48d550000}5659/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-CF7fgm/4-gdbserver_8.1.1-0ubuntu1_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.295{ec2a2542-299d-6254-0000-000000000000}5660-root 534500x800000000000000033104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.305{00000000-0000-0000-0000-000000000000}5661<unknown process>root 534500x800000000000000033105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.306{ec2a2542-299d-6254-402a-31d48d550000}5659/usr/bin/dpkg-debroot 154100x800000000000000033106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.325{ec2a2542-299d-6254-70e3-03f197550000}5662/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.326{ec2a2542-299d-6254-d8df-709520560000}5663/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-CF7fgm/5-libc6-dbg_2.27-3ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.326{ec2a2542-299d-6254-70e3-03f197550000}5662/bin/rmroot 23542300x800000000000000033107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.326{ec2a2542-299d-6254-70e3-03f197550000}5662root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.328{ec2a2542-299d-6254-400a-32768c550000}5664/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-CF7fgm/5-libc6-dbg_2.27-3ubuntu1.5_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.328{ec2a2542-299d-6254-d8df-709520560000}5663/usr/bin/dpkg-splitroot 154100x800000000000000033113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.330{ec2a2542-299d-6254-b0c3-8b254e560000}5667/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299d-6254-400a-32768c550000}5664/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.330{ec2a2542-299d-6254-0000-000000000000}5665-root 534500x800000000000000033114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.332{ec2a2542-299d-6254-0000-000000000000}5666-root 534500x800000000000000033116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.334{ec2a2542-299d-6254-400a-32768c550000}5664/usr/bin/dpkg-debroot 534500x800000000000000033115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.334{ec2a2542-299d-6254-b0c3-8b254e560000}5667/bin/tarroot 154100x800000000000000033117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.354{ec2a2542-299d-6254-406a-c9b3f6550000}5668/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-CF7fgm/5-libc6-dbg_2.27-3ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 354300x800000000000000033118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:05.594{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54758-false10.0.1.12-8000- 534500x800000000000000033119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.150{ec2a2542-299d-6254-0000-000000000000}5669-root 534500x800000000000000033121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.157{ec2a2542-299d-6254-406a-c9b3f6550000}5668/usr/bin/dpkg-debroot 534500x800000000000000033120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.157{00000000-0000-0000-0000-000000000000}5670<unknown process>root 154100x800000000000000033122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.185{ec2a2542-299e-6254-7083-ed5bd6550000}5671/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.187{ec2a2542-299e-6254-7083-ed5bd6550000}5671/bin/rmroot 23542300x800000000000000033123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.187{ec2a2542-299e-6254-7083-ed5bd6550000}5671root/bin/rm/var/lib/dpkg/tmp.ci/control--- 23542300x800000000000000033125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.194{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000033133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000033132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000033131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000033130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000033129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000033128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000033127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000033126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.196{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000033144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000033143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000033142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000033141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000033140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000033139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000033138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000033137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000033136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000033135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000033134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.197{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000033145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.198{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000033146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.200{ec2a2542-299c-6254-7001-8a88cf550000}5617root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 534500x800000000000000033147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.202{ec2a2542-299c-6254-7001-8a88cf550000}5617/usr/bin/dpkgroot 23542300x800000000000000033148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.203{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/apt-dpkg-install-CF7fgm/0-libdw1_0.170-0.4ubuntu0.1_amd64.deb--- 23542300x800000000000000033153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.204{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/apt-dpkg-install-CF7fgm/1-libbabeltrace1_1.5.5-1_amd64.deb--- 23542300x800000000000000033152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.204{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/apt-dpkg-install-CF7fgm/3-gdb-multiarch_8.1.1-0ubuntu1_amd64.deb--- 23542300x800000000000000033151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.204{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/apt-dpkg-install-CF7fgm/2-gdb_8.1.1-0ubuntu1_amd64.deb--- 23542300x800000000000000033150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.204{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/apt-dpkg-install-CF7fgm/5-libc6-dbg_2.27-3ubuntu1.5_amd64.deb--- 23542300x800000000000000033149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.204{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/apt-dpkg-install-CF7fgm/4-gdbserver_8.1.1-0ubuntu1_amd64.deb--- 154100x800000000000000033154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.205{ec2a2542-299e-6254-70c1-4ff19c550000}5672/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --configure --pending/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000033155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.281{ec2a2542-299e-6254-68f2-f3ae85550000}5673/bin/dash-----/bin/sh /var/lib/dpkg/info/gdb.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-70c1-4ff19c550000}5672/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.282{ec2a2542-299e-6254-68c2-66f1d9550000}5674/bin/dash-----/bin/sh /usr/bin/which update-menus/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-68f2-f3ae85550000}5673/bin/dash/bin/shroot 534500x800000000000000033158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.283{ec2a2542-299e-6254-68f2-f3ae85550000}5673/bin/dashroot 534500x800000000000000033157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.283{ec2a2542-299e-6254-68c2-66f1d9550000}5674/bin/dashroot 154100x800000000000000033159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.298{ec2a2542-299e-6254-6832-42525f550000}5675/bin/dash-----/bin/sh /var/lib/dpkg/info/gdb-multiarch.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-70c1-4ff19c550000}5672/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.299{ec2a2542-299e-6254-6832-42525f550000}5675/bin/dashroot 154100x800000000000000033161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.310{ec2a2542-299e-6254-6842-e1f3ab550000}5676/bin/dash-----/bin/sh /var/lib/dpkg/info/man-db.postinst triggered /usr/share/man/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-70c1-4ff19c550000}5672/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.311{ec2a2542-299e-6254-80da-58698d550000}5677/usr/bin/mandb-----/usr/bin/mandb -pq/man{ec2a2542-0000-0000-0600-000001000000}64no level-{ec2a2542-299e-6254-6842-e1f3ab550000}5676/bin/dash/bin/shroot 154100x800000000000000033162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.311{ec2a2542-299e-6254-98e7-f09684550000}5677/usr/bin/perl-----perl -e @pwd = getpwnam("man"); $) = $( = $pwd[3]; $> = $< = $pwd[2]; exec "/usr/bin/mandb", @ARGV -- -pq/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-6842-e1f3ab550000}5676/bin/dash/bin/shroot 534500x800000000000000033164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.345{00000000-0000-0000-0000-000000000000}5678<unknown process>man 534500x800000000000000033165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.348{00000000-0000-0000-0000-000000000000}5679<unknown process>man 534500x800000000000000033166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.349{ec2a2542-299e-6254-0000-000000000000}5681-man 534500x800000000000000033167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.350{ec2a2542-299e-6254-0000-000000000000}5680-man 534500x800000000000000033168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.355{00000000-0000-0000-0000-000000000000}5682<unknown process>man 534500x800000000000000033170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.359{ec2a2542-299e-6254-0000-000000000000}5685-man 534500x800000000000000033169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.359{ec2a2542-299e-6254-0000-000000000000}5683-man 534500x800000000000000033171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.361{ec2a2542-299e-6254-0000-000000000000}5684-man 534500x800000000000000033172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.364{ec2a2542-299e-6254-0000-000000000000}5686-man 534500x800000000000000033173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.367{00000000-0000-0000-0000-000000000000}5687<unknown process>man 534500x800000000000000033174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.368{ec2a2542-299e-6254-0000-000000000000}5689-man 534500x800000000000000033175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.369{ec2a2542-299e-6254-0000-000000000000}5688-man 534500x800000000000000033176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.373{00000000-0000-0000-0000-000000000000}5690<unknown process>man 534500x800000000000000033178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.377{ec2a2542-299e-6254-0000-000000000000}5693-man 534500x800000000000000033177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.377{ec2a2542-299e-6254-0000-000000000000}5691-man 534500x800000000000000033179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.379{00000000-0000-0000-0000-000000000000}5692<unknown process>man 534500x800000000000000033180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.382{ec2a2542-299e-6254-0000-000000000000}5694-man 534500x800000000000000033182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.386{ec2a2542-299e-6254-0000-000000000000}5697-man 534500x800000000000000033181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.386{ec2a2542-299e-6254-0000-000000000000}5695-man 534500x800000000000000033183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.387{00000000-0000-0000-0000-000000000000}5696<unknown process>man 534500x800000000000000033184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.391{ec2a2542-299e-6254-0000-000000000000}5698-man 534500x800000000000000033185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.394{ec2a2542-299e-6254-0000-000000000000}5699-man 534500x800000000000000033187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.395{ec2a2542-299e-6254-0000-000000000000}5700-man 534500x800000000000000033186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.395{ec2a2542-299e-6254-0000-000000000000}5701-man 534500x800000000000000033188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.398{ec2a2542-299e-6254-0000-000000000000}5702-man 534500x800000000000000033189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.401{ec2a2542-299e-6254-0000-000000000000}5703-man 534500x800000000000000033190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.402{ec2a2542-299e-6254-0000-000000000000}5705-man 534500x800000000000000033191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.403{00000000-0000-0000-0000-000000000000}5704<unknown process>man 534500x800000000000000033192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.406{00000000-0000-0000-0000-000000000000}5706<unknown process>man 534500x800000000000000033193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.410{ec2a2542-299e-6254-0000-000000000000}5707-man 534500x800000000000000033194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.411{ec2a2542-299e-6254-0000-000000000000}5709-man 534500x800000000000000033195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.412{00000000-0000-0000-0000-000000000000}5708<unknown process>man 534500x800000000000000033196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.415{ec2a2542-299e-6254-0000-000000000000}5710-man 534500x800000000000000033197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.418{ec2a2542-299e-6254-0000-000000000000}5711-man 534500x800000000000000033199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.419{ec2a2542-299e-6254-0000-000000000000}5712-man 534500x800000000000000033198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.419{ec2a2542-299e-6254-0000-000000000000}5713-man 534500x800000000000000033200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.423{ec2a2542-299e-6254-0000-000000000000}5714-man 534500x800000000000000033201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.426{ec2a2542-299e-6254-0000-000000000000}5715-man 534500x800000000000000033203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.428{ec2a2542-299e-6254-0000-000000000000}5716-man 534500x800000000000000033202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.428{ec2a2542-299e-6254-0000-000000000000}5717-man 534500x800000000000000033204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.431{00000000-0000-0000-0000-000000000000}5718<unknown process>man 534500x800000000000000033205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.434{00000000-0000-0000-0000-000000000000}5719<unknown process>man 534500x800000000000000033206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.435{ec2a2542-299e-6254-0000-000000000000}5721-man 534500x800000000000000033207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.436{00000000-0000-0000-0000-000000000000}5720<unknown process>man 534500x800000000000000033208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.439{00000000-0000-0000-0000-000000000000}5722<unknown process>man 534500x800000000000000033209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.442{00000000-0000-0000-0000-000000000000}5723<unknown process>man 534500x800000000000000033211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.443{ec2a2542-299e-6254-0000-000000000000}5724-man 534500x800000000000000033210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.443{ec2a2542-299e-6254-0000-000000000000}5725-man 534500x800000000000000033212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.447{00000000-0000-0000-0000-000000000000}5726<unknown process>man 534500x800000000000000033213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.450{ec2a2542-299e-6254-0000-000000000000}5727-man 534500x800000000000000033214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.451{ec2a2542-299e-6254-0000-000000000000}5729-man 534500x800000000000000033215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.452{ec2a2542-299e-6254-0000-000000000000}5728-man 534500x800000000000000033216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.456{00000000-0000-0000-0000-000000000000}5730<unknown process>man 534500x800000000000000033217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.459{ec2a2542-299e-6254-0000-000000000000}5731-man 534500x800000000000000033219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.460{ec2a2542-299e-6254-0000-000000000000}5732-man 534500x800000000000000033218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.460{ec2a2542-299e-6254-0000-000000000000}5733-man 534500x800000000000000033220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.465{ec2a2542-299e-6254-0000-000000000000}5734-man 534500x800000000000000033222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.468{ec2a2542-299e-6254-0000-000000000000}5737-man 534500x800000000000000033221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.468{ec2a2542-299e-6254-0000-000000000000}5735-man 534500x800000000000000033223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.469{ec2a2542-299e-6254-0000-000000000000}5736-man 534500x800000000000000033224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.472{00000000-0000-0000-0000-000000000000}5738<unknown process>man 534500x800000000000000033225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.475{ec2a2542-299e-6254-0000-000000000000}5739-man 534500x800000000000000033226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.476{ec2a2542-299e-6254-0000-000000000000}5741-man 534500x800000000000000033227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.477{ec2a2542-299e-6254-0000-000000000000}5740-man 534500x800000000000000033228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.481{00000000-0000-0000-0000-000000000000}5742<unknown process>man 534500x800000000000000033229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.484{ec2a2542-299e-6254-0000-000000000000}5743-man 534500x800000000000000033230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.485{ec2a2542-299e-6254-0000-000000000000}5745-man 534500x800000000000000033231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.486{ec2a2542-299e-6254-0000-000000000000}5744-man 23542300x800000000000000033232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.491{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/hu/5677--- 23542300x800000000000000033236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.492{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/ru/5677--- 23542300x800000000000000033235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.492{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/id/5677--- 23542300x800000000000000033234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.492{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/cs/5677--- 23542300x800000000000000033233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.492{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/da/5677--- 23542300x800000000000000033240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.493{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/it/5677--- 23542300x800000000000000033239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.493{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/zh_CN/5677--- 23542300x800000000000000033238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.493{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/tr/5677--- 23542300x800000000000000033237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.493{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/sl/5677--- 23542300x800000000000000033243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.494{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/ja/5677--- 23542300x800000000000000033242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.494{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/fi/5677--- 23542300x800000000000000033241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.494{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/ko/5677--- 23542300x800000000000000033246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.495{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/sv/5677--- 23542300x800000000000000033245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.495{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/pl/5677--- 23542300x800000000000000033244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.495{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/pt_BR/5677--- 23542300x800000000000000033250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.496{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/pt/5677--- 23542300x800000000000000033249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.496{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/nl/5677--- 23542300x800000000000000033248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.496{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/zh_TW/5677--- 23542300x800000000000000033247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.496{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/de/5677--- 23542300x800000000000000033254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.497{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/oldlocal/5677--- 23542300x800000000000000033253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.497{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/fr/5677--- 23542300x800000000000000033252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.497{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/es/5677--- 23542300x800000000000000033251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.497{ec2a2542-299e-6254-98e7-f09684550000}5677man/usr/bin/mandb/var/cache/man/sr/5677--- 534500x800000000000000033256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.498{ec2a2542-299e-6254-6842-e1f3ab550000}5676/bin/dashroot 534500x800000000000000033255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.498{ec2a2542-299e-6254-98e7-f09684550000}5677/usr/bin/perlman 154100x800000000000000033257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.507{ec2a2542-299e-6254-6882-9c4461550000}5746/bin/dash-----/bin/sh /var/lib/dpkg/info/libc-bin.postinst triggered ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-70c1-4ff19c550000}5672/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.508{ec2a2542-299e-6254-b861-8b4afc7e0000}5747/sbin/ldconfig.real-----/sbin/ldconfig.real/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-6882-9c4461550000}5746/bin/dash/bin/shroot 154100x800000000000000033258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.508{ec2a2542-299e-6254-68d2-650b34560000}5747/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-299e-6254-6882-9c4461550000}5746/bin/dash/bin/shroot 534500x800000000000000033260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.518{ec2a2542-299e-6254-68d2-650b34560000}5747/bin/dashroot 534500x800000000000000033261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.519{ec2a2542-299e-6254-6882-9c4461550000}5746/bin/dashroot 23542300x800000000000000033262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.531{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000033285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000033284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000033283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000033282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000033281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000033280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000033279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000033278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000033277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000033276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000033275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000033274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000033273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000033272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000033271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000033270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000033269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000033268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000033267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000033266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000033265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000033264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000033263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.533{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000033286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.535{ec2a2542-299e-6254-70c1-4ff19c550000}5672root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 23542300x800000000000000033289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.536{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.cjuIgN--- 23542300x800000000000000033288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.536{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/var/cache/apt/pkgcache.bin--- 534500x800000000000000033287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.536{ec2a2542-299e-6254-70c1-4ff19c550000}5672/usr/bin/dpkgroot 23542300x800000000000000033290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.541{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.Qy1Xhe--- 23542300x800000000000000033291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.545{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.KZrUjF--- 23542300x800000000000000033292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.547{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.KSA6l6--- 23542300x800000000000000033293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.548{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.W1yyox--- 23542300x800000000000000033294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.552{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.uh2FrY--- 23542300x800000000000000033295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.554{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.AdA2up--- 23542300x800000000000000033296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.558{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.KFQ4yQ--- 23542300x800000000000000033297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.559{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.weumDh--- 23542300x800000000000000033298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.560{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.ojXRHI--- 23542300x800000000000000033299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.562{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.sAiAM9--- 23542300x800000000000000033300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.563{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.wQgvRA--- 23542300x800000000000000033301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.564{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.26aDW1--- 23542300x800000000000000033302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.566{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.Kny01s--- 23542300x800000000000000033303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.567{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.0o8C7T--- 23542300x800000000000000033304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.568{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.KS1udl--- 23542300x800000000000000033305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.570{ec2a2542-299a-6254-cc3f-0b992c560000}5550root/usr/bin/apt-get/tmp/fileutl.message.KPgDjM--- 154100x800000000000000033306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.571{ec2a2542-299e-6254-70d1-f6846a550000}5748/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 534500x800000000000000033307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.574{ec2a2542-299e-6254-70d1-f6846a550000}5748/usr/bin/dpkgroot 154100x800000000000000033308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.618{ec2a2542-299e-6254-70b1-020521560000}5749/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 534500x800000000000000033309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.622{ec2a2542-299e-6254-70b1-020521560000}5749/usr/bin/dpkgroot 154100x800000000000000033310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.709{ec2a2542-299e-6254-70d1-2abbf0550000}5750/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 534500x800000000000000033311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.713{ec2a2542-299e-6254-70d1-2abbf0550000}5750/usr/bin/dpkgroot 154100x800000000000000033312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.736{ec2a2542-299e-6254-6812-78286b550000}5752/bin/dash-----sh -c if [ -d /var/lib/update-notifier ]; then touch /var/lib/update-notifier/dpkg-run-stamp; fi; /usr/lib/update-notifier/update-motd-updates-available 2>/dev/null || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5751--- 154100x800000000000000033313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.737{ec2a2542-299e-6254-1000-d5853d560000}5753/bin/touch-----touch /var/lib/update-notifier/dpkg-run-stamp/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6812-78286b550000}5752/bin/dashshroot 154100x800000000000000033315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.739{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6812-78286b550000}5752/bin/dashshroot 534500x800000000000000033314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.739{ec2a2542-299e-6254-1000-d5853d560000}5753/bin/touchroot 154100x800000000000000033316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.740{ec2a2542-299e-6254-73c4-038c82550000}5755/usr/bin/apt-config-----apt-config shell StateDir Dir::State/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 154100x800000000000000033317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.745{ec2a2542-299e-6254-7021-45ad1b560000}5756/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-73c4-038c82550000}5755/usr/bin/apt-configapt-configroot 534500x800000000000000033318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.747{ec2a2542-299e-6254-7021-45ad1b560000}5756/usr/bin/dpkgroot 154100x800000000000000033320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.748{ec2a2542-299e-6254-7354-24eac5550000}5757/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.748{ec2a2542-299e-6254-73c4-038c82550000}5755/usr/bin/apt-configroot 154100x800000000000000033321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.753{ec2a2542-299e-6254-7091-3ac70f560000}5758/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-7354-24eac5550000}5757/usr/bin/apt-configapt-configroot 534500x800000000000000033322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.756{ec2a2542-299e-6254-7091-3ac70f560000}5758/usr/bin/dpkgroot 534500x800000000000000033323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.757{ec2a2542-299e-6254-7354-24eac5550000}5757/usr/bin/apt-configroot 154100x800000000000000033324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.759{ec2a2542-299e-6254-7364-f4e219560000}5759/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 154100x800000000000000033325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.764{ec2a2542-299e-6254-7051-53c20f560000}5760/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-7364-f4e219560000}5759/usr/bin/apt-configapt-configroot 534500x800000000000000033327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.766{ec2a2542-299e-6254-7364-f4e219560000}5759/usr/bin/apt-configroot 534500x800000000000000033326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.766{ec2a2542-299e-6254-7051-53c20f560000}5760/usr/bin/dpkgroot 154100x800000000000000033328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.767{ec2a2542-299e-6254-7344-20ed33560000}5761/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 154100x800000000000000033329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.772{ec2a2542-299e-6254-70d1-1dfeec550000}5762/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-7344-20ed33560000}5761/usr/bin/apt-configapt-configroot 534500x800000000000000033330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.774{ec2a2542-299e-6254-70d1-1dfeec550000}5762/usr/bin/dpkgroot 154100x800000000000000033332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.775{ec2a2542-299e-6254-7324-dfe634560000}5763/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.775{ec2a2542-299e-6254-7344-20ed33560000}5761/usr/bin/apt-configroot 154100x800000000000000033333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.781{ec2a2542-299e-6254-7061-bcce07560000}5764/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-7324-dfe634560000}5763/usr/bin/apt-configapt-configroot 154100x800000000000000033336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.784{ec2a2542-299e-6254-90f0-d576d2550000}5765/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/updates-available -print -quit/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.784{ec2a2542-299e-6254-7324-dfe634560000}5763/usr/bin/apt-configroot 534500x800000000000000033334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.784{ec2a2542-299e-6254-7061-bcce07560000}5764/usr/bin/dpkgroot 154100x800000000000000033340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.786{ec2a2542-299e-6254-a8e0-c38d8d550000}5766/bin/mktemp-----mktemp -p /var/lib/update-notifier/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.786{ec2a2542-299e-6254-90f0-d576d2550000}5765/usr/bin/findroot 154100x800000000000000033338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.787{ec2a2542-299e-6254-e818-ac81ff550000}5767/usr/bin/dirname-----dirname /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5766--- 534500x800000000000000033339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.788{ec2a2542-299e-6254-e818-ac81ff550000}5767/usr/bin/dirnameroot 154100x800000000000000033342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.789{ec2a2542-299e-6254-a036-7b0000000000}5768/usr/bin/python3.6-----/usr/bin/python3 /usr/lib/update-notifier/apt-check --human-readable/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.789{ec2a2542-299e-6254-a8e0-c38d8d550000}5766/bin/mktemproot 154100x800000000000000033343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.888{ec2a2542-299e-6254-7011-b55446560000}5769/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-a036-7b0000000000}5768/usr/bin/python3.6/usr/bin/python3root 23542300x800000000000000033345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.891{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.w53NHY--- 534500x800000000000000033344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.891{ec2a2542-299e-6254-7011-b55446560000}5769/usr/bin/dpkgroot 23542300x800000000000000033346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.896{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.QhH6Gq--- 23542300x800000000000000033347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.900{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.s8b7GS--- 23542300x800000000000000033348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.902{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.8yioHk--- 23542300x800000000000000033349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.903{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.sXCUHM--- 23542300x800000000000000033350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.907{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.2m17Ie--- 23542300x800000000000000033351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.909{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.WRpBKG--- 23542300x800000000000000033352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.913{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.wWNKM8--- 23542300x800000000000000033353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.914{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.iGq9OA--- 23542300x800000000000000033354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.916{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.Ir8KR2--- 23542300x800000000000000033355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.917{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.sDwzUu--- 23542300x800000000000000033356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.918{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.ASwCXW--- 23542300x800000000000000033357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.919{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.wPMS0o--- 23542300x800000000000000033358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.921{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.w0Qn4Q--- 23542300x800000000000000033359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.922{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.UOP87i--- 23542300x800000000000000033360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.924{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.2J19bL--- 23542300x800000000000000033361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.926{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.8pAwgd--- 154100x800000000000000033362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.927{ec2a2542-299e-6254-70a1-850071550000}5770/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-a036-7b0000000000}5768/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000033363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:06.930{ec2a2542-299e-6254-70a1-850071550000}5770/usr/bin/dpkgroot 23542300x800000000000000033364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.418{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.wm0bGG--- 23542300x800000000000000033365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.423{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.2teC69--- 23542300x800000000000000033366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.428{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.UBFVxD--- 23542300x800000000000000033367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.430{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.aySxZ6--- 23542300x800000000000000033368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.432{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.OHfrrA--- 23542300x800000000000000033369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.436{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.CXD6T3--- 23542300x800000000000000033370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.438{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.kzY3mx--- 23542300x800000000000000033371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.442{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.kDbIQ0--- 23542300x800000000000000033372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.444{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.8MEDku--- 23542300x800000000000000033373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.445{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.IHiNOX--- 23542300x800000000000000033374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.446{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.OgWbjr--- 23542300x800000000000000033375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.448{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.AUTONU--- 23542300x800000000000000033376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.449{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.sDYGio--- 23542300x800000000000000033377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.451{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.WIsPNR--- 23542300x800000000000000033378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.452{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.qnxfjl--- 23542300x800000000000000033379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.454{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.2u1WOO--- 23542300x800000000000000033380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.456{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.W0QWki--- 154100x800000000000000033381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.457{ec2a2542-299f-6254-7031-81f652560000}5771/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-a036-7b0000000000}5768/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000033382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.460{ec2a2542-299f-6254-7031-81f652560000}5771/usr/bin/dpkgroot 23542300x800000000000000033383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.752{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.O614EM--- 23542300x800000000000000033384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.757{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.OUf6Zg--- 23542300x800000000000000033385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.762{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.QnVUlL--- 23542300x800000000000000033386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.764{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.eBe2Hf--- 23542300x800000000000000033387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.766{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.208s4J--- 23542300x800000000000000033388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.770{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.cO5Fre--- 23542300x800000000000000033389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.772{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.wXzfPI--- 23542300x800000000000000033390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.777{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.QJ9xdd--- 23542300x800000000000000033391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.778{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.ymK5BH--- 23542300x800000000000000033392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.780{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.E7uS0b--- 23542300x800000000000000033393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.781{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.cnJVpG--- 23542300x800000000000000033394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.782{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.6b0bPa--- 23542300x800000000000000033395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.784{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.uhzFeF--- 23542300x800000000000000033396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.785{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.mQPoE9--- 23542300x800000000000000033397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.787{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.utqn4D--- 23542300x800000000000000033398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.788{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.OQvBu8--- 23542300x800000000000000033399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.790{ec2a2542-299e-6254-a036-7b0000000000}5768root/usr/bin/python3.6/tmp/fileutl.message.I4D7UC--- 154100x800000000000000033401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.953{ec2a2542-299f-6254-888b-d9c185550000}5772/bin/mv-----mv /var/lib/update-notifier/tmp.jDinT1bgm4 /var/lib/update-notifier/updates-available/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.953{ec2a2542-299e-6254-a036-7b0000000000}5768/usr/bin/python3.6root 154100x800000000000000033403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.955{ec2a2542-299f-6254-70b3-728f65550000}5773/bin/rm-----rm -f /var/lib/update-notifier/tmp.jDinT1bgm4/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dash/bin/shroot 534500x800000000000000033402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.955{ec2a2542-299f-6254-888b-d9c185550000}5772/bin/mvroot 534500x800000000000000033406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.956{ec2a2542-299e-6254-6812-78286b550000}5752/bin/dashroot 534500x800000000000000033405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.956{ec2a2542-299e-6254-6862-abefd3550000}5754/bin/dashroot 534500x800000000000000033404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.956{ec2a2542-299f-6254-70b3-728f65550000}5773/bin/rmroot 23542300x800000000000000033409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.957{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/5.ref--- 23542300x800000000000000033408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.957{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/inhibit/5--- 534500x800000000000000033407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.957{ec2a2542-299e-6254-0000-000000000000}5751-root 154100x800000000000000033410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.959{ec2a2542-299f-6254-6812-97ca6c550000}5775/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5774--- 154100x800000000000000033411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.960{ec2a2542-299f-6254-ea5e-a0e9ac550000}5776/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook post-invoke-success/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299f-6254-6812-97ca6c550000}5775/bin/dashshroot 534500x800000000000000033413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.964{ec2a2542-299f-6254-6812-97ca6c550000}5775/bin/dashroot 534500x800000000000000033412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.964{ec2a2542-299f-6254-ea5e-a0e9ac550000}5776/usr/lib/ubuntu-advantage/apt-esm-hookroot 534500x800000000000000033414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.965{ec2a2542-299f-6254-0000-000000000000}5774-root 154100x800000000000000033415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.966{ec2a2542-299f-6254-68e2-fd8473550000}5777/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getapt-getroot 154100x800000000000000033423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.968{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299f-6254-68e2-fd8473550000}5777/bin/dash/bin/shroot 154100x800000000000000033416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.968{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-299f-6254-68e2-fd8473550000}5777/bin/dash/bin/shroot 534500x800000000000000033422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.991{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.991{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.991{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.991{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.991{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:07.991{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.010{ec2a2542-299f-6254-7068-91d6f3550000}5778/usr/bin/snaproot 534500x800000000000000033432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.012{ec2a2542-299f-6254-68e2-fd8473550000}5777/bin/dashroot 534500x800000000000000033431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.012{ec2a2542-299f-6254-e4d4-74db24560000}5778/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.023{ec2a2542-299a-6254-cc3f-0b992c560000}5550/usr/bin/apt-getroot 154100x800000000000000033435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.024{ec2a2542-29a0-6254-08ae-5180f0550000}5792/usr/bin/sudo-----sudo apt-get install binfmt* -y/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{00000000-0000-0000-0000-000000000000}2766--- 534500x800000000000000033434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.024{ec2a2542-299a-6254-08ae-fe7639560000}5549/usr/bin/sudoroot 354300x800000000000000033437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.028{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-44809-false10.0.0.2-53- 354300x800000000000000033436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.028{ec2a2542-29a0-6254-08ae-5180f0550000}5792/usr/bin/sudoubuntuudptruefalse127.0.0.1-36923-false127.0.0.53-53- 354300x800000000000000033442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.029{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-38595- 354300x800000000000000033441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.029{ec2a2542-29a0-6254-08ae-5180f0550000}5792/usr/bin/sudoubuntuudptruefalse127.0.0.1-38595-false127.0.0.53-53- 354300x800000000000000033440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.029{ec2a2542-29a0-6254-08ae-5180f0550000}5792/usr/bin/sudoubuntuudpfalsefalse127.0.0.53-53-false127.0.0.1-38595- 354300x800000000000000033439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.029{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-36923- 354300x800000000000000033438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.029{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-34670-false10.0.0.2-53- 154100x800000000000000033443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.032{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-get-----apt-get install binfmt* -y/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-08ae-5180f0550000}5792/usr/bin/sudosudoubuntu 154100x800000000000000033444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.037{ec2a2542-29a0-6254-70e1-0194f1550000}5794/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 23542300x800000000000000033446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.040{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.8rOs89--- 534500x800000000000000033445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.040{ec2a2542-29a0-6254-70e1-0194f1550000}5794/usr/bin/dpkgroot 23542300x800000000000000033447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.045{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.FOTagF--- 23542300x800000000000000033448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.055{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.gWZupa--- 23542300x800000000000000033449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.057{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.Ra68yF--- 23542300x800000000000000033450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.058{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.Oy91Ia--- 23542300x800000000000000033451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.066{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.lqjeUF--- 23542300x800000000000000033452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.067{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.IEYF5a--- 23542300x800000000000000033453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.075{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.7KPqiG--- 23542300x800000000000000033454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.086{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.Wh47wb--- 23542300x800000000000000033455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.088{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.1eX2LG--- 23542300x800000000000000033456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.089{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.43Ka1b--- 23542300x800000000000000033457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.093{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.FFPWgH--- 23542300x800000000000000033458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.094{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.Yr4Wwc--- 23542300x800000000000000033459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.096{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.zv4hNH--- 23542300x800000000000000033460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.101{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.MYfo4c--- 23542300x800000000000000033461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.104{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.zrv1lI--- 23542300x800000000000000033462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.107{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/fileutl.message.Ac6dEd--- 154100x800000000000000033463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.108{ec2a2542-29a0-6254-70f1-af652e560000}5795/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 534500x800000000000000033464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.110{ec2a2542-29a0-6254-70f1-af652e560000}5795/usr/bin/dpkgroot 154100x800000000000000033465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.640{ec2a2542-29a0-6254-68e2-636d51560000}5796/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 154100x800000000000000033473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.642{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-68e2-636d51560000}5796/bin/dash/bin/shroot 154100x800000000000000033466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.642{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-68e2-636d51560000}5796/bin/dash/bin/shroot 534500x800000000000000033472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.656{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.656{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.656{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.656{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.656{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.656{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.676{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.676{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.676{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.676{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.676{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.676{ec2a2542-29a0-6254-7058-ceef77550000}5797/usr/bin/snaproot 534500x800000000000000033480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.677{ec2a2542-29a0-6254-e494-f32969550000}5797/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.678{ec2a2542-29a0-6254-68e2-636d51560000}5796/bin/dashroot 154100x800000000000000033482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.679{ec2a2542-29a0-6254-6872-627f51560000}5811/bin/dash-----sh -c [ ! -f /usr/lib/ubuntu-advantage/apt-esm-hook ] || /usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke || true/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5810--- 154100x800000000000000033483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.680{ec2a2542-29a0-6254-ea1e-75e425560000}5812/usr/lib/ubuntu-advantage/apt-esm-hook-----/usr/lib/ubuntu-advantage/apt-esm-hook pre-invoke/tmproot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-6872-627f51560000}5811/bin/dashshroot 534500x800000000000000033485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.684{ec2a2542-29a0-6254-6872-627f51560000}5811/bin/dashroot 534500x800000000000000033484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.684{ec2a2542-29a0-6254-ea1e-75e425560000}5812/usr/lib/ubuntu-advantage/apt-esm-hookroot 534500x800000000000000033486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.685{00000000-0000-0000-0000-000000000000}5810<unknown process>root 154100x800000000000000033487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.700{ec2a2542-29a0-6254-b943-20814f560000}5813/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 534500x800000000000000033488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.706{ec2a2542-29a0-6254-b943-20814f560000}5813/usr/lib/apt/methods/httproot 154100x800000000000000033489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.749{ec2a2542-29a0-6254-6872-b884c3550000}5814/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 154100x800000000000000033498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.751{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-6872-b884c3550000}5814/bin/dash/bin/shroot 154100x800000000000000033490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.751{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-6872-b884c3550000}5814/bin/dash/bin/shroot 534500x800000000000000033497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.769{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.795{ec2a2542-29a0-6254-7038-f80359550000}5815/usr/bin/snaproot 534500x800000000000000033506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.796{ec2a2542-29a0-6254-e424-0f0e10560000}5815/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.801{ec2a2542-29a0-6254-6872-b884c3550000}5814/bin/dashroot 154100x800000000000000033508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.809{ec2a2542-29a0-6254-68a2-261a08560000}5830/bin/dash-----/bin/sh -c [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 154100x800000000000000033516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.810{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-68a2-261a08560000}5830/bin/dash/bin/shroot 154100x800000000000000033509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.810{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snap-----/usr/bin/snap advise-snap --from-apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-68a2-261a08560000}5830/bin/dash/bin/shroot 534500x800000000000000033515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.825{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.825{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.825{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.825{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.825{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.825{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.855{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.855{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.855{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.855{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.855{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snaproot 534500x800000000000000033517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.855{ec2a2542-29a0-6254-70f8-8788e3550000}5831/usr/bin/snaproot 534500x800000000000000033524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.856{ec2a2542-29a0-6254-68a2-261a08560000}5830/bin/dashroot 534500x800000000000000033523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.856{ec2a2542-29a0-6254-e404-b88f81550000}5831/snap/snapd/15177/usr/bin/snaproot 23542300x800000000000000033553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.B4zvvO--- 23542300x800000000000000033552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.kbrmah--- 23542300x800000000000000033551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.xpxdPJ--- 23542300x800000000000000033550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.2cX4tc--- 23542300x800000000000000033549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.fgHW8E--- 23542300x800000000000000033548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.SkHON7--- 23542300x800000000000000033547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5u1GsA--- 23542300x800000000000000033546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.eMEz72--- 23542300x800000000000000033545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.N0xsMv--- 23542300x800000000000000033544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.qyLlrY--- 23542300x800000000000000033543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.R4ef6q--- 23542300x800000000000000033542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.yI28KT--- 23542300x800000000000000033541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.5662pm--- 23542300x800000000000000033540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.c1yX4O--- 23542300x800000000000000033539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.j6kSJh--- 23542300x800000000000000033538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ajmNoK--- 23542300x800000000000000033537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.zDII3c--- 23542300x800000000000000033536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.2MkEIF--- 23542300x800000000000000033535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.F7gAn8--- 23542300x800000000000000033534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.gktw2A--- 23542300x800000000000000033533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.LdYsH3--- 23542300x800000000000000033532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.OzUpmw--- 23542300x800000000000000033531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.Vy6m1Y--- 23542300x800000000000000033530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.aIBkGr--- 23542300x800000000000000033529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.94BilU--- 23542300x800000000000000033528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.iAVg0m--- 23542300x800000000000000033527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.rczfFP--- 23542300x800000000000000033526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.ywyeki--- 23542300x800000000000000033525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.857{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/cache/apt/archives/partial/.apt-acquire-privs-test.NbWdZK--- 154100x800000000000000033554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.858{ec2a2542-29a0-6254-b9f3-c852ba550000}5844/usr/lib/apt/methods/http-----/usr/lib/apt/methods/http/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 354300x800000000000000033555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.868{ec2a2542-29a0-6254-b9f3-c852ba550000}5844/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-56264-false127.0.0.53-53- 354300x800000000000000033558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.869{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-43263- 354300x800000000000000033557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.869{ec2a2542-29a0-6254-b9f3-c852ba550000}5844/usr/lib/apt/methods/httprootudptruefalse127.0.0.1-43263-false127.0.0.53-53- 354300x800000000000000033556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.869{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-56264- 354300x800000000000000033559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:08.870{ec2a2542-29a0-6254-b9f3-c852ba550000}5844/usr/lib/apt/methods/httproottcptruefalse10.0.1.20-50814-false52.15.102.108-80- 23542300x800000000000000033561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.658{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/var/log/apt/eipp.log.xz--- 534500x800000000000000033560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.658{ec2a2542-29a0-6254-b9f3-c852ba550000}5844/usr/lib/apt/methods/http_apt 154100x800000000000000033562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.770{ec2a2542-29a1-6254-6892-e99d72550000}5845/bin/dash-----/bin/sh -c /usr/sbin/dpkg-preconfigure --apt || true/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 154100x800000000000000033563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.772{ec2a2542-29a1-6254-9827-0afc83550000}5846/usr/bin/perl-----/usr/bin/perl -w /usr/sbin/dpkg-preconfigure --apt/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-6892-e99d72550000}5845/bin/dash/bin/shroot 154100x800000000000000033564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.808{ec2a2542-29a1-6254-30f0-3da049560000}5847/usr/bin/locale-----locale charmap/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-9827-0afc83550000}5846/usr/bin/perl/usr/bin/perlroot 534500x800000000000000033565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.809{ec2a2542-29a1-6254-30f0-3da049560000}5847/usr/bin/localeroot 154100x800000000000000033566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.867{ec2a2542-29a1-6254-68a2-e6c6ec550000}5848/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-9827-0afc83550000}5846/usr/bin/perl/usr/bin/perlroot 154100x800000000000000033567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.868{ec2a2542-29a1-6254-f09e-d91fc8550000}5849/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-68a2-e6c6ec550000}5848/bin/dashshroot 534500x800000000000000033569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.869{ec2a2542-29a1-6254-68a2-e6c6ec550000}5848/bin/dashroot 534500x800000000000000033568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.869{ec2a2542-29a1-6254-f09e-d91fc8550000}5849/bin/sttyroot 154100x800000000000000033571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.870{ec2a2542-29a1-6254-f02e-6a06ac550000}5851/bin/stty-----stty -a/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-6882-0d416c550000}5850/bin/dashshroot 154100x800000000000000033570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.870{ec2a2542-29a1-6254-6882-0d416c550000}5850/bin/dash-----sh -c stty -a 2>/dev/null/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-9827-0afc83550000}5846/usr/bin/perl/usr/bin/perlroot 534500x800000000000000033573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.871{ec2a2542-29a1-6254-6882-0d416c550000}5850/bin/dashroot 534500x800000000000000033572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.871{ec2a2542-29a1-6254-f02e-6a06ac550000}5851/bin/sttyroot 154100x800000000000000033574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.873{ec2a2542-29a1-6254-3341-da0f8a550000}5853/usr/bin/apt-extracttemplates-----apt-extracttemplates /var/cache/apt/archives/libbinutils_2.30-21ubuntu1~18.04.7_amd64.deb /var/cache/apt/archives/binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb /var/cache/apt/archives/binutils_2.30-21ubuntu1~18.04.7_amd64.deb /var/cache/apt/archives/gcc-7-base_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/cpp-7_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/cpp_4%3a7.4.0-1ubuntu2.3_amd64.deb /var/cache/apt/archives/libgomp1_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libitm1_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libatomic1_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libasan4_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/liblsan0_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libtsan0_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libubsan0_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libcilkrts5_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libmpx2_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libquadmath0_8.4.0-1ubuntu1~18.04_amd64.deb /var/cache/apt/archives/libgcc-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/gcc-7_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/gcc_4%3a7.4.0-1ubuntu2.3_amd64.deb /var/cache/apt/archives/libc-dev-bin_2.27-3ubuntu1.5_amd64.deb /var/cache/apt/archives/linux-libc-dev_4.15.0-175.184_amd64.deb /var/cache/apt/archives/libc6-dev_2.27-3ubuntu1.5_amd64.deb /var/cache/apt/archives/libstdc++-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/g++-7_7.5.0-3ubuntu1~18.04_amd64.deb /var/cache/apt/archives/g++_4%3a7.4.0-1ubuntu2.3_amd64.deb /var/cache/apt/archives/libtinfo-dev_6.1-1ubuntu1.18.04_amd64.deb /var/cache/apt/archives/libreadline-dev_7.0-3_amd64.deb /var/cache/apt/archives/manpages-dev_4.15-1_all.deb /var/cache/apt/archives/binfmtc_0.17-2_amd64.deb/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{00000000-0000-0000-0000-000000000000}5852--- 154100x800000000000000033575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.879{ec2a2542-29a1-6254-7021-fd68a9550000}5854/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-3341-da0f8a550000}5853/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 23542300x800000000000000033577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.887{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.8KYbE6--- 534500x800000000000000033576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.887{ec2a2542-29a1-6254-7021-fd68a9550000}5854/usr/bin/dpkgroot 23542300x800000000000000033578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.892{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.BWspOG--- 23542300x800000000000000033579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.897{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.sflrZg--- 23542300x800000000000000033580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.899{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.p6gKaR--- 23542300x800000000000000033581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.900{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.wO8kmr--- 23542300x800000000000000033582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.905{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.HhUDy1--- 23542300x800000000000000033583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.906{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.CNTdLB--- 23542300x800000000000000033584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.911{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.VfwzYb--- 23542300x800000000000000033585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.912{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.GYJccM--- 23542300x800000000000000033586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.914{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.bPN4pm--- 23542300x800000000000000033587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.916{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.er6eEW--- 23542300x800000000000000033588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.917{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.r9SESw--- 23542300x800000000000000033589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.918{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.AHyj76--- 23542300x800000000000000033590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.920{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.7MPgmH--- 23542300x800000000000000033591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.922{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.cJduBh--- 23542300x800000000000000033592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.923{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.TmMXQR--- 23542300x800000000000000033593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.925{ec2a2542-29a1-6254-3341-da0f8a550000}5853root/usr/bin/apt-extracttemplates/tmp/fileutl.message.sKUJ6r--- 154100x800000000000000033594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.926{ec2a2542-29a1-6254-7001-ef95e1550000}5855/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-3341-da0f8a550000}5853/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000033595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.930{ec2a2542-29a1-6254-7001-ef95e1550000}5855/usr/bin/dpkgroot 154100x800000000000000033596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.953{ec2a2542-29a1-6254-7061-8cb2db550000}5856/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a1-6254-3341-da0f8a550000}5853/usr/bin/apt-extracttemplatesapt-extracttemplatesroot 534500x800000000000000033597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.955{ec2a2542-29a1-6254-7061-8cb2db550000}5856/usr/bin/dpkgroot 534500x800000000000000033598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:09.992{ec2a2542-29a1-6254-3341-da0f8a550000}5853/usr/bin/apt-extracttemplatesroot 534500x800000000000000033599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.002{ec2a2542-29a1-6254-0000-000000000000}5852-root 534500x800000000000000033600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.009{ec2a2542-29a1-6254-9827-0afc83550000}5846/usr/bin/perlroot 534500x800000000000000033601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.010{ec2a2542-29a1-6254-6892-e99d72550000}5845/bin/dashroot 154100x800000000000000033602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.034{ec2a2542-29a2-6254-7011-c3c081550000}5857/usr/bin/dpkg-----/usr/bin/dpkg --assert-multi-arch/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 534500x800000000000000033603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.050{ec2a2542-29a2-6254-7011-c3c081550000}5857/usr/bin/dpkgroot 154100x800000000000000033604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.053{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --no-triggers --unpack --auto-deconfigure --recursive /tmp/apt-dpkg-install-tVQHAZ/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 154100x800000000000000033605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.072{ec2a2542-29a2-6254-d8bf-97926c550000}5859/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/00-libbinutils_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.073{ec2a2542-29a2-6254-405a-ce7203560000}5860/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/00-libbinutils_2.30-21ubuntu1~18.04.7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.073{ec2a2542-29a2-6254-d8bf-97926c550000}5859/usr/bin/dpkg-splitroot 154100x800000000000000033609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.075{ec2a2542-29a2-6254-b033-247385550000}5863/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-405a-ce7203560000}5860/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.075{ec2a2542-29a2-6254-0000-000000000000}5861-root 534500x800000000000000033610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.076{ec2a2542-29a2-6254-0000-000000000000}5862-root 534500x800000000000000033612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.077{ec2a2542-29a2-6254-405a-ce7203560000}5860/usr/bin/dpkg-debroot 534500x800000000000000033611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.077{ec2a2542-29a2-6254-b033-247385550000}5863/bin/tarroot 154100x800000000000000033613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.147{ec2a2542-29a2-6254-403a-abdbb8550000}5864/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/00-libbinutils_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.191{ec2a2542-29a2-6254-0000-000000000000}5865-root 534500x800000000000000033615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.206{00000000-0000-0000-0000-000000000000}5866<unknown process>root 534500x800000000000000033616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.207{ec2a2542-29a2-6254-403a-abdbb8550000}5864/usr/bin/dpkg-debroot 154100x800000000000000033617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.259{ec2a2542-29a2-6254-70a3-38af3a560000}5867/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.261{ec2a2542-29a2-6254-d8af-bf6be0550000}5868/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/01-binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.261{ec2a2542-29a2-6254-70a3-38af3a560000}5867/bin/rmroot 23542300x800000000000000033618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.261{ec2a2542-29a2-6254-70a3-38af3a560000}5867root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.263{ec2a2542-29a2-6254-40da-902c2b560000}5869/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/01-binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.263{ec2a2542-29a2-6254-d8af-bf6be0550000}5868/usr/bin/dpkg-splitroot 154100x800000000000000033624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.265{ec2a2542-29a2-6254-b0c3-04cad7550000}5872/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-40da-902c2b560000}5869/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.265{ec2a2542-29a2-6254-0000-000000000000}5870-root 534500x800000000000000033625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.267{ec2a2542-29a2-6254-0000-000000000000}5871-root 534500x800000000000000033626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.269{ec2a2542-29a2-6254-b0c3-04cad7550000}5872/bin/tarroot 534500x800000000000000033627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.270{ec2a2542-29a2-6254-40da-902c2b560000}5869/usr/bin/dpkg-debroot 154100x800000000000000033628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.284{ec2a2542-29a2-6254-40da-f5d430560000}5873/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/01-binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.484{ec2a2542-29a2-6254-0000-000000000000}5874-root 534500x800000000000000033631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.544{ec2a2542-29a2-6254-40da-f5d430560000}5873/usr/bin/dpkg-debroot 534500x800000000000000033630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.544{ec2a2542-29a2-6254-0000-000000000000}5875-root 154100x800000000000000033632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.575{ec2a2542-29a2-6254-70d3-e1e765550000}5876/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.577{ec2a2542-29a2-6254-d84f-7aa479550000}5877/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/02-binutils_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.577{ec2a2542-29a2-6254-70d3-e1e765550000}5876/bin/rmroot 23542300x800000000000000033633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.577{ec2a2542-29a2-6254-70d3-e1e765550000}5876root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.578{ec2a2542-29a2-6254-d84f-7aa479550000}5877/usr/bin/dpkg-splitroot 154100x800000000000000033637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.579{ec2a2542-29a2-6254-40fa-58783e560000}5878/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/02-binutils_2.30-21ubuntu1~18.04.7_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.581{ec2a2542-29a2-6254-b0a3-2d0c85550000}5881/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-40fa-58783e560000}5878/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.581{ec2a2542-29a2-6254-0000-000000000000}5879-root 534500x800000000000000033640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.582{ec2a2542-29a2-6254-0000-000000000000}5880-root 534500x800000000000000033642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.583{ec2a2542-29a2-6254-40fa-58783e560000}5878/usr/bin/dpkg-debroot 534500x800000000000000033641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.583{ec2a2542-29a2-6254-b0a3-2d0c85550000}5881/bin/tarroot 154100x800000000000000033643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.597{ec2a2542-29a2-6254-404a-848225560000}5882/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/02-binutils_2.30-21ubuntu1~18.04.7_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.600{ec2a2542-29a2-6254-0000-000000000000}5883-root 534500x800000000000000033645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.601{ec2a2542-29a2-6254-0000-000000000000}5884-root 534500x800000000000000033646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.602{ec2a2542-29a2-6254-404a-848225560000}5882/usr/bin/dpkg-debroot 154100x800000000000000033647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.622{ec2a2542-29a2-6254-7093-345e32560000}5885/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.624{ec2a2542-29a2-6254-d88f-3ad92a560000}5886/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/03-gcc-7-base_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.624{ec2a2542-29a2-6254-7093-345e32560000}5885/bin/rmroot 23542300x800000000000000033648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.624{ec2a2542-29a2-6254-7093-345e32560000}5885root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.625{ec2a2542-29a2-6254-d88f-3ad92a560000}5886/usr/bin/dpkg-splitroot 154100x800000000000000033652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.626{ec2a2542-29a2-6254-402a-046fca550000}5887/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/03-gcc-7-base_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.627{ec2a2542-29a2-6254-b0c3-121144560000}5890/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-402a-046fca550000}5887/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.628{ec2a2542-29a2-6254-0000-000000000000}5889-root 534500x800000000000000033653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.628{ec2a2542-29a2-6254-0000-000000000000}5888-root 534500x800000000000000033657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.630{ec2a2542-29a2-6254-402a-046fca550000}5887/usr/bin/dpkg-debroot 534500x800000000000000033656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.630{ec2a2542-29a2-6254-b0c3-121144560000}5890/bin/tarroot 154100x800000000000000033658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.648{ec2a2542-29a2-6254-407a-5434e7550000}5891/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/03-gcc-7-base_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.650{ec2a2542-29a2-6254-0000-000000000000}5892-root 534500x800000000000000033661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.654{ec2a2542-29a2-6254-407a-5434e7550000}5891/usr/bin/dpkg-debroot 534500x800000000000000033660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.654{ec2a2542-29a2-6254-0000-000000000000}5893-root 354300x800000000000000033662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.665{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54762-false10.0.1.12-8000- 154100x800000000000000033663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.672{ec2a2542-29a2-6254-7083-e640f9550000}5894/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000033664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.673{ec2a2542-29a2-6254-7083-e640f9550000}5894root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.674{ec2a2542-29a2-6254-d8cf-230930560000}5895/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/04-cpp-7_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.674{ec2a2542-29a2-6254-7083-e640f9550000}5894/bin/rmroot 534500x800000000000000033667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.675{ec2a2542-29a2-6254-d8cf-230930560000}5895/usr/bin/dpkg-splitroot 154100x800000000000000033668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.676{ec2a2542-29a2-6254-401a-31ee94550000}5896/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/04-cpp-7_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.678{ec2a2542-29a2-6254-b063-e18b25560000}5899/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-401a-31ee94550000}5896/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.678{ec2a2542-29a2-6254-0000-000000000000}5897-root 534500x800000000000000033671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.681{ec2a2542-29a2-6254-0000-000000000000}5898-root 534500x800000000000000033673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.682{ec2a2542-29a2-6254-401a-31ee94550000}5896/usr/bin/dpkg-debroot 534500x800000000000000033672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.682{ec2a2542-29a2-6254-b063-e18b25560000}5899/bin/tarroot 154100x800000000000000033674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:10.698{ec2a2542-29a2-6254-405a-5e0f0a560000}5900/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/04-cpp-7_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.459{ec2a2542-29a2-6254-0000-000000000000}5901-root 534500x800000000000000033677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.466{ec2a2542-29a2-6254-405a-5e0f0a560000}5900/usr/bin/dpkg-debroot 534500x800000000000000033676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.466{ec2a2542-29a2-6254-0000-000000000000}5902-root 154100x800000000000000033678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.635{ec2a2542-29a3-6254-70e3-f2033b560000}5903/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.637{ec2a2542-29a3-6254-d84f-58cafa550000}5904/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/05-cpp_4%3a7.4.0-1ubuntu2.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.637{ec2a2542-29a3-6254-70e3-f2033b560000}5903/bin/rmroot 23542300x800000000000000033679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.637{ec2a2542-29a3-6254-70e3-f2033b560000}5903root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.638{ec2a2542-29a3-6254-d84f-58cafa550000}5904/usr/bin/dpkg-splitroot 154100x800000000000000033683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.639{ec2a2542-29a3-6254-40ca-32f4ae550000}5905/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/05-cpp_4%3a7.4.0-1ubuntu2.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.640{ec2a2542-29a3-6254-b023-10ac55550000}5908/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a3-6254-40ca-32f4ae550000}5905/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.641{ec2a2542-29a3-6254-0000-000000000000}5906-root 534500x800000000000000033686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.642{ec2a2542-29a3-6254-0000-000000000000}5907-root 534500x800000000000000033688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.643{ec2a2542-29a3-6254-40ca-32f4ae550000}5905/usr/bin/dpkg-debroot 534500x800000000000000033687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.643{ec2a2542-29a3-6254-b023-10ac55550000}5908/bin/tarroot 154100x800000000000000033689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.663{ec2a2542-29a3-6254-402a-7f002f560000}5909/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/05-cpp_4%3a7.4.0-1ubuntu2.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.665{ec2a2542-29a3-6254-0000-000000000000}5910-root 534500x800000000000000033691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.669{ec2a2542-29a3-6254-0000-000000000000}5911-root 534500x800000000000000033692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.670{ec2a2542-29a3-6254-402a-7f002f560000}5909/usr/bin/dpkg-debroot 154100x800000000000000033693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.686{ec2a2542-29a3-6254-7053-b848f8550000}5912/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.687{ec2a2542-29a3-6254-d83f-576033560000}5913/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/06-libgomp1_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.687{ec2a2542-29a3-6254-7053-b848f8550000}5912/bin/rmroot 23542300x800000000000000033694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.687{ec2a2542-29a3-6254-7053-b848f8550000}5912root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.689{ec2a2542-29a3-6254-40ba-7b5ff6550000}5914/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/06-libgomp1_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.689{ec2a2542-29a3-6254-d83f-576033560000}5913/usr/bin/dpkg-splitroot 154100x800000000000000033700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.691{ec2a2542-29a3-6254-b093-f58be0550000}5917/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a3-6254-40ba-7b5ff6550000}5914/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.691{ec2a2542-29a3-6254-0000-000000000000}5915-root 534500x800000000000000033701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.692{ec2a2542-29a3-6254-0000-000000000000}5916-root 534500x800000000000000033702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.693{ec2a2542-29a3-6254-b093-f58be0550000}5917/bin/tarroot 534500x800000000000000033703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.694{ec2a2542-29a3-6254-40ba-7b5ff6550000}5914/usr/bin/dpkg-debroot 154100x800000000000000033704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.715{ec2a2542-29a3-6254-408a-8442da550000}5918/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/06-libgomp1_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.719{ec2a2542-29a3-6254-0000-000000000000}5919-root 534500x800000000000000033707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.726{ec2a2542-29a3-6254-408a-8442da550000}5918/usr/bin/dpkg-debroot 534500x800000000000000033706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.726{ec2a2542-29a3-6254-0000-000000000000}5920-root 154100x800000000000000033708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.742{ec2a2542-29a3-6254-70c3-65720b560000}5921/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.744{ec2a2542-29a3-6254-d8cf-71d830560000}5922/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/07-libitm1_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.744{ec2a2542-29a3-6254-70c3-65720b560000}5921/bin/rmroot 23542300x800000000000000033709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.744{ec2a2542-29a3-6254-70c3-65720b560000}5921root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.745{ec2a2542-29a3-6254-d8cf-71d830560000}5922/usr/bin/dpkg-splitroot 154100x800000000000000033713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.746{ec2a2542-29a3-6254-40ca-af5e7f550000}5923/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/07-libitm1_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.747{ec2a2542-29a3-6254-b003-2e02c1550000}5926/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a3-6254-40ca-af5e7f550000}5923/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.747{ec2a2542-29a3-6254-0000-000000000000}5924-root 534500x800000000000000033716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.749{ec2a2542-29a3-6254-0000-000000000000}5925-root 534500x800000000000000033718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.750{ec2a2542-29a3-6254-40ca-af5e7f550000}5923/usr/bin/dpkg-debroot 534500x800000000000000033717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.750{ec2a2542-29a3-6254-b003-2e02c1550000}5926/bin/tarroot 154100x800000000000000033719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.800{ec2a2542-29a3-6254-404a-9a890c560000}5927/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/07-libitm1_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.802{ec2a2542-29a3-6254-0000-000000000000}5928-root 534500x800000000000000033722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.806{ec2a2542-29a3-6254-404a-9a890c560000}5927/usr/bin/dpkg-debroot 534500x800000000000000033721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.806{00000000-0000-0000-0000-000000000000}5929<unknown process>root 154100x800000000000000033723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.822{ec2a2542-29a3-6254-7003-9b2778550000}5930/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.824{ec2a2542-29a3-6254-d88f-c414ed550000}5931/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/08-libatomic1_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.824{ec2a2542-29a3-6254-7003-9b2778550000}5930/bin/rmroot 23542300x800000000000000033724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.824{ec2a2542-29a3-6254-7003-9b2778550000}5930root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.826{ec2a2542-29a3-6254-404a-92f8a4550000}5932/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/08-libatomic1_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.826{ec2a2542-29a3-6254-d88f-c414ed550000}5931/usr/bin/dpkg-splitroot 154100x800000000000000033730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.828{ec2a2542-29a3-6254-b0e3-c223a1550000}5935/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a3-6254-404a-92f8a4550000}5932/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.828{ec2a2542-29a3-6254-0000-000000000000}5933-root 534500x800000000000000033731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.829{ec2a2542-29a3-6254-0000-000000000000}5934-root 534500x800000000000000033733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.830{ec2a2542-29a3-6254-404a-92f8a4550000}5932/usr/bin/dpkg-debroot 534500x800000000000000033732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.830{ec2a2542-29a3-6254-b0e3-c223a1550000}5935/bin/tarroot 154100x800000000000000033734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.850{ec2a2542-29a3-6254-408a-e008f3550000}5936/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/08-libatomic1_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.853{ec2a2542-29a3-6254-0000-000000000000}5937-root 534500x800000000000000033737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.854{ec2a2542-29a3-6254-408a-e008f3550000}5936/usr/bin/dpkg-debroot 534500x800000000000000033736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.854{ec2a2542-29a3-6254-0000-000000000000}5938-root 154100x800000000000000033738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.875{ec2a2542-29a3-6254-7013-ea69ff550000}5939/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.877{ec2a2542-29a3-6254-d88f-9d8688550000}5940/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/09-libasan4_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.877{ec2a2542-29a3-6254-7013-ea69ff550000}5939/bin/rmroot 23542300x800000000000000033739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.877{ec2a2542-29a3-6254-7013-ea69ff550000}5939root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.879{ec2a2542-29a3-6254-40ca-6a22c1550000}5941/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/09-libasan4_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.879{ec2a2542-29a3-6254-d88f-9d8688550000}5940/usr/bin/dpkg-splitroot 534500x800000000000000033745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.881{ec2a2542-29a3-6254-0000-000000000000}5942-root 154100x800000000000000033744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.881{ec2a2542-29a3-6254-b003-bcb000560000}5944/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a3-6254-40ca-6a22c1550000}5941/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.883{ec2a2542-29a3-6254-0000-000000000000}5943-root 534500x800000000000000033748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.884{ec2a2542-29a3-6254-40ca-6a22c1550000}5941/usr/bin/dpkg-debroot 534500x800000000000000033747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.884{ec2a2542-29a3-6254-b003-bcb000560000}5944/bin/tarroot 154100x800000000000000033749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.906{ec2a2542-29a3-6254-407a-964b78550000}5945/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/09-libasan4_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.938{ec2a2542-29a3-6254-0000-000000000000}5946-root 534500x800000000000000033752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.949{ec2a2542-29a3-6254-407a-964b78550000}5945/usr/bin/dpkg-debroot 534500x800000000000000033751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.949{ec2a2542-29a3-6254-0000-000000000000}5947-root 154100x800000000000000033753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.997{ec2a2542-29a3-6254-7043-b8e51f560000}5948/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000033754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.998{ec2a2542-29a3-6254-7043-b8e51f560000}5948root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.999{ec2a2542-29a3-6254-d8bf-933b7b550000}5949/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/10-liblsan0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:11.999{ec2a2542-29a3-6254-7043-b8e51f560000}5948/bin/rmroot 154100x800000000000000033758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.000{ec2a2542-29a4-6254-405a-341540560000}5950/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/10-liblsan0_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.000{ec2a2542-29a3-6254-d8bf-933b7b550000}5949/usr/bin/dpkg-splitroot 154100x800000000000000033760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.002{ec2a2542-29a4-6254-b033-940de2550000}5953/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-405a-341540560000}5950/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.002{ec2a2542-29a3-6254-0000-000000000000}5951-root 534500x800000000000000033761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.004{ec2a2542-29a3-6254-0000-000000000000}5952-root 534500x800000000000000033763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.005{ec2a2542-29a4-6254-405a-341540560000}5950/usr/bin/dpkg-debroot 534500x800000000000000033762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.005{ec2a2542-29a4-6254-b033-940de2550000}5953/bin/tarroot 154100x800000000000000033764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.026{ec2a2542-29a4-6254-409a-ee388c550000}5954/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/10-liblsan0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.035{ec2a2542-29a4-6254-0000-000000000000}5955-root 534500x800000000000000033766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.042{00000000-0000-0000-0000-000000000000}5956<unknown process>root 534500x800000000000000033767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.043{ec2a2542-29a4-6254-409a-ee388c550000}5954/usr/bin/dpkg-debroot 154100x800000000000000033768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.061{ec2a2542-29a4-6254-70d3-6166f4550000}5957/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.062{ec2a2542-29a4-6254-70d3-6166f4550000}5957/bin/rmroot 23542300x800000000000000033769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.062{ec2a2542-29a4-6254-70d3-6166f4550000}5957root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.063{ec2a2542-29a4-6254-d81f-53bbfa550000}5958/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/11-libtsan0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.064{ec2a2542-29a4-6254-401a-0deaee550000}5959/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/11-libtsan0_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.064{ec2a2542-29a4-6254-d81f-53bbfa550000}5958/usr/bin/dpkg-splitroot 154100x800000000000000033775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.066{ec2a2542-29a4-6254-b043-15e648560000}5962/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-401a-0deaee550000}5959/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.066{ec2a2542-29a4-6254-0000-000000000000}5960-root 534500x800000000000000033778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.069{ec2a2542-29a4-6254-401a-0deaee550000}5959/usr/bin/dpkg-debroot 534500x800000000000000033777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.069{ec2a2542-29a4-6254-b043-15e648560000}5962/bin/tarroot 534500x800000000000000033776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.069{ec2a2542-29a4-6254-0000-000000000000}5961-root 154100x800000000000000033779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.093{ec2a2542-29a4-6254-408a-fa52fd550000}5963/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/11-libtsan0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.117{ec2a2542-29a4-6254-0000-000000000000}5964-root 534500x800000000000000033781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.125{ec2a2542-29a4-6254-0000-000000000000}5965-root 534500x800000000000000033782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.126{ec2a2542-29a4-6254-408a-fa52fd550000}5963/usr/bin/dpkg-debroot 154100x800000000000000033783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.146{ec2a2542-29a4-6254-7063-53df00560000}5966/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000033784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.147{ec2a2542-29a4-6254-7063-53df00560000}5966root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.148{ec2a2542-29a4-6254-d88f-17083c560000}5967/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/12-libubsan0_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.148{ec2a2542-29a4-6254-7063-53df00560000}5966/bin/rmroot 154100x800000000000000033788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.149{ec2a2542-29a4-6254-40ea-27377b550000}5968/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/12-libubsan0_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.149{ec2a2542-29a4-6254-d88f-17083c560000}5967/usr/bin/dpkg-splitroot 154100x800000000000000033790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.151{ec2a2542-29a4-6254-b063-51252e560000}5971/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-40ea-27377b550000}5968/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.151{ec2a2542-29a4-6254-0000-000000000000}5969-root 534500x800000000000000033791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.153{ec2a2542-29a4-6254-0000-000000000000}5970-root 534500x800000000000000033793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.155{ec2a2542-29a4-6254-40ea-27377b550000}5968/usr/bin/dpkg-debroot 534500x800000000000000033792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.155{ec2a2542-29a4-6254-b063-51252e560000}5971/bin/tarroot 154100x800000000000000033794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.180{ec2a2542-29a4-6254-404a-576ce2550000}5972/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/12-libubsan0_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.189{ec2a2542-29a4-6254-0000-000000000000}5973-root 534500x800000000000000033797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.196{ec2a2542-29a4-6254-404a-576ce2550000}5972/usr/bin/dpkg-debroot 534500x800000000000000033796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.196{ec2a2542-29a4-6254-0000-000000000000}5974-root 154100x800000000000000033798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.235{ec2a2542-29a4-6254-7093-50ce80550000}5975/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.237{ec2a2542-29a4-6254-d89f-a35e76550000}5976/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/13-libcilkrts5_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.237{ec2a2542-29a4-6254-7093-50ce80550000}5975/bin/rmroot 23542300x800000000000000033799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.237{ec2a2542-29a4-6254-7093-50ce80550000}5975root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.238{ec2a2542-29a4-6254-d89f-a35e76550000}5976/usr/bin/dpkg-splitroot 154100x800000000000000033803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.239{ec2a2542-29a4-6254-40ca-7b5cef550000}5977/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/13-libcilkrts5_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.240{ec2a2542-29a4-6254-b073-aab989550000}5980/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-40ca-7b5cef550000}5977/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.241{ec2a2542-29a4-6254-0000-000000000000}5978-root 534500x800000000000000033806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.242{ec2a2542-29a4-6254-0000-000000000000}5979-root 534500x800000000000000033808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.244{ec2a2542-29a4-6254-40ca-7b5cef550000}5977/usr/bin/dpkg-debroot 534500x800000000000000033807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.244{ec2a2542-29a4-6254-b073-aab989550000}5980/bin/tarroot 154100x800000000000000033809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.271{ec2a2542-29a4-6254-40ca-af876a550000}5981/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/13-libcilkrts5_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.273{ec2a2542-29a4-6254-0000-000000000000}5982-root 534500x800000000000000033811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.278{00000000-0000-0000-0000-000000000000}5983<unknown process>root 534500x800000000000000033812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.279{ec2a2542-29a4-6254-40ca-af876a550000}5981/usr/bin/dpkg-debroot 154100x800000000000000033813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.296{ec2a2542-29a4-6254-70f3-85af21560000}5984/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.297{ec2a2542-29a4-6254-d82f-999f01560000}5985/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/14-libmpx2_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.297{ec2a2542-29a4-6254-70f3-85af21560000}5984/bin/rmroot 23542300x800000000000000033814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.297{ec2a2542-29a4-6254-70f3-85af21560000}5984root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.299{ec2a2542-29a4-6254-407a-60989d550000}5986/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/14-libmpx2_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.299{ec2a2542-29a4-6254-d82f-999f01560000}5985/usr/bin/dpkg-splitroot 154100x800000000000000033820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.301{ec2a2542-29a4-6254-b0e3-1632a0550000}5989/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-407a-60989d550000}5986/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.302{ec2a2542-29a4-6254-0000-000000000000}5987-root 534500x800000000000000033821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.303{ec2a2542-29a4-6254-0000-000000000000}5988-root 534500x800000000000000033823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.304{ec2a2542-29a4-6254-407a-60989d550000}5986/usr/bin/dpkg-debroot 534500x800000000000000033822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.304{ec2a2542-29a4-6254-b0e3-1632a0550000}5989/bin/tarroot 154100x800000000000000033824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.326{ec2a2542-29a4-6254-40da-aa980f560000}5990/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/14-libmpx2_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.329{ec2a2542-29a4-6254-0000-000000000000}5991-root 534500x800000000000000033827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.331{ec2a2542-29a4-6254-40da-aa980f560000}5990/usr/bin/dpkg-debroot 534500x800000000000000033826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.331{00000000-0000-0000-0000-000000000000}5992<unknown process>root 154100x800000000000000033828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.347{ec2a2542-29a4-6254-70e3-219304560000}5993/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000033829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.348{ec2a2542-29a4-6254-70e3-219304560000}5993root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.349{ec2a2542-29a4-6254-d89f-2a838b550000}5994/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/15-libquadmath0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.349{ec2a2542-29a4-6254-70e3-219304560000}5993/bin/rmroot 154100x800000000000000033833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.350{ec2a2542-29a4-6254-40da-d9d295550000}5995/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/15-libquadmath0_8.4.0-1ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.350{ec2a2542-29a4-6254-d89f-2a838b550000}5994/usr/bin/dpkg-splitroot 154100x800000000000000033835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.352{ec2a2542-29a4-6254-b0e3-49fa46560000}5998/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-40da-d9d295550000}5995/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.352{ec2a2542-29a4-6254-0000-000000000000}5996-root 534500x800000000000000033836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.353{ec2a2542-29a4-6254-0000-000000000000}5997-root 534500x800000000000000033837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.355{ec2a2542-29a4-6254-b0e3-49fa46560000}5998/bin/tarroot 534500x800000000000000033838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.356{ec2a2542-29a4-6254-40da-d9d295550000}5995/usr/bin/dpkg-debroot 154100x800000000000000033839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.377{ec2a2542-29a4-6254-40da-9849b8550000}5999/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/15-libquadmath0_8.4.0-1ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.389{ec2a2542-29a4-6254-0000-000000000000}6000-root 534500x800000000000000033842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.396{ec2a2542-29a4-6254-40da-9849b8550000}5999/usr/bin/dpkg-debroot 534500x800000000000000033841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.396{00000000-0000-0000-0000-000000000000}6001<unknown process>root 154100x800000000000000033843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.417{ec2a2542-29a4-6254-70b3-118fa0550000}6002/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.419{ec2a2542-29a4-6254-d8ff-967349560000}6003/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/16-libgcc-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.419{ec2a2542-29a4-6254-70b3-118fa0550000}6002/bin/rmroot 23542300x800000000000000033844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.419{ec2a2542-29a4-6254-70b3-118fa0550000}6002root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.420{ec2a2542-29a4-6254-d8ff-967349560000}6003/usr/bin/dpkg-splitroot 154100x800000000000000033848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.421{ec2a2542-29a4-6254-406a-526994550000}6004/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/16-libgcc-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.423{ec2a2542-29a4-6254-b063-2cc71f560000}6007/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-406a-526994550000}6004/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.423{ec2a2542-29a4-6254-0000-000000000000}6005-root 534500x800000000000000033851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.424{ec2a2542-29a4-6254-0000-000000000000}6006-root 534500x800000000000000033853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.426{ec2a2542-29a4-6254-406a-526994550000}6004/usr/bin/dpkg-debroot 534500x800000000000000033852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.426{ec2a2542-29a4-6254-b063-2cc71f560000}6007/bin/tarroot 154100x800000000000000033854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.443{ec2a2542-29a4-6254-407a-89aebe550000}6008/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/16-libgcc-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.707{ec2a2542-29a4-6254-0000-000000000000}6009-root 534500x800000000000000033856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.720{ec2a2542-29a4-6254-0000-000000000000}6010-root 534500x800000000000000033857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.721{ec2a2542-29a4-6254-407a-89aebe550000}6008/usr/bin/dpkg-debroot 154100x800000000000000033858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.769{ec2a2542-29a4-6254-7003-53f1d4550000}6011/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000033859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.770{ec2a2542-29a4-6254-7003-53f1d4550000}6011root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.771{ec2a2542-29a4-6254-d8ff-bfef6a550000}6012/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/17-gcc-7_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.771{ec2a2542-29a4-6254-7003-53f1d4550000}6011/bin/rmroot 534500x800000000000000033862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.772{ec2a2542-29a4-6254-d8ff-bfef6a550000}6012/usr/bin/dpkg-splitroot 154100x800000000000000033863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.773{ec2a2542-29a4-6254-40da-0dbf52560000}6013/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/17-gcc-7_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.774{ec2a2542-29a4-6254-b0e3-46a554560000}6016/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a4-6254-40da-0dbf52560000}6013/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.775{ec2a2542-29a4-6254-0000-000000000000}6014-root 534500x800000000000000033866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.776{00000000-0000-0000-0000-000000000000}6015<unknown process>root 534500x800000000000000033868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.777{ec2a2542-29a4-6254-40da-0dbf52560000}6013/usr/bin/dpkg-debroot 534500x800000000000000033867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.777{ec2a2542-29a4-6254-b0e3-46a554560000}6016/bin/tarroot 154100x800000000000000033869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:12.796{ec2a2542-29a4-6254-40fa-4d7a70550000}6017/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/17-gcc-7_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.930{ec2a2542-29a4-6254-0000-000000000000}6018-root 534500x800000000000000033872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.932{ec2a2542-29a4-6254-40fa-4d7a70550000}6017/usr/bin/dpkg-debroot 534500x800000000000000033871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.932{ec2a2542-29a4-6254-0000-000000000000}6019-root 154100x800000000000000033873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.972{ec2a2542-29a5-6254-7023-74dc2b560000}6020/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.973{ec2a2542-29a5-6254-7023-74dc2b560000}6020/bin/rmroot 23542300x800000000000000033874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.973{ec2a2542-29a5-6254-7023-74dc2b560000}6020root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.974{ec2a2542-29a5-6254-d8cf-d384a3550000}6021/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/18-gcc_4%3a7.4.0-1ubuntu2.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.975{ec2a2542-29a5-6254-40ba-788569550000}6022/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/18-gcc_4%3a7.4.0-1ubuntu2.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.975{ec2a2542-29a5-6254-d8cf-d384a3550000}6021/usr/bin/dpkg-splitroot 534500x800000000000000033880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.977{ec2a2542-29a5-6254-0000-000000000000}6023-root 154100x800000000000000033879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.977{ec2a2542-29a5-6254-b063-f1ce86550000}6025/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a5-6254-40ba-788569550000}6022/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.978{ec2a2542-29a5-6254-0000-000000000000}6024-root 534500x800000000000000033883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.980{ec2a2542-29a5-6254-40ba-788569550000}6022/usr/bin/dpkg-debroot 534500x800000000000000033882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:13.980{ec2a2542-29a5-6254-b063-f1ce86550000}6025/bin/tarroot 154100x800000000000000033884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.000{ec2a2542-29a6-6254-402a-bf868e550000}6026/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/18-gcc_4%3a7.4.0-1ubuntu2.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.002{ec2a2542-29a5-6254-0000-000000000000}6027-root 534500x800000000000000033886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.003{00000000-0000-0000-0000-000000000000}6028<unknown process>root 534500x800000000000000033887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.004{ec2a2542-29a6-6254-402a-bf868e550000}6026/usr/bin/dpkg-debroot 154100x800000000000000033888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.028{ec2a2542-29a6-6254-70d3-7c23b9550000}6029/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000033889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.029{ec2a2542-29a6-6254-70d3-7c23b9550000}6029root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.030{ec2a2542-29a6-6254-d8df-fa3967550000}6030/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/19-libc-dev-bin_2.27-3ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.030{ec2a2542-29a6-6254-70d3-7c23b9550000}6029/bin/rmroot 154100x800000000000000033893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.031{ec2a2542-29a6-6254-409a-b5aa41560000}6031/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/19-libc-dev-bin_2.27-3ubuntu1.5_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.031{ec2a2542-29a6-6254-d8df-fa3967550000}6030/usr/bin/dpkg-splitroot 154100x800000000000000033895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.034{ec2a2542-29a6-6254-b013-61a1ed550000}6034/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a6-6254-409a-b5aa41560000}6031/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.034{ec2a2542-29a6-6254-0000-000000000000}6032-root 534500x800000000000000033896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.035{ec2a2542-29a6-6254-0000-000000000000}6033-root 534500x800000000000000033898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.037{ec2a2542-29a6-6254-409a-b5aa41560000}6031/usr/bin/dpkg-debroot 534500x800000000000000033897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.037{ec2a2542-29a6-6254-b013-61a1ed550000}6034/bin/tarroot 154100x800000000000000033899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.053{ec2a2542-29a6-6254-40ea-0ad5b2550000}6035/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/19-libc-dev-bin_2.27-3ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.056{ec2a2542-29a6-6254-0000-000000000000}6036-root 534500x800000000000000033902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.069{ec2a2542-29a6-6254-40ea-0ad5b2550000}6035/usr/bin/dpkg-debroot 534500x800000000000000033901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.069{00000000-0000-0000-0000-000000000000}6037<unknown process>root 154100x800000000000000033903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.091{ec2a2542-29a6-6254-7093-689b37560000}6038/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.093{ec2a2542-29a6-6254-d81f-99b465550000}6039/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/20-linux-libc-dev_4.15.0-175.184_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.093{ec2a2542-29a6-6254-7093-689b37560000}6038/bin/rmroot 23542300x800000000000000033904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.093{ec2a2542-29a6-6254-7093-689b37560000}6038root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.095{ec2a2542-29a6-6254-40da-a9fa32560000}6040/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/20-linux-libc-dev_4.15.0-175.184_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.095{ec2a2542-29a6-6254-d81f-99b465550000}6039/usr/bin/dpkg-splitroot 154100x800000000000000033910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.097{ec2a2542-29a6-6254-b083-e6ac0a560000}6043/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a6-6254-40da-a9fa32560000}6040/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.097{ec2a2542-29a6-6254-0000-000000000000}6041-root 534500x800000000000000033913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.100{ec2a2542-29a6-6254-40da-a9fa32560000}6040/usr/bin/dpkg-debroot 534500x800000000000000033912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.100{ec2a2542-29a6-6254-b083-e6ac0a560000}6043/bin/tarroot 534500x800000000000000033911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.100{ec2a2542-29a6-6254-0000-000000000000}6042-root 154100x800000000000000033914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.117{ec2a2542-29a6-6254-40aa-c1814a560000}6044/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/20-linux-libc-dev_4.15.0-175.184_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.381{ec2a2542-29a6-6254-0000-000000000000}6045-root 534500x800000000000000033916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.408{ec2a2542-29a6-6254-0000-000000000000}6046-root 534500x800000000000000033917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.409{ec2a2542-29a6-6254-40aa-c1814a560000}6044/usr/bin/dpkg-debroot 154100x800000000000000033918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.463{ec2a2542-29a6-6254-70b3-066551560000}6047/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.464{ec2a2542-29a6-6254-70b3-066551560000}6047/bin/rmroot 23542300x800000000000000033919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.464{ec2a2542-29a6-6254-70b3-066551560000}6047root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.465{ec2a2542-29a6-6254-d8ff-0fbbe3550000}6048/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/21-libc6-dev_2.27-3ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.466{ec2a2542-29a6-6254-402a-8d3480550000}6049/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/21-libc6-dev_2.27-3ubuntu1.5_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.466{ec2a2542-29a6-6254-d8ff-0fbbe3550000}6048/usr/bin/dpkg-splitroot 154100x800000000000000033925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.468{ec2a2542-29a6-6254-b0f3-414847560000}6052/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a6-6254-402a-8d3480550000}6049/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.468{ec2a2542-29a6-6254-0000-000000000000}6050-root 534500x800000000000000033927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.470{ec2a2542-29a6-6254-b0f3-414847560000}6052/bin/tarroot 534500x800000000000000033926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.470{ec2a2542-29a6-6254-0000-000000000000}6051-root 534500x800000000000000033928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.472{ec2a2542-29a6-6254-402a-8d3480550000}6049/usr/bin/dpkg-debroot 154100x800000000000000033929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.493{ec2a2542-29a6-6254-40fa-5235f7550000}6053/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/21-libc6-dev_2.27-3ubuntu1.5_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:14.983{ec2a2542-29a6-6254-0000-000000000000}6054-root 534500x800000000000000033932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.001{ec2a2542-29a6-6254-40fa-5235f7550000}6053/usr/bin/dpkg-debroot 534500x800000000000000033931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.001{ec2a2542-29a6-6254-0000-000000000000}6055-root 154100x800000000000000033933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.057{ec2a2542-29a7-6254-7073-d38561550000}6056/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.059{ec2a2542-29a7-6254-d8ef-b37090550000}6057/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/22-libstdc++-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.059{ec2a2542-29a7-6254-7073-d38561550000}6056/bin/rmroot 23542300x800000000000000033934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.059{ec2a2542-29a7-6254-7073-d38561550000}6056root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000033937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.060{ec2a2542-29a7-6254-d8ef-b37090550000}6057/usr/bin/dpkg-splitroot 154100x800000000000000033938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.061{ec2a2542-29a7-6254-40ea-a49349560000}6058/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/22-libstdc++-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.062{ec2a2542-29a7-6254-b013-9b1eed550000}6061/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a7-6254-40ea-a49349560000}6058/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.063{ec2a2542-29a7-6254-0000-000000000000}6059-root 534500x800000000000000033942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.068{ec2a2542-29a7-6254-b013-9b1eed550000}6061/bin/tarroot 534500x800000000000000033941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.068{ec2a2542-29a7-6254-0000-000000000000}6060-root 534500x800000000000000033943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.069{ec2a2542-29a7-6254-40ea-a49349560000}6058/usr/bin/dpkg-debroot 154100x800000000000000033944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.090{ec2a2542-29a7-6254-40fa-c7babd550000}6062/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/22-libstdc++-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.478{ec2a2542-29a7-6254-0000-000000000000}6063-root 534500x800000000000000033947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.490{ec2a2542-29a7-6254-40fa-c7babd550000}6062/usr/bin/dpkg-debroot 534500x800000000000000033946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.490{00000000-0000-0000-0000-000000000000}6064<unknown process>root 154100x800000000000000033948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.554{ec2a2542-29a7-6254-70f3-900e88550000}6065/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.556{ec2a2542-29a7-6254-d82f-0b793c560000}6066/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/23-g++-7_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.556{ec2a2542-29a7-6254-70f3-900e88550000}6065/bin/rmroot 23542300x800000000000000033949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.556{ec2a2542-29a7-6254-70f3-900e88550000}6065root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.558{ec2a2542-29a7-6254-402a-4810f1550000}6067/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/23-g++-7_7.5.0-3ubuntu1~18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.558{ec2a2542-29a7-6254-d82f-0b793c560000}6066/usr/bin/dpkg-splitroot 154100x800000000000000033955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.560{ec2a2542-29a7-6254-b0a3-6cae5f550000}6070/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a7-6254-402a-4810f1550000}6067/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.560{ec2a2542-29a7-6254-0000-000000000000}6068-root 534500x800000000000000033956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.561{ec2a2542-29a7-6254-0000-000000000000}6069-root 534500x800000000000000033958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.562{ec2a2542-29a7-6254-402a-4810f1550000}6067/usr/bin/dpkg-debroot 534500x800000000000000033957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.562{ec2a2542-29a7-6254-b0a3-6cae5f550000}6070/bin/tarroot 154100x800000000000000033959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.578{ec2a2542-29a7-6254-40fa-464e9d550000}6071/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/23-g++-7_7.5.0-3ubuntu1~18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 354300x800000000000000033960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:15.762{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54764-false10.0.1.12-8000- 534500x800000000000000033961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.706{ec2a2542-29a7-6254-0000-000000000000}6072-root 534500x800000000000000033962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.708{00000000-0000-0000-0000-000000000000}6073<unknown process>root 534500x800000000000000033963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.709{ec2a2542-29a7-6254-40fa-464e9d550000}6071/usr/bin/dpkg-debroot 154100x800000000000000033964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.752{ec2a2542-29a8-6254-7043-2201ab550000}6074/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.753{ec2a2542-29a8-6254-7043-2201ab550000}6074/bin/rmroot 23542300x800000000000000033965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.753{ec2a2542-29a8-6254-7043-2201ab550000}6074root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.754{ec2a2542-29a8-6254-d8cf-a74bba550000}6075/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/24-g++_4%3a7.4.0-1ubuntu2.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.755{ec2a2542-29a8-6254-402a-cadeeb550000}6076/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/24-g++_4%3a7.4.0-1ubuntu2.3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.755{ec2a2542-29a8-6254-d8cf-a74bba550000}6075/usr/bin/dpkg-splitroot 154100x800000000000000033971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.757{ec2a2542-29a8-6254-b023-52e2ce550000}6079/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a8-6254-402a-cadeeb550000}6076/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.758{ec2a2542-29a8-6254-0000-000000000000}6077-root 534500x800000000000000033972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.759{ec2a2542-29a8-6254-0000-000000000000}6078-root 534500x800000000000000033974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.760{ec2a2542-29a8-6254-402a-cadeeb550000}6076/usr/bin/dpkg-debroot 534500x800000000000000033973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.760{ec2a2542-29a8-6254-b023-52e2ce550000}6079/bin/tarroot 154100x800000000000000033975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.778{ec2a2542-29a8-6254-40fa-c2bb84550000}6080/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/24-g++_4%3a7.4.0-1ubuntu2.3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.780{ec2a2542-29a8-6254-0000-000000000000}6081-root 534500x800000000000000033978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.781{ec2a2542-29a8-6254-40fa-c2bb84550000}6080/usr/bin/dpkg-debroot 534500x800000000000000033977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.781{00000000-0000-0000-0000-000000000000}6082<unknown process>root 154100x800000000000000033979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.802{ec2a2542-29a8-6254-7073-267774550000}6083/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.803{ec2a2542-29a8-6254-d89f-54008d550000}6084/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/25-libtinfo-dev_6.1-1ubuntu1.18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.803{ec2a2542-29a8-6254-7073-267774550000}6083/bin/rmroot 23542300x800000000000000033980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.803{ec2a2542-29a8-6254-7073-267774550000}6083root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.805{ec2a2542-29a8-6254-408a-7417b9550000}6085/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/25-libtinfo-dev_6.1-1ubuntu1.18.04_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.805{ec2a2542-29a8-6254-d89f-54008d550000}6084/usr/bin/dpkg-splitroot 154100x800000000000000033986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.807{ec2a2542-29a8-6254-b083-cd9e29560000}6088/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a8-6254-408a-7417b9550000}6085/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000033985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.807{ec2a2542-29a8-6254-0000-000000000000}6086-root 534500x800000000000000033987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.808{ec2a2542-29a8-6254-0000-000000000000}6087-root 534500x800000000000000033989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.809{ec2a2542-29a8-6254-408a-7417b9550000}6085/usr/bin/dpkg-debroot 534500x800000000000000033988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.809{ec2a2542-29a8-6254-b083-cd9e29560000}6088/bin/tarroot 154100x800000000000000033990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.824{ec2a2542-29a8-6254-40da-939f5b550000}6089/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/25-libtinfo-dev_6.1-1ubuntu1.18.04_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.832{ec2a2542-29a8-6254-0000-000000000000}6090-root 534500x800000000000000033992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.844{00000000-0000-0000-0000-000000000000}6091<unknown process>root 534500x800000000000000033993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.845{ec2a2542-29a8-6254-40da-939f5b550000}6089/usr/bin/dpkg-debroot 154100x800000000000000033994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.887{ec2a2542-29a8-6254-7003-a54680550000}6092/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000033997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.890{ec2a2542-29a8-6254-d81f-322f9b550000}6093/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/26-libreadline-dev_7.0-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.890{ec2a2542-29a8-6254-7003-a54680550000}6092/bin/rmroot 23542300x800000000000000033995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.890{ec2a2542-29a8-6254-7003-a54680550000}6092root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000033999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.892{ec2a2542-29a8-6254-408a-c616a7550000}6094/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/26-libreadline-dev_7.0-3_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000033998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.892{ec2a2542-29a8-6254-d81f-322f9b550000}6093/usr/bin/dpkg-splitroot 154100x800000000000000034001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.894{ec2a2542-29a8-6254-b0d3-77def2550000}6097/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a8-6254-408a-c616a7550000}6094/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000034000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.894{ec2a2542-29a8-6254-0000-000000000000}6095-root 534500x800000000000000034002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.895{ec2a2542-29a8-6254-0000-000000000000}6096-root 534500x800000000000000034003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.896{ec2a2542-29a8-6254-b0d3-77def2550000}6097/bin/tarroot 534500x800000000000000034004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.897{ec2a2542-29a8-6254-408a-c616a7550000}6094/usr/bin/dpkg-debroot 154100x800000000000000034005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.913{ec2a2542-29a8-6254-405a-088793550000}6098/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/26-libreadline-dev_7.0-3_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.923{ec2a2542-29a8-6254-0000-000000000000}6099-root 534500x800000000000000034008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.929{ec2a2542-29a8-6254-405a-088793550000}6098/usr/bin/dpkg-debroot 534500x800000000000000034007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:16.929{00000000-0000-0000-0000-000000000000}6100<unknown process>root 154100x800000000000000034009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.002{ec2a2542-29a9-6254-70a3-2f2181550000}6101/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.003{ec2a2542-29a9-6254-70a3-2f2181550000}6101/bin/rmroot 23542300x800000000000000034010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.003{ec2a2542-29a9-6254-70a3-2f2181550000}6101root/bin/rm/var/lib/dpkg/tmp.ci/control--- 154100x800000000000000034012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.004{ec2a2542-29a9-6254-d8af-b95bab550000}6102/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/27-manpages-dev_4.15-1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.005{ec2a2542-29a9-6254-40aa-a67080550000}6103/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/27-manpages-dev_4.15-1_all.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.005{ec2a2542-29a9-6254-d8af-b95bab550000}6102/usr/bin/dpkg-splitroot 154100x800000000000000034016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.007{ec2a2542-29a9-6254-b0a3-32d6ce550000}6106/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-40aa-a67080550000}6103/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000034015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.007{ec2a2542-29a9-6254-0000-000000000000}6104-root 534500x800000000000000034019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.010{ec2a2542-29a9-6254-40aa-a67080550000}6103/usr/bin/dpkg-debroot 534500x800000000000000034018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.010{ec2a2542-29a9-6254-b0a3-32d6ce550000}6106/bin/tarroot 534500x800000000000000034017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.010{ec2a2542-29a9-6254-0000-000000000000}6105-root 154100x800000000000000034020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.024{ec2a2542-29a9-6254-405a-4c5402560000}6107/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/27-manpages-dev_4.15-1_all.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.390{ec2a2542-29a9-6254-0000-000000000000}6108-root 534500x800000000000000034023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.404{ec2a2542-29a9-6254-405a-4c5402560000}6107/usr/bin/dpkg-debroot 534500x800000000000000034022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.404{00000000-0000-0000-0000-000000000000}6109<unknown process>root 154100x800000000000000034024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.567{ec2a2542-29a9-6254-7083-0d2817560000}6110/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 23542300x800000000000000034025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.569{ec2a2542-29a9-6254-7083-0d2817560000}6110root/bin/rm/var/lib/dpkg/tmp.ci/control--- 534500x800000000000000034026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.571{ec2a2542-29a9-6254-7083-0d2817560000}6110/bin/rmroot 154100x800000000000000034027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.572{ec2a2542-29a9-6254-d83f-a7dc09560000}6111/usr/bin/dpkg-split-----dpkg-split -Qao /var/lib/dpkg/reassemble.deb /tmp/apt-dpkg-install-tVQHAZ/28-binfmtc_0.17-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.573{ec2a2542-29a9-6254-402a-14eac7550000}6112/usr/bin/dpkg-deb-----dpkg-deb --control /tmp/apt-dpkg-install-tVQHAZ/28-binfmtc_0.17-2_amd64.deb /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.573{ec2a2542-29a9-6254-d83f-a7dc09560000}6111/usr/bin/dpkg-splitroot 154100x800000000000000034031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.576{ec2a2542-29a9-6254-b0a3-a5b347560000}6115/bin/tar-----tar -x -f - --warning=no-timestamp/var/lib/dpkg/tmp.ciroot{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-402a-14eac7550000}6112/usr/bin/dpkg-debdpkg-debroot 534500x800000000000000034030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.576{ec2a2542-29a9-6254-0000-000000000000}6113-root 534500x800000000000000034033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.578{ec2a2542-29a9-6254-0000-000000000000}6114-root 534500x800000000000000034032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.578{ec2a2542-29a9-6254-b0a3-a5b347560000}6115/bin/tarroot 534500x800000000000000034034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.579{ec2a2542-29a9-6254-402a-14eac7550000}6112/usr/bin/dpkg-debroot 154100x800000000000000034035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.601{ec2a2542-29a9-6254-40fa-076964550000}6116/usr/bin/dpkg-deb-----dpkg-deb --fsys-tarfile /tmp/apt-dpkg-install-tVQHAZ/28-binfmtc_0.17-2_amd64.deb/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.605{ec2a2542-29a9-6254-0000-000000000000}6117-root 534500x800000000000000034038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.609{ec2a2542-29a9-6254-40fa-076964550000}6116/usr/bin/dpkg-debroot 534500x800000000000000034037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.609{ec2a2542-29a9-6254-0000-000000000000}6118-root 154100x800000000000000034039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.630{ec2a2542-29a9-6254-70e3-cf7e75550000}6119/bin/rm-----rm -rf -- /var/lib/dpkg/tmp.ci/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.632{ec2a2542-29a9-6254-70e3-cf7e75550000}6119/bin/rmroot 23542300x800000000000000034040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.632{ec2a2542-29a9-6254-70e3-cf7e75550000}6119root/bin/rm/var/lib/dpkg/tmp.ci/control--- 23542300x800000000000000034042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.663{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/status-old--- 23542300x800000000000000034069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0026--- 23542300x800000000000000034068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0025--- 23542300x800000000000000034067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0024--- 23542300x800000000000000034066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0023--- 23542300x800000000000000034065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0022--- 23542300x800000000000000034064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0021--- 23542300x800000000000000034063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0020--- 23542300x800000000000000034062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0019--- 23542300x800000000000000034061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0018--- 23542300x800000000000000034060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0017--- 23542300x800000000000000034059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0016--- 23542300x800000000000000034058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0015--- 23542300x800000000000000034057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0014--- 23542300x800000000000000034056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0013--- 23542300x800000000000000034055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0012--- 23542300x800000000000000034054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0011--- 23542300x800000000000000034053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0010--- 23542300x800000000000000034052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0009--- 23542300x800000000000000034051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0008--- 23542300x800000000000000034050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0007--- 23542300x800000000000000034049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0006--- 23542300x800000000000000034048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0005--- 23542300x800000000000000034047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0004--- 23542300x800000000000000034046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0003--- 23542300x800000000000000034045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0002--- 23542300x800000000000000034044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0001--- 23542300x800000000000000034043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.665{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0000--- 23542300x800000000000000034121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0078--- 23542300x800000000000000034120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0077--- 23542300x800000000000000034119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0076--- 23542300x800000000000000034118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0075--- 23542300x800000000000000034117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0074--- 23542300x800000000000000034116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0073--- 23542300x800000000000000034115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0072--- 23542300x800000000000000034114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0071--- 23542300x800000000000000034113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0070--- 23542300x800000000000000034112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0069--- 23542300x800000000000000034111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0068--- 23542300x800000000000000034110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0067--- 23542300x800000000000000034109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0066--- 23542300x800000000000000034108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0065--- 23542300x800000000000000034107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0064--- 23542300x800000000000000034106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0063--- 23542300x800000000000000034105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0062--- 23542300x800000000000000034104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0061--- 23542300x800000000000000034103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0060--- 23542300x800000000000000034102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0059--- 23542300x800000000000000034101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0058--- 23542300x800000000000000034100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0057--- 23542300x800000000000000034099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0056--- 23542300x800000000000000034098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0055--- 23542300x800000000000000034097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0054--- 23542300x800000000000000034096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0053--- 23542300x800000000000000034095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0052--- 23542300x800000000000000034094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0051--- 23542300x800000000000000034093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0050--- 23542300x800000000000000034092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0049--- 23542300x800000000000000034091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0048--- 23542300x800000000000000034090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0047--- 23542300x800000000000000034089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0046--- 23542300x800000000000000034088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0045--- 23542300x800000000000000034087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0044--- 23542300x800000000000000034086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0043--- 23542300x800000000000000034085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0042--- 23542300x800000000000000034084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0041--- 23542300x800000000000000034083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0040--- 23542300x800000000000000034082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0039--- 23542300x800000000000000034081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0038--- 23542300x800000000000000034080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0037--- 23542300x800000000000000034079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0036--- 23542300x800000000000000034078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0035--- 23542300x800000000000000034077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0034--- 23542300x800000000000000034076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0033--- 23542300x800000000000000034075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0032--- 23542300x800000000000000034074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0031--- 23542300x800000000000000034073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0030--- 23542300x800000000000000034072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0029--- 23542300x800000000000000034071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0028--- 23542300x800000000000000034070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.666{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0027--- 23542300x800000000000000034132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0089--- 23542300x800000000000000034131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0088--- 23542300x800000000000000034130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0087--- 23542300x800000000000000034129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0086--- 23542300x800000000000000034128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0085--- 23542300x800000000000000034127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0084--- 23542300x800000000000000034126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0083--- 23542300x800000000000000034125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0082--- 23542300x800000000000000034124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0081--- 23542300x800000000000000034123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0080--- 23542300x800000000000000034122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.667{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/0079--- 23542300x800000000000000034133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.669{ec2a2542-29a2-6254-7081-63c867550000}5858root/usr/bin/dpkg/var/lib/dpkg/updates/tmp.i--- 534500x800000000000000034134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.672{ec2a2542-29a2-6254-7081-63c867550000}5858/usr/bin/dpkgroot 23542300x800000000000000034159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/09-libasan4_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/12-libubsan0_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/05-cpp_4%3a7.4.0-1ubuntu2.3_amd64.deb--- 23542300x800000000000000034156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/15-libquadmath0_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/14-libmpx2_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/20-linux-libc-dev_4.15.0-175.184_amd64.deb--- 23542300x800000000000000034153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/25-libtinfo-dev_6.1-1ubuntu1.18.04_amd64.deb--- 23542300x800000000000000034152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/04-cpp-7_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/24-g++_4%3a7.4.0-1ubuntu2.3_amd64.deb--- 23542300x800000000000000034150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/01-binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.7_amd64.deb--- 23542300x800000000000000034149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/21-libc6-dev_2.27-3ubuntu1.5_amd64.deb--- 23542300x800000000000000034148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/18-gcc_4%3a7.4.0-1ubuntu2.3_amd64.deb--- 23542300x800000000000000034147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/28-binfmtc_0.17-2_amd64.deb--- 23542300x800000000000000034146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/08-libatomic1_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/19-libc-dev-bin_2.27-3ubuntu1.5_amd64.deb--- 23542300x800000000000000034144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/17-gcc-7_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/03-gcc-7-base_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/26-libreadline-dev_7.0-3_amd64.deb--- 23542300x800000000000000034141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/06-libgomp1_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/27-manpages-dev_4.15-1_all.deb--- 23542300x800000000000000034139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/02-binutils_2.30-21ubuntu1~18.04.7_amd64.deb--- 23542300x800000000000000034138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/23-g++-7_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/13-libcilkrts5_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/22-libstdc++-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.675{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/11-libtsan0_8.4.0-1ubuntu1~18.04_amd64.deb--- 154100x800000000000000034164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.676{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg-----/usr/bin/dpkg --status-fd 43 --configure --pending/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a0-6254-ccff-3d843b560000}5793/usr/bin/apt-getapt-getroot 23542300x800000000000000034163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.676{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/16-libgcc-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.676{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/07-libitm1_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.676{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/10-liblsan0_8.4.0-1ubuntu1~18.04_amd64.deb--- 23542300x800000000000000034160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.676{ec2a2542-29a0-6254-ccff-3d843b560000}5793root/usr/bin/apt-get/tmp/apt-dpkg-install-tVQHAZ/00-libbinutils_2.30-21ubuntu1~18.04.7_amd64.deb--- 154100x800000000000000034165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.952{ec2a2542-29a9-6254-6882-05e77a550000}6121/bin/dash-----/bin/sh /var/lib/dpkg/info/cpp.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.953{ec2a2542-29a9-6254-c883-bd107a550000}6122/usr/bin/update-alternatives-----update-alternatives --quiet --install /lib/cpp cpp /usr/bin/cpp 10/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-6882-05e77a550000}6121/bin/dash/bin/shroot 534500x800000000000000034168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.976{ec2a2542-29a9-6254-6882-05e77a550000}6121/bin/dashroot 534500x800000000000000034167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:17.976{ec2a2542-29a9-6254-c883-bd107a550000}6122/usr/bin/update-alternativesroot 154100x800000000000000034169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.017{ec2a2542-29aa-6254-6892-7facfe550000}6123/bin/dash-----/bin/sh /var/lib/dpkg/info/gcc.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.018{ec2a2542-29aa-6254-c8f3-4c6f2d560000}6124/usr/bin/update-alternatives-----update-alternatives --quiet --install /usr/bin/cc cc /usr/bin/gcc 20 --slave /usr/share/man/man1/cc.1.gz cc.1.gz /usr/share/man/man1/gcc.1.gz/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6892-7facfe550000}6123/bin/dash/bin/shroot 154100x800000000000000034172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.023{ec2a2542-29aa-6254-c833-57242f560000}6125/usr/bin/update-alternatives-----update-alternatives --quiet --install /usr/bin/c89 c89 /usr/bin/c89-gcc 20 --slave /usr/share/man/man1/c89.1.gz c89.1.gz /usr/share/man/man1/c89-gcc.1.gz/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6892-7facfe550000}6123/bin/dash/bin/shroot 534500x800000000000000034171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.023{ec2a2542-29aa-6254-c8f3-4c6f2d560000}6124/usr/bin/update-alternativesroot 154100x800000000000000034174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.029{ec2a2542-29aa-6254-c873-843555560000}6126/usr/bin/update-alternatives-----update-alternatives --quiet --install /usr/bin/c99 c99 /usr/bin/c99-gcc 20 --slave /usr/share/man/man1/c99.1.gz c99.1.gz /usr/share/man/man1/c99-gcc.1.gz/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6892-7facfe550000}6123/bin/dash/bin/shroot 534500x800000000000000034173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.029{ec2a2542-29aa-6254-c833-57242f560000}6125/usr/bin/update-alternativesroot 534500x800000000000000034176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.033{ec2a2542-29aa-6254-6892-7facfe550000}6123/bin/dashroot 534500x800000000000000034175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.033{ec2a2542-29aa-6254-c873-843555560000}6126/usr/bin/update-alternativesroot 154100x800000000000000034177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.044{ec2a2542-29aa-6254-6832-1929ca550000}6127/bin/dash-----/bin/sh -e /var/lib/dpkg/info/g++.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.045{ec2a2542-29aa-6254-e85b-684c35560000}6128/usr/bin/basename-----basename /var/lib/dpkg/info/g++.postinst .postinst/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6832-1929ca550000}6127/bin/dash/bin/shroot 154100x800000000000000034180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.046{ec2a2542-29aa-6254-f833-1c4880550000}6129/usr/bin/dpkg-divert-----dpkg-divert --list /usr/bin/c++filt.binutils/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6832-1929ca550000}6127/bin/dash/bin/shroot 534500x800000000000000034179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.046{ec2a2542-29aa-6254-e85b-684c35560000}6128/usr/bin/basenameroot 154100x800000000000000034182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.062{ec2a2542-29aa-6254-f8f3-60c5d6550000}6130/usr/bin/dpkg-divert-----dpkg-divert --list /usr/man/man1/c++filt.binutils.1.gz/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6832-1929ca550000}6127/bin/dash/bin/shroot 534500x800000000000000034181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.062{ec2a2542-29aa-6254-f833-1c4880550000}6129/usr/bin/dpkg-divertroot 154100x800000000000000034184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.076{ec2a2542-29aa-6254-c8c3-523af3550000}6131/usr/bin/update-alternatives-----update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++ 20 --slave /usr/share/man/man1/c++.1.gz c++.1.gz /usr/share/man/man1/g++.1.gz/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6832-1929ca550000}6127/bin/dash/bin/shroot 534500x800000000000000034183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.076{ec2a2542-29aa-6254-f8f3-60c5d6550000}6130/usr/bin/dpkg-divertroot 534500x800000000000000034186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.081{ec2a2542-29aa-6254-6832-1929ca550000}6127/bin/dashroot 534500x800000000000000034185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.081{ec2a2542-29aa-6254-c8c3-523af3550000}6131/usr/bin/update-alternativesroot 154100x800000000000000034187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.092{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash-----/bin/sh /var/lib/dpkg/info/binfmtc.postinst configure /root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.093{ec2a2542-29aa-6254-68df-597eeb550000}6133/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --import ccompile/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash/bin/shroot 534500x800000000000000034189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.094{ec2a2542-29aa-6254-68df-597eeb550000}6133/usr/sbin/update-binfmtsroot 154100x800000000000000034190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.095{ec2a2542-29aa-6254-683f-852323560000}6134/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --import cxxcompile/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash/bin/shroot 154100x800000000000000034192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.096{ec2a2542-29aa-6254-683f-0b6d66550000}6135/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --import asmassembly/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash/bin/shroot 534500x800000000000000034191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.096{ec2a2542-29aa-6254-683f-852323560000}6134/usr/sbin/update-binfmtsroot 534500x800000000000000034193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.097{ec2a2542-29aa-6254-683f-0b6d66550000}6135/usr/sbin/update-binfmtsroot 154100x800000000000000034194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.098{ec2a2542-29aa-6254-68af-f79803560000}6136/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --import gcjcompile/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash/bin/shroot 154100x800000000000000034196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.099{ec2a2542-29aa-6254-687f-cdc0d3550000}6137/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --import fcompile/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash/bin/shroot 534500x800000000000000034195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.099{ec2a2542-29aa-6254-68af-f79803560000}6136/usr/sbin/update-binfmtsroot 154100x800000000000000034198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.101{ec2a2542-29aa-6254-684f-9d88f6550000}6138/usr/sbin/update-binfmts-----/usr/sbin/update-binfmts --import f95compile/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dash/bin/shroot 534500x800000000000000034197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.101{ec2a2542-29aa-6254-687f-cdc0d3550000}6137/usr/sbin/update-binfmtsroot 534500x800000000000000034200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.102{ec2a2542-29aa-6254-68b2-62e59b550000}6132/bin/dashroot 534500x800000000000000034199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.102{ec2a2542-29aa-6254-684f-9d88f6550000}6138/usr/sbin/update-binfmtsroot 154100x800000000000000034201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.109{ec2a2542-29aa-6254-6862-11fc03560000}6139/bin/dash-----/bin/sh -e /var/lib/dpkg/info/install-info.postinst triggered /usr/share/info/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.110{ec2a2542-29aa-6254-6842-95dbce550000}6140/bin/dash-----/bin/sh /usr/sbin/update-info-dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6862-11fc03560000}6139/bin/dash/bin/shroot 154100x800000000000000034203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.111{ec2a2542-29aa-6254-70b3-10d818560000}6141/bin/rm-----rm -f /usr/share/info/dir.old/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6842-95dbce550000}6140/bin/dash/bin/shroot 154100x800000000000000034206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.112{ec2a2542-29aa-6254-983a-780d7c550000}6142/bin/cp-----cp /usr/share/info/dir /usr/share/info/dir.old/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6842-95dbce550000}6140/bin/dash/bin/shroot 534500x800000000000000034205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.112{ec2a2542-29aa-6254-70b3-10d818560000}6141/bin/rmroot 23542300x800000000000000034204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.112{ec2a2542-29aa-6254-70b3-10d818560000}6141root/bin/rm/usr/share/info/dir.old--- 154100x800000000000000034208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.113{ec2a2542-29aa-6254-7033-0827e8550000}6143/bin/rm-----rm -f /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6842-95dbce550000}6140/bin/dash/bin/shroot 534500x800000000000000034207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.113{ec2a2542-29aa-6254-983a-780d7c550000}6142/bin/cproot 154100x800000000000000034211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.114{ec2a2542-29aa-6254-9010-aa7394550000}6144/usr/bin/find-----find /usr/share/info -type f/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6842-95dbce550000}6140/bin/dash/bin/shroot 534500x800000000000000034210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.114{ec2a2542-29aa-6254-7033-0827e8550000}6143/bin/rmroot 23542300x800000000000000034209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.114{ec2a2542-29aa-6254-7033-0827e8550000}6143root/bin/rm/usr/share/info/dir--- 154100x800000000000000034213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.115{ec2a2542-29aa-6254-8027-2b254f560000}6146/usr/bin/install-info-----install-info /usr/share/info/grep.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.115{ec2a2542-29aa-6254-9010-aa7394550000}6144/usr/bin/findroot 154100x800000000000000034214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.116{ec2a2542-29aa-6254-6812-420370550000}6147/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8027-2b254f560000}6146/usr/bin/install-infoinstall-inforoot 154100x800000000000000034215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.117{ec2a2542-29aa-6254-286c-45aed5550000}6148/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6812-420370550000}6147/bin/dashshroot 534500x800000000000000034217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.118{ec2a2542-29aa-6254-6812-420370550000}6147/bin/dashroot 534500x800000000000000034216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.118{ec2a2542-29aa-6254-286c-45aed5550000}6148/bin/gziproot 154100x800000000000000034219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.119{ec2a2542-29aa-6254-8007-6366e5550000}6149/usr/bin/install-info-----install-info /usr/share/info/rluserman.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.119{ec2a2542-29aa-6254-8027-2b254f560000}6146/usr/bin/install-inforoot 154100x800000000000000034220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.120{ec2a2542-29aa-6254-68c2-fffa0b560000}6150/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8007-6366e5550000}6149/usr/bin/install-infoinstall-inforoot 154100x800000000000000034221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.121{ec2a2542-29aa-6254-288c-503770550000}6151/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68c2-fffa0b560000}6150/bin/dashshroot 534500x800000000000000034224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.123{ec2a2542-29aa-6254-8007-6366e5550000}6149/usr/bin/install-inforoot 534500x800000000000000034223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.123{ec2a2542-29aa-6254-68c2-fffa0b560000}6150/bin/dashroot 534500x800000000000000034222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.123{ec2a2542-29aa-6254-288c-503770550000}6151/bin/gziproot 154100x800000000000000034226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.124{ec2a2542-29aa-6254-6862-b3b49d550000}6153/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-80b7-7b033a560000}6152/usr/bin/install-infoinstall-inforoot 154100x800000000000000034225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.124{ec2a2542-29aa-6254-80b7-7b033a560000}6152/usr/bin/install-info-----install-info /usr/share/info/grub-dev.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 154100x800000000000000034227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.125{ec2a2542-29aa-6254-282c-f37fbb550000}6154/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6862-b3b49d550000}6153/bin/dashshroot 534500x800000000000000034229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.126{ec2a2542-29aa-6254-6862-b3b49d550000}6153/bin/dashroot 534500x800000000000000034228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.126{ec2a2542-29aa-6254-282c-f37fbb550000}6154/bin/gziproot 154100x800000000000000034231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.127{ec2a2542-29aa-6254-8017-e69723560000}6155/usr/bin/install-info-----install-info /usr/share/info/gnupg.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.127{ec2a2542-29aa-6254-80b7-7b033a560000}6152/usr/bin/install-inforoot 154100x800000000000000034232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.128{ec2a2542-29aa-6254-68a2-030000560000}6156/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8017-e69723560000}6155/usr/bin/install-infoinstall-inforoot 534500x800000000000000034235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.129{ec2a2542-29aa-6254-68a2-030000560000}6156/bin/dashroot 534500x800000000000000034234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.129{ec2a2542-29aa-6254-284c-d7eb2e560000}6157/bin/gziproot 154100x800000000000000034233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.129{ec2a2542-29aa-6254-284c-d7eb2e560000}6157/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68a2-030000560000}6156/bin/dashshroot 154100x800000000000000034237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.130{ec2a2542-29aa-6254-8087-c9333c560000}6158/usr/bin/install-info-----install-info /usr/share/info/wget.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.130{ec2a2542-29aa-6254-8017-e69723560000}6155/usr/bin/install-inforoot 154100x800000000000000034238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.131{ec2a2542-29aa-6254-6852-ce17d3550000}6159/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8087-c9333c560000}6158/usr/bin/install-infoinstall-inforoot 154100x800000000000000034239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.132{ec2a2542-29aa-6254-284c-8821dc550000}6160/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6852-ce17d3550000}6159/bin/dashshroot 534500x800000000000000034241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.134{ec2a2542-29aa-6254-6852-ce17d3550000}6159/bin/dashroot 534500x800000000000000034240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.134{ec2a2542-29aa-6254-284c-8821dc550000}6160/bin/gziproot 154100x800000000000000034243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.135{ec2a2542-29aa-6254-8017-07e078550000}6161/usr/bin/install-info-----install-info /usr/share/info/grub.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.135{ec2a2542-29aa-6254-8087-c9333c560000}6158/usr/bin/install-inforoot 154100x800000000000000034244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.136{ec2a2542-29aa-6254-68a2-0f7fce550000}6162/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8017-07e078550000}6161/usr/bin/install-infoinstall-inforoot 154100x800000000000000034245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.137{ec2a2542-29aa-6254-286c-facf76550000}6163/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68a2-0f7fce550000}6162/bin/dashshroot 534500x800000000000000034247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.141{ec2a2542-29aa-6254-68a2-0f7fce550000}6162/bin/dashroot 534500x800000000000000034246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.141{ec2a2542-29aa-6254-286c-facf76550000}6163/bin/gziproot 154100x800000000000000034249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.142{ec2a2542-29aa-6254-80c7-a805ec550000}6164/usr/bin/install-info-----install-info /usr/share/info/bc.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.142{ec2a2542-29aa-6254-8017-07e078550000}6161/usr/bin/install-inforoot 154100x800000000000000034251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.143{ec2a2542-29aa-6254-289c-0dd812560000}6166/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6882-4851a5550000}6165/bin/dashshroot 154100x800000000000000034250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.143{ec2a2542-29aa-6254-6882-4851a5550000}6165/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-80c7-a805ec550000}6164/usr/bin/install-infoinstall-inforoot 534500x800000000000000034253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.144{ec2a2542-29aa-6254-6882-4851a5550000}6165/bin/dashroot 534500x800000000000000034252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.144{ec2a2542-29aa-6254-289c-0dd812560000}6166/bin/gziproot 154100x800000000000000034255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.145{ec2a2542-29aa-6254-8047-464720560000}6167/usr/bin/install-info-----install-info /usr/share/info/ed.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.145{ec2a2542-29aa-6254-80c7-a805ec550000}6164/usr/bin/install-inforoot 154100x800000000000000034257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.146{ec2a2542-29aa-6254-283c-592b4d560000}6169/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6802-2a995e550000}6168/bin/dashshroot 154100x800000000000000034256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.146{ec2a2542-29aa-6254-6802-2a995e550000}6168/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8047-464720560000}6167/usr/bin/install-infoinstall-inforoot 534500x800000000000000034259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.148{ec2a2542-29aa-6254-6802-2a995e550000}6168/bin/dashroot 534500x800000000000000034258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.148{ec2a2542-29aa-6254-283c-592b4d560000}6169/bin/gziproot 154100x800000000000000034261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.149{ec2a2542-29aa-6254-8037-f4a399550000}6170/usr/bin/install-info-----install-info /usr/share/info/find.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.149{ec2a2542-29aa-6254-8047-464720560000}6167/usr/bin/install-inforoot 154100x800000000000000034263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.150{ec2a2542-29aa-6254-280c-4d8637560000}6172/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6832-05707c550000}6171/bin/dashshroot 154100x800000000000000034262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.150{ec2a2542-29aa-6254-6832-05707c550000}6171/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8037-f4a399550000}6170/usr/bin/install-infoinstall-inforoot 534500x800000000000000034265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.154{ec2a2542-29aa-6254-6832-05707c550000}6171/bin/dashroot 534500x800000000000000034264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.154{ec2a2542-29aa-6254-280c-4d8637560000}6172/bin/gziproot 154100x800000000000000034267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.155{ec2a2542-29aa-6254-8097-42d9de550000}6173/usr/bin/install-info-----install-info /usr/share/info/find-maint.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.155{ec2a2542-29aa-6254-8037-f4a399550000}6170/usr/bin/install-inforoot 154100x800000000000000034268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.156{ec2a2542-29aa-6254-6882-d054fb550000}6174/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8097-42d9de550000}6173/usr/bin/install-infoinstall-inforoot 154100x800000000000000034269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.157{ec2a2542-29aa-6254-282c-7525b5550000}6175/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6882-d054fb550000}6174/bin/dashshroot 534500x800000000000000034271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.158{ec2a2542-29aa-6254-6882-d054fb550000}6174/bin/dashroot 534500x800000000000000034270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.158{ec2a2542-29aa-6254-282c-7525b5550000}6175/bin/gziproot 154100x800000000000000034273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.159{ec2a2542-29aa-6254-8087-83a9fc550000}6176/usr/bin/install-info-----install-info /usr/share/info/screen.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.159{ec2a2542-29aa-6254-8097-42d9de550000}6173/usr/bin/install-inforoot 154100x800000000000000034274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.160{ec2a2542-29aa-6254-68a2-c55a10560000}6177/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8087-83a9fc550000}6176/usr/bin/install-infoinstall-inforoot 534500x800000000000000034277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.161{ec2a2542-29aa-6254-68a2-c55a10560000}6177/bin/dashroot 534500x800000000000000034276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.161{ec2a2542-29aa-6254-289c-75ac25560000}6178/bin/gziproot 154100x800000000000000034275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.161{ec2a2542-29aa-6254-289c-75ac25560000}6178/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68a2-c55a10560000}6177/bin/dashshroot 154100x800000000000000034279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.162{ec2a2542-29aa-6254-80b7-697096550000}6179/usr/bin/install-info-----install-info /usr/share/info/time.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.162{ec2a2542-29aa-6254-8087-83a9fc550000}6176/usr/bin/install-inforoot 154100x800000000000000034281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.163{ec2a2542-29aa-6254-28fc-47d6c0550000}6181/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6882-563003560000}6180/bin/dashshroot 154100x800000000000000034280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.163{ec2a2542-29aa-6254-6882-563003560000}6180/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-80b7-697096550000}6179/usr/bin/install-infoinstall-inforoot 534500x800000000000000034284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.164{ec2a2542-29aa-6254-80b7-697096550000}6179/usr/bin/install-inforoot 534500x800000000000000034283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.164{ec2a2542-29aa-6254-6882-563003560000}6180/bin/dashroot 534500x800000000000000034282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.164{ec2a2542-29aa-6254-28fc-47d6c0550000}6181/bin/gziproot 154100x800000000000000034286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.165{ec2a2542-29aa-6254-6892-ef2f08560000}6183/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8087-921d45560000}6182/usr/bin/install-infoinstall-inforoot 154100x800000000000000034285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.165{ec2a2542-29aa-6254-8087-921d45560000}6182/usr/bin/install-info-----install-info /usr/share/info/nano.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 154100x800000000000000034287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.166{ec2a2542-29aa-6254-28dc-8d78bf550000}6184/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6892-ef2f08560000}6183/bin/dashshroot 534500x800000000000000034289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.168{ec2a2542-29aa-6254-6892-ef2f08560000}6183/bin/dashroot 534500x800000000000000034288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.168{ec2a2542-29aa-6254-28dc-8d78bf550000}6184/bin/gziproot 154100x800000000000000034291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.169{ec2a2542-29aa-6254-8017-8c72ec550000}6185/usr/bin/install-info-----install-info /usr/share/info/coreutils.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.169{ec2a2542-29aa-6254-8087-921d45560000}6182/usr/bin/install-inforoot 154100x800000000000000034292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.170{ec2a2542-29aa-6254-6812-cf2fff550000}6186/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8017-8c72ec550000}6185/usr/bin/install-infoinstall-inforoot 154100x800000000000000034293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.171{ec2a2542-29aa-6254-28ac-a3acb8550000}6187/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6812-cf2fff550000}6186/bin/dashshroot 534500x800000000000000034295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.178{ec2a2542-29aa-6254-6812-cf2fff550000}6186/bin/dashroot 534500x800000000000000034294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.178{ec2a2542-29aa-6254-28ac-a3acb8550000}6187/bin/gziproot 154100x800000000000000034297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.181{ec2a2542-29aa-6254-8047-f7976f550000}6188/usr/bin/install-info-----install-info /usr/share/info/sharutils.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.181{ec2a2542-29aa-6254-8017-8c72ec550000}6185/usr/bin/install-inforoot 154100x800000000000000034299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.182{ec2a2542-29aa-6254-28bc-05317f550000}6190/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-cda52d560000}6189/bin/dashshroot 154100x800000000000000034298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.182{ec2a2542-29aa-6254-68b2-cda52d560000}6189/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8047-f7976f550000}6188/usr/bin/install-infoinstall-inforoot 154100x800000000000000034303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.185{ec2a2542-29aa-6254-8037-e843b9550000}6191/usr/bin/install-info-----install-info /usr/share/info/gzip.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.185{ec2a2542-29aa-6254-8047-f7976f550000}6188/usr/bin/install-inforoot 534500x800000000000000034301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.185{ec2a2542-29aa-6254-68b2-cda52d560000}6189/bin/dashroot 534500x800000000000000034300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.185{ec2a2542-29aa-6254-28bc-05317f550000}6190/bin/gziproot 154100x800000000000000034304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.186{ec2a2542-29aa-6254-6812-302eb8550000}6192/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8037-e843b9550000}6191/usr/bin/install-infoinstall-inforoot 154100x800000000000000034305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.187{ec2a2542-29aa-6254-28ac-e7c105560000}6193/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6812-302eb8550000}6192/bin/dashshroot 154100x800000000000000034309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.188{ec2a2542-29aa-6254-8017-e08522560000}6194/usr/bin/install-info-----install-info /usr/share/info/diffutils.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 534500x800000000000000034308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.188{ec2a2542-29aa-6254-8037-e843b9550000}6191/usr/bin/install-inforoot 534500x800000000000000034307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.188{ec2a2542-29aa-6254-6812-302eb8550000}6192/bin/dashroot 534500x800000000000000034306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.188{ec2a2542-29aa-6254-28ac-e7c105560000}6193/bin/gziproot 154100x800000000000000034310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.189{ec2a2542-29aa-6254-68d2-64419a550000}6195/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8017-e08522560000}6194/usr/bin/install-infoinstall-inforoot 154100x800000000000000034311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.190{ec2a2542-29aa-6254-28bc-bf3600560000}6196/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68d2-64419a550000}6195/bin/dashshroot 534500x800000000000000034313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.192{ec2a2542-29aa-6254-68d2-64419a550000}6195/bin/dashroot 534500x800000000000000034312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.192{ec2a2542-29aa-6254-28bc-bf3600560000}6196/bin/gziproot 534500x800000000000000034314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.193{ec2a2542-29aa-6254-8017-e08522560000}6194/usr/bin/install-inforoot 154100x800000000000000034315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.194{ec2a2542-29aa-6254-8037-9c7ee9550000}6197/usr/bin/install-info-----install-info /usr/share/info/sed.info.gz /usr/share/info/dir/root{ec2a2542-0000-0000-0000-000001000000}04no level-{00000000-0000-0000-0000-000000000000}6145--- 154100x800000000000000034317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.195{ec2a2542-29aa-6254-28ec-66ff2a560000}6199/bin/gzip-----gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6842-6fc0f1550000}6198/bin/dashshroot 154100x800000000000000034316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.195{ec2a2542-29aa-6254-6842-6fc0f1550000}6198/bin/dash-----sh -c gzip -d/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-8037-9c7ee9550000}6197/usr/bin/install-infoinstall-inforoot 534500x800000000000000034319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.197{ec2a2542-29aa-6254-6842-6fc0f1550000}6198/bin/dashroot 534500x800000000000000034318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.197{ec2a2542-29aa-6254-28ec-66ff2a560000}6199/bin/gziproot 534500x800000000000000034321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.198{00000000-0000-0000-0000-000000000000}6145<unknown process>root 534500x800000000000000034320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.198{ec2a2542-29aa-6254-8037-9c7ee9550000}6197/usr/bin/install-inforoot 534500x800000000000000034323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.199{ec2a2542-29aa-6254-6862-11fc03560000}6139/bin/dashroot 534500x800000000000000034322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.199{ec2a2542-29aa-6254-6842-95dbce550000}6140/bin/dashroot 154100x800000000000000034326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.207{ec2a2542-29aa-6254-b871-5b75e37f0000}6201/sbin/ldconfig.real-----/sbin/ldconfig.real/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-41d028560000}6200/bin/dash/bin/shroot 154100x800000000000000034325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.207{ec2a2542-29aa-6254-68a2-21b45c550000}6201/bin/dash-----/bin/sh /sbin/ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-68b2-41d028560000}6200/bin/dash/bin/shroot 154100x800000000000000034324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.207{ec2a2542-29aa-6254-68b2-41d028560000}6200/bin/dash-----/bin/sh /var/lib/dpkg/info/libc-bin.postinst triggered ldconfig/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 534500x800000000000000034328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.220{ec2a2542-29aa-6254-68b2-41d028560000}6200/bin/dashroot 534500x800000000000000034327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.220{ec2a2542-29aa-6254-68a2-21b45c550000}6201/bin/dashroot 154100x800000000000000034329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.230{ec2a2542-29aa-6254-6872-dafd33560000}6202/bin/dash-----/bin/sh /var/lib/dpkg/info/man-db.postinst triggered /usr/share/man/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29a9-6254-7061-4c7650560000}6120/usr/bin/dpkg/usr/bin/dpkgroot 154100x800000000000000034331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.231{ec2a2542-29aa-6254-808a-f39228560000}6203/usr/bin/mandb-----/usr/bin/mandb -pq/man{ec2a2542-0000-0000-0600-000001000000}64no level-{ec2a2542-29aa-6254-6872-dafd33560000}6202/bin/dash/bin/shroot 154100x800000000000000034330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.231{ec2a2542-29aa-6254-9827-143a41560000}6203/usr/bin/perl-----perl -e @pwd = getpwnam("man"); $) = $( = $pwd[3]; $> = $< = $pwd[2]; exec "/usr/bin/mandb", @ARGV -- -pq/root{ec2a2542-0000-0000-0000-000001000000}04no level-{ec2a2542-29aa-6254-6872-dafd33560000}6202/bin/dash/bin/shroot 534500x800000000000000034332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.247{00000000-0000-0000-0000-000000000000}6204<unknown process>man 534500x800000000000000034333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.250{ec2a2542-29aa-6254-0000-000000000000}6205-man 534500x800000000000000034335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.251{ec2a2542-29aa-6254-0000-000000000000}6206-man 534500x800000000000000034334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.251{ec2a2542-29aa-6254-0000-000000000000}6207-man 534500x800000000000000034336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.256{ec2a2542-29aa-6254-0000-000000000000}6208-man 534500x800000000000000034337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.259{00000000-0000-0000-0000-000000000000}6209<unknown process>man 534500x800000000000000034339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.260{ec2a2542-29aa-6254-0000-000000000000}6210-man 534500x800000000000000034338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.260{ec2a2542-29aa-6254-0000-000000000000}6211-man 534500x800000000000000034340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.265{00000000-0000-0000-0000-000000000000}6212<unknown process>man 534500x800000000000000034342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.268{ec2a2542-29aa-6254-0000-000000000000}6215-man 534500x800000000000000034341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.268{ec2a2542-29aa-6254-0000-000000000000}6213-man 534500x800000000000000034343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.269{00000000-0000-0000-0000-000000000000}6214<unknown process>man 534500x800000000000000034344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.272{ec2a2542-29aa-6254-0000-000000000000}6216-man 534500x800000000000000034345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.275{ec2a2542-29aa-6254-0000-000000000000}6217-man 534500x800000000000000034346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.276{ec2a2542-29aa-6254-0000-000000000000}6219-man 534500x800000000000000034347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.277{00000000-0000-0000-0000-000000000000}6218<unknown process>man 534500x800000000000000034348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.306{00000000-0000-0000-0000-000000000000}6220<unknown process>man 534500x800000000000000034349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.309{00000000-0000-0000-0000-000000000000}6221<unknown process>man 534500x800000000000000034350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.310{ec2a2542-29aa-6254-0000-000000000000}6223-man 534500x800000000000000034351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.311{ec2a2542-29aa-6254-0000-000000000000}6222-man 534500x800000000000000034352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.317{ec2a2542-29aa-6254-0000-000000000000}6224-man 534500x800000000000000034353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.320{00000000-0000-0000-0000-000000000000}6225<unknown process>man 534500x800000000000000034354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.321{ec2a2542-29aa-6254-0000-000000000000}6227-man 534500x800000000000000034355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.322{ec2a2542-29aa-6254-0000-000000000000}6226-man 534500x800000000000000034356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.325{00000000-0000-0000-0000-000000000000}6228<unknown process>man 534500x800000000000000034357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.328{00000000-0000-0000-0000-000000000000}6229<unknown process>man 534500x800000000000000034358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.330{ec2a2542-29aa-6254-0000-000000000000}6231-man 534500x800000000000000034359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.331{ec2a2542-29aa-6254-0000-000000000000}6230-man 534500x800000000000000034360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.334{00000000-0000-0000-0000-000000000000}6232<unknown process>man 534500x800000000000000034361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.338{ec2a2542-29aa-6254-0000-000000000000}6233-man 534500x800000000000000034363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.340{00000000-0000-0000-0000-000000000000}6234<unknown process>man 534500x800000000000000034362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.340{ec2a2542-29aa-6254-0000-000000000000}6235-man 534500x800000000000000034364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.343{ec2a2542-29aa-6254-0000-000000000000}6236-man 534500x800000000000000034365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.346{ec2a2542-29aa-6254-0000-000000000000}6237-man 534500x800000000000000034367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.347{00000000-0000-0000-0000-000000000000}6238<unknown process>man 534500x800000000000000034366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.347{ec2a2542-29aa-6254-0000-000000000000}6239-man 534500x800000000000000034368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.351{ec2a2542-29aa-6254-0000-000000000000}6240-man 534500x800000000000000034369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.354{00000000-0000-0000-0000-000000000000}6241<unknown process>man 534500x800000000000000034370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.356{ec2a2542-29aa-6254-0000-000000000000}6243-man 534500x800000000000000034371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.357{00000000-0000-0000-0000-000000000000}6242<unknown process>man 534500x800000000000000034372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.362{ec2a2542-29aa-6254-0000-000000000000}6244-man 534500x800000000000000034373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.365{ec2a2542-29aa-6254-0000-000000000000}6245-man 534500x800000000000000034374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.366{ec2a2542-29aa-6254-0000-000000000000}6247-man 534500x800000000000000034375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.368{ec2a2542-29aa-6254-0000-000000000000}6246-man 534500x800000000000000034376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.372{00000000-0000-0000-0000-000000000000}6248<unknown process>man 534500x800000000000000034377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.375{ec2a2542-29aa-6254-0000-000000000000}6249-man 534500x800000000000000034378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.376{ec2a2542-29aa-6254-0000-000000000000}6251-man 534500x800000000000000034379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.377{00000000-0000-0000-0000-000000000000}6250<unknown process>man 534500x800000000000000034380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.380{ec2a2542-29aa-6254-0000-000000000000}6252-man 534500x800000000000000034381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.383{00000000-0000-0000-0000-000000000000}6253<unknown process>man 534500x800000000000000034382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.385{ec2a2542-29aa-6254-0000-000000000000}6255-man 534500x800000000000000034383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.388{00000000-0000-0000-0000-000000000000}6254<unknown process>man 534500x800000000000000034384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.397{ec2a2542-29aa-6254-0000-000000000000}6256-man 534500x800000000000000034385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.401{ec2a2542-29aa-6254-0000-000000000000}6257-man 534500x800000000000000034387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.402{00000000-0000-0000-0000-000000000000}6258<unknown process>man 534500x800000000000000034386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.402{00000000-0000-0000-0000-000000000000}6259<unknown process>man 534500x800000000000000034388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.406{ec2a2542-29aa-6254-0000-000000000000}6260-man 534500x800000000000000034389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.409{00000000-0000-0000-0000-000000000000}6261<unknown process>man 534500x800000000000000034391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.410{00000000-0000-0000-0000-000000000000}6262<unknown process>man 534500x800000000000000034390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.410{ec2a2542-29aa-6254-0000-000000000000}6263-man 534500x800000000000000034392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.413{ec2a2542-29aa-6254-0000-000000000000}6264-man 534500x800000000000000034393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.417{ec2a2542-29aa-6254-0000-000000000000}6265-man 534500x800000000000000034395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.418{ec2a2542-29aa-6254-0000-000000000000}6266-man 534500x800000000000000034394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.418{00000000-0000-0000-0000-000000000000}6267<unknown process>man 534500x800000000000000034396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.422{00000000-0000-0000-0000-000000000000}6268<unknown process>man 534500x800000000000000034397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.425{ec2a2542-29aa-6254-0000-000000000000}6269-man 534500x800000000000000034399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.426{ec2a2542-29aa-6254-0000-000000000000}6270-man 534500x800000000000000034398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.426{ec2a2542-29aa-6254-0000-000000000000}6271-man 534500x800000000000000034400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.431{ec2a2542-29aa-6254-0000-000000000000}6272-man 534500x800000000000000034401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.435{ec2a2542-29aa-6254-0000-000000000000}6273-man 534500x800000000000000034403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.436{ec2a2542-29aa-6254-0000-000000000000}6274-man 534500x800000000000000034402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.436{ec2a2542-29aa-6254-0000-000000000000}6275-man 534500x800000000000000034404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.440{ec2a2542-29aa-6254-0000-000000000000}6276-man 534500x800000000000000034405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.442{ec2a2542-29aa-6254-0000-000000000000}6277-man 534500x800000000000000034406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.443{ec2a2542-29aa-6254-0000-000000000000}6279-man 534500x800000000000000034407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.444{00000000-0000-0000-0000-000000000000}6278<unknown process>man 534500x800000000000000034408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.453{00000000-0000-0000-0000-000000000000}6280<unknown process>man 534500x800000000000000034409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.456{ec2a2542-29aa-6254-0000-000000000000}6281-man 534500x800000000000000034410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.457{ec2a2542-29aa-6254-0000-000000000000}6283-man 534500x800000000000000034411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.458{ec2a2542-29aa-6254-0000-000000000000}6282-man 534500x800000000000000034412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.462{ec2a2542-29aa-6254-0000-000000000000}6284-man 534500x800000000000000034413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.466{ec2a2542-29aa-6254-0000-000000000000}6285-man 534500x800000000000000034414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.468{ec2a2542-29aa-6254-0000-000000000000}6287-man 534500x800000000000000034415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.469{ec2a2542-29aa-6254-0000-000000000000}6286-man 534500x800000000000000034416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.473{00000000-0000-0000-0000-000000000000}6288<unknown process>man 534500x800000000000000034417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.476{ec2a2542-29aa-6254-0000-000000000000}6289-man 534500x800000000000000034419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.477{ec2a2542-29aa-6254-0000-000000000000}6290-man 534500x800000000000000034418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.477{ec2a2542-29aa-6254-0000-000000000000}6291-man 534500x800000000000000034420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.481{00000000-0000-0000-0000-000000000000}6292<unknown process>man 534500x800000000000000034422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.484{ec2a2542-29aa-6254-0000-000000000000}6295-man 534500x800000000000000034421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.484{00000000-0000-0000-0000-000000000000}6293<unknown process>man 534500x800000000000000034423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.485{ec2a2542-29aa-6254-0000-000000000000}6294-man 534500x800000000000000034424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.488{ec2a2542-29aa-6254-0000-000000000000}6296-man 534500x800000000000000034425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.490{ec2a2542-29aa-6254-0000-000000000000}6297-man 534500x800000000000000034426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.491{ec2a2542-29aa-6254-0000-000000000000}6299-man 534500x800000000000000034427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.492{ec2a2542-29aa-6254-0000-000000000000}6298-man 534500x800000000000000034428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.495{00000000-0000-0000-0000-000000000000}6300<unknown process>man 534500x800000000000000034429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.498{ec2a2542-29aa-6254-0000-000000000000}6301-man 534500x800000000000000034431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.499{ec2a2542-29aa-6254-0000-000000000000}6302-man 534500x800000000000000034430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.499{ec2a2542-29aa-6254-0000-000000000000}6303-man 534500x800000000000000034432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.502{ec2a2542-29aa-6254-0000-000000000000}6304-man 534500x800000000000000034433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.505{ec2a2542-29aa-6254-0000-000000000000}6305-man 534500x800000000000000034434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.506{ec2a2542-29aa-6254-0000-000000000000}6307-man 534500x800000000000000034435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.507{ec2a2542-29aa-6254-0000-000000000000}6306-man 534500x800000000000000034436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.510{ec2a2542-29aa-6254-0000-000000000000}6308-man 534500x800000000000000034437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.513{ec2a2542-29aa-6254-0000-000000000000}6309-man 534500x800000000000000034439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.514{ec2a2542-29aa-6254-0000-000000000000}6310-man 534500x800000000000000034438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.514{ec2a2542-29aa-6254-0000-000000000000}6311-man 534500x800000000000000034440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.517{ec2a2542-29aa-6254-0000-000000000000}6312-man 534500x800000000000000034441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.520{ec2a2542-29aa-6254-0000-000000000000}6313-man 534500x800000000000000034442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.521{ec2a2542-29aa-6254-0000-000000000000}6315-man 534500x800000000000000034443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.522{ec2a2542-29aa-6254-0000-000000000000}6314-man 534500x800000000000000034444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.525{ec2a2542-29aa-6254-0000-000000000000}6316-man 534500x800000000000000034445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.527{ec2a2542-29aa-6254-0000-000000000000}6317-man 534500x800000000000000034447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.529{ec2a2542-29aa-6254-0000-000000000000}6318-man 534500x800000000000000034446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.529{ec2a2542-29aa-6254-0000-000000000000}6319-man 534500x800000000000000034448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.532{ec2a2542-29aa-6254-0000-000000000000}6320-man 534500x800000000000000034449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.535{ec2a2542-29aa-6254-0000-000000000000}6321-man 534500x800000000000000034450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.536{ec2a2542-29aa-6254-0000-000000000000}6323-man 534500x800000000000000034451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.537{ec2a2542-29aa-6254-0000-000000000000}6322-man 534500x800000000000000034452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.540{ec2a2542-29aa-6254-0000-000000000000}6324-man 534500x800000000000000034453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.543{00000000-0000-0000-0000-000000000000}6325<unknown process>man 534500x800000000000000034455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.545{00000000-0000-0000-0000-000000000000}6326<unknown process>man 534500x800000000000000034454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.545{ec2a2542-29aa-6254-0000-000000000000}6327-man 534500x800000000000000034456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.548{00000000-0000-0000-0000-000000000000}6328<unknown process>man 534500x800000000000000034457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.551{ec2a2542-29aa-6254-0000-000000000000}6329-man 534500x800000000000000034459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.552{00000000-0000-0000-0000-000000000000}6330<unknown process>man 534500x800000000000000034458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.552{ec2a2542-29aa-6254-0000-000000000000}6331-man 534500x800000000000000034460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.555{ec2a2542-29aa-6254-0000-000000000000}6332-man 534500x800000000000000034461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.558{ec2a2542-29aa-6254-0000-000000000000}6333-man 534500x800000000000000034463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.559{ec2a2542-29aa-6254-0000-000000000000}6334-man 534500x800000000000000034462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.559{ec2a2542-29aa-6254-0000-000000000000}6335-man 534500x800000000000000034464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.562{ec2a2542-29aa-6254-0000-000000000000}6336-man 534500x800000000000000034465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.565{ec2a2542-29aa-6254-0000-000000000000}6337-man 534500x800000000000000034467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.566{00000000-0000-0000-0000-000000000000}6338<unknown process>man 534500x800000000000000034466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.566{ec2a2542-29aa-6254-0000-000000000000}6339-man 534500x800000000000000034468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.570{ec2a2542-29aa-6254-0000-000000000000}6340-man 534500x800000000000000034469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.572{ec2a2542-29aa-6254-0000-000000000000}6341-man 534500x800000000000000034470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.574{ec2a2542-29aa-6254-0000-000000000000}6343-man 534500x800000000000000034471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.575{00000000-0000-0000-0000-000000000000}6342<unknown process>man 534500x800000000000000034472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.578{ec2a2542-29aa-6254-0000-000000000000}6344-man 534500x800000000000000034473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.581{ec2a2542-29aa-6254-0000-000000000000}6345-man 534500x800000000000000034475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.582{ec2a2542-29aa-6254-0000-000000000000}6346-man 534500x800000000000000034474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.582{ec2a2542-29aa-6254-0000-000000000000}6347-man 534500x800000000000000034476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.585{ec2a2542-29aa-6254-0000-000000000000}6348-man 534500x800000000000000034478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.588{ec2a2542-29aa-6254-0000-000000000000}6351-man 534500x800000000000000034477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.588{ec2a2542-29aa-6254-0000-000000000000}6349-man 534500x800000000000000034479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.589{00000000-0000-0000-0000-000000000000}6350<unknown process>man 534500x800000000000000034480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.592{ec2a2542-29aa-6254-0000-000000000000}6352-man 534500x800000000000000034481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.595{ec2a2542-29aa-6254-0000-000000000000}6353-man 534500x800000000000000034483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.596{ec2a2542-29aa-6254-0000-000000000000}6354-man 534500x800000000000000034482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.596{ec2a2542-29aa-6254-0000-000000000000}6355-man 534500x800000000000000034484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.599{ec2a2542-29aa-6254-0000-000000000000}6356-man 534500x800000000000000034485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.602{00000000-0000-0000-0000-000000000000}6357<unknown process>man 534500x800000000000000034487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.603{ec2a2542-29aa-6254-0000-000000000000}6358-man 534500x800000000000000034486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.603{ec2a2542-29aa-6254-0000-000000000000}6359-man 534500x800000000000000034488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.606{ec2a2542-29aa-6254-0000-000000000000}6360-man 534500x800000000000000034489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.609{ec2a2542-29aa-6254-0000-000000000000}6361-man 534500x800000000000000034491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.610{ec2a2542-29aa-6254-0000-000000000000}6362-man 534500x800000000000000034490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.610{00000000-0000-0000-0000-000000000000}6363<unknown process>man 534500x800000000000000034492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.613{ec2a2542-29aa-6254-0000-000000000000}6364-man 534500x800000000000000034494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.617{ec2a2542-29aa-6254-0000-000000000000}6367-man 534500x800000000000000034493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.617{ec2a2542-29aa-6254-0000-000000000000}6365-man 534500x800000000000000034495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.618{ec2a2542-29aa-6254-0000-000000000000}6366-man 534500x800000000000000034496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.622{ec2a2542-29aa-6254-0000-000000000000}6368-man 534500x800000000000000034497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.625{ec2a2542-29aa-6254-0000-000000000000}6369-man 534500x800000000000000034499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.626{00000000-0000-0000-0000-000000000000}6370<unknown process>man 534500x800000000000000034498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.626{ec2a2542-29aa-6254-0000-000000000000}6371-man 534500x800000000000000034500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.629{ec2a2542-29aa-6254-0000-000000000000}6372-man 534500x800000000000000034502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.632{ec2a2542-29aa-6254-0000-000000000000}6375-man 534500x800000000000000034501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.632{00000000-0000-0000-0000-000000000000}6373<unknown process>man 534500x800000000000000034503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.633{ec2a2542-29aa-6254-0000-000000000000}6374-man 534500x800000000000000034504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.636{ec2a2542-29aa-6254-0000-000000000000}6376-man 534500x800000000000000034506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.640{ec2a2542-29aa-6254-0000-000000000000}6379-man 534500x800000000000000034505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.640{ec2a2542-29aa-6254-0000-000000000000}6377-man 534500x800000000000000034507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.641{ec2a2542-29aa-6254-0000-000000000000}6378-man 534500x800000000000000034508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.644{ec2a2542-29aa-6254-0000-000000000000}6380-man 534500x800000000000000034509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.646{ec2a2542-29aa-6254-0000-000000000000}6381-man 534500x800000000000000034510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.647{ec2a2542-29aa-6254-0000-000000000000}6383-man 534500x800000000000000034511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.649{00000000-0000-0000-0000-000000000000}6382<unknown process>man 534500x800000000000000034512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.651{ec2a2542-29aa-6254-0000-000000000000}6384-man 534500x800000000000000034513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.655{00000000-0000-0000-0000-000000000000}6385<unknown process>man 534500x800000000000000034515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.656{ec2a2542-29aa-6254-0000-000000000000}6386-man 534500x800000000000000034514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.656{ec2a2542-29aa-6254-0000-000000000000}6387-man 534500x800000000000000034516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.660{ec2a2542-29aa-6254-0000-000000000000}6388-man 534500x800000000000000034518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.663{ec2a2542-29aa-6254-0000-000000000000}6391-man 534500x800000000000000034517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.663{00000000-0000-0000-0000-000000000000}6389<unknown process>man 534500x800000000000000034519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.664{00000000-0000-0000-0000-000000000000}6390<unknown process>man 534500x800000000000000034520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.667{ec2a2542-29aa-6254-0000-000000000000}6392-man 534500x800000000000000034522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.674{ec2a2542-29aa-6254-0000-000000000000}6395-man 534500x800000000000000034521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.674{ec2a2542-29aa-6254-0000-000000000000}6393-man 534500x800000000000000034523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.675{ec2a2542-29aa-6254-0000-000000000000}6394-man 534500x800000000000000034524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.678{00000000-0000-0000-0000-000000000000}6396<unknown process>man 534500x800000000000000034525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.681{ec2a2542-29aa-6254-0000-000000000000}6397-man 534500x800000000000000034527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.682{00000000-0000-0000-0000-000000000000}6398<unknown process>man 534500x800000000000000034526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.682{ec2a2542-29aa-6254-0000-000000000000}6399-man 534500x800000000000000034528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.685{ec2a2542-29aa-6254-0000-000000000000}6400-man 534500x800000000000000034529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.688{ec2a2542-29aa-6254-0000-000000000000}6401-man 534500x800000000000000034531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.689{00000000-0000-0000-0000-000000000000}6402<unknown process>man 534500x800000000000000034530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.689{ec2a2542-29aa-6254-0000-000000000000}6403-man 534500x800000000000000034532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.693{00000000-0000-0000-0000-000000000000}6404<unknown process>man 534500x800000000000000034533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.696{ec2a2542-29aa-6254-0000-000000000000}6405-man 534500x800000000000000034535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.697{00000000-0000-0000-0000-000000000000}6406<unknown process>man 534500x800000000000000034534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.697{ec2a2542-29aa-6254-0000-000000000000}6407-man 534500x800000000000000034536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.701{ec2a2542-29aa-6254-0000-000000000000}6408-man 534500x800000000000000034537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.704{ec2a2542-29aa-6254-0000-000000000000}6409-man 534500x800000000000000034538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.705{ec2a2542-29aa-6254-0000-000000000000}6411-man 534500x800000000000000034539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.706{ec2a2542-29aa-6254-0000-000000000000}6410-man 534500x800000000000000034540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.708{ec2a2542-29aa-6254-0000-000000000000}6412-man 534500x800000000000000034541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.711{ec2a2542-29aa-6254-0000-000000000000}6413-man 534500x800000000000000034542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.713{ec2a2542-29aa-6254-0000-000000000000}6415-man 534500x800000000000000034543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.714{ec2a2542-29aa-6254-0000-000000000000}6414-man 534500x800000000000000034544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.717{00000000-0000-0000-0000-000000000000}6416<unknown process>man 534500x800000000000000034545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.720{ec2a2542-29aa-6254-0000-000000000000}6417-man 534500x800000000000000034547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.722{ec2a2542-29aa-6254-0000-000000000000}6418-man 534500x800000000000000034546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.722{ec2a2542-29aa-6254-0000-000000000000}6419-man 534500x800000000000000034548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.725{ec2a2542-29aa-6254-0000-000000000000}6420-man 534500x800000000000000034549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.728{ec2a2542-29aa-6254-0000-000000000000}6421-man 534500x800000000000000034551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.729{ec2a2542-29aa-6254-0000-000000000000}6422-man 534500x800000000000000034550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.729{ec2a2542-29aa-6254-0000-000000000000}6423-man 534500x800000000000000034552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.732{ec2a2542-29aa-6254-0000-000000000000}6424-man 534500x800000000000000034553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.735{ec2a2542-29aa-6254-0000-000000000000}6425-man 534500x800000000000000034555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.736{ec2a2542-29aa-6254-0000-000000000000}6426-man 534500x800000000000000034554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.736{ec2a2542-29aa-6254-0000-000000000000}6427-man 534500x800000000000000034556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.740{ec2a2542-29aa-6254-0000-000000000000}6428-man 534500x800000000000000034558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.743{ec2a2542-29aa-6254-0000-000000000000}6431-man 534500x800000000000000034557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.743{ec2a2542-29aa-6254-0000-000000000000}6429-man 534500x800000000000000034559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.744{ec2a2542-29aa-6254-0000-000000000000}6430-man 534500x800000000000000034560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.747{ec2a2542-29aa-6254-0000-000000000000}6432-man 534500x800000000000000034561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.750{ec2a2542-29aa-6254-0000-000000000000}6433-man 534500x800000000000000034563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.751{ec2a2542-29aa-6254-0000-000000000000}6434-man 534500x800000000000000034562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.751{ec2a2542-29aa-6254-0000-000000000000}6435-man 534500x800000000000000034564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.755{00000000-0000-0000-0000-000000000000}6436<unknown process>man 534500x800000000000000034566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.758{ec2a2542-29aa-6254-0000-000000000000}6439-man 534500x800000000000000034565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.758{ec2a2542-29aa-6254-0000-000000000000}6437-man 534500x800000000000000034567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.759{ec2a2542-29aa-6254-0000-000000000000}6438-man 534500x800000000000000034568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.762{ec2a2542-29aa-6254-0000-000000000000}6440-man 534500x800000000000000034569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.766{ec2a2542-29aa-6254-0000-000000000000}6441-man 534500x800000000000000034571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.767{00000000-0000-0000-0000-000000000000}6442<unknown process>man 534500x800000000000000034570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.767{ec2a2542-29aa-6254-0000-000000000000}6443-man 534500x800000000000000034572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.770{ec2a2542-29aa-6254-0000-000000000000}6444-man 534500x800000000000000034573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.773{ec2a2542-29aa-6254-0000-000000000000}6445-man 534500x800000000000000034575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.774{ec2a2542-29aa-6254-0000-000000000000}6446-man 534500x800000000000000034574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.774{ec2a2542-29aa-6254-0000-000000000000}6447-man 534500x800000000000000034576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.777{ec2a2542-29aa-6254-0000-000000000000}6448-man 534500x800000000000000034577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.780{ec2a2542-29aa-6254-0000-000000000000}6449-man 534500x800000000000000034579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.781{ec2a2542-29aa-6254-0000-000000000000}6450-man 534500x800000000000000034578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.781{ec2a2542-29aa-6254-0000-000000000000}6451-man 534500x800000000000000034580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.784{ec2a2542-29aa-6254-0000-000000000000}6452-man 534500x800000000000000034581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.787{ec2a2542-29aa-6254-0000-000000000000}6453-man 534500x800000000000000034582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.788{ec2a2542-29aa-6254-0000-000000000000}6455-man 534500x800000000000000034583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.789{ec2a2542-29aa-6254-0000-000000000000}6454-man 534500x800000000000000034584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.792{00000000-0000-0000-0000-000000000000}6456<unknown process>man 534500x800000000000000034585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.797{00000000-0000-0000-0000-000000000000}6457<unknown process>man 534500x800000000000000034586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.798{ec2a2542-29aa-6254-0000-000000000000}6459-man 534500x800000000000000034587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.799{ec2a2542-29aa-6254-0000-000000000000}6458-man 534500x800000000000000034588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.802{ec2a2542-29aa-6254-0000-000000000000}6460-man 534500x800000000000000034590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.805{ec2a2542-29aa-6254-0000-000000000000}6463-man 534500x800000000000000034589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.805{00000000-0000-0000-0000-000000000000}6461<unknown process>man 534500x800000000000000034591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.806{ec2a2542-29aa-6254-0000-000000000000}6462-man 534500x800000000000000034592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.809{00000000-0000-0000-0000-000000000000}6464<unknown process>man 534500x800000000000000034593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.812{ec2a2542-29aa-6254-0000-000000000000}6465-man 534500x800000000000000034595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.813{ec2a2542-29aa-6254-0000-000000000000}6466-man 534500x800000000000000034594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.813{ec2a2542-29aa-6254-0000-000000000000}6467-man 534500x800000000000000034596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.816{ec2a2542-29aa-6254-0000-000000000000}6468-man 534500x800000000000000034597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.819{ec2a2542-29aa-6254-0000-000000000000}6469-man 534500x800000000000000034599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.820{ec2a2542-29aa-6254-0000-000000000000}6470-man 534500x800000000000000034598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.820{ec2a2542-29aa-6254-0000-000000000000}6471-man 534500x800000000000000034600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.824{00000000-0000-0000-0000-000000000000}6472<unknown process>man 534500x800000000000000034601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.826{ec2a2542-29aa-6254-0000-000000000000}6473-man 534500x800000000000000034603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.828{ec2a2542-29aa-6254-0000-000000000000}6474-man 534500x800000000000000034602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.828{ec2a2542-29aa-6254-0000-000000000000}6475-man 534500x800000000000000034604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.832{ec2a2542-29aa-6254-0000-000000000000}6476-man 534500x800000000000000034605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.835{ec2a2542-29aa-6254-0000-000000000000}6477-man 534500x800000000000000034607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.836{00000000-0000-0000-0000-000000000000}6478<unknown process>man 534500x800000000000000034606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.836{ec2a2542-29aa-6254-0000-000000000000}6479-man 534500x800000000000000034608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.839{ec2a2542-29aa-6254-0000-000000000000}6480-man 534500x800000000000000034609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.843{ec2a2542-29aa-6254-0000-000000000000}6481-man 534500x800000000000000034610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.846{ec2a2542-29aa-6254-0000-000000000000}6483-man 534500x800000000000000034611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.847{00000000-0000-0000-0000-000000000000}6482<unknown process>man 534500x800000000000000034612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.850{ec2a2542-29aa-6254-0000-000000000000}6484-man 534500x800000000000000034613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.853{00000000-0000-0000-0000-000000000000}6485<unknown process>man 534500x800000000000000034615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.854{00000000-0000-0000-0000-000000000000}6486<unknown process>man 534500x800000000000000034614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.854{ec2a2542-29aa-6254-0000-000000000000}6487-man 534500x800000000000000034616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.858{ec2a2542-29aa-6254-0000-000000000000}6488-man 534500x800000000000000034618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.862{ec2a2542-29aa-6254-0000-000000000000}6491-man 534500x800000000000000034617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.862{ec2a2542-29aa-6254-0000-000000000000}6489-man 534500x800000000000000034619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.863{ec2a2542-29aa-6254-0000-000000000000}6490-man 534500x800000000000000034620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.866{ec2a2542-29aa-6254-0000-000000000000}6492-man 534500x800000000000000034622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.869{ec2a2542-29aa-6254-0000-000000000000}6495-man 534500x800000000000000034621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.869{ec2a2542-29aa-6254-0000-000000000000}6493-man 534500x800000000000000034623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.870{ec2a2542-29aa-6254-0000-000000000000}6494-man 534500x800000000000000034624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.874{00000000-0000-0000-0000-000000000000}6496<unknown process>man 534500x800000000000000034626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.877{ec2a2542-29aa-6254-0000-000000000000}6499-man 534500x800000000000000034625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.877{ec2a2542-29aa-6254-0000-000000000000}6497-man 534500x800000000000000034627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.878{ec2a2542-29aa-6254-0000-000000000000}6498-man 534500x800000000000000034628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.885{00000000-0000-0000-0000-000000000000}6500<unknown process>man 534500x800000000000000034629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.888{00000000-0000-0000-0000-000000000000}6501<unknown process>man 534500x800000000000000034630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.889{00000000-0000-0000-0000-000000000000}6503<unknown process>man 534500x800000000000000034631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.890{00000000-0000-0000-0000-000000000000}6502<unknown process>man 534500x800000000000000034632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.894{00000000-0000-0000-0000-000000000000}6504<unknown process>man 534500x800000000000000034633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.897{00000000-0000-0000-0000-000000000000}6505<unknown process>man 534500x800000000000000034634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.898{00000000-0000-0000-0000-000000000000}6507<unknown process>man 534500x800000000000000034635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.899{00000000-0000-0000-0000-000000000000}6506<unknown process>man 534500x800000000000000034636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.902{00000000-0000-0000-0000-000000000000}6508<unknown process>man 534500x800000000000000034637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.905{00000000-0000-0000-0000-000000000000}6509<unknown process>man 534500x800000000000000034639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.906{00000000-0000-0000-0000-000000000000}6510<unknown process>man 534500x800000000000000034638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.906{ec2a2542-29aa-6254-0000-000000000000}6511-man 534500x800000000000000034640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.909{00000000-0000-0000-0000-000000000000}6512<unknown process>man 534500x800000000000000034642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.914{ec2a2542-29aa-6254-0000-000000000000}6515-man 534500x800000000000000034641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.914{00000000-0000-0000-0000-000000000000}6513<unknown process>man 534500x800000000000000034643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.916{00000000-0000-0000-0000-000000000000}6514<unknown process>man 534500x800000000000000034644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.919{00000000-0000-0000-0000-000000000000}6516<unknown process>man 534500x800000000000000034646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.923{00000000-0000-0000-0000-000000000000}6519<unknown process>man 534500x800000000000000034645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.923{00000000-0000-0000-0000-000000000000}6517<unknown process>man 534500x800000000000000034647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.924{00000000-0000-0000-0000-000000000000}6518<unknown process>man 534500x800000000000000034648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.927{ec2a2542-29aa-6254-0000-000000000000}6520-man 534500x800000000000000034650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.931{ec2a2542-29aa-6254-0000-000000000000}6523-man 534500x800000000000000034649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.931{ec2a2542-29aa-6254-0000-000000000000}6521-man 534500x800000000000000034651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.932{00000000-0000-0000-0000-000000000000}6522<unknown process>man 534500x800000000000000034652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.935{ec2a2542-29aa-6254-0000-000000000000}6524-man 534500x800000000000000034653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.938{ec2a2542-29aa-6254-0000-000000000000}6525-man 534500x800000000000000034655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.940{ec2a2542-29aa-6254-0000-000000000000}6526-man 534500x800000000000000034654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.940{ec2a2542-29aa-6254-0000-000000000000}6527-man 534500x800000000000000034656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.944{ec2a2542-29aa-6254-0000-000000000000}6528-man 534500x800000000000000034657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.946{ec2a2542-29aa-6254-0000-000000000000}6529-man 534500x800000000000000034658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.947{ec2a2542-29aa-6254-0000-000000000000}6531-man 534500x800000000000000034659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.948{00000000-0000-0000-0000-000000000000}6530<unknown process>man 534500x800000000000000034660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.951{00000000-0000-0000-0000-000000000000}6532<unknown process>man 534500x800000000000000034662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.954{ec2a2542-29aa-6254-0000-000000000000}6535-man 534500x800000000000000034661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.954{ec2a2542-29aa-6254-0000-000000000000}6533-man 534500x800000000000000034663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.955{00000000-0000-0000-0000-000000000000}6534<unknown process>man 534500x800000000000000034664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.958{ec2a2542-29aa-6254-0000-000000000000}6536-man 534500x800000000000000034665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.962{00000000-0000-0000-0000-000000000000}6537<unknown process>man 534500x800000000000000034666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.963{ec2a2542-29aa-6254-0000-000000000000}6539-man 534500x800000000000000034667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.964{00000000-0000-0000-0000-000000000000}6538<unknown process>man 534500x800000000000000034668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.967{ec2a2542-29aa-6254-0000-000000000000}6540-man 534500x800000000000000034670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.976{ec2a2542-29aa-6254-0000-000000000000}6543-man 534500x800000000000000034669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.976{ec2a2542-29aa-6254-0000-000000000000}6541-man 534500x800000000000000034671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.979{ec2a2542-29aa-6254-0000-000000000000}6542-man 534500x800000000000000034672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.984{00000000-0000-0000-0000-000000000000}6544<unknown process>man 534500x800000000000000034673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.988{ec2a2542-29aa-6254-0000-000000000000}6545-man 534500x800000000000000034674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.989{ec2a2542-29aa-6254-0000-000000000000}6547-man 534500x800000000000000034675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.990{ec2a2542-29aa-6254-0000-000000000000}6546-man 534500x800000000000000034676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.994{ec2a2542-29aa-6254-0000-000000000000}6548-man 534500x800000000000000034677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.997{ec2a2542-29aa-6254-0000-000000000000}6549-man 534500x800000000000000034679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.998{ec2a2542-29aa-6254-0000-000000000000}6550-man 534500x800000000000000034678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:18.998{ec2a2542-29aa-6254-0000-000000000000}6551-man 534500x800000000000000034680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.001{ec2a2542-29aa-6254-0000-000000000000}6552-man 534500x800000000000000034681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.004{ec2a2542-29aa-6254-0000-000000000000}6553-man 534500x800000000000000034683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.005{ec2a2542-29aa-6254-0000-000000000000}6554-man 534500x800000000000000034682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.005{ec2a2542-29aa-6254-0000-000000000000}6555-man 534500x800000000000000034684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.008{00000000-0000-0000-0000-000000000000}6556<unknown process>man 534500x800000000000000034686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.012{ec2a2542-29ab-6254-0000-000000000000}6559-man 534500x800000000000000034685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.012{ec2a2542-29aa-6254-0000-000000000000}6557-man 534500x800000000000000034687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.013{ec2a2542-29ab-6254-0000-000000000000}6558-man 534500x800000000000000034688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.017{ec2a2542-29ab-6254-0000-000000000000}6560-man 534500x800000000000000034689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.020{ec2a2542-29ab-6254-0000-000000000000}6561-man 534500x800000000000000034690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.021{ec2a2542-29ab-6254-0000-000000000000}6563-man 534500x800000000000000034691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.022{ec2a2542-29ab-6254-0000-000000000000}6562-man 534500x800000000000000034692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.025{00000000-0000-0000-0000-000000000000}6564<unknown process>man 534500x800000000000000034693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.028{ec2a2542-29ab-6254-0000-000000000000}6565-man 534500x800000000000000034694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.029{ec2a2542-29ab-6254-0000-000000000000}6567-man 534500x800000000000000034695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.030{ec2a2542-29ab-6254-0000-000000000000}6566-man 534500x800000000000000034696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.033{ec2a2542-29ab-6254-0000-000000000000}6568-man 534500x800000000000000034698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.037{ec2a2542-29ab-6254-0000-000000000000}6571-man 534500x800000000000000034697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.037{ec2a2542-29ab-6254-0000-000000000000}6569-man 534500x800000000000000034699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.038{ec2a2542-29ab-6254-0000-000000000000}6570-man 534500x800000000000000034700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.041{ec2a2542-29ab-6254-0000-000000000000}6572-man 534500x800000000000000034701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.044{ec2a2542-29ab-6254-0000-000000000000}6573-man 534500x800000000000000034702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.045{ec2a2542-29ab-6254-0000-000000000000}6575-man 534500x800000000000000034703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.046{ec2a2542-29ab-6254-0000-000000000000}6574-man 534500x800000000000000034704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.049{ec2a2542-29ab-6254-0000-000000000000}6576-man 534500x800000000000000034706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.052{ec2a2542-29ab-6254-0000-000000000000}6579-man 534500x800000000000000034705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.052{ec2a2542-29ab-6254-0000-000000000000}6577-man 534500x800000000000000034707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.053{ec2a2542-29ab-6254-0000-000000000000}6578-man 534500x800000000000000034708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.056{ec2a2542-29ab-6254-0000-000000000000}6580-man 534500x800000000000000034709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.059{ec2a2542-29ab-6254-0000-000000000000}6581-man 534500x800000000000000034711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.060{ec2a2542-29ab-6254-0000-000000000000}6582-man 534500x800000000000000034710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.060{ec2a2542-29ab-6254-0000-000000000000}6583-man 534500x800000000000000034712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.063{ec2a2542-29ab-6254-0000-000000000000}6584-man 534500x800000000000000034714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.066{ec2a2542-29ab-6254-0000-000000000000}6587-man 534500x800000000000000034713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.066{ec2a2542-29ab-6254-0000-000000000000}6585-man 534500x800000000000000034715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.067{ec2a2542-29ab-6254-0000-000000000000}6586-man 534500x800000000000000034716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.069{ec2a2542-29ab-6254-0000-000000000000}6588-man 534500x800000000000000034718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.073{ec2a2542-29ab-6254-0000-000000000000}6591-man 534500x800000000000000034717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.073{ec2a2542-29ab-6254-0000-000000000000}6589-man 534500x800000000000000034719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.074{ec2a2542-29ab-6254-0000-000000000000}6590-man 534500x800000000000000034720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.078{ec2a2542-29ab-6254-0000-000000000000}6592-man 534500x800000000000000034721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.081{ec2a2542-29ab-6254-0000-000000000000}6593-man 534500x800000000000000034722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.082{ec2a2542-29ab-6254-0000-000000000000}6595-man 534500x800000000000000034723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.083{ec2a2542-29ab-6254-0000-000000000000}6594-man 534500x800000000000000034724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.086{ec2a2542-29ab-6254-0000-000000000000}6596-man 534500x800000000000000034725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.089{ec2a2542-29ab-6254-0000-000000000000}6597-man 534500x800000000000000034726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.090{ec2a2542-29ab-6254-0000-000000000000}6599-man 534500x800000000000000034727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.091{00000000-0000-0000-0000-000000000000}6598<unknown process>man 534500x800000000000000034728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.093{ec2a2542-29ab-6254-0000-000000000000}6600-man 534500x800000000000000034729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.096{ec2a2542-29ab-6254-0000-000000000000}6601-man 534500x800000000000000034730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.097{ec2a2542-29ab-6254-0000-000000000000}6603-man 534500x800000000000000034731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.098{ec2a2542-29ab-6254-0000-000000000000}6602-man 534500x800000000000000034732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.101{ec2a2542-29ab-6254-0000-000000000000}6604-man 534500x800000000000000034733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.103{ec2a2542-29ab-6254-0000-000000000000}6605-man 534500x800000000000000034734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.104{ec2a2542-29ab-6254-0000-000000000000}6607-man 534500x800000000000000034735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.105{ec2a2542-29ab-6254-0000-000000000000}6606-man 534500x800000000000000034736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.108{00000000-0000-0000-0000-000000000000}6608<unknown process>man 534500x800000000000000034737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.111{ec2a2542-29ab-6254-0000-000000000000}6609-man 534500x800000000000000034738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.112{ec2a2542-29ab-6254-0000-000000000000}6611-man 534500x800000000000000034739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.113{ec2a2542-29ab-6254-0000-000000000000}6610-man 534500x800000000000000034740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.116{ec2a2542-29ab-6254-0000-000000000000}6612-man 534500x800000000000000034742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.119{ec2a2542-29ab-6254-0000-000000000000}6615-man 534500x800000000000000034741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.119{ec2a2542-29ab-6254-0000-000000000000}6613-man 534500x800000000000000034743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.120{ec2a2542-29ab-6254-0000-000000000000}6614-man 534500x800000000000000034744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.123{ec2a2542-29ab-6254-0000-000000000000}6616-man 534500x800000000000000034745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.126{ec2a2542-29ab-6254-0000-000000000000}6617-man 534500x800000000000000034747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.127{ec2a2542-29ab-6254-0000-000000000000}6618-man 534500x800000000000000034746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.127{ec2a2542-29ab-6254-0000-000000000000}6619-man 534500x800000000000000034748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.131{ec2a2542-29ab-6254-0000-000000000000}6620-man 534500x800000000000000034750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.134{ec2a2542-29ab-6254-0000-000000000000}6623-man 534500x800000000000000034749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.134{ec2a2542-29ab-6254-0000-000000000000}6621-man 534500x800000000000000034751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.135{ec2a2542-29ab-6254-0000-000000000000}6622-man 534500x800000000000000034752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.138{ec2a2542-29ab-6254-0000-000000000000}6624-man 534500x800000000000000034754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.141{ec2a2542-29ab-6254-0000-000000000000}6627-man 534500x800000000000000034753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.141{ec2a2542-29ab-6254-0000-000000000000}6625-man 534500x800000000000000034755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.142{ec2a2542-29ab-6254-0000-000000000000}6626-man 534500x800000000000000034756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.145{ec2a2542-29ab-6254-0000-000000000000}6628-man 534500x800000000000000034757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.148{ec2a2542-29ab-6254-0000-000000000000}6629-man 534500x800000000000000034759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.149{ec2a2542-29ab-6254-0000-000000000000}6630-man 534500x800000000000000034758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.149{ec2a2542-29ab-6254-0000-000000000000}6631-man 534500x800000000000000034760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.153{ec2a2542-29ab-6254-0000-000000000000}6632-man 534500x800000000000000034761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.156{ec2a2542-29ab-6254-0000-000000000000}6633-man 534500x800000000000000034763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.157{ec2a2542-29ab-6254-0000-000000000000}6634-man 534500x800000000000000034762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.157{ec2a2542-29ab-6254-0000-000000000000}6635-man 534500x800000000000000034764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.160{ec2a2542-29ab-6254-0000-000000000000}6636-man 534500x800000000000000034765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.163{ec2a2542-29ab-6254-0000-000000000000}6637-man 534500x800000000000000034767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.164{ec2a2542-29ab-6254-0000-000000000000}6638-man 534500x800000000000000034766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.164{ec2a2542-29ab-6254-0000-000000000000}6639-man 534500x800000000000000034768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.167{ec2a2542-29ab-6254-0000-000000000000}6640-man 534500x800000000000000034769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.170{ec2a2542-29ab-6254-0000-000000000000}6641-man 534500x800000000000000034771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.172{ec2a2542-29ab-6254-0000-000000000000}6642-man 534500x800000000000000034770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.172{ec2a2542-29ab-6254-0000-000000000000}6643-man 534500x800000000000000034772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.175{ec2a2542-29ab-6254-0000-000000000000}6644-man 534500x800000000000000034773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.178{ec2a2542-29ab-6254-0000-000000000000}6645-man 534500x800000000000000034775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.179{00000000-0000-0000-0000-000000000000}6646<unknown process>man 534500x800000000000000034774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.179{ec2a2542-29ab-6254-0000-000000000000}6647-man 534500x800000000000000034776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.182{ec2a2542-29ab-6254-0000-000000000000}6648-man 534500x800000000000000034778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.186{ec2a2542-29ab-6254-0000-000000000000}6651-man 534500x800000000000000034777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.186{ec2a2542-29ab-6254-0000-000000000000}6649-man 534500x800000000000000034779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.187{ec2a2542-29ab-6254-0000-000000000000}6650-man 534500x800000000000000034780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.190{ec2a2542-29ab-6254-0000-000000000000}6652-man 534500x800000000000000034781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.193{ec2a2542-29ab-6254-0000-000000000000}6653-man 534500x800000000000000034782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.194{ec2a2542-29ab-6254-0000-000000000000}6655-man 534500x800000000000000034783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.195{ec2a2542-29ab-6254-0000-000000000000}6654-man 534500x800000000000000034784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.198{ec2a2542-29ab-6254-0000-000000000000}6656-man 534500x800000000000000034785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.201{ec2a2542-29ab-6254-0000-000000000000}6657-man 534500x800000000000000034786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.202{ec2a2542-29ab-6254-0000-000000000000}6659-man 534500x800000000000000034787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.203{ec2a2542-29ab-6254-0000-000000000000}6658-man 534500x800000000000000034788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.206{ec2a2542-29ab-6254-0000-000000000000}6660-man 534500x800000000000000034790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.209{ec2a2542-29ab-6254-0000-000000000000}6663-man 534500x800000000000000034789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.209{ec2a2542-29ab-6254-0000-000000000000}6661-man 534500x800000000000000034791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.210{ec2a2542-29ab-6254-0000-000000000000}6662-man 534500x800000000000000034792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.213{ec2a2542-29ab-6254-0000-000000000000}6664-man 534500x800000000000000034793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.218{ec2a2542-29ab-6254-0000-000000000000}6665-man 534500x800000000000000034795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.219{ec2a2542-29ab-6254-0000-000000000000}6666-man 534500x800000000000000034794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.219{ec2a2542-29ab-6254-0000-000000000000}6667-man 534500x800000000000000034796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.225{ec2a2542-29ab-6254-0000-000000000000}6668-man 534500x800000000000000034797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.228{ec2a2542-29ab-6254-0000-000000000000}6669-man 534500x800000000000000034798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.229{ec2a2542-29ab-6254-0000-000000000000}6671-man 534500x800000000000000034799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.230{ec2a2542-29ab-6254-0000-000000000000}6670-man 534500x800000000000000034800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.234{ec2a2542-29ab-6254-0000-000000000000}6672-man 534500x800000000000000034802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.237{ec2a2542-29ab-6254-0000-000000000000}6675-man 534500x800000000000000034801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.237{ec2a2542-29ab-6254-0000-000000000000}6673-man 534500x800000000000000034803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.238{ec2a2542-29ab-6254-0000-000000000000}6674-man 534500x800000000000000034804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.241{ec2a2542-29ab-6254-0000-000000000000}6676-man 534500x800000000000000034805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.243{ec2a2542-29ab-6254-0000-000000000000}6677-man 534500x800000000000000034806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.244{ec2a2542-29ab-6254-0000-000000000000}6679-man 534500x800000000000000034807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.245{ec2a2542-29ab-6254-0000-000000000000}6678-man 534500x800000000000000034808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.248{ec2a2542-29ab-6254-0000-000000000000}6680-man 534500x800000000000000034809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.251{ec2a2542-29ab-6254-0000-000000000000}6681-man 534500x800000000000000034811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.252{ec2a2542-29ab-6254-0000-000000000000}6682-man 534500x800000000000000034810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.252{ec2a2542-29ab-6254-0000-000000000000}6683-man 534500x800000000000000034812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.255{ec2a2542-29ab-6254-0000-000000000000}6684-man 534500x800000000000000034814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.259{ec2a2542-29ab-6254-0000-000000000000}6687-man 534500x800000000000000034813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.259{ec2a2542-29ab-6254-0000-000000000000}6685-man 534500x800000000000000034815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.260{ec2a2542-29ab-6254-0000-000000000000}6686-man 534500x800000000000000034816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.263{00000000-0000-0000-0000-000000000000}6688<unknown process>man 534500x800000000000000034818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.266{ec2a2542-29ab-6254-0000-000000000000}6691-man 534500x800000000000000034817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.266{ec2a2542-29ab-6254-0000-000000000000}6689-man 534500x800000000000000034819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.267{00000000-0000-0000-0000-000000000000}6690<unknown process>man 534500x800000000000000034820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.271{00000000-0000-0000-0000-000000000000}6692<unknown process>man 534500x800000000000000034821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.274{ec2a2542-29ab-6254-0000-000000000000}6693-man 534500x800000000000000034822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.275{ec2a2542-29ab-6254-0000-000000000000}6695-man 534500x800000000000000034823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.276{ec2a2542-29ab-6254-0000-000000000000}6694-man 534500x800000000000000034824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.279{ec2a2542-29ab-6254-0000-000000000000}6696-man 534500x800000000000000034825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.282{00000000-0000-0000-0000-000000000000}6697<unknown process>man 534500x800000000000000034827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.283{ec2a2542-29ab-6254-0000-000000000000}6698-man 534500x800000000000000034826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.283{ec2a2542-29ab-6254-0000-000000000000}6699-man 534500x800000000000000034828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.287{ec2a2542-29ab-6254-0000-000000000000}6700-man 534500x800000000000000034829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.290{ec2a2542-29ab-6254-0000-000000000000}6701-man 534500x800000000000000034830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.291{ec2a2542-29ab-6254-0000-000000000000}6703-man 534500x800000000000000034831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.292{00000000-0000-0000-0000-000000000000}6702<unknown process>man 534500x800000000000000034832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.295{00000000-0000-0000-0000-000000000000}6704<unknown process>man 534500x800000000000000034834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.299{ec2a2542-29ab-6254-0000-000000000000}6707-man 534500x800000000000000034833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.299{ec2a2542-29ab-6254-0000-000000000000}6705-man 534500x800000000000000034835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.300{ec2a2542-29ab-6254-0000-000000000000}6706-man 534500x800000000000000034836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.303{00000000-0000-0000-0000-000000000000}6708<unknown process>man 534500x800000000000000034838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.306{ec2a2542-29ab-6254-0000-000000000000}6711-man 534500x800000000000000034837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.306{ec2a2542-29ab-6254-0000-000000000000}6709-man 534500x800000000000000034839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.307{ec2a2542-29ab-6254-0000-000000000000}6710-man 534500x800000000000000034840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.310{00000000-0000-0000-0000-000000000000}6712<unknown process>man 534500x800000000000000034841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.312{ec2a2542-29ab-6254-0000-000000000000}6713-man 534500x800000000000000034842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.313{ec2a2542-29ab-6254-0000-000000000000}6715-man 534500x800000000000000034843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.314{ec2a2542-29ab-6254-0000-000000000000}6714-man 534500x800000000000000034844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.316{00000000-0000-0000-0000-000000000000}6716<unknown process>man 534500x800000000000000034845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.319{ec2a2542-29ab-6254-0000-000000000000}6717-man 534500x800000000000000034846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.320{ec2a2542-29ab-6254-0000-000000000000}6719-man 534500x800000000000000034847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.321{ec2a2542-29ab-6254-0000-000000000000}6718-man 534500x800000000000000034848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.324{00000000-0000-0000-0000-000000000000}6720<unknown process>man 534500x800000000000000034850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.327{ec2a2542-29ab-6254-0000-000000000000}6723-man 534500x800000000000000034849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.327{ec2a2542-29ab-6254-0000-000000000000}6721-man 534500x800000000000000034851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.328{ec2a2542-29ab-6254-0000-000000000000}6722-man 534500x800000000000000034852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.331{00000000-0000-0000-0000-000000000000}6724<unknown process>man 534500x800000000000000034853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.333{ec2a2542-29ab-6254-0000-000000000000}6725-man 534500x800000000000000034854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.334{ec2a2542-29ab-6254-0000-000000000000}6727-man 534500x800000000000000034855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.337{ec2a2542-29ab-6254-0000-000000000000}6726-man 534500x800000000000000034856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.339{00000000-0000-0000-0000-000000000000}6728<unknown process>man 534500x800000000000000034857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.343{00000000-0000-0000-0000-000000000000}6729<unknown process>man 534500x800000000000000034858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.344{ec2a2542-29ab-6254-0000-000000000000}6731-man 534500x800000000000000034859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.345{ec2a2542-29ab-6254-0000-000000000000}6730-man 534500x800000000000000034860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.348{ec2a2542-29ab-6254-0000-000000000000}6732-man 534500x800000000000000034861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.351{ec2a2542-29ab-6254-0000-000000000000}6733-man 534500x800000000000000034863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.352{ec2a2542-29ab-6254-0000-000000000000}6734-man 534500x800000000000000034862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.352{ec2a2542-29ab-6254-0000-000000000000}6735-man 534500x800000000000000034864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.356{00000000-0000-0000-0000-000000000000}6736<unknown process>man 534500x800000000000000034865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.359{ec2a2542-29ab-6254-0000-000000000000}6737-man 534500x800000000000000034867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.360{ec2a2542-29ab-6254-0000-000000000000}6738-man 534500x800000000000000034866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.360{ec2a2542-29ab-6254-0000-000000000000}6739-man 534500x800000000000000034868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.363{ec2a2542-29ab-6254-0000-000000000000}6740-man 534500x800000000000000034869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.366{ec2a2542-29ab-6254-0000-000000000000}6741-man 534500x800000000000000034871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.367{ec2a2542-29ab-6254-0000-000000000000}6742-man 534500x800000000000000034870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.367{ec2a2542-29ab-6254-0000-000000000000}6743-man 534500x800000000000000034872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.372{00000000-0000-0000-0000-000000000000}6744<unknown process>man 534500x800000000000000034873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.374{ec2a2542-29ab-6254-0000-000000000000}6745-man 534500x800000000000000034874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.375{ec2a2542-29ab-6254-0000-000000000000}6747-man 534500x800000000000000034875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.376{ec2a2542-29ab-6254-0000-000000000000}6746-man 534500x800000000000000034876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.379{00000000-0000-0000-0000-000000000000}6748<unknown process>man 534500x800000000000000034877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.383{ec2a2542-29ab-6254-0000-000000000000}6749-man 534500x800000000000000034879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.384{ec2a2542-29ab-6254-0000-000000000000}6750-man 534500x800000000000000034878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.384{ec2a2542-29ab-6254-0000-000000000000}6751-man 534500x800000000000000034880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.388{00000000-0000-0000-0000-000000000000}6752<unknown process>man 534500x800000000000000034881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.390{ec2a2542-29ab-6254-0000-000000000000}6753-man 534500x800000000000000034882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.391{ec2a2542-29ab-6254-0000-000000000000}6755-man 534500x800000000000000034883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.392{ec2a2542-29ab-6254-0000-000000000000}6754-man 534500x800000000000000034884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.395{00000000-0000-0000-0000-000000000000}6756<unknown process>man 534500x800000000000000034886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.403{ec2a2542-29ab-6254-0000-000000000000}6759-man 534500x800000000000000034885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.403{ec2a2542-29ab-6254-0000-000000000000}6757-man 534500x800000000000000034887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.404{ec2a2542-29ab-6254-0000-000000000000}6758-man 534500x800000000000000034888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.407{ec2a2542-29ab-6254-0000-000000000000}6760-man 534500x800000000000000034889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.410{00000000-0000-0000-0000-000000000000}6761<unknown process>man 534500x800000000000000034891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.412{ec2a2542-29ab-6254-0000-000000000000}6762-man 534500x800000000000000034890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.412{ec2a2542-29ab-6254-0000-000000000000}6763-man 534500x800000000000000034892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.416{ec2a2542-29ab-6254-0000-000000000000}6764-man 534500x800000000000000034893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.419{ec2a2542-29ab-6254-0000-000000000000}6765-man 534500x800000000000000034894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.420{ec2a2542-29ab-6254-0000-000000000000}6767-man 534500x800000000000000034895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.421{ec2a2542-29ab-6254-0000-000000000000}6766-man 534500x800000000000000034896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.424{ec2a2542-29ab-6254-0000-000000000000}6768-man 534500x800000000000000034897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.429{ec2a2542-29ab-6254-0000-000000000000}6769-man 534500x800000000000000034898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.432{ec2a2542-29ab-6254-0000-000000000000}6771-man 534500x800000000000000034899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.433{ec2a2542-29ab-6254-0000-000000000000}6770-man 534500x800000000000000034900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.436{00000000-0000-0000-0000-000000000000}6772<unknown process>man 534500x800000000000000034901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.439{00000000-0000-0000-0000-000000000000}6773<unknown process>man 534500x800000000000000034903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.440{ec2a2542-29ab-6254-0000-000000000000}6774-man 534500x800000000000000034902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.440{ec2a2542-29ab-6254-0000-000000000000}6775-man 534500x800000000000000034904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.443{ec2a2542-29ab-6254-0000-000000000000}6776-man 534500x800000000000000034905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.446{ec2a2542-29ab-6254-0000-000000000000}6777-man 534500x800000000000000034907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.447{ec2a2542-29ab-6254-0000-000000000000}6778-man 534500x800000000000000034906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.447{ec2a2542-29ab-6254-0000-000000000000}6779-man 534500x800000000000000034908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.457{ec2a2542-29ab-6254-0000-000000000000}6780-man 534500x800000000000000034909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.459{ec2a2542-29ab-6254-0000-000000000000}6781-man 534500x800000000000000034910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.460{ec2a2542-29ab-6254-0000-000000000000}6783-man 534500x800000000000000034911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.461{ec2a2542-29ab-6254-0000-000000000000}6782-man 534500x800000000000000034912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.466{ec2a2542-29ab-6254-0000-000000000000}6784-man 534500x800000000000000034914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.470{ec2a2542-29ab-6254-0000-000000000000}6787-man 534500x800000000000000034913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.470{ec2a2542-29ab-6254-0000-000000000000}6785-man 534500x800000000000000034915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.471{ec2a2542-29ab-6254-0000-000000000000}6786-man 534500x800000000000000034916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.475{ec2a2542-29ab-6254-0000-000000000000}6788-man 534500x800000000000000034917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.478{ec2a2542-29ab-6254-0000-000000000000}6789-man 534500x800000000000000034918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.479{ec2a2542-29ab-6254-0000-000000000000}6791-man 534500x800000000000000034919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.480{ec2a2542-29ab-6254-0000-000000000000}6790-man 534500x800000000000000034920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.483{ec2a2542-29ab-6254-0000-000000000000}6792-man 534500x800000000000000034921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.486{ec2a2542-29ab-6254-0000-000000000000}6793-man 534500x800000000000000034923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.489{ec2a2542-29ab-6254-0000-000000000000}6794-man 534500x800000000000000034922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.489{00000000-0000-0000-0000-000000000000}6795<unknown process>man 534500x800000000000000034924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.492{ec2a2542-29ab-6254-0000-000000000000}6796-man 534500x800000000000000034926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.496{ec2a2542-29ab-6254-0000-000000000000}6799-man 534500x800000000000000034925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.496{ec2a2542-29ab-6254-0000-000000000000}6797-man 534500x800000000000000034927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.497{ec2a2542-29ab-6254-0000-000000000000}6798-man 534500x800000000000000034928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.501{ec2a2542-29ab-6254-0000-000000000000}6800-man 534500x800000000000000034930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.504{ec2a2542-29ab-6254-0000-000000000000}6803-man 534500x800000000000000034929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.504{ec2a2542-29ab-6254-0000-000000000000}6801-man 534500x800000000000000034931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.505{ec2a2542-29ab-6254-0000-000000000000}6802-man 534500x800000000000000034932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.508{00000000-0000-0000-0000-000000000000}6804<unknown process>man 534500x800000000000000034933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.511{00000000-0000-0000-0000-000000000000}6805<unknown process>man 534500x800000000000000034934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.512{ec2a2542-29ab-6254-0000-000000000000}6807-man 534500x800000000000000034935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.513{ec2a2542-29ab-6254-0000-000000000000}6806-man 534500x800000000000000034936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.516{00000000-0000-0000-0000-000000000000}6808<unknown process>man 534500x800000000000000034937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.519{ec2a2542-29ab-6254-0000-000000000000}6809-man 534500x800000000000000034939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.520{ec2a2542-29ab-6254-0000-000000000000}6810-man 534500x800000000000000034938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.520{ec2a2542-29ab-6254-0000-000000000000}6811-man 534500x800000000000000034940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.523{ec2a2542-29ab-6254-0000-000000000000}6812-man 534500x800000000000000034941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.526{ec2a2542-29ab-6254-0000-000000000000}6813-man 534500x800000000000000034942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.528{ec2a2542-29ab-6254-0000-000000000000}6815-man 534500x800000000000000034943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.530{00000000-0000-0000-0000-000000000000}6814<unknown process>man 534500x800000000000000034944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.533{ec2a2542-29ab-6254-0000-000000000000}6816-man 534500x800000000000000034946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.536{ec2a2542-29ab-6254-0000-000000000000}6819-man 534500x800000000000000034945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.536{ec2a2542-29ab-6254-0000-000000000000}6817-man 534500x800000000000000034947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.537{ec2a2542-29ab-6254-0000-000000000000}6818-man 534500x800000000000000034948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.540{00000000-0000-0000-0000-000000000000}6820<unknown process>man 534500x800000000000000034949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.545{ec2a2542-29ab-6254-0000-000000000000}6821-man 534500x800000000000000034951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.546{ec2a2542-29ab-6254-0000-000000000000}6822-man 534500x800000000000000034950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.546{ec2a2542-29ab-6254-0000-000000000000}6823-man 534500x800000000000000034952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.550{00000000-0000-0000-0000-000000000000}6824<unknown process>man 534500x800000000000000034953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.553{ec2a2542-29ab-6254-0000-000000000000}6825-man 534500x800000000000000034955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.556{ec2a2542-29ab-6254-0000-000000000000}6826-man 534500x800000000000000034954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.556{ec2a2542-29ab-6254-0000-000000000000}6827-man 534500x800000000000000034956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.561{ec2a2542-29ab-6254-0000-000000000000}6828-man 534500x800000000000000034958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.566{ec2a2542-29ab-6254-0000-000000000000}6831-man 534500x800000000000000034957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.566{ec2a2542-29ab-6254-0000-000000000000}6829-man 534500x800000000000000034959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.567{ec2a2542-29ab-6254-0000-000000000000}6830-man 534500x800000000000000034960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.570{00000000-0000-0000-0000-000000000000}6832<unknown process>man 534500x800000000000000034961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.573{ec2a2542-29ab-6254-0000-000000000000}6833-man 534500x800000000000000034962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.574{ec2a2542-29ab-6254-0000-000000000000}6835-man 534500x800000000000000034963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.575{00000000-0000-0000-0000-000000000000}6834<unknown process>man 534500x800000000000000034964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.579{ec2a2542-29ab-6254-0000-000000000000}6836-man 534500x800000000000000034966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.582{ec2a2542-29ab-6254-0000-000000000000}6839-man 534500x800000000000000034965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.582{ec2a2542-29ab-6254-0000-000000000000}6837-man 534500x800000000000000034967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.583{ec2a2542-29ab-6254-0000-000000000000}6838-man 534500x800000000000000034968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.586{00000000-0000-0000-0000-000000000000}6840<unknown process>man 534500x800000000000000034969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.589{ec2a2542-29ab-6254-0000-000000000000}6841-man 534500x800000000000000034970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.590{ec2a2542-29ab-6254-0000-000000000000}6843-man 534500x800000000000000034971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.591{ec2a2542-29ab-6254-0000-000000000000}6842-man 534500x800000000000000034972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.594{00000000-0000-0000-0000-000000000000}6844<unknown process>man 534500x800000000000000034973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.597{ec2a2542-29ab-6254-0000-000000000000}6845-man 534500x800000000000000034974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.598{ec2a2542-29ab-6254-0000-000000000000}6847-man 534500x800000000000000034975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.601{00000000-0000-0000-0000-000000000000}6846<unknown process>man 534500x800000000000000034976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.609{ec2a2542-29ab-6254-0000-000000000000}6848-man 534500x800000000000000034977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.613{ec2a2542-29ab-6254-0000-000000000000}6849-man 534500x800000000000000034978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.614{00000000-0000-0000-0000-000000000000}6851<unknown process>man 534500x800000000000000034979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.615{ec2a2542-29ab-6254-0000-000000000000}6850-man 534500x800000000000000034980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.619{00000000-0000-0000-0000-000000000000}6852<unknown process>man 534500x800000000000000034981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.623{ec2a2542-29ab-6254-0000-000000000000}6853-man 534500x800000000000000034983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.624{ec2a2542-29ab-6254-0000-000000000000}6854-man 534500x800000000000000034982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.624{ec2a2542-29ab-6254-0000-000000000000}6855-man 534500x800000000000000034984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.628{ec2a2542-29ab-6254-0000-000000000000}6856-man 534500x800000000000000034985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.631{ec2a2542-29ab-6254-0000-000000000000}6857-man 534500x800000000000000034987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.632{ec2a2542-29ab-6254-0000-000000000000}6858-man 534500x800000000000000034986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.632{ec2a2542-29ab-6254-0000-000000000000}6859-man 534500x800000000000000034988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.636{ec2a2542-29ab-6254-0000-000000000000}6860-man 534500x800000000000000034989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.639{ec2a2542-29ab-6254-0000-000000000000}6861-man 534500x800000000000000034991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.640{ec2a2542-29ab-6254-0000-000000000000}6862-man 534500x800000000000000034990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.640{ec2a2542-29ab-6254-0000-000000000000}6863-man 534500x800000000000000034992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.643{ec2a2542-29ab-6254-0000-000000000000}6864-man 534500x800000000000000034993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.646{ec2a2542-29ab-6254-0000-000000000000}6865-man 534500x800000000000000034995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.647{00000000-0000-0000-0000-000000000000}6866<unknown process>man 534500x800000000000000034994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.647{ec2a2542-29ab-6254-0000-000000000000}6867-man 534500x800000000000000034996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.650{ec2a2542-29ab-6254-0000-000000000000}6868-man 534500x800000000000000034998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.654{ec2a2542-29ab-6254-0000-000000000000}6871-man 534500x800000000000000034997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.654{ec2a2542-29ab-6254-0000-000000000000}6869-man 534500x800000000000000034999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.656{ec2a2542-29ab-6254-0000-000000000000}6870-man 534500x800000000000000035000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.659{ec2a2542-29ab-6254-0000-000000000000}6872-man 534500x800000000000000035001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.662{ec2a2542-29ab-6254-0000-000000000000}6873-man 534500x800000000000000035003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.663{ec2a2542-29ab-6254-0000-000000000000}6874-man 534500x800000000000000035002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.663{ec2a2542-29ab-6254-0000-000000000000}6875-man 534500x800000000000000035004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.666{ec2a2542-29ab-6254-0000-000000000000}6876-man 534500x800000000000000035006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.670{ec2a2542-29ab-6254-0000-000000000000}6879-man 534500x800000000000000035005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.670{ec2a2542-29ab-6254-0000-000000000000}6877-man 534500x800000000000000035007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.671{ec2a2542-29ab-6254-0000-000000000000}6878-man 534500x800000000000000035008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.677{ec2a2542-29ab-6254-0000-000000000000}6880-man 534500x800000000000000035009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.680{ec2a2542-29ab-6254-0000-000000000000}6881-man 534500x800000000000000035010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.682{ec2a2542-29ab-6254-0000-000000000000}6883-man 534500x800000000000000035011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.683{ec2a2542-29ab-6254-0000-000000000000}6882-man 534500x800000000000000035012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.686{ec2a2542-29ab-6254-0000-000000000000}6884-man 534500x800000000000000035014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.689{00000000-0000-0000-0000-000000000000}6887<unknown process>man 534500x800000000000000035013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.689{ec2a2542-29ab-6254-0000-000000000000}6885-man 534500x800000000000000035015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.690{ec2a2542-29ab-6254-0000-000000000000}6886-man 534500x800000000000000035016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.693{ec2a2542-29ab-6254-0000-000000000000}6888-man 534500x800000000000000035017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.695{ec2a2542-29ab-6254-0000-000000000000}6889-man 534500x800000000000000035019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.696{ec2a2542-29ab-6254-0000-000000000000}6890-man 534500x800000000000000035018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.696{ec2a2542-29ab-6254-0000-000000000000}6891-man 534500x800000000000000035020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.699{ec2a2542-29ab-6254-0000-000000000000}6892-man 534500x800000000000000035021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.702{ec2a2542-29ab-6254-0000-000000000000}6893-man 534500x800000000000000035023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.703{ec2a2542-29ab-6254-0000-000000000000}6894-man 534500x800000000000000035022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.703{ec2a2542-29ab-6254-0000-000000000000}6895-man 534500x800000000000000035024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.706{ec2a2542-29ab-6254-0000-000000000000}6896-man 534500x800000000000000035025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.709{ec2a2542-29ab-6254-0000-000000000000}6897-man 534500x800000000000000035027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.710{ec2a2542-29ab-6254-0000-000000000000}6898-man 534500x800000000000000035026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.710{ec2a2542-29ab-6254-0000-000000000000}6899-man 534500x800000000000000035028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.713{ec2a2542-29ab-6254-0000-000000000000}6900-man 534500x800000000000000035029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.716{ec2a2542-29ab-6254-0000-000000000000}6901-man 534500x800000000000000035030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.717{ec2a2542-29ab-6254-0000-000000000000}6903-man 534500x800000000000000035031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.718{ec2a2542-29ab-6254-0000-000000000000}6902-man 534500x800000000000000035032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.721{ec2a2542-29ab-6254-0000-000000000000}6904-man 534500x800000000000000035033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.724{ec2a2542-29ab-6254-0000-000000000000}6905-man 534500x800000000000000035035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.725{ec2a2542-29ab-6254-0000-000000000000}6906-man 534500x800000000000000035034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.725{ec2a2542-29ab-6254-0000-000000000000}6907-man 534500x800000000000000035036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.728{00000000-0000-0000-0000-000000000000}6908<unknown process>man 534500x800000000000000035037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.731{ec2a2542-29ab-6254-0000-000000000000}6909-man 534500x800000000000000035039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.732{ec2a2542-29ab-6254-0000-000000000000}6910-man 534500x800000000000000035038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.732{ec2a2542-29ab-6254-0000-000000000000}6911-man 534500x800000000000000035040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.735{00000000-0000-0000-0000-000000000000}6912<unknown process>man 534500x800000000000000035042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.738{ec2a2542-29ab-6254-0000-000000000000}6915-man 534500x800000000000000035041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.738{ec2a2542-29ab-6254-0000-000000000000}6913-man 534500x800000000000000035043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.739{ec2a2542-29ab-6254-0000-000000000000}6914-man 534500x800000000000000035044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.742{ec2a2542-29ab-6254-0000-000000000000}6916-man 534500x800000000000000035045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.745{ec2a2542-29ab-6254-0000-000000000000}6917-man 534500x800000000000000035047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.746{ec2a2542-29ab-6254-0000-000000000000}6918-man 534500x800000000000000035046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.746{ec2a2542-29ab-6254-0000-000000000000}6919-man 534500x800000000000000035048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.749{00000000-0000-0000-0000-000000000000}6920<unknown process>man 534500x800000000000000035050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.752{ec2a2542-29ab-6254-0000-000000000000}6923-man 534500x800000000000000035049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.752{ec2a2542-29ab-6254-0000-000000000000}6921-man 534500x800000000000000035051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.753{ec2a2542-29ab-6254-0000-000000000000}6922-man 534500x800000000000000035052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.756{ec2a2542-29ab-6254-0000-000000000000}6924-man 534500x800000000000000035054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.759{ec2a2542-29ab-6254-0000-000000000000}6927-man 534500x800000000000000035053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.759{ec2a2542-29ab-6254-0000-000000000000}6925-man 534500x800000000000000035055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.760{ec2a2542-29ab-6254-0000-000000000000}6926-man 534500x800000000000000035056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.763{00000000-0000-0000-0000-000000000000}6928<unknown process>man 534500x800000000000000035057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.765{ec2a2542-29ab-6254-0000-000000000000}6929-man 534500x800000000000000035058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.766{ec2a2542-29ab-6254-0000-000000000000}6931-man 534500x800000000000000035059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.767{ec2a2542-29ab-6254-0000-000000000000}6930-man 534500x800000000000000035060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.770{ec2a2542-29ab-6254-0000-000000000000}6932-man 534500x800000000000000035062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.773{ec2a2542-29ab-6254-0000-000000000000}6935-man 534500x800000000000000035061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.773{ec2a2542-29ab-6254-0000-000000000000}6933-man 534500x800000000000000035063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.774{ec2a2542-29ab-6254-0000-000000000000}6934-man 534500x800000000000000035064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.776{ec2a2542-29ab-6254-0000-000000000000}6936-man 534500x800000000000000035065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.779{ec2a2542-29ab-6254-0000-000000000000}6937-man 534500x800000000000000035067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.780{ec2a2542-29ab-6254-0000-000000000000}6938-man 534500x800000000000000035066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.780{ec2a2542-29ab-6254-0000-000000000000}6939-man 534500x800000000000000035068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.783{ec2a2542-29ab-6254-0000-000000000000}6940-man 534500x800000000000000035070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.786{ec2a2542-29ab-6254-0000-000000000000}6943-man 534500x800000000000000035069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.786{ec2a2542-29ab-6254-0000-000000000000}6941-man 534500x800000000000000035071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.787{ec2a2542-29ab-6254-0000-000000000000}6942-man 534500x800000000000000035072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.790{ec2a2542-29ab-6254-0000-000000000000}6944-man 534500x800000000000000035074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.793{ec2a2542-29ab-6254-0000-000000000000}6947-man 534500x800000000000000035073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.793{ec2a2542-29ab-6254-0000-000000000000}6945-man 534500x800000000000000035075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.794{ec2a2542-29ab-6254-0000-000000000000}6946-man 534500x800000000000000035076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.797{ec2a2542-29ab-6254-0000-000000000000}6948-man 534500x800000000000000035077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.799{ec2a2542-29ab-6254-0000-000000000000}6949-man 534500x800000000000000035078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.800{ec2a2542-29ab-6254-0000-000000000000}6951-man 534500x800000000000000035079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.801{ec2a2542-29ab-6254-0000-000000000000}6950-man 534500x800000000000000035080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.804{00000000-0000-0000-0000-000000000000}6952<unknown process>man 534500x800000000000000035082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.807{ec2a2542-29ab-6254-0000-000000000000}6955-man 534500x800000000000000035081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.807{ec2a2542-29ab-6254-0000-000000000000}6953-man 534500x800000000000000035083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.808{ec2a2542-29ab-6254-0000-000000000000}6954-man 534500x800000000000000035084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.811{ec2a2542-29ab-6254-0000-000000000000}6956-man 534500x800000000000000035085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.814{ec2a2542-29ab-6254-0000-000000000000}6957-man 534500x800000000000000035087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.815{ec2a2542-29ab-6254-0000-000000000000}6958-man 534500x800000000000000035086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.815{ec2a2542-29ab-6254-0000-000000000000}6959-man 534500x800000000000000035088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.818{ec2a2542-29ab-6254-0000-000000000000}6960-man 534500x800000000000000035089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.821{ec2a2542-29ab-6254-0000-000000000000}6961-man 534500x800000000000000035091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.822{ec2a2542-29ab-6254-0000-000000000000}6962-man 534500x800000000000000035090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.822{ec2a2542-29ab-6254-0000-000000000000}6963-man 534500x800000000000000035092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.825{ec2a2542-29ab-6254-0000-000000000000}6964-man 534500x800000000000000035094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.828{ec2a2542-29ab-6254-0000-000000000000}6967-man 534500x800000000000000035093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.828{00000000-0000-0000-0000-000000000000}6965<unknown process>man 534500x800000000000000035095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.829{ec2a2542-29ab-6254-0000-000000000000}6966-man 534500x800000000000000035096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.832{00000000-0000-0000-0000-000000000000}6968<unknown process>man 534500x800000000000000035097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.834{ec2a2542-29ab-6254-0000-000000000000}6969-man 534500x800000000000000035098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.835{ec2a2542-29ab-6254-0000-000000000000}6971-man 534500x800000000000000035099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.836{ec2a2542-29ab-6254-0000-000000000000}6970-man 534500x800000000000000035100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.838{ec2a2542-29ab-6254-0000-000000000000}6972-man 534500x800000000000000035101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.841{ec2a2542-29ab-6254-0000-000000000000}6973-man 534500x800000000000000035103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.842{ec2a2542-29ab-6254-0000-000000000000}6974-man 534500x800000000000000035102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.842{ec2a2542-29ab-6254-0000-000000000000}6975-man 534500x800000000000000035104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.845{ec2a2542-29ab-6254-0000-000000000000}6976-man 534500x800000000000000035105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.847{ec2a2542-29ab-6254-0000-000000000000}6977-man 534500x800000000000000035106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.848{ec2a2542-29ab-6254-0000-000000000000}6979-man 534500x800000000000000035107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.849{ec2a2542-29ab-6254-0000-000000000000}6978-man 534500x800000000000000035108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.851{ec2a2542-29ab-6254-0000-000000000000}6980-man 534500x800000000000000035109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.854{ec2a2542-29ab-6254-0000-000000000000}6981-man 534500x800000000000000035111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.855{ec2a2542-29ab-6254-0000-000000000000}6982-man 534500x800000000000000035110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.855{ec2a2542-29ab-6254-0000-000000000000}6983-man 534500x800000000000000035112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.858{ec2a2542-29ab-6254-0000-000000000000}6984-man 534500x800000000000000035114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.861{ec2a2542-29ab-6254-0000-000000000000}6987-man 534500x800000000000000035113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.861{ec2a2542-29ab-6254-0000-000000000000}6985-man 534500x800000000000000035115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.862{ec2a2542-29ab-6254-0000-000000000000}6986-man 534500x800000000000000035116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.865{ec2a2542-29ab-6254-0000-000000000000}6988-man 534500x800000000000000035118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.868{ec2a2542-29ab-6254-0000-000000000000}6991-man 534500x800000000000000035117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.868{ec2a2542-29ab-6254-0000-000000000000}6989-man 534500x800000000000000035119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.869{ec2a2542-29ab-6254-0000-000000000000}6990-man 534500x800000000000000035120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.872{00000000-0000-0000-0000-000000000000}6992<unknown process>man 534500x800000000000000035122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.875{ec2a2542-29ab-6254-0000-000000000000}6995-man 534500x800000000000000035121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.875{ec2a2542-29ab-6254-0000-000000000000}6993-man 534500x800000000000000035123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.876{ec2a2542-29ab-6254-0000-000000000000}6994-man 534500x800000000000000035124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.879{ec2a2542-29ab-6254-0000-000000000000}6996-man 534500x800000000000000035126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.882{ec2a2542-29ab-6254-0000-000000000000}6999-man 534500x800000000000000035125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.882{ec2a2542-29ab-6254-0000-000000000000}6997-man 534500x800000000000000035127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.883{ec2a2542-29ab-6254-0000-000000000000}6998-man 534500x800000000000000035128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.886{ec2a2542-29ab-6254-0000-000000000000}7000-man 534500x800000000000000035129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.889{ec2a2542-29ab-6254-0000-000000000000}7001-man 534500x800000000000000035131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.890{ec2a2542-29ab-6254-0000-000000000000}7002-man 534500x800000000000000035130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.890{ec2a2542-29ab-6254-0000-000000000000}7003-man 534500x800000000000000035132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.893{ec2a2542-29ab-6254-0000-000000000000}7004-man 534500x800000000000000035133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.896{ec2a2542-29ab-6254-0000-000000000000}7005-man 534500x800000000000000035135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.897{ec2a2542-29ab-6254-0000-000000000000}7006-man 534500x800000000000000035134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.897{ec2a2542-29ab-6254-0000-000000000000}7007-man 534500x800000000000000035136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.900{ec2a2542-29ab-6254-0000-000000000000}7008-man 534500x800000000000000035137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.903{ec2a2542-29ab-6254-0000-000000000000}7009-man 534500x800000000000000035139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.904{ec2a2542-29ab-6254-0000-000000000000}7010-man 534500x800000000000000035138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.904{ec2a2542-29ab-6254-0000-000000000000}7011-man 534500x800000000000000035140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.907{ec2a2542-29ab-6254-0000-000000000000}7012-man 534500x800000000000000035142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.910{ec2a2542-29ab-6254-0000-000000000000}7015-man 534500x800000000000000035141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.910{ec2a2542-29ab-6254-0000-000000000000}7013-man 534500x800000000000000035143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.911{ec2a2542-29ab-6254-0000-000000000000}7014-man 534500x800000000000000035144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.914{ec2a2542-29ab-6254-0000-000000000000}7016-man 534500x800000000000000035146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.917{ec2a2542-29ab-6254-0000-000000000000}7019-man 534500x800000000000000035145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.917{ec2a2542-29ab-6254-0000-000000000000}7017-man 534500x800000000000000035147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.918{ec2a2542-29ab-6254-0000-000000000000}7018-man 534500x800000000000000035148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.921{ec2a2542-29ab-6254-0000-000000000000}7020-man 534500x800000000000000035149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.923{00000000-0000-0000-0000-000000000000}7021<unknown process>man 534500x800000000000000035150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.924{ec2a2542-29ab-6254-0000-000000000000}7023-man 534500x800000000000000035151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.925{ec2a2542-29ab-6254-0000-000000000000}7022-man 534500x800000000000000035152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.928{ec2a2542-29ab-6254-0000-000000000000}7024-man 534500x800000000000000035154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.931{ec2a2542-29ab-6254-0000-000000000000}7027-man 534500x800000000000000035153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.931{00000000-0000-0000-0000-000000000000}7025<unknown process>man 534500x800000000000000035155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.932{ec2a2542-29ab-6254-0000-000000000000}7026-man 534500x800000000000000035156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.935{ec2a2542-29ab-6254-0000-000000000000}7028-man 534500x800000000000000035158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.938{ec2a2542-29ab-6254-0000-000000000000}7031-man 534500x800000000000000035157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.938{ec2a2542-29ab-6254-0000-000000000000}7029-man 534500x800000000000000035159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.939{ec2a2542-29ab-6254-0000-000000000000}7030-man 534500x800000000000000035160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.942{ec2a2542-29ab-6254-0000-000000000000}7032-man 534500x800000000000000035161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.944{00000000-0000-0000-0000-000000000000}7033<unknown process>man 534500x800000000000000035162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.945{ec2a2542-29ab-6254-0000-000000000000}7035-man 534500x800000000000000035163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.946{ec2a2542-29ab-6254-0000-000000000000}7034-man 534500x800000000000000035164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.949{ec2a2542-29ab-6254-0000-000000000000}7036-man 534500x800000000000000035166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.952{ec2a2542-29ab-6254-0000-000000000000}7039-man 534500x800000000000000035165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.952{ec2a2542-29ab-6254-0000-000000000000}7037-man 534500x800000000000000035167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.953{ec2a2542-29ab-6254-0000-000000000000}7038-man 534500x800000000000000035168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.956{ec2a2542-29ab-6254-0000-000000000000}7040-man 534500x800000000000000035169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.958{ec2a2542-29ab-6254-0000-000000000000}7041-man 534500x800000000000000035170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.959{ec2a2542-29ab-6254-0000-000000000000}7043-man 534500x800000000000000035171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.960{ec2a2542-29ab-6254-0000-000000000000}7042-man 534500x800000000000000035172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.962{ec2a2542-29ab-6254-0000-000000000000}7044-man 534500x800000000000000035173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.965{ec2a2542-29ab-6254-0000-000000000000}7045-man 534500x800000000000000035175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.966{ec2a2542-29ab-6254-0000-000000000000}7046-man 534500x800000000000000035174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.966{ec2a2542-29ab-6254-0000-000000000000}7047-man 534500x800000000000000035176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.970{ec2a2542-29ab-6254-0000-000000000000}7048-man 534500x800000000000000035177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.973{ec2a2542-29ab-6254-0000-000000000000}7049-man 534500x800000000000000035179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.975{ec2a2542-29ab-6254-0000-000000000000}7050-man 534500x800000000000000035178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.975{ec2a2542-29ab-6254-0000-000000000000}7051-man 534500x800000000000000035180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.978{ec2a2542-29ab-6254-0000-000000000000}7052-man 534500x800000000000000035181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.981{ec2a2542-29ab-6254-0000-000000000000}7053-man 534500x800000000000000035183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.982{ec2a2542-29ab-6254-0000-000000000000}7054-man 534500x800000000000000035182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.982{ec2a2542-29ab-6254-0000-000000000000}7055-man 534500x800000000000000035184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.985{ec2a2542-29ab-6254-0000-000000000000}7056-man 534500x800000000000000035185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.988{ec2a2542-29ab-6254-0000-000000000000}7057-man 534500x800000000000000035187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.989{ec2a2542-29ab-6254-0000-000000000000}7058-man 534500x800000000000000035186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.989{ec2a2542-29ab-6254-0000-000000000000}7059-man 534500x800000000000000035188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.993{00000000-0000-0000-0000-000000000000}7060<unknown process>man 534500x800000000000000035189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.995{00000000-0000-0000-0000-000000000000}7061<unknown process>man 534500x800000000000000035190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.996{ec2a2542-29ab-6254-0000-000000000000}7063-man 534500x800000000000000035191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.997{ec2a2542-29ab-6254-0000-000000000000}7062-man 534500x800000000000000035192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:19.999{ec2a2542-29ab-6254-0000-000000000000}7064-man 534500x800000000000000035193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.002{ec2a2542-29ab-6254-0000-000000000000}7065-man 534500x800000000000000035195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.003{ec2a2542-29ab-6254-0000-000000000000}7066-man 534500x800000000000000035194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.003{ec2a2542-29ab-6254-0000-000000000000}7067-man 534500x800000000000000035196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.006{ec2a2542-29ab-6254-0000-000000000000}7068-man 534500x800000000000000035198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.009{ec2a2542-29ac-6254-0000-000000000000}7071-man 534500x800000000000000035197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.009{ec2a2542-29ab-6254-0000-000000000000}7069-man 534500x800000000000000035199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.010{ec2a2542-29ac-6254-0000-000000000000}7070-man 534500x800000000000000035200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.013{ec2a2542-29ac-6254-0000-000000000000}7072-man 534500x800000000000000035201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.016{ec2a2542-29ac-6254-0000-000000000000}7073-man 534500x800000000000000035202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.017{ec2a2542-29ac-6254-0000-000000000000}7075-man 534500x800000000000000035203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.018{ec2a2542-29ac-6254-0000-000000000000}7074-man 534500x800000000000000035204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.020{ec2a2542-29ac-6254-0000-000000000000}7076-man 534500x800000000000000035205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.023{ec2a2542-29ac-6254-0000-000000000000}7077-man 534500x800000000000000035206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.024{ec2a2542-29ac-6254-0000-000000000000}7079-man 534500x800000000000000035207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.025{ec2a2542-29ac-6254-0000-000000000000}7078-man 534500x800000000000000035208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.028{ec2a2542-29ac-6254-0000-000000000000}7080-man 534500x800000000000000035210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.031{ec2a2542-29ac-6254-0000-000000000000}7083-man 534500x800000000000000035209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.031{ec2a2542-29ac-6254-0000-000000000000}7081-man 534500x800000000000000035211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.032{ec2a2542-29ac-6254-0000-000000000000}7082-man 534500x800000000000000035212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.035{ec2a2542-29ac-6254-0000-000000000000}7084-man 534500x800000000000000035214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.038{ec2a2542-29ac-6254-0000-000000000000}7087-man 534500x800000000000000035213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.038{ec2a2542-29ac-6254-0000-000000000000}7085-man 534500x800000000000000035215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.039{ec2a2542-29ac-6254-0000-000000000000}7086-man 534500x800000000000000035216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.042{ec2a2542-29ac-6254-0000-000000000000}7088-man 534500x800000000000000035218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.045{ec2a2542-29ac-6254-0000-000000000000}7091-man 534500x800000000000000035217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.045{ec2a2542-29ac-6254-0000-000000000000}7089-man 534500x800000000000000035219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.046{ec2a2542-29ac-6254-0000-000000000000}7090-man 534500x800000000000000035220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.049{00000000-0000-0000-0000-000000000000}7092<unknown process>man 534500x800000000000000035222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.052{ec2a2542-29ac-6254-0000-000000000000}7095-man 534500x800000000000000035221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.052{ec2a2542-29ac-6254-0000-000000000000}7093-man 534500x800000000000000035223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.053{ec2a2542-29ac-6254-0000-000000000000}7094-man 534500x800000000000000035224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.056{00000000-0000-0000-0000-000000000000}7096<unknown process>man 534500x800000000000000035225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.058{ec2a2542-29ac-6254-0000-000000000000}7097-man 534500x800000000000000035226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.059{ec2a2542-29ac-6254-0000-000000000000}7099-man 534500x800000000000000035227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.060{ec2a2542-29ac-6254-0000-000000000000}7098-man 534500x800000000000000035228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.063{ec2a2542-29ac-6254-0000-000000000000}7100-man 534500x800000000000000035230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.066{ec2a2542-29ac-6254-0000-000000000000}7103-man 534500x800000000000000035229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.066{ec2a2542-29ac-6254-0000-000000000000}7101-man 534500x800000000000000035231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.067{ec2a2542-29ac-6254-0000-000000000000}7102-man 534500x800000000000000035232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.070{ec2a2542-29ac-6254-0000-000000000000}7104-man 534500x800000000000000035234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.073{ec2a2542-29ac-6254-0000-000000000000}7107-man 534500x800000000000000035233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.073{ec2a2542-29ac-6254-0000-000000000000}7105-man 534500x800000000000000035235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.074{ec2a2542-29ac-6254-0000-000000000000}7106-man 534500x800000000000000035236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.077{ec2a2542-29ac-6254-0000-000000000000}7108-man 534500x800000000000000035238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.080{ec2a2542-29ac-6254-0000-000000000000}7111-man 534500x800000000000000035237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.080{ec2a2542-29ac-6254-0000-000000000000}7109-man 534500x800000000000000035239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.081{ec2a2542-29ac-6254-0000-000000000000}7110-man 534500x800000000000000035240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.084{ec2a2542-29ac-6254-0000-000000000000}7112-man 534500x800000000000000035241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.087{ec2a2542-29ac-6254-0000-000000000000}7113-man 534500x800000000000000035243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.088{ec2a2542-29ac-6254-0000-000000000000}7114-man 534500x800000000000000035242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.088{ec2a2542-29ac-6254-0000-000000000000}7115-man 534500x800000000000000035244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.091{ec2a2542-29ac-6254-0000-000000000000}7116-man 534500x800000000000000035245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.094{ec2a2542-29ac-6254-0000-000000000000}7117-man 534500x800000000000000035247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.095{ec2a2542-29ac-6254-0000-000000000000}7118-man 534500x800000000000000035246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.095{ec2a2542-29ac-6254-0000-000000000000}7119-man 534500x800000000000000035248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.098{ec2a2542-29ac-6254-0000-000000000000}7120-man 534500x800000000000000035249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.101{ec2a2542-29ac-6254-0000-000000000000}7121-man 534500x800000000000000035251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.102{ec2a2542-29ac-6254-0000-000000000000}7122-man 534500x800000000000000035250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.102{ec2a2542-29ac-6254-0000-000000000000}7123-man 534500x800000000000000035252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.105{ec2a2542-29ac-6254-0000-000000000000}7124-man 534500x800000000000000035253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.108{ec2a2542-29ac-6254-0000-000000000000}7125-man 534500x800000000000000035255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.109{ec2a2542-29ac-6254-0000-000000000000}7126-man 534500x800000000000000035254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.109{ec2a2542-29ac-6254-0000-000000000000}7127-man 534500x800000000000000035256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.112{ec2a2542-29ac-6254-0000-000000000000}7128-man 534500x800000000000000035257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.115{ec2a2542-29ac-6254-0000-000000000000}7129-man 534500x800000000000000035259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.116{ec2a2542-29ac-6254-0000-000000000000}7130-man 534500x800000000000000035258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.116{ec2a2542-29ac-6254-0000-000000000000}7131-man 534500x800000000000000035260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.119{00000000-0000-0000-0000-000000000000}7132<unknown process>man 534500x800000000000000035262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.122{ec2a2542-29ac-6254-0000-000000000000}7135-man 534500x800000000000000035261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.122{ec2a2542-29ac-6254-0000-000000000000}7133-man 534500x800000000000000035263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.123{00000000-0000-0000-0000-000000000000}7134<unknown process>man 534500x800000000000000035264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.127{00000000-0000-0000-0000-000000000000}7136<unknown process>man 534500x800000000000000035265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.130{00000000-0000-0000-0000-000000000000}7137<unknown process>man 534500x800000000000000035267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.131{ec2a2542-29ac-6254-0000-000000000000}7138-man 534500x800000000000000035266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.131{ec2a2542-29ac-6254-0000-000000000000}7139-man 534500x800000000000000035268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.134{ec2a2542-29ac-6254-0000-000000000000}7140-man 534500x800000000000000035269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.137{ec2a2542-29ac-6254-0000-000000000000}7141-man 534500x800000000000000035271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.138{ec2a2542-29ac-6254-0000-000000000000}7142-man 534500x800000000000000035270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.138{ec2a2542-29ac-6254-0000-000000000000}7143-man 534500x800000000000000035272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.141{ec2a2542-29ac-6254-0000-000000000000}7144-man 534500x800000000000000035273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.144{ec2a2542-29ac-6254-0000-000000000000}7145-man 534500x800000000000000035275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.145{ec2a2542-29ac-6254-0000-000000000000}7146-man 534500x800000000000000035274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.145{ec2a2542-29ac-6254-0000-000000000000}7147-man 534500x800000000000000035276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.148{ec2a2542-29ac-6254-0000-000000000000}7148-man 534500x800000000000000035277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.151{ec2a2542-29ac-6254-0000-000000000000}7149-man 534500x800000000000000035279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.152{ec2a2542-29ac-6254-0000-000000000000}7150-man 534500x800000000000000035278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.152{ec2a2542-29ac-6254-0000-000000000000}7151-man 534500x800000000000000035280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.155{ec2a2542-29ac-6254-0000-000000000000}7152-man 534500x800000000000000035282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.158{ec2a2542-29ac-6254-0000-000000000000}7155-man 534500x800000000000000035281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.158{ec2a2542-29ac-6254-0000-000000000000}7153-man 534500x800000000000000035283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.159{ec2a2542-29ac-6254-0000-000000000000}7154-man 534500x800000000000000035284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.162{ec2a2542-29ac-6254-0000-000000000000}7156-man 534500x800000000000000035286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.165{ec2a2542-29ac-6254-0000-000000000000}7159-man 534500x800000000000000035285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.165{ec2a2542-29ac-6254-0000-000000000000}7157-man 534500x800000000000000035287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.166{ec2a2542-29ac-6254-0000-000000000000}7158-man 534500x800000000000000035288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.169{00000000-0000-0000-0000-000000000000}7160<unknown process>man 534500x800000000000000035289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.171{ec2a2542-29ac-6254-0000-000000000000}7161-man 534500x800000000000000035291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.172{ec2a2542-29ac-6254-0000-000000000000}7162-man 534500x800000000000000035290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.172{ec2a2542-29ac-6254-0000-000000000000}7163-man 534500x800000000000000035292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.175{00000000-0000-0000-0000-000000000000}7164<unknown process>man 534500x800000000000000035293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.178{ec2a2542-29ac-6254-0000-000000000000}7165-man 534500x800000000000000035295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.179{ec2a2542-29ac-6254-0000-000000000000}7166-man 534500x800000000000000035294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.179{ec2a2542-29ac-6254-0000-000000000000}7167-man 534500x800000000000000035296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.182{ec2a2542-29ac-6254-0000-000000000000}7168-man 534500x800000000000000035297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.185{ec2a2542-29ac-6254-0000-000000000000}7169-man 534500x800000000000000035299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.186{ec2a2542-29ac-6254-0000-000000000000}7170-man 534500x800000000000000035298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.186{ec2a2542-29ac-6254-0000-000000000000}7171-man 534500x800000000000000035300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.189{00000000-0000-0000-0000-000000000000}7172<unknown process>man 534500x800000000000000035301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.192{ec2a2542-29ac-6254-0000-000000000000}7173-man 534500x800000000000000035303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.193{ec2a2542-29ac-6254-0000-000000000000}7174-man 534500x800000000000000035302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.193{ec2a2542-29ac-6254-0000-000000000000}7175-man 534500x800000000000000035304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.196{ec2a2542-29ac-6254-0000-000000000000}7176-man 534500x800000000000000035305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.199{ec2a2542-29ac-6254-0000-000000000000}7177-man 534500x800000000000000035307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.200{ec2a2542-29ac-6254-0000-000000000000}7178-man 534500x800000000000000035306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.200{ec2a2542-29ac-6254-0000-000000000000}7179-man 534500x800000000000000035308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.204{00000000-0000-0000-0000-000000000000}7180<unknown process>man 534500x800000000000000035310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.207{ec2a2542-29ac-6254-0000-000000000000}7183-man 534500x800000000000000035309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.207{ec2a2542-29ac-6254-0000-000000000000}7181-man 534500x800000000000000035311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.208{ec2a2542-29ac-6254-0000-000000000000}7182-man 534500x800000000000000035312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.211{ec2a2542-29ac-6254-0000-000000000000}7184-man 534500x800000000000000035314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.214{ec2a2542-29ac-6254-0000-000000000000}7187-man 534500x800000000000000035313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.214{ec2a2542-29ac-6254-0000-000000000000}7185-man 534500x800000000000000035315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.215{ec2a2542-29ac-6254-0000-000000000000}7186-man 534500x800000000000000035316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.218{00000000-0000-0000-0000-000000000000}7188<unknown process>man 534500x800000000000000035317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.221{00000000-0000-0000-0000-000000000000}7189<unknown process>man 534500x800000000000000035318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.222{ec2a2542-29ac-6254-0000-000000000000}7191-man 534500x800000000000000035319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.223{ec2a2542-29ac-6254-0000-000000000000}7190-man 534500x800000000000000035320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.227{ec2a2542-29ac-6254-0000-000000000000}7192-man 534500x800000000000000035321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.229{00000000-0000-0000-0000-000000000000}7193<unknown process>man 534500x800000000000000035323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.231{ec2a2542-29ac-6254-0000-000000000000}7194-man 534500x800000000000000035322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.231{ec2a2542-29ac-6254-0000-000000000000}7195-man 534500x800000000000000035324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.234{ec2a2542-29ac-6254-0000-000000000000}7196-man 534500x800000000000000035325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.237{ec2a2542-29ac-6254-0000-000000000000}7197-man 534500x800000000000000035327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.238{ec2a2542-29ac-6254-0000-000000000000}7198-man 534500x800000000000000035326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.238{ec2a2542-29ac-6254-0000-000000000000}7199-man 534500x800000000000000035328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.241{ec2a2542-29ac-6254-0000-000000000000}7200-man 534500x800000000000000035330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.244{ec2a2542-29ac-6254-0000-000000000000}7203-man 534500x800000000000000035329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.244{ec2a2542-29ac-6254-0000-000000000000}7201-man 534500x800000000000000035331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.245{ec2a2542-29ac-6254-0000-000000000000}7202-man 534500x800000000000000035332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.247{ec2a2542-29ac-6254-0000-000000000000}7204-man 534500x800000000000000035333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.250{ec2a2542-29ac-6254-0000-000000000000}7205-man 534500x800000000000000035335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.251{ec2a2542-29ac-6254-0000-000000000000}7206-man 534500x800000000000000035334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.251{ec2a2542-29ac-6254-0000-000000000000}7207-man 534500x800000000000000035336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.254{ec2a2542-29ac-6254-0000-000000000000}7208-man 534500x800000000000000035338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.257{ec2a2542-29ac-6254-0000-000000000000}7211-man 534500x800000000000000035337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.257{ec2a2542-29ac-6254-0000-000000000000}7209-man 534500x800000000000000035339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.258{ec2a2542-29ac-6254-0000-000000000000}7210-man 534500x800000000000000035340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.261{ec2a2542-29ac-6254-0000-000000000000}7212-man 534500x800000000000000035341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.263{ec2a2542-29ac-6254-0000-000000000000}7213-man 534500x800000000000000035342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.264{ec2a2542-29ac-6254-0000-000000000000}7215-man 534500x800000000000000035343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.265{ec2a2542-29ac-6254-0000-000000000000}7214-man 534500x800000000000000035344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.268{ec2a2542-29ac-6254-0000-000000000000}7216-man 534500x800000000000000035345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.271{ec2a2542-29ac-6254-0000-000000000000}7217-man 534500x800000000000000035347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.272{ec2a2542-29ac-6254-0000-000000000000}7218-man 534500x800000000000000035346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.272{ec2a2542-29ac-6254-0000-000000000000}7219-man 534500x800000000000000035348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.275{ec2a2542-29ac-6254-0000-000000000000}7220-man 534500x800000000000000035350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.278{ec2a2542-29ac-6254-0000-000000000000}7223-man 534500x800000000000000035349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.278{ec2a2542-29ac-6254-0000-000000000000}7221-man 534500x800000000000000035351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.279{ec2a2542-29ac-6254-0000-000000000000}7222-man 534500x800000000000000035352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.282{00000000-0000-0000-0000-000000000000}7224<unknown process>man 534500x800000000000000035353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.284{ec2a2542-29ac-6254-0000-000000000000}7225-man 534500x800000000000000035355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.285{ec2a2542-29ac-6254-0000-000000000000}7226-man 534500x800000000000000035354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.285{ec2a2542-29ac-6254-0000-000000000000}7227-man 534500x800000000000000035356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.288{ec2a2542-29ac-6254-0000-000000000000}7228-man 534500x800000000000000035357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.291{ec2a2542-29ac-6254-0000-000000000000}7229-man 534500x800000000000000035359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.292{ec2a2542-29ac-6254-0000-000000000000}7230-man 534500x800000000000000035358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.292{ec2a2542-29ac-6254-0000-000000000000}7231-man 534500x800000000000000035360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.295{ec2a2542-29ac-6254-0000-000000000000}7232-man 534500x800000000000000035361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.297{ec2a2542-29ac-6254-0000-000000000000}7233-man 534500x800000000000000035362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.298{ec2a2542-29ac-6254-0000-000000000000}7235-man 534500x800000000000000035363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.299{ec2a2542-29ac-6254-0000-000000000000}7234-man 534500x800000000000000035364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.301{ec2a2542-29ac-6254-0000-000000000000}7236-man 534500x800000000000000035365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.304{ec2a2542-29ac-6254-0000-000000000000}7237-man 534500x800000000000000035367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.305{ec2a2542-29ac-6254-0000-000000000000}7238-man 534500x800000000000000035366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.305{ec2a2542-29ac-6254-0000-000000000000}7239-man 534500x800000000000000035368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.308{ec2a2542-29ac-6254-0000-000000000000}7240-man 534500x800000000000000035369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.310{ec2a2542-29ac-6254-0000-000000000000}7241-man 534500x800000000000000035370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.311{ec2a2542-29ac-6254-0000-000000000000}7243-man 534500x800000000000000035371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.312{ec2a2542-29ac-6254-0000-000000000000}7242-man 534500x800000000000000035372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.314{ec2a2542-29ac-6254-0000-000000000000}7244-man 534500x800000000000000035373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.317{ec2a2542-29ac-6254-0000-000000000000}7245-man 534500x800000000000000035375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.318{ec2a2542-29ac-6254-0000-000000000000}7246-man 534500x800000000000000035374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.318{ec2a2542-29ac-6254-0000-000000000000}7247-man 534500x800000000000000035376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.321{ec2a2542-29ac-6254-0000-000000000000}7248-man 534500x800000000000000035378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.324{ec2a2542-29ac-6254-0000-000000000000}7251-man 534500x800000000000000035377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.324{ec2a2542-29ac-6254-0000-000000000000}7249-man 534500x800000000000000035379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.325{ec2a2542-29ac-6254-0000-000000000000}7250-man 534500x800000000000000035380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.327{ec2a2542-29ac-6254-0000-000000000000}7252-man 534500x800000000000000035382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.330{ec2a2542-29ac-6254-0000-000000000000}7255-man 534500x800000000000000035381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.330{ec2a2542-29ac-6254-0000-000000000000}7253-man 534500x800000000000000035383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.331{ec2a2542-29ac-6254-0000-000000000000}7254-man 534500x800000000000000035384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.333{ec2a2542-29ac-6254-0000-000000000000}7256-man 534500x800000000000000035385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.336{ec2a2542-29ac-6254-0000-000000000000}7257-man 534500x800000000000000035387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.337{ec2a2542-29ac-6254-0000-000000000000}7258-man 534500x800000000000000035386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.337{ec2a2542-29ac-6254-0000-000000000000}7259-man 534500x800000000000000035388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.340{ec2a2542-29ac-6254-0000-000000000000}7260-man 534500x800000000000000035389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.342{ec2a2542-29ac-6254-0000-000000000000}7261-man 534500x800000000000000035390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.343{ec2a2542-29ac-6254-0000-000000000000}7263-man 534500x800000000000000035391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.344{ec2a2542-29ac-6254-0000-000000000000}7262-man 534500x800000000000000035392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.346{ec2a2542-29ac-6254-0000-000000000000}7264-man 534500x800000000000000035394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.349{ec2a2542-29ac-6254-0000-000000000000}7267-man 534500x800000000000000035393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.349{ec2a2542-29ac-6254-0000-000000000000}7265-man 534500x800000000000000035395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.350{ec2a2542-29ac-6254-0000-000000000000}7266-man 534500x800000000000000035396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.353{ec2a2542-29ac-6254-0000-000000000000}7268-man 534500x800000000000000035397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.355{ec2a2542-29ac-6254-0000-000000000000}7269-man 534500x800000000000000035399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.356{ec2a2542-29ac-6254-0000-000000000000}7270-man 534500x800000000000000035398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.356{ec2a2542-29ac-6254-0000-000000000000}7271-man 534500x800000000000000035400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.359{ec2a2542-29ac-6254-0000-000000000000}7272-man 534500x800000000000000035401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.361{ec2a2542-29ac-6254-0000-000000000000}7273-man 534500x800000000000000035402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.362{ec2a2542-29ac-6254-0000-000000000000}7275-man 534500x800000000000000035403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.363{ec2a2542-29ac-6254-0000-000000000000}7274-man 534500x800000000000000035404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.365{ec2a2542-29ac-6254-0000-000000000000}7276-man 534500x800000000000000035406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.369{ec2a2542-29ac-6254-0000-000000000000}7279-man 534500x800000000000000035405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.369{ec2a2542-29ac-6254-0000-000000000000}7277-man 534500x800000000000000035407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.370{ec2a2542-29ac-6254-0000-000000000000}7278-man 534500x800000000000000035408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.373{ec2a2542-29ac-6254-0000-000000000000}7280-man 534500x800000000000000035409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.375{ec2a2542-29ac-6254-0000-000000000000}7281-man 534500x800000000000000035410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.376{ec2a2542-29ac-6254-0000-000000000000}7283-man 534500x800000000000000035411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.377{ec2a2542-29ac-6254-0000-000000000000}7282-man 534500x800000000000000035412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.379{ec2a2542-29ac-6254-0000-000000000000}7284-man 534500x800000000000000035414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.382{ec2a2542-29ac-6254-0000-000000000000}7287-man 534500x800000000000000035413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.382{ec2a2542-29ac-6254-0000-000000000000}7285-man 534500x800000000000000035415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.383{ec2a2542-29ac-6254-0000-000000000000}7286-man 534500x800000000000000035416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.386{ec2a2542-29ac-6254-0000-000000000000}7288-man 534500x800000000000000035417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.388{ec2a2542-29ac-6254-0000-000000000000}7289-man 534500x800000000000000035418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.389{ec2a2542-29ac-6254-0000-000000000000}7291-man 534500x800000000000000035419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.390{ec2a2542-29ac-6254-0000-000000000000}7290-man 534500x800000000000000035420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.392{ec2a2542-29ac-6254-0000-000000000000}7292-man 534500x800000000000000035421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.395{ec2a2542-29ac-6254-0000-000000000000}7293-man 534500x800000000000000035423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.396{ec2a2542-29ac-6254-0000-000000000000}7294-man 534500x800000000000000035422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.396{ec2a2542-29ac-6254-0000-000000000000}7295-man 534500x800000000000000035424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.399{ec2a2542-29ac-6254-0000-000000000000}7296-man 534500x800000000000000035426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.402{ec2a2542-29ac-6254-0000-000000000000}7299-man 534500x800000000000000035425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.402{ec2a2542-29ac-6254-0000-000000000000}7297-man 534500x800000000000000035427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.403{ec2a2542-29ac-6254-0000-000000000000}7298-man 534500x800000000000000035428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.406{ec2a2542-29ac-6254-0000-000000000000}7300-man 534500x800000000000000035429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.409{ec2a2542-29ac-6254-0000-000000000000}7301-man 534500x800000000000000035431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.410{ec2a2542-29ac-6254-0000-000000000000}7302-man 534500x800000000000000035430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.410{ec2a2542-29ac-6254-0000-000000000000}7303-man 534500x800000000000000035432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.413{ec2a2542-29ac-6254-0000-000000000000}7304-man 534500x800000000000000035433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.416{ec2a2542-29ac-6254-0000-000000000000}7305-man 534500x800000000000000035435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.417{ec2a2542-29ac-6254-0000-000000000000}7306-man 534500x800000000000000035434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.417{ec2a2542-29ac-6254-0000-000000000000}7307-man 534500x800000000000000035436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.420{ec2a2542-29ac-6254-0000-000000000000}7308-man 534500x800000000000000035437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.422{ec2a2542-29ac-6254-0000-000000000000}7309-man 534500x800000000000000035438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.423{ec2a2542-29ac-6254-0000-000000000000}7311-man 534500x800000000000000035439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.424{ec2a2542-29ac-6254-0000-000000000000}7310-man 534500x800000000000000035440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.426{ec2a2542-29ac-6254-0000-000000000000}7312-man 534500x800000000000000035441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.429{ec2a2542-29ac-6254-0000-000000000000}7313-man 534500x800000000000000035443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.430{ec2a2542-29ac-6254-0000-000000000000}7314-man 534500x800000000000000035442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.430{ec2a2542-29ac-6254-0000-000000000000}7315-man 534500x800000000000000035444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.434{ec2a2542-29ac-6254-0000-000000000000}7316-man 534500x800000000000000035445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.440{ec2a2542-29ac-6254-0000-000000000000}7317-man 534500x800000000000000035447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.443{ec2a2542-29ac-6254-0000-000000000000}7318-man 534500x800000000000000035446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.443{ec2a2542-29ac-6254-0000-000000000000}7319-man 534500x800000000000000035448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.446{ec2a2542-29ac-6254-0000-000000000000}7320-man 534500x800000000000000035449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.449{ec2a2542-29ac-6254-0000-000000000000}7321-man 534500x800000000000000035451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.450{ec2a2542-29ac-6254-0000-000000000000}7322-man 534500x800000000000000035450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.450{ec2a2542-29ac-6254-0000-000000000000}7323-man 534500x800000000000000035452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.453{ec2a2542-29ac-6254-0000-000000000000}7324-man 534500x800000000000000035454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.456{ec2a2542-29ac-6254-0000-000000000000}7327-man 534500x800000000000000035453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.456{ec2a2542-29ac-6254-0000-000000000000}7325-man 534500x800000000000000035455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.457{ec2a2542-29ac-6254-0000-000000000000}7326-man 534500x800000000000000035456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.460{ec2a2542-29ac-6254-0000-000000000000}7328-man 534500x800000000000000035458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.463{ec2a2542-29ac-6254-0000-000000000000}7331-man 534500x800000000000000035457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.463{ec2a2542-29ac-6254-0000-000000000000}7329-man 534500x800000000000000035459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.464{ec2a2542-29ac-6254-0000-000000000000}7330-man 534500x800000000000000035460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.467{ec2a2542-29ac-6254-0000-000000000000}7332-man 534500x800000000000000035462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.470{ec2a2542-29ac-6254-0000-000000000000}7335-man 534500x800000000000000035461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.470{ec2a2542-29ac-6254-0000-000000000000}7333-man 534500x800000000000000035463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.471{ec2a2542-29ac-6254-0000-000000000000}7334-man 534500x800000000000000035464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.474{ec2a2542-29ac-6254-0000-000000000000}7336-man 534500x800000000000000035465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.477{ec2a2542-29ac-6254-0000-000000000000}7337-man 534500x800000000000000035467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.478{ec2a2542-29ac-6254-0000-000000000000}7338-man 534500x800000000000000035466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.478{ec2a2542-29ac-6254-0000-000000000000}7339-man 534500x800000000000000035468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.482{ec2a2542-29ac-6254-0000-000000000000}7340-man 534500x800000000000000035470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.485{ec2a2542-29ac-6254-0000-000000000000}7343-man 534500x800000000000000035469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.485{ec2a2542-29ac-6254-0000-000000000000}7341-man 534500x800000000000000035471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.486{ec2a2542-29ac-6254-0000-000000000000}7342-man 534500x800000000000000035472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.489{ec2a2542-29ac-6254-0000-000000000000}7344-man 534500x800000000000000035474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.492{ec2a2542-29ac-6254-0000-000000000000}7347-man 534500x800000000000000035473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.492{ec2a2542-29ac-6254-0000-000000000000}7345-man 534500x800000000000000035475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.493{ec2a2542-29ac-6254-0000-000000000000}7346-man 534500x800000000000000035476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.495{ec2a2542-29ac-6254-0000-000000000000}7348-man 534500x800000000000000035477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.498{ec2a2542-29ac-6254-0000-000000000000}7349-man 534500x800000000000000035479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.499{ec2a2542-29ac-6254-0000-000000000000}7350-man 534500x800000000000000035478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.499{ec2a2542-29ac-6254-0000-000000000000}7351-man 534500x800000000000000035480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.502{ec2a2542-29ac-6254-0000-000000000000}7352-man 534500x800000000000000035482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.505{ec2a2542-29ac-6254-0000-000000000000}7355-man 534500x800000000000000035481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.505{ec2a2542-29ac-6254-0000-000000000000}7353-man 534500x800000000000000035483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.506{ec2a2542-29ac-6254-0000-000000000000}7354-man 534500x800000000000000035484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.509{ec2a2542-29ac-6254-0000-000000000000}7356-man 534500x800000000000000035485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.511{00000000-0000-0000-0000-000000000000}7357<unknown process>man 534500x800000000000000035486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.512{ec2a2542-29ac-6254-0000-000000000000}7359-man 534500x800000000000000035487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.513{ec2a2542-29ac-6254-0000-000000000000}7358-man 534500x800000000000000035488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.515{ec2a2542-29ac-6254-0000-000000000000}7360-man 534500x800000000000000035489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.518{ec2a2542-29ac-6254-0000-000000000000}7361-man 534500x800000000000000035491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.519{ec2a2542-29ac-6254-0000-000000000000}7362-man 534500x800000000000000035490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.519{ec2a2542-29ac-6254-0000-000000000000}7363-man 534500x800000000000000035492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.522{ec2a2542-29ac-6254-0000-000000000000}7364-man 534500x800000000000000035493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.525{ec2a2542-29ac-6254-0000-000000000000}7365-man 534500x800000000000000035495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.526{ec2a2542-29ac-6254-0000-000000000000}7366-man 534500x800000000000000035494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.526{ec2a2542-29ac-6254-0000-000000000000}7367-man 534500x800000000000000035496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.529{ec2a2542-29ac-6254-0000-000000000000}7368-man 534500x800000000000000035498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.532{ec2a2542-29ac-6254-0000-000000000000}7371-man 534500x800000000000000035497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.532{ec2a2542-29ac-6254-0000-000000000000}7369-man 534500x800000000000000035499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.533{ec2a2542-29ac-6254-0000-000000000000}7370-man 534500x800000000000000035500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.536{ec2a2542-29ac-6254-0000-000000000000}7372-man 534500x800000000000000035501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.538{ec2a2542-29ac-6254-0000-000000000000}7373-man 534500x800000000000000035502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.539{ec2a2542-29ac-6254-0000-000000000000}7375-man 534500x800000000000000035503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.540{ec2a2542-29ac-6254-0000-000000000000}7374-man 534500x800000000000000035504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.542{00000000-0000-0000-0000-000000000000}7376<unknown process>man 534500x800000000000000035505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.545{ec2a2542-29ac-6254-0000-000000000000}7377-man 534500x800000000000000035506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.546{ec2a2542-29ac-6254-0000-000000000000}7379-man 534500x800000000000000035507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.547{ec2a2542-29ac-6254-0000-000000000000}7378-man 534500x800000000000000035508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.550{00000000-0000-0000-0000-000000000000}7380<unknown process>man 534500x800000000000000035510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.553{ec2a2542-29ac-6254-0000-000000000000}7383-man 534500x800000000000000035509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.553{ec2a2542-29ac-6254-0000-000000000000}7381-man 534500x800000000000000035511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.554{ec2a2542-29ac-6254-0000-000000000000}7382-man 534500x800000000000000035512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.557{ec2a2542-29ac-6254-0000-000000000000}7384-man 534500x800000000000000035513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.560{00000000-0000-0000-0000-000000000000}7385<unknown process>man 534500x800000000000000035514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.561{ec2a2542-29ac-6254-0000-000000000000}7387-man 534500x800000000000000035515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.562{ec2a2542-29ac-6254-0000-000000000000}7386-man 534500x800000000000000035516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.565{00000000-0000-0000-0000-000000000000}7388<unknown process>man 534500x800000000000000035517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.567{ec2a2542-29ac-6254-0000-000000000000}7389-man 534500x800000000000000035518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.568{ec2a2542-29ac-6254-0000-000000000000}7391-man 534500x800000000000000035519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.569{ec2a2542-29ac-6254-0000-000000000000}7390-man 534500x800000000000000035520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.573{00000000-0000-0000-0000-000000000000}7392<unknown process>man 534500x800000000000000035522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.576{ec2a2542-29ac-6254-0000-000000000000}7395-man 534500x800000000000000035521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.576{ec2a2542-29ac-6254-0000-000000000000}7393-man 534500x800000000000000035523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.577{ec2a2542-29ac-6254-0000-000000000000}7394-man 534500x800000000000000035524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.580{00000000-0000-0000-0000-000000000000}7396<unknown process>man 534500x800000000000000035525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.583{ec2a2542-29ac-6254-0000-000000000000}7397-man 534500x800000000000000035527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.584{ec2a2542-29ac-6254-0000-000000000000}7398-man 534500x800000000000000035526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.584{ec2a2542-29ac-6254-0000-000000000000}7399-man 534500x800000000000000035528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.588{00000000-0000-0000-0000-000000000000}7400<unknown process>man 534500x800000000000000035529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.590{ec2a2542-29ac-6254-0000-000000000000}7401-man 534500x800000000000000035530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.591{ec2a2542-29ac-6254-0000-000000000000}7403-man 534500x800000000000000035531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.592{ec2a2542-29ac-6254-0000-000000000000}7402-man 534500x800000000000000035532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.595{00000000-0000-0000-0000-000000000000}7404<unknown process>man 534500x800000000000000035534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.598{ec2a2542-29ac-6254-0000-000000000000}7407-man 534500x800000000000000035533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.598{ec2a2542-29ac-6254-0000-000000000000}7405-man 534500x800000000000000035535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.599{ec2a2542-29ac-6254-0000-000000000000}7406-man 534500x800000000000000035536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.602{00000000-0000-0000-0000-000000000000}7408<unknown process>man 534500x800000000000000035537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.604{ec2a2542-29ac-6254-0000-000000000000}7409-man 534500x800000000000000035538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.605{ec2a2542-29ac-6254-0000-000000000000}7411-man 534500x800000000000000035539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.606{ec2a2542-29ac-6254-0000-000000000000}7410-man 534500x800000000000000035540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.608{ec2a2542-29ac-6254-0000-000000000000}7412-man 534500x800000000000000035541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.611{ec2a2542-29ac-6254-0000-000000000000}7413-man 534500x800000000000000035543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.612{ec2a2542-29ac-6254-0000-000000000000}7414-man 534500x800000000000000035542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.612{ec2a2542-29ac-6254-0000-000000000000}7415-man 534500x800000000000000035544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.615{ec2a2542-29ac-6254-0000-000000000000}7416-man 534500x800000000000000035545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.618{ec2a2542-29ac-6254-0000-000000000000}7417-man 534500x800000000000000035547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.619{ec2a2542-29ac-6254-0000-000000000000}7418-man 534500x800000000000000035546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.619{ec2a2542-29ac-6254-0000-000000000000}7419-man 534500x800000000000000035548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.622{00000000-0000-0000-0000-000000000000}7420<unknown process>man 534500x800000000000000035550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.625{ec2a2542-29ac-6254-0000-000000000000}7423-man 534500x800000000000000035549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.625{ec2a2542-29ac-6254-0000-000000000000}7421-man 534500x800000000000000035551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.626{ec2a2542-29ac-6254-0000-000000000000}7422-man 534500x800000000000000035552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.629{00000000-0000-0000-0000-000000000000}7424<unknown process>man 534500x800000000000000035554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.632{ec2a2542-29ac-6254-0000-000000000000}7427-man 534500x800000000000000035553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.632{ec2a2542-29ac-6254-0000-000000000000}7425-man 534500x800000000000000035555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.633{ec2a2542-29ac-6254-0000-000000000000}7426-man 534500x800000000000000035556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.636{00000000-0000-0000-0000-000000000000}7428<unknown process>man 534500x800000000000000035558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.639{ec2a2542-29ac-6254-0000-000000000000}7431-man 534500x800000000000000035557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.639{ec2a2542-29ac-6254-0000-000000000000}7429-man 534500x800000000000000035559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.640{ec2a2542-29ac-6254-0000-000000000000}7430-man 534500x800000000000000035560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.643{ec2a2542-29ac-6254-0000-000000000000}7432-man 534500x800000000000000035562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.646{ec2a2542-29ac-6254-0000-000000000000}7435-man 534500x800000000000000035561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.646{ec2a2542-29ac-6254-0000-000000000000}7433-man 534500x800000000000000035563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.647{ec2a2542-29ac-6254-0000-000000000000}7434-man 534500x800000000000000035564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.650{ec2a2542-29ac-6254-0000-000000000000}7436-man 534500x800000000000000035565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.652{ec2a2542-29ac-6254-0000-000000000000}7437-man 534500x800000000000000035566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.653{ec2a2542-29ac-6254-0000-000000000000}7439-man 534500x800000000000000035567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.654{ec2a2542-29ac-6254-0000-000000000000}7438-man 534500x800000000000000035568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.657{00000000-0000-0000-0000-000000000000}7440<unknown process>man 534500x800000000000000035570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.660{ec2a2542-29ac-6254-0000-000000000000}7443-man 534500x800000000000000035569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.660{ec2a2542-29ac-6254-0000-000000000000}7441-man 534500x800000000000000035571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.661{ec2a2542-29ac-6254-0000-000000000000}7442-man 534500x800000000000000035572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.664{ec2a2542-29ac-6254-0000-000000000000}7444-man 534500x800000000000000035574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.667{ec2a2542-29ac-6254-0000-000000000000}7447-man 534500x800000000000000035573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.667{ec2a2542-29ac-6254-0000-000000000000}7445-man 534500x800000000000000035575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.668{ec2a2542-29ac-6254-0000-000000000000}7446-man 534500x800000000000000035576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.671{ec2a2542-29ac-6254-0000-000000000000}7448-man 534500x800000000000000035578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.674{ec2a2542-29ac-6254-0000-000000000000}7451-man 534500x800000000000000035577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.674{ec2a2542-29ac-6254-0000-000000000000}7449-man 534500x800000000000000035579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.675{ec2a2542-29ac-6254-0000-000000000000}7450-man 534500x800000000000000035580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.678{00000000-0000-0000-0000-000000000000}7452<unknown process>man 534500x800000000000000035582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.681{ec2a2542-29ac-6254-0000-000000000000}7455-man 534500x800000000000000035581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.681{ec2a2542-29ac-6254-0000-000000000000}7453-man 534500x800000000000000035583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.682{ec2a2542-29ac-6254-0000-000000000000}7454-man 534500x800000000000000035584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.685{ec2a2542-29ac-6254-0000-000000000000}7456-man 534500x800000000000000035585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.687{ec2a2542-29ac-6254-0000-000000000000}7457-man 534500x800000000000000035587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.688{ec2a2542-29ac-6254-0000-000000000000}7458-man 534500x800000000000000035586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.688{ec2a2542-29ac-6254-0000-000000000000}7459-man 534500x800000000000000035588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.691{ec2a2542-29ac-6254-0000-000000000000}7460-man 534500x800000000000000035589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.694{ec2a2542-29ac-6254-0000-000000000000}7461-man 534500x800000000000000035591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.695{ec2a2542-29ac-6254-0000-000000000000}7462-man 534500x800000000000000035590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.695{ec2a2542-29ac-6254-0000-000000000000}7463-man 534500x800000000000000035592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.698{ec2a2542-29ac-6254-0000-000000000000}7464-man 534500x800000000000000035593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.702{ec2a2542-29ac-6254-0000-000000000000}7465-man 534500x800000000000000035595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.703{ec2a2542-29ac-6254-0000-000000000000}7466-man 534500x800000000000000035594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.703{ec2a2542-29ac-6254-0000-000000000000}7467-man 534500x800000000000000035596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.706{ec2a2542-29ac-6254-0000-000000000000}7468-man 534500x800000000000000035597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.709{ec2a2542-29ac-6254-0000-000000000000}7469-man 534500x800000000000000035599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.710{ec2a2542-29ac-6254-0000-000000000000}7470-man 534500x800000000000000035598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.710{ec2a2542-29ac-6254-0000-000000000000}7471-man 534500x800000000000000035600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.713{ec2a2542-29ac-6254-0000-000000000000}7472-man 534500x800000000000000035601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.716{ec2a2542-29ac-6254-0000-000000000000}7473-man 534500x800000000000000035603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.717{ec2a2542-29ac-6254-0000-000000000000}7474-man 534500x800000000000000035602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.717{ec2a2542-29ac-6254-0000-000000000000}7475-man 534500x800000000000000035604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.720{ec2a2542-29ac-6254-0000-000000000000}7476-man 534500x800000000000000035605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.723{ec2a2542-29ac-6254-0000-000000000000}7477-man 534500x800000000000000035607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.724{ec2a2542-29ac-6254-0000-000000000000}7478-man 534500x800000000000000035606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.724{ec2a2542-29ac-6254-0000-000000000000}7479-man 534500x800000000000000035608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.729{ec2a2542-29ac-6254-0000-000000000000}7480-man 534500x800000000000000035609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.732{ec2a2542-29ac-6254-0000-000000000000}7481-man 534500x800000000000000035611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.734{00000000-0000-0000-0000-000000000000}7482<unknown process>man 534500x800000000000000035610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.734{ec2a2542-29ac-6254-0000-000000000000}7483-man 534500x800000000000000035612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.737{ec2a2542-29ac-6254-0000-000000000000}7484-man 534500x800000000000000035613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.740{ec2a2542-29ac-6254-0000-000000000000}7485-man 534500x800000000000000035615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.741{ec2a2542-29ac-6254-0000-000000000000}7486-man 534500x800000000000000035614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.741{ec2a2542-29ac-6254-0000-000000000000}7487-man 534500x800000000000000035616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.744{00000000-0000-0000-0000-000000000000}7488<unknown process>man 534500x800000000000000035617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.747{ec2a2542-29ac-6254-0000-000000000000}7489-man 534500x800000000000000035619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.748{ec2a2542-29ac-6254-0000-000000000000}7490-man 534500x800000000000000035618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.748{ec2a2542-29ac-6254-0000-000000000000}7491-man 534500x800000000000000035620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.751{ec2a2542-29ac-6254-0000-000000000000}7492-man 534500x800000000000000035622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.754{ec2a2542-29ac-6254-0000-000000000000}7495-man 534500x800000000000000035621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.754{ec2a2542-29ac-6254-0000-000000000000}7493-man 534500x800000000000000035623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.755{ec2a2542-29ac-6254-0000-000000000000}7494-man 534500x800000000000000035624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.758{ec2a2542-29ac-6254-0000-000000000000}7496-man 534500x800000000000000035625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.761{ec2a2542-29ac-6254-0000-000000000000}7497-man 534500x800000000000000035627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.762{ec2a2542-29ac-6254-0000-000000000000}7498-man 534500x800000000000000035626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.762{ec2a2542-29ac-6254-0000-000000000000}7499-man 534500x800000000000000035628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.765{00000000-0000-0000-0000-000000000000}7500<unknown process>man 534500x800000000000000035630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.768{ec2a2542-29ac-6254-0000-000000000000}7503-man 534500x800000000000000035629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.768{ec2a2542-29ac-6254-0000-000000000000}7501-man 534500x800000000000000035631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.769{ec2a2542-29ac-6254-0000-000000000000}7502-man 534500x800000000000000035632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.773{ec2a2542-29ac-6254-0000-000000000000}7504-man 534500x800000000000000035633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.776{ec2a2542-29ac-6254-0000-000000000000}7505-man 534500x800000000000000035634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.777{ec2a2542-29ac-6254-0000-000000000000}7507-man 534500x800000000000000035635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.778{ec2a2542-29ac-6254-0000-000000000000}7506-man 534500x800000000000000035636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.781{ec2a2542-29ac-6254-0000-000000000000}7508-man 534500x800000000000000035637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.784{ec2a2542-29ac-6254-0000-000000000000}7509-man 534500x800000000000000035639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.785{ec2a2542-29ac-6254-0000-000000000000}7510-man 534500x800000000000000035638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.785{ec2a2542-29ac-6254-0000-000000000000}7511-man 354300x800000000000000035640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.789{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54766-false10.0.1.12-8000- 534500x800000000000000035641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.790{ec2a2542-29ac-6254-0000-000000000000}7512-man 534500x800000000000000035643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.793{ec2a2542-29ac-6254-0000-000000000000}7515-man 534500x800000000000000035642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.793{ec2a2542-29ac-6254-0000-000000000000}7513-man 534500x800000000000000035644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.794{00000000-0000-0000-0000-000000000000}7514<unknown process>man 534500x800000000000000035645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.799{ec2a2542-29ac-6254-0000-000000000000}7516-man 534500x800000000000000035646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.803{ec2a2542-29ac-6254-0000-000000000000}7517-man 534500x800000000000000035647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.804{ec2a2542-29ac-6254-0000-000000000000}7519-man 534500x800000000000000035648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.805{ec2a2542-29ac-6254-0000-000000000000}7518-man 534500x800000000000000035649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.808{00000000-0000-0000-0000-000000000000}7520<unknown process>man 534500x800000000000000035650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.811{ec2a2542-29ac-6254-0000-000000000000}7521-man 534500x800000000000000035652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.812{ec2a2542-29ac-6254-0000-000000000000}7522-man 534500x800000000000000035651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.812{ec2a2542-29ac-6254-0000-000000000000}7523-man 534500x800000000000000035653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.816{ec2a2542-29ac-6254-0000-000000000000}7524-man 534500x800000000000000035654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.819{ec2a2542-29ac-6254-0000-000000000000}7525-man 534500x800000000000000035656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.820{ec2a2542-29ac-6254-0000-000000000000}7526-man 534500x800000000000000035655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.820{ec2a2542-29ac-6254-0000-000000000000}7527-man 534500x800000000000000035657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.824{ec2a2542-29ac-6254-0000-000000000000}7528-man 534500x800000000000000035659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.827{ec2a2542-29ac-6254-0000-000000000000}7531-man 534500x800000000000000035658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.827{ec2a2542-29ac-6254-0000-000000000000}7529-man 534500x800000000000000035660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.828{ec2a2542-29ac-6254-0000-000000000000}7530-man 534500x800000000000000035661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.833{ec2a2542-29ac-6254-0000-000000000000}7532-man 534500x800000000000000035662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.836{ec2a2542-29ac-6254-0000-000000000000}7533-man 534500x800000000000000035664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.837{ec2a2542-29ac-6254-0000-000000000000}7534-man 534500x800000000000000035663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.837{ec2a2542-29ac-6254-0000-000000000000}7535-man 534500x800000000000000035665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.840{00000000-0000-0000-0000-000000000000}7536<unknown process>man 534500x800000000000000035666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.843{00000000-0000-0000-0000-000000000000}7537<unknown process>man 534500x800000000000000035668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.844{ec2a2542-29ac-6254-0000-000000000000}7538-man 534500x800000000000000035667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.844{ec2a2542-29ac-6254-0000-000000000000}7539-man 534500x800000000000000035669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.847{ec2a2542-29ac-6254-0000-000000000000}7540-man 534500x800000000000000035670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.852{ec2a2542-29ac-6254-0000-000000000000}7541-man 534500x800000000000000035671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.853{ec2a2542-29ac-6254-0000-000000000000}7543-man 534500x800000000000000035672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.855{ec2a2542-29ac-6254-0000-000000000000}7542-man 534500x800000000000000035673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.858{ec2a2542-29ac-6254-0000-000000000000}7544-man 534500x800000000000000035674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.861{ec2a2542-29ac-6254-0000-000000000000}7545-man 534500x800000000000000035676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.862{ec2a2542-29ac-6254-0000-000000000000}7546-man 534500x800000000000000035675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.862{ec2a2542-29ac-6254-0000-000000000000}7547-man 534500x800000000000000035677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.865{00000000-0000-0000-0000-000000000000}7548<unknown process>man 534500x800000000000000035678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.868{ec2a2542-29ac-6254-0000-000000000000}7549-man 534500x800000000000000035679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.869{ec2a2542-29ac-6254-0000-000000000000}7551-man 534500x800000000000000035680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.870{00000000-0000-0000-0000-000000000000}7550<unknown process>man 534500x800000000000000035681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.872{00000000-0000-0000-0000-000000000000}7552<unknown process>man 534500x800000000000000035682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.875{ec2a2542-29ac-6254-0000-000000000000}7553-man 534500x800000000000000035684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.876{ec2a2542-29ac-6254-0000-000000000000}7554-man 534500x800000000000000035683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.876{ec2a2542-29ac-6254-0000-000000000000}7555-man 534500x800000000000000035685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.879{ec2a2542-29ac-6254-0000-000000000000}7556-man 534500x800000000000000035686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.883{ec2a2542-29ac-6254-0000-000000000000}7557-man 534500x800000000000000035687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.887{ec2a2542-29ac-6254-0000-000000000000}7559-man 534500x800000000000000035688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.888{ec2a2542-29ac-6254-0000-000000000000}7558-man 534500x800000000000000035689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.892{00000000-0000-0000-0000-000000000000}7560<unknown process>man 534500x800000000000000035690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.896{ec2a2542-29ac-6254-0000-000000000000}7561-man 534500x800000000000000035692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.897{ec2a2542-29ac-6254-0000-000000000000}7562-man 534500x800000000000000035691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.897{ec2a2542-29ac-6254-0000-000000000000}7563-man 534500x800000000000000035693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.900{ec2a2542-29ac-6254-0000-000000000000}7564-man 534500x800000000000000035694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.903{00000000-0000-0000-0000-000000000000}7565<unknown process>man 534500x800000000000000035695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.904{ec2a2542-29ac-6254-0000-000000000000}7567-man 534500x800000000000000035696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.905{ec2a2542-29ac-6254-0000-000000000000}7566-man 534500x800000000000000035697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.908{00000000-0000-0000-0000-000000000000}7568<unknown process>man 534500x800000000000000035699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.911{ec2a2542-29ac-6254-0000-000000000000}7571-man 534500x800000000000000035698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.911{ec2a2542-29ac-6254-0000-000000000000}7569-man 534500x800000000000000035700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.912{ec2a2542-29ac-6254-0000-000000000000}7570-man 534500x800000000000000035701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.915{ec2a2542-29ac-6254-0000-000000000000}7572-man 534500x800000000000000035703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.918{ec2a2542-29ac-6254-0000-000000000000}7575-man 534500x800000000000000035702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.918{ec2a2542-29ac-6254-0000-000000000000}7573-man 534500x800000000000000035704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.919{ec2a2542-29ac-6254-0000-000000000000}7574-man 534500x800000000000000035705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.922{ec2a2542-29ac-6254-0000-000000000000}7576-man 534500x800000000000000035706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.924{00000000-0000-0000-0000-000000000000}7577<unknown process>man 534500x800000000000000035707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.925{ec2a2542-29ac-6254-0000-000000000000}7579-man 534500x800000000000000035708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.926{ec2a2542-29ac-6254-0000-000000000000}7578-man 534500x800000000000000035709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.932{ec2a2542-29ac-6254-0000-000000000000}7580-man 534500x800000000000000035710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.935{00000000-0000-0000-0000-000000000000}7581<unknown process>man 534500x800000000000000035711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.937{ec2a2542-29ac-6254-0000-000000000000}7583-man 534500x800000000000000035712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.938{ec2a2542-29ac-6254-0000-000000000000}7582-man 534500x800000000000000035713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.942{ec2a2542-29ac-6254-0000-000000000000}7584-man 534500x800000000000000035714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.945{ec2a2542-29ac-6254-0000-000000000000}7585-man 534500x800000000000000035716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.947{ec2a2542-29ac-6254-0000-000000000000}7586-man 534500x800000000000000035715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.947{ec2a2542-29ac-6254-0000-000000000000}7587-man 534500x800000000000000035717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.950{ec2a2542-29ac-6254-0000-000000000000}7588-man 534500x800000000000000035718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.953{ec2a2542-29ac-6254-0000-000000000000}7589-man 534500x800000000000000035720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.954{ec2a2542-29ac-6254-0000-000000000000}7590-man 534500x800000000000000035719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.954{ec2a2542-29ac-6254-0000-000000000000}7591-man 534500x800000000000000035721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.957{ec2a2542-29ac-6254-0000-000000000000}7592-man 534500x800000000000000035722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.960{ec2a2542-29ac-6254-0000-000000000000}7593-man 534500x800000000000000035723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.961{ec2a2542-29ac-6254-0000-000000000000}7595-man 534500x800000000000000035724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.962{ec2a2542-29ac-6254-0000-000000000000}7594-man 534500x800000000000000035725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.965{00000000-0000-0000-0000-000000000000}7596<unknown process>man 534500x800000000000000035726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.968{00000000-0000-0000-0000-000000000000}7597<unknown process>man 534500x800000000000000035727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.969{ec2a2542-29ac-6254-0000-000000000000}7599-man 534500x800000000000000035728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.970{ec2a2542-29ac-6254-0000-000000000000}7598-man 534500x800000000000000035729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.973{00000000-0000-0000-0000-000000000000}7600<unknown process>man 534500x800000000000000035730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.976{00000000-0000-0000-0000-000000000000}7601<unknown process>man 534500x800000000000000035731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.977{ec2a2542-29ac-6254-0000-000000000000}7603-man 534500x800000000000000035732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.980{ec2a2542-29ac-6254-0000-000000000000}7602-man 534500x800000000000000035733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.983{ec2a2542-29ac-6254-0000-000000000000}7604-man 534500x800000000000000035734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.987{00000000-0000-0000-0000-000000000000}7605<unknown process>man 534500x800000000000000035735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.988{ec2a2542-29ac-6254-0000-000000000000}7607-man 534500x800000000000000035736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.989{ec2a2542-29ac-6254-0000-000000000000}7606-man 534500x800000000000000035737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.992{ec2a2542-29ac-6254-0000-000000000000}7608-man 534500x800000000000000035738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.995{ec2a2542-29ac-6254-0000-000000000000}7609-man 534500x800000000000000035739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.996{ec2a2542-29ac-6254-0000-000000000000}7611-man 534500x800000000000000035740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:20.997{ec2a2542-29ac-6254-0000-000000000000}7610-man 534500x800000000000000035741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.000{ec2a2542-29ac-6254-0000-000000000000}7612-man 534500x800000000000000035742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.002{ec2a2542-29ac-6254-0000-000000000000}7613-man 534500x800000000000000035743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.004{ec2a2542-29ac-6254-0000-000000000000}7615-man 534500x800000000000000035744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.005{ec2a2542-29ac-6254-0000-000000000000}7614-man 534500x800000000000000035745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.008{ec2a2542-29ac-6254-0000-000000000000}7616-man 534500x800000000000000035747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.011{ec2a2542-29ad-6254-0000-000000000000}7619-man 534500x800000000000000035746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.011{ec2a2542-29ad-6254-0000-000000000000}7617-man 534500x800000000000000035748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.012{ec2a2542-29ad-6254-0000-000000000000}7618-man 534500x800000000000000035749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.018{ec2a2542-29ad-6254-0000-000000000000}7620-man 534500x800000000000000035750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.020{ec2a2542-29ad-6254-0000-000000000000}7621-man 534500x800000000000000035751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.021{ec2a2542-29ad-6254-0000-000000000000}7623-man 534500x800000000000000035752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.022{ec2a2542-29ad-6254-0000-000000000000}7622-man 534500x800000000000000035753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.025{ec2a2542-29ad-6254-0000-000000000000}7624-man 534500x800000000000000035754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.030{ec2a2542-29ad-6254-0000-000000000000}7625-man 534500x800000000000000035756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.032{ec2a2542-29ad-6254-0000-000000000000}7626-man 534500x800000000000000035755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.032{ec2a2542-29ad-6254-0000-000000000000}7627-man 534500x800000000000000035757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.035{ec2a2542-29ad-6254-0000-000000000000}7628-man 534500x800000000000000035758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.038{00000000-0000-0000-0000-000000000000}7629<unknown process>man 534500x800000000000000035760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.040{ec2a2542-29ad-6254-0000-000000000000}7630-man 534500x800000000000000035759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.040{ec2a2542-29ad-6254-0000-000000000000}7631-man 534500x800000000000000035761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.045{00000000-0000-0000-0000-000000000000}7632<unknown process>man 534500x800000000000000035762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.048{00000000-0000-0000-0000-000000000000}7633<unknown process>man 534500x800000000000000035763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.049{00000000-0000-0000-0000-000000000000}7635<unknown process>man 534500x800000000000000035764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.050{00000000-0000-0000-0000-000000000000}7634<unknown process>man 534500x800000000000000035765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.052{00000000-0000-0000-0000-000000000000}7636<unknown process>man 534500x800000000000000035766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.055{ec2a2542-29ad-6254-0000-000000000000}7637-man 534500x800000000000000035768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.056{ec2a2542-29ad-6254-0000-000000000000}7638-man 534500x800000000000000035767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.056{ec2a2542-29ad-6254-0000-000000000000}7639-man 534500x800000000000000035769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.059{ec2a2542-29ad-6254-0000-000000000000}7640-man 534500x800000000000000035770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.062{ec2a2542-29ad-6254-0000-000000000000}7641-man 534500x800000000000000035772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.063{ec2a2542-29ad-6254-0000-000000000000}7642-man 534500x800000000000000035771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.063{ec2a2542-29ad-6254-0000-000000000000}7643-man 534500x800000000000000035773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.068{ec2a2542-29ad-6254-0000-000000000000}7644-man 534500x800000000000000035774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.071{ec2a2542-29ad-6254-0000-000000000000}7645-man 534500x800000000000000035775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.072{ec2a2542-29ad-6254-0000-000000000000}7647-man 534500x800000000000000035776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.073{ec2a2542-29ad-6254-0000-000000000000}7646-man 534500x800000000000000035777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.078{ec2a2542-29ad-6254-0000-000000000000}7648-man 534500x800000000000000035778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.081{ec2a2542-29ad-6254-0000-000000000000}7650-man 534500x800000000000000035779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.082{ec2a2542-29ad-6254-0000-000000000000}7652-man 534500x800000000000000035780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.083{ec2a2542-29ad-6254-0000-000000000000}7651-man 534500x800000000000000035781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.086{ec2a2542-29ad-6254-0000-000000000000}7653-man 534500x800000000000000035782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.089{ec2a2542-29ad-6254-0000-000000000000}7654-man 534500x800000000000000035783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.090{ec2a2542-29ad-6254-0000-000000000000}7656-man 534500x800000000000000035784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.091{ec2a2542-29ad-6254-0000-000000000000}7655-man 534500x800000000000000035785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.094{ec2a2542-29ad-6254-0000-000000000000}7657-man 534500x800000000000000035787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.097{ec2a2542-29ad-6254-0000-000000000000}7660-man 534500x800000000000000035786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.097{ec2a2542-29ad-6254-0000-000000000000}7658-man 534500x800000000000000035788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.098{ec2a2542-29ad-6254-0000-000000000000}7659-man 534500x800000000000000035789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.101{00000000-0000-0000-0000-000000000000}7661<unknown process>man 534500x800000000000000035790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.104{ec2a2542-29ad-6254-0000-000000000000}7662-man 534500x800000000000000035791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.105{ec2a2542-29ad-6254-0000-000000000000}7664-man 534500x800000000000000035792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.106{ec2a2542-29ad-6254-0000-000000000000}7663-man 534500x800000000000000035793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.109{00000000-0000-0000-0000-000000000000}7665<unknown process>man 534500x800000000000000035794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.112{ec2a2542-29ad-6254-0000-000000000000}7666-man 534500x800000000000000035795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.115{ec2a2542-29ad-6254-0000-000000000000}7668-man 534500x800000000000000035796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.117{ec2a2542-29ad-6254-0000-000000000000}7667-man 534500x800000000000000035797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.122{00000000-0000-0000-0000-000000000000}7669<unknown process>man 534500x800000000000000035799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.126{ec2a2542-29ad-6254-0000-000000000000}7672-man 534500x800000000000000035798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.126{ec2a2542-29ad-6254-0000-000000000000}7670-man 534500x800000000000000035800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.127{00000000-0000-0000-0000-000000000000}7671<unknown process>man 534500x800000000000000035801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.130{00000000-0000-0000-0000-000000000000}7673<unknown process>man 534500x800000000000000035802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.133{00000000-0000-0000-0000-000000000000}7674<unknown process>man 534500x800000000000000035804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.134{ec2a2542-29ad-6254-0000-000000000000}7675-man 534500x800000000000000035803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.134{ec2a2542-29ad-6254-0000-000000000000}7676-man 534500x800000000000000035805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.137{ec2a2542-29ad-6254-0000-000000000000}7677-man 534500x800000000000000035806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.140{ec2a2542-29ad-6254-0000-000000000000}7678-man 534500x800000000000000035808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.141{ec2a2542-29ad-6254-0000-000000000000}7679-man 534500x800000000000000035807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.141{ec2a2542-29ad-6254-0000-000000000000}7680-man 534500x800000000000000035809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.145{ec2a2542-29ad-6254-0000-000000000000}7681-man 534500x800000000000000035810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.158{ec2a2542-29ad-6254-0000-000000000000}7682-man 534500x800000000000000035812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.159{ec2a2542-29ad-6254-0000-000000000000}7683-man 534500x800000000000000035811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.159{ec2a2542-29ad-6254-0000-000000000000}7684-man 534500x800000000000000035813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.166{00000000-0000-0000-0000-000000000000}7685<unknown process>man 534500x800000000000000035814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.169{ec2a2542-29ad-6254-0000-000000000000}7686-man 534500x800000000000000035816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.170{ec2a2542-29ad-6254-0000-000000000000}7687-man 534500x800000000000000035815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.170{ec2a2542-29ad-6254-0000-000000000000}7688-man 534500x800000000000000035817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.173{00000000-0000-0000-0000-000000000000}7689<unknown process>man 534500x800000000000000035818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.175{ec2a2542-29ad-6254-0000-000000000000}7690-man 534500x800000000000000035819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.176{ec2a2542-29ad-6254-0000-000000000000}7692-man 534500x800000000000000035820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.177{ec2a2542-29ad-6254-0000-000000000000}7691-man 534500x800000000000000035821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.179{00000000-0000-0000-0000-000000000000}7693<unknown process>man 534500x800000000000000035822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.182{ec2a2542-29ad-6254-0000-000000000000}7694-man 534500x800000000000000035823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.183{ec2a2542-29ad-6254-0000-000000000000}7696-man 534500x800000000000000035824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.184{ec2a2542-29ad-6254-0000-000000000000}7695-man 534500x800000000000000035825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.186{ec2a2542-29ad-6254-0000-000000000000}7697-man 534500x800000000000000035826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.189{ec2a2542-29ad-6254-0000-000000000000}7698-man 534500x800000000000000035828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.190{ec2a2542-29ad-6254-0000-000000000000}7699-man 534500x800000000000000035827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.190{ec2a2542-29ad-6254-0000-000000000000}7700-man 534500x800000000000000035829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.193{00000000-0000-0000-0000-000000000000}7701<unknown process>man 534500x800000000000000035830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.196{ec2a2542-29ad-6254-0000-000000000000}7702-man 534500x800000000000000035832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.197{ec2a2542-29ad-6254-0000-000000000000}7703-man 534500x800000000000000035831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.197{ec2a2542-29ad-6254-0000-000000000000}7704-man 534500x800000000000000035833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.200{00000000-0000-0000-0000-000000000000}7705<unknown process>man 534500x800000000000000035834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.203{ec2a2542-29ad-6254-0000-000000000000}7706-man 534500x800000000000000035835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.204{ec2a2542-29ad-6254-0000-000000000000}7708-man 534500x800000000000000035836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.205{ec2a2542-29ad-6254-0000-000000000000}7707-man 534500x800000000000000035837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.213{ec2a2542-29ad-6254-0000-000000000000}7710-man 534500x800000000000000035838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.218{ec2a2542-29ad-6254-0000-000000000000}7711-man 534500x800000000000000035840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.219{ec2a2542-29ad-6254-0000-000000000000}7712-man 534500x800000000000000035839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.219{ec2a2542-29ad-6254-0000-000000000000}7713-man 534500x800000000000000035841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.224{00000000-0000-0000-0000-000000000000}7714<unknown process>man 534500x800000000000000035842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.226{ec2a2542-29ad-6254-0000-000000000000}7715-man 534500x800000000000000035843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.227{ec2a2542-29ad-6254-0000-000000000000}7717-man 534500x800000000000000035844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.228{ec2a2542-29ad-6254-0000-000000000000}7716-man 534500x800000000000000035845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.230{00000000-0000-0000-0000-000000000000}7718<unknown process>man 534500x800000000000000035846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.233{ec2a2542-29ad-6254-0000-000000000000}7719-man 534500x800000000000000035847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.235{ec2a2542-29ad-6254-0000-000000000000}7721-man 534500x800000000000000035848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.236{ec2a2542-29ad-6254-0000-000000000000}7720-man 534500x800000000000000035849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.239{ec2a2542-29ad-6254-0000-000000000000}7722-man 534500x800000000000000035851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.242{ec2a2542-29ad-6254-0000-000000000000}7725-man 534500x800000000000000035850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.242{ec2a2542-29ad-6254-0000-000000000000}7723-man 534500x800000000000000035852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.243{00000000-0000-0000-0000-000000000000}7724<unknown process>man 534500x800000000000000035853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.246{00000000-0000-0000-0000-000000000000}7726<unknown process>man 534500x800000000000000035854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.249{ec2a2542-29ad-6254-0000-000000000000}7727-man 534500x800000000000000035855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.250{ec2a2542-29ad-6254-0000-000000000000}7729-man 534500x800000000000000035856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.251{ec2a2542-29ad-6254-0000-000000000000}7728-man 534500x800000000000000035857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.254{ec2a2542-29ad-6254-0000-000000000000}7730-man 534500x800000000000000035859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.257{ec2a2542-29ad-6254-0000-000000000000}7733-man 534500x800000000000000035858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.257{ec2a2542-29ad-6254-0000-000000000000}7731-man 534500x800000000000000035860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.258{ec2a2542-29ad-6254-0000-000000000000}7732-man 534500x800000000000000035861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.261{ec2a2542-29ad-6254-0000-000000000000}7734-man 534500x800000000000000035862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.264{ec2a2542-29ad-6254-0000-000000000000}7735-man 534500x800000000000000035864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.265{ec2a2542-29ad-6254-0000-000000000000}7736-man 534500x800000000000000035863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.265{ec2a2542-29ad-6254-0000-000000000000}7737-man 534500x800000000000000035865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.268{ec2a2542-29ad-6254-0000-000000000000}7738-man 534500x800000000000000035866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.271{ec2a2542-29ad-6254-0000-000000000000}7739-man 534500x800000000000000035867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.272{ec2a2542-29ad-6254-0000-000000000000}7741-man 534500x800000000000000035868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.273{ec2a2542-29ad-6254-0000-000000000000}7740-man 534500x800000000000000035869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.276{ec2a2542-29ad-6254-0000-000000000000}7742-man 534500x800000000000000035871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.280{ec2a2542-29ad-6254-0000-000000000000}7745-man 534500x800000000000000035870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.280{ec2a2542-29ad-6254-0000-000000000000}7743-man 534500x800000000000000035872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.281{ec2a2542-29ad-6254-0000-000000000000}7744-man 534500x800000000000000035873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.284{ec2a2542-29ad-6254-0000-000000000000}7746-man 534500x800000000000000035874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.290{00000000-0000-0000-0000-000000000000}7747<unknown process>man 534500x800000000000000035876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.291{00000000-0000-0000-0000-000000000000}7748<unknown process>man 534500x800000000000000035875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.291{ec2a2542-29ad-6254-0000-000000000000}7749-man 534500x800000000000000035877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.297{00000000-0000-0000-0000-000000000000}7750<unknown process>man 534500x800000000000000035878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.301{ec2a2542-29ad-6254-0000-000000000000}7751-man 534500x800000000000000035880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.302{00000000-0000-0000-0000-000000000000}7752<unknown process>man 534500x800000000000000035879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.302{00000000-0000-0000-0000-000000000000}7753<unknown process>man 534500x800000000000000035881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.306{00000000-0000-0000-0000-000000000000}7754<unknown process>man 534500x800000000000000035882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.309{ec2a2542-29ad-6254-0000-000000000000}7755-man 534500x800000000000000035884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.311{ec2a2542-29ad-6254-0000-000000000000}7756-man 534500x800000000000000035883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.311{ec2a2542-29ad-6254-0000-000000000000}7757-man 534500x800000000000000035885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.314{ec2a2542-29ad-6254-0000-000000000000}7758-man 534500x800000000000000035886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.317{ec2a2542-29ad-6254-0000-000000000000}7759-man 534500x800000000000000035887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.318{ec2a2542-29ad-6254-0000-000000000000}7761-man 534500x800000000000000035888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.319{ec2a2542-29ad-6254-0000-000000000000}7760-man 534500x800000000000000035889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.322{ec2a2542-29ad-6254-0000-000000000000}7762-man 534500x800000000000000035890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.324{ec2a2542-29ad-6254-0000-000000000000}7763-man 534500x800000000000000035891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.325{ec2a2542-29ad-6254-0000-000000000000}7765-man 534500x800000000000000035892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.326{ec2a2542-29ad-6254-0000-000000000000}7764-man 534500x800000000000000035893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.329{ec2a2542-29ad-6254-0000-000000000000}7766-man 534500x800000000000000035894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.332{ec2a2542-29ad-6254-0000-000000000000}7767-man 534500x800000000000000035895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.333{ec2a2542-29ad-6254-0000-000000000000}7769-man 534500x800000000000000035896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.334{ec2a2542-29ad-6254-0000-000000000000}7768-man 534500x800000000000000035897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.339{ec2a2542-29ad-6254-0000-000000000000}7770-man 534500x800000000000000035898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.343{ec2a2542-29ad-6254-0000-000000000000}7771-man 534500x800000000000000035899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.344{ec2a2542-29ad-6254-0000-000000000000}7773-man 534500x800000000000000035900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.345{00000000-0000-0000-0000-000000000000}7772<unknown process>man 534500x800000000000000035901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.348{00000000-0000-0000-0000-000000000000}7774<unknown process>man 534500x800000000000000035902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.351{00000000-0000-0000-0000-000000000000}7775<unknown process>man 534500x800000000000000035903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.352{ec2a2542-29ad-6254-0000-000000000000}7777-man 534500x800000000000000035904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.353{ec2a2542-29ad-6254-0000-000000000000}7776-man 534500x800000000000000035905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.356{ec2a2542-29ad-6254-0000-000000000000}7778-man 534500x800000000000000035907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.360{ec2a2542-29ad-6254-0000-000000000000}7781-man 534500x800000000000000035906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.360{ec2a2542-29ad-6254-0000-000000000000}7779-man 534500x800000000000000035908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.361{ec2a2542-29ad-6254-0000-000000000000}7780-man 534500x800000000000000035909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.364{ec2a2542-29ad-6254-0000-000000000000}7782-man 534500x800000000000000035910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.367{ec2a2542-29ad-6254-0000-000000000000}7783-man 534500x800000000000000035912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.368{ec2a2542-29ad-6254-0000-000000000000}7784-man 534500x800000000000000035911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.368{ec2a2542-29ad-6254-0000-000000000000}7785-man 534500x800000000000000035913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.372{00000000-0000-0000-0000-000000000000}7786<unknown process>man 534500x800000000000000035914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.375{ec2a2542-29ad-6254-0000-000000000000}7787-man 534500x800000000000000035916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.376{ec2a2542-29ad-6254-0000-000000000000}7788-man 534500x800000000000000035915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.376{ec2a2542-29ad-6254-0000-000000000000}7789-man 534500x800000000000000035917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.381{00000000-0000-0000-0000-000000000000}7790<unknown process>man 534500x800000000000000035919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.384{00000000-0000-0000-0000-000000000000}7793<unknown process>man 534500x800000000000000035918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.384{ec2a2542-29ad-6254-0000-000000000000}7791-man 534500x800000000000000035920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.385{00000000-0000-0000-0000-000000000000}7792<unknown process>man 534500x800000000000000035921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.388{ec2a2542-29ad-6254-0000-000000000000}7794-man 534500x800000000000000035922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.392{00000000-0000-0000-0000-000000000000}7795<unknown process>man 534500x800000000000000035923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.393{ec2a2542-29ad-6254-0000-000000000000}7797-man 534500x800000000000000035924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.394{ec2a2542-29ad-6254-0000-000000000000}7796-man 534500x800000000000000035925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.396{00000000-0000-0000-0000-000000000000}7798<unknown process>man 534500x800000000000000035926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.399{00000000-0000-0000-0000-000000000000}7799<unknown process>man 534500x800000000000000035927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.400{ec2a2542-29ad-6254-0000-000000000000}7801-man 534500x800000000000000035928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.401{ec2a2542-29ad-6254-0000-000000000000}7800-man 534500x800000000000000035929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.404{ec2a2542-29ad-6254-0000-000000000000}7802-man 534500x800000000000000035930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.407{ec2a2542-29ad-6254-0000-000000000000}7803-man 534500x800000000000000035932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.408{ec2a2542-29ad-6254-0000-000000000000}7804-man 534500x800000000000000035931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.408{ec2a2542-29ad-6254-0000-000000000000}7805-man 534500x800000000000000035933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.411{00000000-0000-0000-0000-000000000000}7806<unknown process>man 534500x800000000000000035934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.414{00000000-0000-0000-0000-000000000000}7807<unknown process>man 534500x800000000000000035935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.415{ec2a2542-29ad-6254-0000-000000000000}7809-man 534500x800000000000000035936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.416{ec2a2542-29ad-6254-0000-000000000000}7808-man 534500x800000000000000035937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.418{ec2a2542-29ad-6254-0000-000000000000}7810-man 534500x800000000000000035938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.421{ec2a2542-29ad-6254-0000-000000000000}7811-man 534500x800000000000000035940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.422{ec2a2542-29ad-6254-0000-000000000000}7812-man 534500x800000000000000035939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.422{ec2a2542-29ad-6254-0000-000000000000}7813-man 534500x800000000000000035941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.427{00000000-0000-0000-0000-000000000000}7814<unknown process>man 534500x800000000000000035942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.429{ec2a2542-29ad-6254-0000-000000000000}7815-man 534500x800000000000000035944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.432{ec2a2542-29ad-6254-0000-000000000000}7816-man 534500x800000000000000035943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.432{ec2a2542-29ad-6254-0000-000000000000}7817-man 534500x800000000000000035945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.435{00000000-0000-0000-0000-000000000000}7818<unknown process>man 534500x800000000000000035946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.439{ec2a2542-29ad-6254-0000-000000000000}7819-man 534500x800000000000000035948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.440{ec2a2542-29ad-6254-0000-000000000000}7820-man 534500x800000000000000035947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.440{ec2a2542-29ad-6254-0000-000000000000}7821-man 534500x800000000000000035949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.444{00000000-0000-0000-0000-000000000000}7822<unknown process>man 534500x800000000000000035950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.450{00000000-0000-0000-0000-000000000000}7823<unknown process>man 534500x800000000000000035952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.451{ec2a2542-29ad-6254-0000-000000000000}7824-man 534500x800000000000000035951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.451{ec2a2542-29ad-6254-0000-000000000000}7825-man 534500x800000000000000035953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.454{ec2a2542-29ad-6254-0000-000000000000}7826-man 534500x800000000000000035954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.457{ec2a2542-29ad-6254-0000-000000000000}7827-man 534500x800000000000000035956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.458{ec2a2542-29ad-6254-0000-000000000000}7828-man 534500x800000000000000035955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.458{ec2a2542-29ad-6254-0000-000000000000}7829-man 534500x800000000000000035957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.461{ec2a2542-29ad-6254-0000-000000000000}7830-man 534500x800000000000000035959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.464{ec2a2542-29ad-6254-0000-000000000000}7833-man 534500x800000000000000035958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.464{ec2a2542-29ad-6254-0000-000000000000}7831-man 534500x800000000000000035960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.465{00000000-0000-0000-0000-000000000000}7832<unknown process>man 534500x800000000000000035961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.468{ec2a2542-29ad-6254-0000-000000000000}7834-man 534500x800000000000000035963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.472{ec2a2542-29ad-6254-0000-000000000000}7837-man 534500x800000000000000035962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.472{ec2a2542-29ad-6254-0000-000000000000}7835-man 534500x800000000000000035964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.473{ec2a2542-29ad-6254-0000-000000000000}7836-man 534500x800000000000000035965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.476{ec2a2542-29ad-6254-0000-000000000000}7838-man 534500x800000000000000035966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.479{ec2a2542-29ad-6254-0000-000000000000}7839-man 534500x800000000000000035967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.482{ec2a2542-29ad-6254-0000-000000000000}7841-man 534500x800000000000000035968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.483{00000000-0000-0000-0000-000000000000}7840<unknown process>man 534500x800000000000000035969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.486{ec2a2542-29ad-6254-0000-000000000000}7842-man 534500x800000000000000035971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.490{ec2a2542-29ad-6254-0000-000000000000}7845-man 534500x800000000000000035970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.490{ec2a2542-29ad-6254-0000-000000000000}7843-man 534500x800000000000000035972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.491{ec2a2542-29ad-6254-0000-000000000000}7844-man 534500x800000000000000035973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.493{00000000-0000-0000-0000-000000000000}7846<unknown process>man 534500x800000000000000035974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.496{ec2a2542-29ad-6254-0000-000000000000}7847-man 534500x800000000000000035976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.497{ec2a2542-29ad-6254-0000-000000000000}7848-man 534500x800000000000000035975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.497{ec2a2542-29ad-6254-0000-000000000000}7849-man 534500x800000000000000035977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.500{ec2a2542-29ad-6254-0000-000000000000}7850-man 534500x800000000000000035978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.503{ec2a2542-29ad-6254-0000-000000000000}7851-man 534500x800000000000000035980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.504{ec2a2542-29ad-6254-0000-000000000000}7852-man 534500x800000000000000035979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.504{ec2a2542-29ad-6254-0000-000000000000}7853-man 534500x800000000000000035981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.507{ec2a2542-29ad-6254-0000-000000000000}7854-man 534500x800000000000000035982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.510{ec2a2542-29ad-6254-0000-000000000000}7855-man 534500x800000000000000035984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.514{ec2a2542-29ad-6254-0000-000000000000}7856-man 534500x800000000000000035983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.514{ec2a2542-29ad-6254-0000-000000000000}7857-man 534500x800000000000000035985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.518{00000000-0000-0000-0000-000000000000}7858<unknown process>man 534500x800000000000000035986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.523{ec2a2542-29ad-6254-0000-000000000000}7859-man 534500x800000000000000035988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.524{ec2a2542-29ad-6254-0000-000000000000}7860-man 534500x800000000000000035987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.524{ec2a2542-29ad-6254-0000-000000000000}7861-man 534500x800000000000000035989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.529{00000000-0000-0000-0000-000000000000}7862<unknown process>man 534500x800000000000000035990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.531{ec2a2542-29ad-6254-0000-000000000000}7863-man 534500x800000000000000035992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.532{ec2a2542-29ad-6254-0000-000000000000}7864-man 534500x800000000000000035991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.532{ec2a2542-29ad-6254-0000-000000000000}7865-man 534500x800000000000000035993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.535{ec2a2542-29ad-6254-0000-000000000000}7866-man 534500x800000000000000035994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.538{ec2a2542-29ad-6254-0000-000000000000}7867-man 534500x800000000000000035996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.539{ec2a2542-29ad-6254-0000-000000000000}7868-man 534500x800000000000000035995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.539{ec2a2542-29ad-6254-0000-000000000000}7869-man 534500x800000000000000035997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.542{00000000-0000-0000-0000-000000000000}7870<unknown process>man 534500x800000000000000035999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.545{ec2a2542-29ad-6254-0000-000000000000}7873-man 534500x800000000000000035998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.545{ec2a2542-29ad-6254-0000-000000000000}7871-man 534500x800000000000000036000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.546{ec2a2542-29ad-6254-0000-000000000000}7872-man 534500x800000000000000036001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.549{00000000-0000-0000-0000-000000000000}7874<unknown process>man 534500x800000000000000036002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.551{ec2a2542-29ad-6254-0000-000000000000}7875-man 534500x800000000000000036003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.552{ec2a2542-29ad-6254-0000-000000000000}7877-man 534500x800000000000000036004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.553{ec2a2542-29ad-6254-0000-000000000000}7876-man 534500x800000000000000036005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.557{ec2a2542-29ad-6254-0000-000000000000}7878-man 534500x800000000000000036006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.560{ec2a2542-29ad-6254-0000-000000000000}7880-man 534500x800000000000000036007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.562{ec2a2542-29ad-6254-0000-000000000000}7882-man 534500x800000000000000036008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.563{ec2a2542-29ad-6254-0000-000000000000}7881-man 534500x800000000000000036009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.568{ec2a2542-29ad-6254-0000-000000000000}7883-man 534500x800000000000000036011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.571{ec2a2542-29ad-6254-0000-000000000000}7886-man 534500x800000000000000036010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.571{ec2a2542-29ad-6254-0000-000000000000}7884-man 534500x800000000000000036012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.572{ec2a2542-29ad-6254-0000-000000000000}7885-man 534500x800000000000000036013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.575{ec2a2542-29ad-6254-0000-000000000000}7887-man 534500x800000000000000036015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.580{ec2a2542-29ad-6254-0000-000000000000}7890-man 534500x800000000000000036014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.580{00000000-0000-0000-0000-000000000000}7888<unknown process>man 534500x800000000000000036016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.581{ec2a2542-29ad-6254-0000-000000000000}7889-man 534500x800000000000000036017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.584{00000000-0000-0000-0000-000000000000}7891<unknown process>man 534500x800000000000000036018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.587{ec2a2542-29ad-6254-0000-000000000000}7892-man 534500x800000000000000036020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.588{ec2a2542-29ad-6254-0000-000000000000}7893-man 534500x800000000000000036019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.588{ec2a2542-29ad-6254-0000-000000000000}7894-man 534500x800000000000000036021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.591{ec2a2542-29ad-6254-0000-000000000000}7895-man 534500x800000000000000036022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.594{ec2a2542-29ad-6254-0000-000000000000}7896-man 534500x800000000000000036023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.595{ec2a2542-29ad-6254-0000-000000000000}7898-man 534500x800000000000000036024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.596{ec2a2542-29ad-6254-0000-000000000000}7897-man 534500x800000000000000036025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.599{ec2a2542-29ad-6254-0000-000000000000}7899-man 534500x800000000000000036027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.602{ec2a2542-29ad-6254-0000-000000000000}7902-man 534500x800000000000000036026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.602{ec2a2542-29ad-6254-0000-000000000000}7900-man 534500x800000000000000036028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.603{ec2a2542-29ad-6254-0000-000000000000}7901-man 534500x800000000000000036029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.608{ec2a2542-29ad-6254-0000-000000000000}7903-man 534500x800000000000000036030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.612{00000000-0000-0000-0000-000000000000}7904<unknown process>man 534500x800000000000000036032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.613{ec2a2542-29ad-6254-0000-000000000000}7905-man 534500x800000000000000036031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.613{ec2a2542-29ad-6254-0000-000000000000}7906-man 534500x800000000000000036033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.617{ec2a2542-29ad-6254-0000-000000000000}7907-man 534500x800000000000000036034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.620{ec2a2542-29ad-6254-0000-000000000000}7908-man 534500x800000000000000036035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.621{ec2a2542-29ad-6254-0000-000000000000}7910-man 534500x800000000000000036036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.622{ec2a2542-29ad-6254-0000-000000000000}7909-man 534500x800000000000000036037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.625{ec2a2542-29ad-6254-0000-000000000000}7911-man 534500x800000000000000036039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.628{ec2a2542-29ad-6254-0000-000000000000}7914-man 534500x800000000000000036038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.628{ec2a2542-29ad-6254-0000-000000000000}7912-man 534500x800000000000000036040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.629{ec2a2542-29ad-6254-0000-000000000000}7913-man 534500x800000000000000036041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.632{ec2a2542-29ad-6254-0000-000000000000}7915-man 534500x800000000000000036043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.636{ec2a2542-29ad-6254-0000-000000000000}7918-man 534500x800000000000000036042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.636{ec2a2542-29ad-6254-0000-000000000000}7916-man 534500x800000000000000036044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.637{ec2a2542-29ad-6254-0000-000000000000}7917-man 534500x800000000000000036045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.640{ec2a2542-29ad-6254-0000-000000000000}7919-man 534500x800000000000000036047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.643{00000000-0000-0000-0000-000000000000}7922<unknown process>man 534500x800000000000000036046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.643{00000000-0000-0000-0000-000000000000}7920<unknown process>man 534500x800000000000000036048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.644{00000000-0000-0000-0000-000000000000}7921<unknown process>man 534500x800000000000000036049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.647{ec2a2542-29ad-6254-0000-000000000000}7923-man 534500x800000000000000036050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.651{00000000-0000-0000-0000-000000000000}7924<unknown process>man 534500x800000000000000036052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.652{ec2a2542-29ad-6254-0000-000000000000}7925-man 534500x800000000000000036051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.652{ec2a2542-29ad-6254-0000-000000000000}7926-man 534500x800000000000000036053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.655{00000000-0000-0000-0000-000000000000}7927<unknown process>man 534500x800000000000000036054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.658{ec2a2542-29ad-6254-0000-000000000000}7928-man 534500x800000000000000036055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.660{ec2a2542-29ad-6254-0000-000000000000}7930-man 534500x800000000000000036056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.661{00000000-0000-0000-0000-000000000000}7929<unknown process>man 534500x800000000000000036057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.673{ec2a2542-29ad-6254-0000-000000000000}7931-man 534500x800000000000000036059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.677{ec2a2542-29ad-6254-0000-000000000000}7934-man 534500x800000000000000036058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.677{ec2a2542-29ad-6254-0000-000000000000}7932-man 534500x800000000000000036060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.678{00000000-0000-0000-0000-000000000000}7933<unknown process>man 534500x800000000000000036061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.681{ec2a2542-29ad-6254-0000-000000000000}7935-man 534500x800000000000000036062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.684{ec2a2542-29ad-6254-0000-000000000000}7936-man 534500x800000000000000036063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.685{ec2a2542-29ad-6254-0000-000000000000}7938-man 534500x800000000000000036064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.686{00000000-0000-0000-0000-000000000000}7937<unknown process>man 534500x800000000000000036065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.692{00000000-0000-0000-0000-000000000000}7939<unknown process>man 534500x800000000000000036066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.695{ec2a2542-29ad-6254-0000-000000000000}7940-man 534500x800000000000000036068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.696{ec2a2542-29ad-6254-0000-000000000000}7941-man 534500x800000000000000036067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.696{ec2a2542-29ad-6254-0000-000000000000}7942-man 534500x800000000000000036069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.700{00000000-0000-0000-0000-000000000000}7943<unknown process>man 534500x800000000000000036070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.703{ec2a2542-29ad-6254-0000-000000000000}7944-man 534500x800000000000000036072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.704{ec2a2542-29ad-6254-0000-000000000000}7945-man 534500x800000000000000036071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.704{ec2a2542-29ad-6254-0000-000000000000}7946-man 534500x800000000000000036073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.708{00000000-0000-0000-0000-000000000000}7947<unknown process>man 534500x800000000000000036075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.711{ec2a2542-29ad-6254-0000-000000000000}7950-man 534500x800000000000000036074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.711{ec2a2542-29ad-6254-0000-000000000000}7948-man 534500x800000000000000036076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.712{ec2a2542-29ad-6254-0000-000000000000}7949-man 534500x800000000000000036077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.715{00000000-0000-0000-0000-000000000000}7951<unknown process>man 534500x800000000000000036078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.718{ec2a2542-29ad-6254-0000-000000000000}7952-man 534500x800000000000000036079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.719{ec2a2542-29ad-6254-0000-000000000000}7954-man 534500x800000000000000036080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.720{ec2a2542-29ad-6254-0000-000000000000}7953-man 534500x800000000000000036081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.723{ec2a2542-29ad-6254-0000-000000000000}7955-man 534500x800000000000000036083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.726{ec2a2542-29ad-6254-0000-000000000000}7958-man 534500x800000000000000036082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.726{ec2a2542-29ad-6254-0000-000000000000}7956-man 534500x800000000000000036084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.727{00000000-0000-0000-0000-000000000000}7957<unknown process>man 534500x800000000000000036085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.730{ec2a2542-29ad-6254-0000-000000000000}7959-man 534500x800000000000000036086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.733{ec2a2542-29ad-6254-0000-000000000000}7960-man 534500x800000000000000036088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.734{00000000-0000-0000-0000-000000000000}7961<unknown process>man 534500x800000000000000036087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.734{00000000-0000-0000-0000-000000000000}7962<unknown process>man 534500x800000000000000036089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.738{ec2a2542-29ad-6254-0000-000000000000}7963-man 534500x800000000000000036090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.741{ec2a2542-29ad-6254-0000-000000000000}7964-man 534500x800000000000000036091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.742{ec2a2542-29ad-6254-0000-000000000000}7966-man 534500x800000000000000036092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.743{ec2a2542-29ad-6254-0000-000000000000}7965-man 534500x800000000000000036093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.746{ec2a2542-29ad-6254-0000-000000000000}7967-man 534500x800000000000000036094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.749{ec2a2542-29ad-6254-0000-000000000000}7968-man 534500x800000000000000036096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.750{ec2a2542-29ad-6254-0000-000000000000}7969-man 534500x800000000000000036095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.750{ec2a2542-29ad-6254-0000-000000000000}7970-man 534500x800000000000000036097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.754{ec2a2542-29ad-6254-0000-000000000000}7971-man 534500x800000000000000036099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.757{ec2a2542-29ad-6254-0000-000000000000}7974-man 534500x800000000000000036098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.757{ec2a2542-29ad-6254-0000-000000000000}7972-man 534500x800000000000000036100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.758{ec2a2542-29ad-6254-0000-000000000000}7973-man 534500x800000000000000036101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.761{ec2a2542-29ad-6254-0000-000000000000}7975-man 534500x800000000000000036102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.764{ec2a2542-29ad-6254-0000-000000000000}7976-man 534500x800000000000000036104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.765{ec2a2542-29ad-6254-0000-000000000000}7977-man 534500x800000000000000036103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.765{ec2a2542-29ad-6254-0000-000000000000}7978-man 534500x800000000000000036105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.768{ec2a2542-29ad-6254-0000-000000000000}7979-man 534500x800000000000000036106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.771{ec2a2542-29ad-6254-0000-000000000000}7980-man 534500x800000000000000036107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.772{ec2a2542-29ad-6254-0000-000000000000}7982-man 534500x800000000000000036108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.773{ec2a2542-29ad-6254-0000-000000000000}7981-man 534500x800000000000000036109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.776{00000000-0000-0000-0000-000000000000}7983<unknown process>man 534500x800000000000000036110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.779{ec2a2542-29ad-6254-0000-000000000000}7984-man 534500x800000000000000036111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.780{ec2a2542-29ad-6254-0000-000000000000}7986-man 534500x800000000000000036112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.781{ec2a2542-29ad-6254-0000-000000000000}7985-man 534500x800000000000000036113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.785{00000000-0000-0000-0000-000000000000}7987<unknown process>man 534500x800000000000000036114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.788{ec2a2542-29ad-6254-0000-000000000000}7988-man 534500x800000000000000036115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.789{ec2a2542-29ad-6254-0000-000000000000}7990-man 534500x800000000000000036116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.790{ec2a2542-29ad-6254-0000-000000000000}7989-man 534500x800000000000000036117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.793{00000000-0000-0000-0000-000000000000}7991<unknown process>man 534500x800000000000000036119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.796{ec2a2542-29ad-6254-0000-000000000000}7994-man 534500x800000000000000036118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.796{ec2a2542-29ad-6254-0000-000000000000}7992-man 534500x800000000000000036120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.797{ec2a2542-29ad-6254-0000-000000000000}7993-man 534500x800000000000000036121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.800{00000000-0000-0000-0000-000000000000}7995<unknown process>man 534500x800000000000000036122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.803{ec2a2542-29ad-6254-0000-000000000000}7996-man 534500x800000000000000036124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.804{ec2a2542-29ad-6254-0000-000000000000}7997-man 534500x800000000000000036123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.804{ec2a2542-29ad-6254-0000-000000000000}7998-man 534500x800000000000000036125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.807{00000000-0000-0000-0000-000000000000}7999<unknown process>man 534500x800000000000000036126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.810{ec2a2542-29ad-6254-0000-000000000000}8000-man 534500x800000000000000036128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.811{ec2a2542-29ad-6254-0000-000000000000}8001-man 534500x800000000000000036127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.811{ec2a2542-29ad-6254-0000-000000000000}8002-man 534500x800000000000000036129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.814{00000000-0000-0000-0000-000000000000}8003<unknown process>man 534500x800000000000000036130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.817{ec2a2542-29ad-6254-0000-000000000000}8004-man 534500x800000000000000036132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.818{ec2a2542-29ad-6254-0000-000000000000}8005-man 534500x800000000000000036131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.818{ec2a2542-29ad-6254-0000-000000000000}8006-man 534500x800000000000000036133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.821{00000000-0000-0000-0000-000000000000}8007<unknown process>man 534500x800000000000000036134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.833{ec2a2542-29ad-6254-0000-000000000000}8008-man 534500x800000000000000036136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.834{00000000-0000-0000-0000-000000000000}8009<unknown process>man 534500x800000000000000036135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.834{ec2a2542-29ad-6254-0000-000000000000}8010-man 534500x800000000000000036137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.841{ec2a2542-29ad-6254-0000-000000000000}8011-man 534500x800000000000000036138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.844{ec2a2542-29ad-6254-0000-000000000000}8012-man 534500x800000000000000036140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.849{ec2a2542-29ad-6254-0000-000000000000}8013-man 534500x800000000000000036139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.849{ec2a2542-29ad-6254-0000-000000000000}8014-man 534500x800000000000000036141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.853{00000000-0000-0000-0000-000000000000}8015<unknown process>man 534500x800000000000000036142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.859{ec2a2542-29ad-6254-0000-000000000000}8016-man 534500x800000000000000036144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.860{ec2a2542-29ad-6254-0000-000000000000}8017-man 534500x800000000000000036143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.860{ec2a2542-29ad-6254-0000-000000000000}8018-man 534500x800000000000000036145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.863{ec2a2542-29ad-6254-0000-000000000000}8019-man 534500x800000000000000036146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.868{ec2a2542-29ad-6254-0000-000000000000}8020-man 534500x800000000000000036148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.869{ec2a2542-29ad-6254-0000-000000000000}8021-man 534500x800000000000000036147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.869{ec2a2542-29ad-6254-0000-000000000000}8022-man 534500x800000000000000036149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.872{00000000-0000-0000-0000-000000000000}8023<unknown process>man 534500x800000000000000036150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.875{ec2a2542-29ad-6254-0000-000000000000}8024-man 534500x800000000000000036152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.876{00000000-0000-0000-0000-000000000000}8025<unknown process>man 534500x800000000000000036151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.876{ec2a2542-29ad-6254-0000-000000000000}8026-man 534500x800000000000000036153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.879{ec2a2542-29ad-6254-0000-000000000000}8027-man 534500x800000000000000036155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.883{ec2a2542-29ad-6254-0000-000000000000}8030-man 534500x800000000000000036154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.883{ec2a2542-29ad-6254-0000-000000000000}8028-man 534500x800000000000000036156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.884{ec2a2542-29ad-6254-0000-000000000000}8029-man 534500x800000000000000036157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.887{ec2a2542-29ad-6254-0000-000000000000}8031-man 534500x800000000000000036158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.890{ec2a2542-29ad-6254-0000-000000000000}8032-man 534500x800000000000000036160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.891{ec2a2542-29ad-6254-0000-000000000000}8033-man 534500x800000000000000036159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.891{ec2a2542-29ad-6254-0000-000000000000}8034-man 534500x800000000000000036161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.896{ec2a2542-29ad-6254-0000-000000000000}8035-man 534500x800000000000000036162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.899{ec2a2542-29ad-6254-0000-000000000000}8036-man 534500x800000000000000036163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.900{ec2a2542-29ad-6254-0000-000000000000}8038-man 534500x800000000000000036164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.903{00000000-0000-0000-0000-000000000000}8037<unknown process>man 534500x800000000000000036165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.906{00000000-0000-0000-0000-000000000000}8039<unknown process>man 534500x800000000000000036166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.909{ec2a2542-29ad-6254-0000-000000000000}8040-man 534500x800000000000000036167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.912{ec2a2542-29ad-6254-0000-000000000000}8042-man 534500x800000000000000036168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.913{ec2a2542-29ad-6254-0000-000000000000}8041-man 534500x800000000000000036169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.916{ec2a2542-29ad-6254-0000-000000000000}8043-man 534500x800000000000000036170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.919{ec2a2542-29ad-6254-0000-000000000000}8044-man 534500x800000000000000036171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.920{ec2a2542-29ad-6254-0000-000000000000}8046-man 534500x800000000000000036172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.921{ec2a2542-29ad-6254-0000-000000000000}8045-man 534500x800000000000000036173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.924{ec2a2542-29ad-6254-0000-000000000000}8047-man 534500x800000000000000036174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.927{ec2a2542-29ad-6254-0000-000000000000}8048-man 534500x800000000000000036176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.928{ec2a2542-29ad-6254-0000-000000000000}8049-man 534500x800000000000000036175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.928{ec2a2542-29ad-6254-0000-000000000000}8050-man 534500x800000000000000036177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.931{ec2a2542-29ad-6254-0000-000000000000}8051-man 534500x800000000000000036178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.934{ec2a2542-29ad-6254-0000-000000000000}8052-man 534500x800000000000000036179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.935{ec2a2542-29ad-6254-0000-000000000000}8054-man 534500x800000000000000036180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.936{ec2a2542-29ad-6254-0000-000000000000}8053-man 534500x800000000000000036181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.939{ec2a2542-29ad-6254-0000-000000000000}8055-man 534500x800000000000000036183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.942{ec2a2542-29ad-6254-0000-000000000000}8058-man 534500x800000000000000036182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.942{ec2a2542-29ad-6254-0000-000000000000}8056-man 534500x800000000000000036184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.943{ec2a2542-29ad-6254-0000-000000000000}8057-man 534500x800000000000000036185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.946{ec2a2542-29ad-6254-0000-000000000000}8059-man 534500x800000000000000036186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.949{ec2a2542-29ad-6254-0000-000000000000}8060-man 534500x800000000000000036188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.950{00000000-0000-0000-0000-000000000000}8061<unknown process>man 534500x800000000000000036187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.950{ec2a2542-29ad-6254-0000-000000000000}8062-man 534500x800000000000000036189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.954{ec2a2542-29ad-6254-0000-000000000000}8063-man 534500x800000000000000036191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.957{ec2a2542-29ad-6254-0000-000000000000}8066-man 534500x800000000000000036190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.957{ec2a2542-29ad-6254-0000-000000000000}8064-man 534500x800000000000000036192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.958{ec2a2542-29ad-6254-0000-000000000000}8065-man 534500x800000000000000036193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.962{00000000-0000-0000-0000-000000000000}8067<unknown process>man 534500x800000000000000036195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.965{ec2a2542-29ad-6254-0000-000000000000}8070-man 534500x800000000000000036194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.965{ec2a2542-29ad-6254-0000-000000000000}8068-man 534500x800000000000000036196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.966{ec2a2542-29ad-6254-0000-000000000000}8069-man 534500x800000000000000036197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.969{ec2a2542-29ad-6254-0000-000000000000}8071-man 534500x800000000000000036198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.972{ec2a2542-29ad-6254-0000-000000000000}8072-man 534500x800000000000000036200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.973{ec2a2542-29ad-6254-0000-000000000000}8073-man 534500x800000000000000036199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.973{ec2a2542-29ad-6254-0000-000000000000}8074-man 534500x800000000000000036201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.976{ec2a2542-29ad-6254-0000-000000000000}8075-man 534500x800000000000000036202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.979{ec2a2542-29ad-6254-0000-000000000000}8076-man 534500x800000000000000036203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.980{ec2a2542-29ad-6254-0000-000000000000}8078-man 534500x800000000000000036204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.981{ec2a2542-29ad-6254-0000-000000000000}8077-man 534500x800000000000000036205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.984{ec2a2542-29ad-6254-0000-000000000000}8079-man 534500x800000000000000036206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.987{ec2a2542-29ad-6254-0000-000000000000}8080-man 534500x800000000000000036208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.989{00000000-0000-0000-0000-000000000000}8081<unknown process>man 534500x800000000000000036207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.989{ec2a2542-29ad-6254-0000-000000000000}8082-man 534500x800000000000000036209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.993{ec2a2542-29ad-6254-0000-000000000000}8083-man 534500x800000000000000036210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.996{ec2a2542-29ad-6254-0000-000000000000}8084-man 534500x800000000000000036212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.997{ec2a2542-29ad-6254-0000-000000000000}8085-man 534500x800000000000000036211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:21.997{ec2a2542-29ad-6254-0000-000000000000}8086-man 534500x800000000000000036213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.000{ec2a2542-29ad-6254-0000-000000000000}8087-man 534500x800000000000000036214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.003{ec2a2542-29ad-6254-0000-000000000000}8088-man 534500x800000000000000036216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.004{ec2a2542-29ad-6254-0000-000000000000}8089-man 534500x800000000000000036215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.004{ec2a2542-29ad-6254-0000-000000000000}8090-man 534500x800000000000000036217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.008{ec2a2542-29ad-6254-0000-000000000000}8091-man 534500x800000000000000036219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.011{ec2a2542-29ae-6254-0000-000000000000}8094-man 534500x800000000000000036218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.011{ec2a2542-29ad-6254-0000-000000000000}8092-man 534500x800000000000000036220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.012{ec2a2542-29ae-6254-0000-000000000000}8093-man 534500x800000000000000036221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.015{ec2a2542-29ae-6254-0000-000000000000}8095-man 534500x800000000000000036223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.018{ec2a2542-29ae-6254-0000-000000000000}8098-man 534500x800000000000000036222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.018{ec2a2542-29ae-6254-0000-000000000000}8096-man 534500x800000000000000036224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.019{ec2a2542-29ae-6254-0000-000000000000}8097-man 534500x800000000000000036225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.022{00000000-0000-0000-0000-000000000000}8099<unknown process>man 534500x800000000000000036227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.025{ec2a2542-29ae-6254-0000-000000000000}8102-man 534500x800000000000000036226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.025{ec2a2542-29ae-6254-0000-000000000000}8100-man 534500x800000000000000036228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.026{ec2a2542-29ae-6254-0000-000000000000}8101-man 534500x800000000000000036229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.029{00000000-0000-0000-0000-000000000000}8103<unknown process>man 534500x800000000000000036230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.032{ec2a2542-29ae-6254-0000-000000000000}8104-man 534500x800000000000000036232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.033{ec2a2542-29ae-6254-0000-000000000000}8105-man 534500x800000000000000036231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.033{ec2a2542-29ae-6254-0000-000000000000}8106-man 534500x800000000000000036233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.036{00000000-0000-0000-0000-000000000000}8107<unknown process>man 534500x800000000000000036234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.039{ec2a2542-29ae-6254-0000-000000000000}8108-man 534500x800000000000000036235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.040{ec2a2542-29ae-6254-0000-000000000000}8110-man 534500x800000000000000036236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.041{ec2a2542-29ae-6254-0000-000000000000}8109-man 534500x800000000000000036237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.044{ec2a2542-29ae-6254-0000-000000000000}8111-man 534500x800000000000000036238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.046{ec2a2542-29ae-6254-0000-000000000000}8112-man 534500x800000000000000036239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.047{ec2a2542-29ae-6254-0000-000000000000}8114-man 534500x800000000000000036240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.048{ec2a2542-29ae-6254-0000-000000000000}8113-man 534500x800000000000000036241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.051{00000000-0000-0000-0000-000000000000}8115<unknown process>man 534500x800000000000000036243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.054{ec2a2542-29ae-6254-0000-000000000000}8118-man 534500x800000000000000036242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.054{ec2a2542-29ae-6254-0000-000000000000}8116-man 534500x800000000000000036244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.055{ec2a2542-29ae-6254-0000-000000000000}8117-man 534500x800000000000000036245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.058{ec2a2542-29ae-6254-0000-000000000000}8119-man 534500x800000000000000036246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.061{ec2a2542-29ae-6254-0000-000000000000}8120-man 534500x800000000000000036247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.062{ec2a2542-29ae-6254-0000-000000000000}8122-man 534500x800000000000000036248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.063{ec2a2542-29ae-6254-0000-000000000000}8121-man 534500x800000000000000036249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.066{ec2a2542-29ae-6254-0000-000000000000}8123-man 534500x800000000000000036250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.070{00000000-0000-0000-0000-000000000000}8124<unknown process>man 534500x800000000000000036251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.071{ec2a2542-29ae-6254-0000-000000000000}8126-man 534500x800000000000000036252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.072{ec2a2542-29ae-6254-0000-000000000000}8125-man 534500x800000000000000036253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.075{00000000-0000-0000-0000-000000000000}8127<unknown process>man 534500x800000000000000036254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.079{ec2a2542-29ae-6254-0000-000000000000}8128-man 534500x800000000000000036255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.080{ec2a2542-29ae-6254-0000-000000000000}8130-man 534500x800000000000000036256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.081{00000000-0000-0000-0000-000000000000}8129<unknown process>man 534500x800000000000000036257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.084{00000000-0000-0000-0000-000000000000}8131<unknown process>man 534500x800000000000000036258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.089{ec2a2542-29ae-6254-0000-000000000000}8132-man 534500x800000000000000036259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.092{ec2a2542-29ae-6254-0000-000000000000}8134-man 534500x800000000000000036260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.096{ec2a2542-29ae-6254-0000-000000000000}8133-man 534500x800000000000000036261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.100{ec2a2542-29ae-6254-0000-000000000000}8135-man 534500x800000000000000036263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.104{ec2a2542-29ae-6254-0000-000000000000}8138-man 534500x800000000000000036262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.104{ec2a2542-29ae-6254-0000-000000000000}8136-man 534500x800000000000000036264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.105{ec2a2542-29ae-6254-0000-000000000000}8137-man 534500x800000000000000036265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.108{ec2a2542-29ae-6254-0000-000000000000}8139-man 534500x800000000000000036266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.111{ec2a2542-29ae-6254-0000-000000000000}8140-man 534500x800000000000000036268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.112{ec2a2542-29ae-6254-0000-000000000000}8141-man 534500x800000000000000036267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.112{ec2a2542-29ae-6254-0000-000000000000}8142-man 534500x800000000000000036269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.115{ec2a2542-29ae-6254-0000-000000000000}8143-man 534500x800000000000000036270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.118{ec2a2542-29ae-6254-0000-000000000000}8144-man 534500x800000000000000036272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.119{ec2a2542-29ae-6254-0000-000000000000}8145-man 534500x800000000000000036271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.119{ec2a2542-29ae-6254-0000-000000000000}8146-man 534500x800000000000000036273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.123{ec2a2542-29ae-6254-0000-000000000000}8147-man 534500x800000000000000036274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.126{ec2a2542-29ae-6254-0000-000000000000}8148-man 534500x800000000000000036276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.128{00000000-0000-0000-0000-000000000000}8149<unknown process>man 534500x800000000000000036275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.128{ec2a2542-29ae-6254-0000-000000000000}8150-man 534500x800000000000000036277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.132{ec2a2542-29ae-6254-0000-000000000000}8151-man 534500x800000000000000036278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.139{ec2a2542-29ae-6254-0000-000000000000}8152-man 534500x800000000000000036279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.140{ec2a2542-29ae-6254-0000-000000000000}8154-man 534500x800000000000000036280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.142{ec2a2542-29ae-6254-0000-000000000000}8153-man 534500x800000000000000036281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.145{ec2a2542-29ae-6254-0000-000000000000}8155-man 534500x800000000000000036282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.148{00000000-0000-0000-0000-000000000000}8156<unknown process>man 534500x800000000000000036284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.149{ec2a2542-29ae-6254-0000-000000000000}8157-man 534500x800000000000000036283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.149{ec2a2542-29ae-6254-0000-000000000000}8158-man 534500x800000000000000036285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.152{ec2a2542-29ae-6254-0000-000000000000}8159-man 534500x800000000000000036286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.155{ec2a2542-29ae-6254-0000-000000000000}8160-man 534500x800000000000000036288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.156{ec2a2542-29ae-6254-0000-000000000000}8161-man 534500x800000000000000036287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.156{ec2a2542-29ae-6254-0000-000000000000}8162-man 534500x800000000000000036289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.159{ec2a2542-29ae-6254-0000-000000000000}8163-man 534500x800000000000000036290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.162{ec2a2542-29ae-6254-0000-000000000000}8164-man 534500x800000000000000036292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.163{ec2a2542-29ae-6254-0000-000000000000}8165-man 534500x800000000000000036291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.163{ec2a2542-29ae-6254-0000-000000000000}8166-man 534500x800000000000000036293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.166{ec2a2542-29ae-6254-0000-000000000000}8167-man 534500x800000000000000036294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.169{ec2a2542-29ae-6254-0000-000000000000}8168-man 534500x800000000000000036296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.170{ec2a2542-29ae-6254-0000-000000000000}8169-man 534500x800000000000000036295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.170{ec2a2542-29ae-6254-0000-000000000000}8170-man 534500x800000000000000036297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.173{ec2a2542-29ae-6254-0000-000000000000}8171-man 534500x800000000000000036299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.176{ec2a2542-29ae-6254-0000-000000000000}8174-man 534500x800000000000000036298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.176{ec2a2542-29ae-6254-0000-000000000000}8172-man 534500x800000000000000036300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.177{ec2a2542-29ae-6254-0000-000000000000}8173-man 534500x800000000000000036301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.180{ec2a2542-29ae-6254-0000-000000000000}8175-man 534500x800000000000000036302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.183{ec2a2542-29ae-6254-0000-000000000000}8176-man 534500x800000000000000036304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.184{ec2a2542-29ae-6254-0000-000000000000}8177-man 534500x800000000000000036303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.184{ec2a2542-29ae-6254-0000-000000000000}8178-man 534500x800000000000000036305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.187{ec2a2542-29ae-6254-0000-000000000000}8179-man 534500x800000000000000036306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.190{ec2a2542-29ae-6254-0000-000000000000}8180-man 534500x800000000000000036307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.191{ec2a2542-29ae-6254-0000-000000000000}8182-man 534500x800000000000000036308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.192{ec2a2542-29ae-6254-0000-000000000000}8181-man 534500x800000000000000036309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.195{ec2a2542-29ae-6254-0000-000000000000}8183-man 534500x800000000000000036311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.198{ec2a2542-29ae-6254-0000-000000000000}8186-man 534500x800000000000000036310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.198{ec2a2542-29ae-6254-0000-000000000000}8184-man 534500x800000000000000036312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.199{ec2a2542-29ae-6254-0000-000000000000}8185-man 534500x800000000000000036313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.202{ec2a2542-29ae-6254-0000-000000000000}8187-man 534500x800000000000000036314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.205{ec2a2542-29ae-6254-0000-000000000000}8188-man 534500x800000000000000036315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.206{ec2a2542-29ae-6254-0000-000000000000}8190-man 534500x800000000000000036316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.207{ec2a2542-29ae-6254-0000-000000000000}8189-man 534500x800000000000000036317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.210{ec2a2542-29ae-6254-0000-000000000000}8191-man 534500x800000000000000036319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.213{ec2a2542-29ae-6254-0000-000000000000}8194-man 534500x800000000000000036318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.213{ec2a2542-29ae-6254-0000-000000000000}8192-man 534500x800000000000000036320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.214{ec2a2542-29ae-6254-0000-000000000000}8193-man 534500x800000000000000036321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.217{ec2a2542-29ae-6254-0000-000000000000}8195-man 534500x800000000000000036323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.220{ec2a2542-29ae-6254-0000-000000000000}8198-man 534500x800000000000000036322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.220{ec2a2542-29ae-6254-0000-000000000000}8196-man 534500x800000000000000036324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.221{ec2a2542-29ae-6254-0000-000000000000}8197-man 534500x800000000000000036325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.224{ec2a2542-29ae-6254-0000-000000000000}8199-man 534500x800000000000000036326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.227{ec2a2542-29ae-6254-0000-000000000000}8200-man 534500x800000000000000036328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.228{ec2a2542-29ae-6254-0000-000000000000}8201-man 534500x800000000000000036327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.228{ec2a2542-29ae-6254-0000-000000000000}8202-man 534500x800000000000000036329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.231{00000000-0000-0000-0000-000000000000}8203<unknown process>man 534500x800000000000000036330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.234{ec2a2542-29ae-6254-0000-000000000000}8204-man 534500x800000000000000036331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.235{00000000-0000-0000-0000-000000000000}8206<unknown process>man 534500x800000000000000036332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.236{00000000-0000-0000-0000-000000000000}8205<unknown process>man 534500x800000000000000036333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.239{ec2a2542-29ae-6254-0000-000000000000}8207-man 534500x800000000000000036334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.242{ec2a2542-29ae-6254-0000-000000000000}8208-man 534500x800000000000000036336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.243{00000000-0000-0000-0000-000000000000}8209<unknown process>man 534500x800000000000000036335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.243{ec2a2542-29ae-6254-0000-000000000000}8210-man 534500x800000000000000036337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.246{ec2a2542-29ae-6254-0000-000000000000}8211-man 534500x800000000000000036338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.249{ec2a2542-29ae-6254-0000-000000000000}8212-man 534500x800000000000000036340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.250{ec2a2542-29ae-6254-0000-000000000000}8213-man 534500x800000000000000036339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.250{ec2a2542-29ae-6254-0000-000000000000}8214-man 534500x800000000000000036341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.253{ec2a2542-29ae-6254-0000-000000000000}8215-man 534500x800000000000000036342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.256{ec2a2542-29ae-6254-0000-000000000000}8216-man 534500x800000000000000036344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.257{ec2a2542-29ae-6254-0000-000000000000}8217-man 534500x800000000000000036343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.257{ec2a2542-29ae-6254-0000-000000000000}8218-man 534500x800000000000000036345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.260{ec2a2542-29ae-6254-0000-000000000000}8219-man 534500x800000000000000036346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.263{00000000-0000-0000-0000-000000000000}8220<unknown process>man 534500x800000000000000036348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.264{ec2a2542-29ae-6254-0000-000000000000}8221-man 534500x800000000000000036347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.264{ec2a2542-29ae-6254-0000-000000000000}8222-man 534500x800000000000000036349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.267{ec2a2542-29ae-6254-0000-000000000000}8223-man 534500x800000000000000036350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.270{ec2a2542-29ae-6254-0000-000000000000}8224-man 534500x800000000000000036352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.271{ec2a2542-29ae-6254-0000-000000000000}8225-man 534500x800000000000000036351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.271{ec2a2542-29ae-6254-0000-000000000000}8226-man 534500x800000000000000036353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.289{ec2a2542-29ae-6254-0000-000000000000}8227-man 534500x800000000000000036354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.292{ec2a2542-29ae-6254-0000-000000000000}8228-man 534500x800000000000000036355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.293{ec2a2542-29ae-6254-0000-000000000000}8230-man 534500x800000000000000036356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.294{ec2a2542-29ae-6254-0000-000000000000}8229-man 534500x800000000000000036357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.297{ec2a2542-29ae-6254-0000-000000000000}8231-man 534500x800000000000000036358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.300{ec2a2542-29ae-6254-0000-000000000000}8232-man 534500x800000000000000036359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.301{ec2a2542-29ae-6254-0000-000000000000}8234-man 534500x800000000000000036360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.302{ec2a2542-29ae-6254-0000-000000000000}8233-man 534500x800000000000000036361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.305{ec2a2542-29ae-6254-0000-000000000000}8235-man 534500x800000000000000036363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.308{ec2a2542-29ae-6254-0000-000000000000}8238-man 534500x800000000000000036362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.308{ec2a2542-29ae-6254-0000-000000000000}8236-man 534500x800000000000000036364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.309{ec2a2542-29ae-6254-0000-000000000000}8237-man 534500x800000000000000036365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.312{ec2a2542-29ae-6254-0000-000000000000}8239-man 534500x800000000000000036367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.315{ec2a2542-29ae-6254-0000-000000000000}8242-man 534500x800000000000000036366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.315{ec2a2542-29ae-6254-0000-000000000000}8240-man 534500x800000000000000036368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.316{ec2a2542-29ae-6254-0000-000000000000}8241-man 534500x800000000000000036369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.319{ec2a2542-29ae-6254-0000-000000000000}8243-man 534500x800000000000000036371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.322{ec2a2542-29ae-6254-0000-000000000000}8246-man 534500x800000000000000036370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.322{ec2a2542-29ae-6254-0000-000000000000}8244-man 534500x800000000000000036372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.323{ec2a2542-29ae-6254-0000-000000000000}8245-man 534500x800000000000000036373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.326{ec2a2542-29ae-6254-0000-000000000000}8247-man 534500x800000000000000036375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.329{ec2a2542-29ae-6254-0000-000000000000}8250-man 534500x800000000000000036374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.329{ec2a2542-29ae-6254-0000-000000000000}8248-man 534500x800000000000000036376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.330{ec2a2542-29ae-6254-0000-000000000000}8249-man 534500x800000000000000036377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.333{ec2a2542-29ae-6254-0000-000000000000}8251-man 534500x800000000000000036379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.336{ec2a2542-29ae-6254-0000-000000000000}8254-man 534500x800000000000000036378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.336{ec2a2542-29ae-6254-0000-000000000000}8252-man 534500x800000000000000036380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.337{ec2a2542-29ae-6254-0000-000000000000}8253-man 534500x800000000000000036381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.340{ec2a2542-29ae-6254-0000-000000000000}8255-man 534500x800000000000000036383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.343{ec2a2542-29ae-6254-0000-000000000000}8258-man 534500x800000000000000036382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.343{ec2a2542-29ae-6254-0000-000000000000}8256-man 534500x800000000000000036384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.344{ec2a2542-29ae-6254-0000-000000000000}8257-man 534500x800000000000000036385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.347{ec2a2542-29ae-6254-0000-000000000000}8259-man 534500x800000000000000036387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.350{ec2a2542-29ae-6254-0000-000000000000}8262-man 534500x800000000000000036386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.350{ec2a2542-29ae-6254-0000-000000000000}8260-man 534500x800000000000000036388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.351{ec2a2542-29ae-6254-0000-000000000000}8261-man 534500x800000000000000036389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.354{00000000-0000-0000-0000-000000000000}8263<unknown process>man 534500x800000000000000036391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.357{ec2a2542-29ae-6254-0000-000000000000}8266-man 534500x800000000000000036390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.357{ec2a2542-29ae-6254-0000-000000000000}8264-man 534500x800000000000000036392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.358{ec2a2542-29ae-6254-0000-000000000000}8265-man 534500x800000000000000036393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.361{ec2a2542-29ae-6254-0000-000000000000}8267-man 534500x800000000000000036395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.364{ec2a2542-29ae-6254-0000-000000000000}8270-man 534500x800000000000000036394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.364{ec2a2542-29ae-6254-0000-000000000000}8268-man 534500x800000000000000036396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.365{ec2a2542-29ae-6254-0000-000000000000}8269-man 534500x800000000000000036397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.368{ec2a2542-29ae-6254-0000-000000000000}8271-man 534500x800000000000000036398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.371{ec2a2542-29ae-6254-0000-000000000000}8272-man 534500x800000000000000036400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.372{00000000-0000-0000-0000-000000000000}8273<unknown process>man 534500x800000000000000036399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.372{ec2a2542-29ae-6254-0000-000000000000}8274-man 534500x800000000000000036401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.375{ec2a2542-29ae-6254-0000-000000000000}8275-man 534500x800000000000000036402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.378{ec2a2542-29ae-6254-0000-000000000000}8276-man 534500x800000000000000036403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.379{ec2a2542-29ae-6254-0000-000000000000}8278-man 534500x800000000000000036404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.380{ec2a2542-29ae-6254-0000-000000000000}8277-man 534500x800000000000000036405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.382{ec2a2542-29ae-6254-0000-000000000000}8279-man 534500x800000000000000036406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.385{ec2a2542-29ae-6254-0000-000000000000}8280-man 534500x800000000000000036408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.386{ec2a2542-29ae-6254-0000-000000000000}8281-man 534500x800000000000000036407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.386{ec2a2542-29ae-6254-0000-000000000000}8282-man 534500x800000000000000036409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.389{00000000-0000-0000-0000-000000000000}8283<unknown process>man 534500x800000000000000036410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.392{ec2a2542-29ae-6254-0000-000000000000}8284-man 534500x800000000000000036411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.393{ec2a2542-29ae-6254-0000-000000000000}8286-man 534500x800000000000000036412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.394{ec2a2542-29ae-6254-0000-000000000000}8285-man 534500x800000000000000036413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.397{ec2a2542-29ae-6254-0000-000000000000}8287-man 534500x800000000000000036414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.400{ec2a2542-29ae-6254-0000-000000000000}8288-man 534500x800000000000000036416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.401{00000000-0000-0000-0000-000000000000}8289<unknown process>man 534500x800000000000000036415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.401{ec2a2542-29ae-6254-0000-000000000000}8290-man 534500x800000000000000036417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.404{ec2a2542-29ae-6254-0000-000000000000}8291-man 534500x800000000000000036418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.407{ec2a2542-29ae-6254-0000-000000000000}8292-man 534500x800000000000000036419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.408{ec2a2542-29ae-6254-0000-000000000000}8294-man 534500x800000000000000036420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.409{ec2a2542-29ae-6254-0000-000000000000}8293-man 534500x800000000000000036421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.411{ec2a2542-29ae-6254-0000-000000000000}8295-man 534500x800000000000000036422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.414{ec2a2542-29ae-6254-0000-000000000000}8296-man 534500x800000000000000036423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.415{ec2a2542-29ae-6254-0000-000000000000}8298-man 534500x800000000000000036424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.416{ec2a2542-29ae-6254-0000-000000000000}8297-man 534500x800000000000000036425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.418{ec2a2542-29ae-6254-0000-000000000000}8299-man 534500x800000000000000036426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.426{ec2a2542-29ae-6254-0000-000000000000}8300-man 534500x800000000000000036428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.427{ec2a2542-29ae-6254-0000-000000000000}8301-man 534500x800000000000000036427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.427{ec2a2542-29ae-6254-0000-000000000000}8302-man 534500x800000000000000036429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.430{00000000-0000-0000-0000-000000000000}8303<unknown process>man 534500x800000000000000036430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.433{ec2a2542-29ae-6254-0000-000000000000}8304-man 534500x800000000000000036431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.434{ec2a2542-29ae-6254-0000-000000000000}8306-man 534500x800000000000000036432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.435{ec2a2542-29ae-6254-0000-000000000000}8305-man 534500x800000000000000036433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.438{00000000-0000-0000-0000-000000000000}8307<unknown process>man 534500x800000000000000036434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.440{ec2a2542-29ae-6254-0000-000000000000}8308-man 534500x800000000000000036435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.441{ec2a2542-29ae-6254-0000-000000000000}8310-man 534500x800000000000000036436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.442{ec2a2542-29ae-6254-0000-000000000000}8309-man 534500x800000000000000036437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.445{ec2a2542-29ae-6254-0000-000000000000}8311-man 534500x800000000000000036438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.447{ec2a2542-29ae-6254-0000-000000000000}8312-man 534500x800000000000000036439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.448{ec2a2542-29ae-6254-0000-000000000000}8314-man 534500x800000000000000036440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.449{ec2a2542-29ae-6254-0000-000000000000}8313-man 534500x800000000000000036441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.452{00000000-0000-0000-0000-000000000000}8315<unknown process>man 534500x800000000000000036443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.455{ec2a2542-29ae-6254-0000-000000000000}8318-man 534500x800000000000000036442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.455{00000000-0000-0000-0000-000000000000}8316<unknown process>man 534500x800000000000000036444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.456{00000000-0000-0000-0000-000000000000}8317<unknown process>man 534500x800000000000000036445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.459{ec2a2542-29ae-6254-0000-000000000000}8319-man 534500x800000000000000036446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.462{ec2a2542-29ae-6254-0000-000000000000}8320-man 534500x800000000000000036448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.463{00000000-0000-0000-0000-000000000000}8321<unknown process>man 534500x800000000000000036447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.463{ec2a2542-29ae-6254-0000-000000000000}8322-man 534500x800000000000000036449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.466{00000000-0000-0000-0000-000000000000}8323<unknown process>man 534500x800000000000000036450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.469{ec2a2542-29ae-6254-0000-000000000000}8324-man 534500x800000000000000036451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.470{ec2a2542-29ae-6254-0000-000000000000}8326-man 534500x800000000000000036452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.471{ec2a2542-29ae-6254-0000-000000000000}8325-man 534500x800000000000000036453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.474{ec2a2542-29ae-6254-0000-000000000000}8327-man 534500x800000000000000036454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.477{ec2a2542-29ae-6254-0000-000000000000}8328-man 534500x800000000000000036456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.478{ec2a2542-29ae-6254-0000-000000000000}8329-man 534500x800000000000000036455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.478{ec2a2542-29ae-6254-0000-000000000000}8330-man 534500x800000000000000036457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.482{ec2a2542-29ae-6254-0000-000000000000}8331-man 534500x800000000000000036459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.485{ec2a2542-29ae-6254-0000-000000000000}8334-man 534500x800000000000000036458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.485{ec2a2542-29ae-6254-0000-000000000000}8332-man 534500x800000000000000036460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.486{ec2a2542-29ae-6254-0000-000000000000}8333-man 534500x800000000000000036461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.490{ec2a2542-29ae-6254-0000-000000000000}8335-man 534500x800000000000000036462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.493{ec2a2542-29ae-6254-0000-000000000000}8336-man 534500x800000000000000036463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.494{ec2a2542-29ae-6254-0000-000000000000}8338-man 534500x800000000000000036464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.495{ec2a2542-29ae-6254-0000-000000000000}8337-man 534500x800000000000000036465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.498{ec2a2542-29ae-6254-0000-000000000000}8339-man 534500x800000000000000036466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.500{ec2a2542-29ae-6254-0000-000000000000}8340-man 534500x800000000000000036468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.501{ec2a2542-29ae-6254-0000-000000000000}8341-man 534500x800000000000000036467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.501{ec2a2542-29ae-6254-0000-000000000000}8342-man 534500x800000000000000036469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.504{ec2a2542-29ae-6254-0000-000000000000}8343-man 534500x800000000000000036470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.507{ec2a2542-29ae-6254-0000-000000000000}8344-man 534500x800000000000000036472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.508{ec2a2542-29ae-6254-0000-000000000000}8345-man 534500x800000000000000036471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.508{ec2a2542-29ae-6254-0000-000000000000}8346-man 534500x800000000000000036473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.511{ec2a2542-29ae-6254-0000-000000000000}8347-man 534500x800000000000000036474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.514{ec2a2542-29ae-6254-0000-000000000000}8348-man 534500x800000000000000036476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.515{ec2a2542-29ae-6254-0000-000000000000}8349-man 534500x800000000000000036475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.515{ec2a2542-29ae-6254-0000-000000000000}8350-man 534500x800000000000000036477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.518{ec2a2542-29ae-6254-0000-000000000000}8351-man 534500x800000000000000036479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.521{ec2a2542-29ae-6254-0000-000000000000}8354-man 534500x800000000000000036478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.521{ec2a2542-29ae-6254-0000-000000000000}8352-man 534500x800000000000000036480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.522{ec2a2542-29ae-6254-0000-000000000000}8353-man 534500x800000000000000036481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.525{ec2a2542-29ae-6254-0000-000000000000}8355-man 534500x800000000000000036482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.528{ec2a2542-29ae-6254-0000-000000000000}8356-man 534500x800000000000000036484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.529{ec2a2542-29ae-6254-0000-000000000000}8357-man 534500x800000000000000036483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.529{ec2a2542-29ae-6254-0000-000000000000}8358-man 534500x800000000000000036485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.532{00000000-0000-0000-0000-000000000000}8359<unknown process>man 534500x800000000000000036486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.535{ec2a2542-29ae-6254-0000-000000000000}8360-man 534500x800000000000000036488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.536{ec2a2542-29ae-6254-0000-000000000000}8361-man 534500x800000000000000036487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.536{ec2a2542-29ae-6254-0000-000000000000}8362-man 534500x800000000000000036489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.539{00000000-0000-0000-0000-000000000000}8363<unknown process>man 534500x800000000000000036490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.542{ec2a2542-29ae-6254-0000-000000000000}8364-man 534500x800000000000000036492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.543{ec2a2542-29ae-6254-0000-000000000000}8365-man 534500x800000000000000036491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.543{ec2a2542-29ae-6254-0000-000000000000}8366-man 534500x800000000000000036493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.546{ec2a2542-29ae-6254-0000-000000000000}8367-man 534500x800000000000000036494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.549{ec2a2542-29ae-6254-0000-000000000000}8368-man 534500x800000000000000036496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.550{ec2a2542-29ae-6254-0000-000000000000}8369-man 534500x800000000000000036495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.550{ec2a2542-29ae-6254-0000-000000000000}8370-man 534500x800000000000000036497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.553{ec2a2542-29ae-6254-0000-000000000000}8371-man 534500x800000000000000036498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.556{ec2a2542-29ae-6254-0000-000000000000}8372-man 534500x800000000000000036500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.557{ec2a2542-29ae-6254-0000-000000000000}8373-man 534500x800000000000000036499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.557{ec2a2542-29ae-6254-0000-000000000000}8374-man 534500x800000000000000036501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.561{ec2a2542-29ae-6254-0000-000000000000}8375-man 534500x800000000000000036502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.563{ec2a2542-29ae-6254-0000-000000000000}8376-man 534500x800000000000000036503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.564{ec2a2542-29ae-6254-0000-000000000000}8378-man 534500x800000000000000036504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.565{ec2a2542-29ae-6254-0000-000000000000}8377-man 534500x800000000000000036505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.568{ec2a2542-29ae-6254-0000-000000000000}8379-man 534500x800000000000000036506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.570{ec2a2542-29ae-6254-0000-000000000000}8380-man 534500x800000000000000036507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.571{ec2a2542-29ae-6254-0000-000000000000}8382-man 534500x800000000000000036508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.572{ec2a2542-29ae-6254-0000-000000000000}8381-man 534500x800000000000000036509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.575{ec2a2542-29ae-6254-0000-000000000000}8383-man 534500x800000000000000036510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.577{00000000-0000-0000-0000-000000000000}8384<unknown process>man 534500x800000000000000036511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.578{ec2a2542-29ae-6254-0000-000000000000}8386-man 534500x800000000000000036512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.579{ec2a2542-29ae-6254-0000-000000000000}8385-man 534500x800000000000000036513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.582{ec2a2542-29ae-6254-0000-000000000000}8387-man 534500x800000000000000036514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.584{ec2a2542-29ae-6254-0000-000000000000}8388-man 534500x800000000000000036515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.585{ec2a2542-29ae-6254-0000-000000000000}8390-man 534500x800000000000000036516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.586{ec2a2542-29ae-6254-0000-000000000000}8389-man 534500x800000000000000036517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.591{ec2a2542-29ae-6254-0000-000000000000}8391-man 534500x800000000000000036518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.594{ec2a2542-29ae-6254-0000-000000000000}8392-man 534500x800000000000000036519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.595{ec2a2542-29ae-6254-0000-000000000000}8394-man 534500x800000000000000036520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.596{ec2a2542-29ae-6254-0000-000000000000}8393-man 534500x800000000000000036521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.599{ec2a2542-29ae-6254-0000-000000000000}8395-man 534500x800000000000000036522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.603{ec2a2542-29ae-6254-0000-000000000000}8396-man 534500x800000000000000036524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.604{ec2a2542-29ae-6254-0000-000000000000}8397-man 534500x800000000000000036523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.604{ec2a2542-29ae-6254-0000-000000000000}8398-man 534500x800000000000000036525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.607{ec2a2542-29ae-6254-0000-000000000000}8399-man 534500x800000000000000036526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.610{ec2a2542-29ae-6254-0000-000000000000}8400-man 534500x800000000000000036527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.611{ec2a2542-29ae-6254-0000-000000000000}8402-man 534500x800000000000000036528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.612{ec2a2542-29ae-6254-0000-000000000000}8401-man 534500x800000000000000036529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.615{ec2a2542-29ae-6254-0000-000000000000}8403-man 534500x800000000000000036531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.618{ec2a2542-29ae-6254-0000-000000000000}8406-man 534500x800000000000000036530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.618{ec2a2542-29ae-6254-0000-000000000000}8404-man 534500x800000000000000036532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.619{ec2a2542-29ae-6254-0000-000000000000}8405-man 534500x800000000000000036533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.622{00000000-0000-0000-0000-000000000000}8407<unknown process>man 534500x800000000000000036535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.625{ec2a2542-29ae-6254-0000-000000000000}8410-man 534500x800000000000000036534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.625{ec2a2542-29ae-6254-0000-000000000000}8408-man 534500x800000000000000036536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.626{ec2a2542-29ae-6254-0000-000000000000}8409-man 534500x800000000000000036537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.629{00000000-0000-0000-0000-000000000000}8411<unknown process>man 534500x800000000000000036538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.632{ec2a2542-29ae-6254-0000-000000000000}8412-man 534500x800000000000000036539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.633{ec2a2542-29ae-6254-0000-000000000000}8414-man 534500x800000000000000036540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.634{ec2a2542-29ae-6254-0000-000000000000}8413-man 534500x800000000000000036541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.637{00000000-0000-0000-0000-000000000000}8415<unknown process>man 534500x800000000000000036543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.640{ec2a2542-29ae-6254-0000-000000000000}8418-man 534500x800000000000000036542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.640{ec2a2542-29ae-6254-0000-000000000000}8416-man 534500x800000000000000036544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.641{ec2a2542-29ae-6254-0000-000000000000}8417-man 534500x800000000000000036545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.644{00000000-0000-0000-0000-000000000000}8419<unknown process>man 534500x800000000000000036546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.646{ec2a2542-29ae-6254-0000-000000000000}8420-man 534500x800000000000000036547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.647{ec2a2542-29ae-6254-0000-000000000000}8422-man 534500x800000000000000036548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.648{ec2a2542-29ae-6254-0000-000000000000}8421-man 534500x800000000000000036549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.651{00000000-0000-0000-0000-000000000000}8423<unknown process>man 534500x800000000000000036551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.654{ec2a2542-29ae-6254-0000-000000000000}8426-man 534500x800000000000000036550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.654{ec2a2542-29ae-6254-0000-000000000000}8424-man 534500x800000000000000036552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.655{ec2a2542-29ae-6254-0000-000000000000}8425-man 534500x800000000000000036553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.658{00000000-0000-0000-0000-000000000000}8427<unknown process>man 534500x800000000000000036554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.661{ec2a2542-29ae-6254-0000-000000000000}8428-man 534500x800000000000000036556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.662{ec2a2542-29ae-6254-0000-000000000000}8429-man 534500x800000000000000036555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.662{ec2a2542-29ae-6254-0000-000000000000}8430-man 534500x800000000000000036557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.666{ec2a2542-29ae-6254-0000-000000000000}8431-man 534500x800000000000000036558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.671{ec2a2542-29ae-6254-0000-000000000000}8432-man 534500x800000000000000036560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.672{ec2a2542-29ae-6254-0000-000000000000}8433-man 534500x800000000000000036559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.672{ec2a2542-29ae-6254-0000-000000000000}8434-man 534500x800000000000000036561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.675{ec2a2542-29ae-6254-0000-000000000000}8435-man 534500x800000000000000036562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.678{ec2a2542-29ae-6254-0000-000000000000}8436-man 534500x800000000000000036563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.679{ec2a2542-29ae-6254-0000-000000000000}8438-man 534500x800000000000000036564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.680{ec2a2542-29ae-6254-0000-000000000000}8437-man 534500x800000000000000036565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.683{ec2a2542-29ae-6254-0000-000000000000}8439-man 534500x800000000000000036567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.686{ec2a2542-29ae-6254-0000-000000000000}8442-man 534500x800000000000000036566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.686{ec2a2542-29ae-6254-0000-000000000000}8440-man 534500x800000000000000036568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.687{ec2a2542-29ae-6254-0000-000000000000}8441-man 534500x800000000000000036569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.690{ec2a2542-29ae-6254-0000-000000000000}8443-man 534500x800000000000000036570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.693{ec2a2542-29ae-6254-0000-000000000000}8444-man 534500x800000000000000036572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.694{ec2a2542-29ae-6254-0000-000000000000}8445-man 534500x800000000000000036571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.694{ec2a2542-29ae-6254-0000-000000000000}8446-man 534500x800000000000000036573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.697{ec2a2542-29ae-6254-0000-000000000000}8447-man 534500x800000000000000036574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.700{ec2a2542-29ae-6254-0000-000000000000}8448-man 534500x800000000000000036575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.701{ec2a2542-29ae-6254-0000-000000000000}8450-man 534500x800000000000000036576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.702{ec2a2542-29ae-6254-0000-000000000000}8449-man 534500x800000000000000036577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.706{00000000-0000-0000-0000-000000000000}8451<unknown process>man 534500x800000000000000036579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.709{ec2a2542-29ae-6254-0000-000000000000}8454-man 534500x800000000000000036578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.709{ec2a2542-29ae-6254-0000-000000000000}8452-man 534500x800000000000000036580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.710{ec2a2542-29ae-6254-0000-000000000000}8453-man 534500x800000000000000036581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.713{00000000-0000-0000-0000-000000000000}8455<unknown process>man 534500x800000000000000036582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.716{ec2a2542-29ae-6254-0000-000000000000}8456-man 534500x800000000000000036584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.717{ec2a2542-29ae-6254-0000-000000000000}8457-man 534500x800000000000000036583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.717{ec2a2542-29ae-6254-0000-000000000000}8458-man 534500x800000000000000036585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.720{00000000-0000-0000-0000-000000000000}8459<unknown process>man 534500x800000000000000036586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.723{ec2a2542-29ae-6254-0000-000000000000}8460-man 534500x800000000000000036588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.724{ec2a2542-29ae-6254-0000-000000000000}8461-man 534500x800000000000000036587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.724{ec2a2542-29ae-6254-0000-000000000000}8462-man 534500x800000000000000036589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.728{00000000-0000-0000-0000-000000000000}8463<unknown process>man 534500x800000000000000036590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.730{ec2a2542-29ae-6254-0000-000000000000}8464-man 534500x800000000000000036591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.731{ec2a2542-29ae-6254-0000-000000000000}8466-man 534500x800000000000000036592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.732{ec2a2542-29ae-6254-0000-000000000000}8465-man 534500x800000000000000036593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.736{ec2a2542-29ae-6254-0000-000000000000}8467-man 534500x800000000000000036594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.739{ec2a2542-29ae-6254-0000-000000000000}8468-man 534500x800000000000000036595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.740{ec2a2542-29ae-6254-0000-000000000000}8470-man 534500x800000000000000036596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.741{00000000-0000-0000-0000-000000000000}8469<unknown process>man 534500x800000000000000036597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.745{ec2a2542-29ae-6254-0000-000000000000}8471-man 534500x800000000000000036599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.748{ec2a2542-29ae-6254-0000-000000000000}8474-man 534500x800000000000000036598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.748{ec2a2542-29ae-6254-0000-000000000000}8472-man 534500x800000000000000036600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.749{00000000-0000-0000-0000-000000000000}8473<unknown process>man 534500x800000000000000036601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.752{ec2a2542-29ae-6254-0000-000000000000}8475-man 534500x800000000000000036602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.755{ec2a2542-29ae-6254-0000-000000000000}8476-man 534500x800000000000000036604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.756{ec2a2542-29ae-6254-0000-000000000000}8477-man 534500x800000000000000036603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.756{ec2a2542-29ae-6254-0000-000000000000}8478-man 534500x800000000000000036605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.759{00000000-0000-0000-0000-000000000000}8479<unknown process>man 534500x800000000000000036607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.763{ec2a2542-29ae-6254-0000-000000000000}8482-man 534500x800000000000000036606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.763{ec2a2542-29ae-6254-0000-000000000000}8480-man 534500x800000000000000036608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.764{ec2a2542-29ae-6254-0000-000000000000}8481-man 534500x800000000000000036609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.767{ec2a2542-29ae-6254-0000-000000000000}8483-man 534500x800000000000000036610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.770{ec2a2542-29ae-6254-0000-000000000000}8484-man 534500x800000000000000036612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.771{ec2a2542-29ae-6254-0000-000000000000}8485-man 534500x800000000000000036611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.771{ec2a2542-29ae-6254-0000-000000000000}8486-man 534500x800000000000000036613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.774{ec2a2542-29ae-6254-0000-000000000000}8487-man 534500x800000000000000036614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.777{00000000-0000-0000-0000-000000000000}8488<unknown process>man 534500x800000000000000036616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.778{ec2a2542-29ae-6254-0000-000000000000}8489-man 534500x800000000000000036615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.778{ec2a2542-29ae-6254-0000-000000000000}8490-man 534500x800000000000000036617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.781{00000000-0000-0000-0000-000000000000}8491<unknown process>man 534500x800000000000000036618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.784{ec2a2542-29ae-6254-0000-000000000000}8492-man 534500x800000000000000036620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.785{ec2a2542-29ae-6254-0000-000000000000}8493-man 534500x800000000000000036619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.785{ec2a2542-29ae-6254-0000-000000000000}8494-man 534500x800000000000000036621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.789{ec2a2542-29ae-6254-0000-000000000000}8495-man 534500x800000000000000036623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.792{ec2a2542-29ae-6254-0000-000000000000}8498-man 534500x800000000000000036622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.792{ec2a2542-29ae-6254-0000-000000000000}8496-man 534500x800000000000000036624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.793{ec2a2542-29ae-6254-0000-000000000000}8497-man 534500x800000000000000036625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.796{ec2a2542-29ae-6254-0000-000000000000}8499-man 534500x800000000000000036626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.799{ec2a2542-29ae-6254-0000-000000000000}8500-man 534500x800000000000000036628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.800{ec2a2542-29ae-6254-0000-000000000000}8501-man 534500x800000000000000036627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.800{ec2a2542-29ae-6254-0000-000000000000}8502-man 534500x800000000000000036629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.803{ec2a2542-29ae-6254-0000-000000000000}8503-man 534500x800000000000000036630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.806{ec2a2542-29ae-6254-0000-000000000000}8504-man 534500x800000000000000036632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.807{ec2a2542-29ae-6254-0000-000000000000}8505-man 534500x800000000000000036631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.807{ec2a2542-29ae-6254-0000-000000000000}8506-man 534500x800000000000000036633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.810{ec2a2542-29ae-6254-0000-000000000000}8507-man 534500x800000000000000036634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.813{ec2a2542-29ae-6254-0000-000000000000}8508-man 534500x800000000000000036636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.814{ec2a2542-29ae-6254-0000-000000000000}8509-man 534500x800000000000000036635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.814{ec2a2542-29ae-6254-0000-000000000000}8510-man 534500x800000000000000036637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.817{ec2a2542-29ae-6254-0000-000000000000}8511-man 534500x800000000000000036638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.820{ec2a2542-29ae-6254-0000-000000000000}8512-man 534500x800000000000000036640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.821{ec2a2542-29ae-6254-0000-000000000000}8513-man 534500x800000000000000036639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.821{ec2a2542-29ae-6254-0000-000000000000}8514-man 534500x800000000000000036641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.824{ec2a2542-29ae-6254-0000-000000000000}8515-man 534500x800000000000000036642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.827{ec2a2542-29ae-6254-0000-000000000000}8516-man 534500x800000000000000036643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.828{ec2a2542-29ae-6254-0000-000000000000}8518-man 534500x800000000000000036644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.829{ec2a2542-29ae-6254-0000-000000000000}8517-man 534500x800000000000000036645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.831{ec2a2542-29ae-6254-0000-000000000000}8519-man 534500x800000000000000036646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.834{ec2a2542-29ae-6254-0000-000000000000}8520-man 534500x800000000000000036647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.835{ec2a2542-29ae-6254-0000-000000000000}8522-man 534500x800000000000000036648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.836{ec2a2542-29ae-6254-0000-000000000000}8521-man 534500x800000000000000036649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.839{ec2a2542-29ae-6254-0000-000000000000}8523-man 534500x800000000000000036650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.842{ec2a2542-29ae-6254-0000-000000000000}8524-man 534500x800000000000000036652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.843{ec2a2542-29ae-6254-0000-000000000000}8525-man 534500x800000000000000036651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.843{ec2a2542-29ae-6254-0000-000000000000}8526-man 534500x800000000000000036653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.846{ec2a2542-29ae-6254-0000-000000000000}8527-man 534500x800000000000000036654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.849{ec2a2542-29ae-6254-0000-000000000000}8528-man 534500x800000000000000036656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.850{ec2a2542-29ae-6254-0000-000000000000}8529-man 534500x800000000000000036655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.850{ec2a2542-29ae-6254-0000-000000000000}8530-man 534500x800000000000000036657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.853{ec2a2542-29ae-6254-0000-000000000000}8531-man 534500x800000000000000036658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.856{ec2a2542-29ae-6254-0000-000000000000}8532-man 534500x800000000000000036660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.857{ec2a2542-29ae-6254-0000-000000000000}8533-man 534500x800000000000000036659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.857{ec2a2542-29ae-6254-0000-000000000000}8534-man 534500x800000000000000036661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.860{ec2a2542-29ae-6254-0000-000000000000}8535-man 534500x800000000000000036662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.863{ec2a2542-29ae-6254-0000-000000000000}8536-man 534500x800000000000000036663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.864{ec2a2542-29ae-6254-0000-000000000000}8538-man 534500x800000000000000036664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.865{00000000-0000-0000-0000-000000000000}8537<unknown process>man 534500x800000000000000036665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.868{00000000-0000-0000-0000-000000000000}8539<unknown process>man 534500x800000000000000036666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.871{ec2a2542-29ae-6254-0000-000000000000}8540-man 534500x800000000000000036668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.872{ec2a2542-29ae-6254-0000-000000000000}8541-man 534500x800000000000000036667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.872{ec2a2542-29ae-6254-0000-000000000000}8542-man 534500x800000000000000036669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.913{00000000-0000-0000-0000-000000000000}8543<unknown process>man 534500x800000000000000036671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.917{ec2a2542-29ae-6254-0000-000000000000}8546-man 534500x800000000000000036670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.917{ec2a2542-29ae-6254-0000-000000000000}8544-man 534500x800000000000000036672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.918{ec2a2542-29ae-6254-0000-000000000000}8545-man 534500x800000000000000036673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.922{ec2a2542-29ae-6254-0000-000000000000}8547-man 534500x800000000000000036674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.925{ec2a2542-29ae-6254-0000-000000000000}8548-man 534500x800000000000000036676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.926{00000000-0000-0000-0000-000000000000}8549<unknown process>man 534500x800000000000000036675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.926{ec2a2542-29ae-6254-0000-000000000000}8550-man 534500x800000000000000036677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.930{ec2a2542-29ae-6254-0000-000000000000}8551-man 534500x800000000000000036678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.933{ec2a2542-29ae-6254-0000-000000000000}8552-man 534500x800000000000000036680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.934{ec2a2542-29ae-6254-0000-000000000000}8553-man 534500x800000000000000036679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.934{ec2a2542-29ae-6254-0000-000000000000}8554-man 534500x800000000000000036681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.938{ec2a2542-29ae-6254-0000-000000000000}8555-man 534500x800000000000000036683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.941{ec2a2542-29ae-6254-0000-000000000000}8558-man 534500x800000000000000036682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.941{ec2a2542-29ae-6254-0000-000000000000}8556-man 534500x800000000000000036684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.942{ec2a2542-29ae-6254-0000-000000000000}8557-man 534500x800000000000000036685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.945{ec2a2542-29ae-6254-0000-000000000000}8559-man 534500x800000000000000036686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.948{ec2a2542-29ae-6254-0000-000000000000}8560-man 534500x800000000000000036688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.949{ec2a2542-29ae-6254-0000-000000000000}8561-man 534500x800000000000000036687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.949{ec2a2542-29ae-6254-0000-000000000000}8562-man 534500x800000000000000036689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.952{ec2a2542-29ae-6254-0000-000000000000}8563-man 534500x800000000000000036690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.955{ec2a2542-29ae-6254-0000-000000000000}8564-man 534500x800000000000000036692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.956{ec2a2542-29ae-6254-0000-000000000000}8565-man 534500x800000000000000036691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.956{ec2a2542-29ae-6254-0000-000000000000}8566-man 534500x800000000000000036693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.959{ec2a2542-29ae-6254-0000-000000000000}8567-man 534500x800000000000000036694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.962{ec2a2542-29ae-6254-0000-000000000000}8568-man 534500x800000000000000036695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.963{ec2a2542-29ae-6254-0000-000000000000}8570-man 534500x800000000000000036696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.964{ec2a2542-29ae-6254-0000-000000000000}8569-man 534500x800000000000000036697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.967{00000000-0000-0000-0000-000000000000}8571<unknown process>man 534500x800000000000000036698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.970{ec2a2542-29ae-6254-0000-000000000000}8572-man 534500x800000000000000036700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.971{00000000-0000-0000-0000-000000000000}8573<unknown process>man 534500x800000000000000036699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.971{ec2a2542-29ae-6254-0000-000000000000}8574-man 534500x800000000000000036701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.975{ec2a2542-29ae-6254-0000-000000000000}8575-man 534500x800000000000000036702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.979{ec2a2542-29ae-6254-0000-000000000000}8576-man 534500x800000000000000036704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.980{00000000-0000-0000-0000-000000000000}8577<unknown process>man 534500x800000000000000036703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.980{ec2a2542-29ae-6254-0000-000000000000}8578-man 534500x800000000000000036705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.983{ec2a2542-29ae-6254-0000-000000000000}8579-man 534500x800000000000000036706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.987{ec2a2542-29ae-6254-0000-000000000000}8580-man 534500x800000000000000036708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.988{ec2a2542-29ae-6254-0000-000000000000}8581-man 534500x800000000000000036707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.988{ec2a2542-29ae-6254-0000-000000000000}8582-man 534500x800000000000000036709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.992{00000000-0000-0000-0000-000000000000}8583<unknown process>man 534500x800000000000000036710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.995{ec2a2542-29ae-6254-0000-000000000000}8584-man 534500x800000000000000036712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.996{ec2a2542-29ae-6254-0000-000000000000}8585-man 534500x800000000000000036711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.996{ec2a2542-29ae-6254-0000-000000000000}8586-man 534500x800000000000000036713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:22.999{ec2a2542-29ae-6254-0000-000000000000}8587-man 534500x800000000000000036715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.003{ec2a2542-29ae-6254-0000-000000000000}8590-man 534500x800000000000000036714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.003{ec2a2542-29ae-6254-0000-000000000000}8588-man 534500x800000000000000036716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.004{ec2a2542-29ae-6254-0000-000000000000}8589-man 534500x800000000000000036717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.007{00000000-0000-0000-0000-000000000000}8591<unknown process>man 534500x800000000000000036718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.010{ec2a2542-29ae-6254-0000-000000000000}8592-man 534500x800000000000000036719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.011{ec2a2542-29af-6254-0000-000000000000}8594-man 534500x800000000000000036720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.012{ec2a2542-29af-6254-0000-000000000000}8593-man 534500x800000000000000036721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.015{00000000-0000-0000-0000-000000000000}8595<unknown process>man 534500x800000000000000036723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.018{ec2a2542-29af-6254-0000-000000000000}8598-man 534500x800000000000000036722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.018{ec2a2542-29af-6254-0000-000000000000}8596-man 534500x800000000000000036724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.019{ec2a2542-29af-6254-0000-000000000000}8597-man 534500x800000000000000036725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.022{00000000-0000-0000-0000-000000000000}8599<unknown process>man 534500x800000000000000036726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.025{ec2a2542-29af-6254-0000-000000000000}8600-man 534500x800000000000000036728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.026{ec2a2542-29af-6254-0000-000000000000}8601-man 534500x800000000000000036727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.026{ec2a2542-29af-6254-0000-000000000000}8602-man 534500x800000000000000036729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.029{ec2a2542-29af-6254-0000-000000000000}8603-man 534500x800000000000000036731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.033{ec2a2542-29af-6254-0000-000000000000}8606-man 534500x800000000000000036730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.033{ec2a2542-29af-6254-0000-000000000000}8604-man 534500x800000000000000036732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.034{ec2a2542-29af-6254-0000-000000000000}8605-man 534500x800000000000000036733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.037{00000000-0000-0000-0000-000000000000}8607<unknown process>man 534500x800000000000000036734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.039{ec2a2542-29af-6254-0000-000000000000}8608-man 534500x800000000000000036735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.040{ec2a2542-29af-6254-0000-000000000000}8610-man 534500x800000000000000036736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.041{ec2a2542-29af-6254-0000-000000000000}8609-man 534500x800000000000000036737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.044{00000000-0000-0000-0000-000000000000}8611<unknown process>man 534500x800000000000000036738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.047{ec2a2542-29af-6254-0000-000000000000}8612-man 534500x800000000000000036740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.048{ec2a2542-29af-6254-0000-000000000000}8613-man 534500x800000000000000036739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.048{ec2a2542-29af-6254-0000-000000000000}8614-man 534500x800000000000000036741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.052{ec2a2542-29af-6254-0000-000000000000}8615-man 534500x800000000000000036742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.054{ec2a2542-29af-6254-0000-000000000000}8616-man 534500x800000000000000036743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.055{ec2a2542-29af-6254-0000-000000000000}8618-man 534500x800000000000000036744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.056{ec2a2542-29af-6254-0000-000000000000}8617-man 534500x800000000000000036745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.059{ec2a2542-29af-6254-0000-000000000000}8619-man 534500x800000000000000036746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.062{ec2a2542-29af-6254-0000-000000000000}8620-man 534500x800000000000000036748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.063{ec2a2542-29af-6254-0000-000000000000}8621-man 534500x800000000000000036747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.063{ec2a2542-29af-6254-0000-000000000000}8622-man 534500x800000000000000036749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.067{00000000-0000-0000-0000-000000000000}8623<unknown process>man 534500x800000000000000036750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.069{00000000-0000-0000-0000-000000000000}8624<unknown process>man 534500x800000000000000036751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.070{ec2a2542-29af-6254-0000-000000000000}8626-man 534500x800000000000000036752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.071{ec2a2542-29af-6254-0000-000000000000}8625-man 534500x800000000000000036753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.074{00000000-0000-0000-0000-000000000000}8627<unknown process>man 534500x800000000000000036754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.077{ec2a2542-29af-6254-0000-000000000000}8628-man 534500x800000000000000036756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.078{ec2a2542-29af-6254-0000-000000000000}8629-man 534500x800000000000000036755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.078{ec2a2542-29af-6254-0000-000000000000}8630-man 534500x800000000000000036757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.081{00000000-0000-0000-0000-000000000000}8631<unknown process>man 534500x800000000000000036759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.085{ec2a2542-29af-6254-0000-000000000000}8634-man 534500x800000000000000036758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.085{ec2a2542-29af-6254-0000-000000000000}8632-man 534500x800000000000000036760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.087{ec2a2542-29af-6254-0000-000000000000}8633-man 534500x800000000000000036761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.090{00000000-0000-0000-0000-000000000000}8635<unknown process>man 534500x800000000000000036763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.093{ec2a2542-29af-6254-0000-000000000000}8638-man 534500x800000000000000036762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.093{ec2a2542-29af-6254-0000-000000000000}8636-man 534500x800000000000000036764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.094{ec2a2542-29af-6254-0000-000000000000}8637-man 534500x800000000000000036765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.097{00000000-0000-0000-0000-000000000000}8639<unknown process>man 534500x800000000000000036766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.100{ec2a2542-29af-6254-0000-000000000000}8640-man 534500x800000000000000036768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.101{00000000-0000-0000-0000-000000000000}8641<unknown process>man 534500x800000000000000036767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.101{ec2a2542-29af-6254-0000-000000000000}8642-man 534500x800000000000000036769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.105{00000000-0000-0000-0000-000000000000}8643<unknown process>man 534500x800000000000000036770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.107{ec2a2542-29af-6254-0000-000000000000}8644-man 534500x800000000000000036771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.108{ec2a2542-29af-6254-0000-000000000000}8646-man 534500x800000000000000036772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.109{ec2a2542-29af-6254-0000-000000000000}8645-man 534500x800000000000000036773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.112{00000000-0000-0000-0000-000000000000}8647<unknown process>man 534500x800000000000000036774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.115{ec2a2542-29af-6254-0000-000000000000}8648-man 534500x800000000000000036775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.116{ec2a2542-29af-6254-0000-000000000000}8650-man 534500x800000000000000036776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.117{ec2a2542-29af-6254-0000-000000000000}8649-man 534500x800000000000000036777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.120{ec2a2542-29af-6254-0000-000000000000}8651-man 534500x800000000000000036778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.123{ec2a2542-29af-6254-0000-000000000000}8652-man 534500x800000000000000036780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.124{ec2a2542-29af-6254-0000-000000000000}8653-man 534500x800000000000000036779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.124{ec2a2542-29af-6254-0000-000000000000}8654-man 534500x800000000000000036781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.127{ec2a2542-29af-6254-0000-000000000000}8655-man 534500x800000000000000036783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.130{ec2a2542-29af-6254-0000-000000000000}8658-man 534500x800000000000000036782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.130{ec2a2542-29af-6254-0000-000000000000}8656-man 534500x800000000000000036784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.131{ec2a2542-29af-6254-0000-000000000000}8657-man 534500x800000000000000036785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.134{00000000-0000-0000-0000-000000000000}8659<unknown process>man 534500x800000000000000036786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.136{ec2a2542-29af-6254-0000-000000000000}8660-man 534500x800000000000000036787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.137{ec2a2542-29af-6254-0000-000000000000}8662-man 534500x800000000000000036788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.138{ec2a2542-29af-6254-0000-000000000000}8661-man 534500x800000000000000036789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.141{00000000-0000-0000-0000-000000000000}8663<unknown process>man 534500x800000000000000036790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.143{ec2a2542-29af-6254-0000-000000000000}8664-man 534500x800000000000000036791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.144{ec2a2542-29af-6254-0000-000000000000}8666-man 534500x800000000000000036792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.145{ec2a2542-29af-6254-0000-000000000000}8665-man 534500x800000000000000036793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.148{00000000-0000-0000-0000-000000000000}8667<unknown process>man 534500x800000000000000036794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.150{ec2a2542-29af-6254-0000-000000000000}8668-man 534500x800000000000000036796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.151{ec2a2542-29af-6254-0000-000000000000}8669-man 534500x800000000000000036795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.151{ec2a2542-29af-6254-0000-000000000000}8670-man 534500x800000000000000036797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.155{00000000-0000-0000-0000-000000000000}8671<unknown process>man 534500x800000000000000036798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.157{ec2a2542-29af-6254-0000-000000000000}8672-man 534500x800000000000000036799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.158{ec2a2542-29af-6254-0000-000000000000}8674-man 534500x800000000000000036800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.159{ec2a2542-29af-6254-0000-000000000000}8673-man 534500x800000000000000036801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.162{ec2a2542-29af-6254-0000-000000000000}8675-man 534500x800000000000000036803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.165{ec2a2542-29af-6254-0000-000000000000}8678-man 534500x800000000000000036802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.165{ec2a2542-29af-6254-0000-000000000000}8676-man 534500x800000000000000036804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.166{ec2a2542-29af-6254-0000-000000000000}8677-man 534500x800000000000000036805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.169{ec2a2542-29af-6254-0000-000000000000}8679-man 534500x800000000000000036806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.172{ec2a2542-29af-6254-0000-000000000000}8680-man 534500x800000000000000036808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.173{ec2a2542-29af-6254-0000-000000000000}8681-man 534500x800000000000000036807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.173{ec2a2542-29af-6254-0000-000000000000}8682-man 534500x800000000000000036809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.177{00000000-0000-0000-0000-000000000000}8683<unknown process>man 534500x800000000000000036811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.180{ec2a2542-29af-6254-0000-000000000000}8686-man 534500x800000000000000036810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.180{00000000-0000-0000-0000-000000000000}8684<unknown process>man 534500x800000000000000036812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.181{ec2a2542-29af-6254-0000-000000000000}8685-man 534500x800000000000000036813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.184{ec2a2542-29af-6254-0000-000000000000}8687-man 534500x800000000000000036814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.187{ec2a2542-29af-6254-0000-000000000000}8688-man 534500x800000000000000036816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.188{ec2a2542-29af-6254-0000-000000000000}8689-man 534500x800000000000000036815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.188{ec2a2542-29af-6254-0000-000000000000}8690-man 534500x800000000000000036817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.191{00000000-0000-0000-0000-000000000000}8691<unknown process>man 534500x800000000000000036818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.194{ec2a2542-29af-6254-0000-000000000000}8692-man 534500x800000000000000036819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.195{ec2a2542-29af-6254-0000-000000000000}8694-man 534500x800000000000000036820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.196{ec2a2542-29af-6254-0000-000000000000}8693-man 534500x800000000000000036821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.199{ec2a2542-29af-6254-0000-000000000000}8695-man 534500x800000000000000036822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.202{ec2a2542-29af-6254-0000-000000000000}8696-man 534500x800000000000000036824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.203{ec2a2542-29af-6254-0000-000000000000}8697-man 534500x800000000000000036823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.203{ec2a2542-29af-6254-0000-000000000000}8698-man 534500x800000000000000036825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.206{ec2a2542-29af-6254-0000-000000000000}8699-man 534500x800000000000000036826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.209{ec2a2542-29af-6254-0000-000000000000}8700-man 534500x800000000000000036827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.210{ec2a2542-29af-6254-0000-000000000000}8702-man 534500x800000000000000036828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.211{ec2a2542-29af-6254-0000-000000000000}8701-man 534500x800000000000000036829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.214{00000000-0000-0000-0000-000000000000}8703<unknown process>man 534500x800000000000000036831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.217{ec2a2542-29af-6254-0000-000000000000}8706-man 534500x800000000000000036830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.217{ec2a2542-29af-6254-0000-000000000000}8704-man 534500x800000000000000036832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.218{ec2a2542-29af-6254-0000-000000000000}8705-man 534500x800000000000000036833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.221{ec2a2542-29af-6254-0000-000000000000}8707-man 534500x800000000000000036835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.224{ec2a2542-29af-6254-0000-000000000000}8710-man 534500x800000000000000036834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.224{ec2a2542-29af-6254-0000-000000000000}8708-man 534500x800000000000000036836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.225{ec2a2542-29af-6254-0000-000000000000}8709-man 534500x800000000000000036837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.227{ec2a2542-29af-6254-0000-000000000000}8711-man 534500x800000000000000036839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.231{ec2a2542-29af-6254-0000-000000000000}8714-man 534500x800000000000000036838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.231{ec2a2542-29af-6254-0000-000000000000}8712-man 534500x800000000000000036840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.232{ec2a2542-29af-6254-0000-000000000000}8713-man 534500x800000000000000036841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.235{00000000-0000-0000-0000-000000000000}8715<unknown process>man 534500x800000000000000036842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.238{00000000-0000-0000-0000-000000000000}8716<unknown process>man 534500x800000000000000036844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.240{00000000-0000-0000-0000-000000000000}8718<unknown process>man 534500x800000000000000036843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.241{00000000-0000-0000-0000-000000000000}8717<unknown process>man 534500x800000000000000036845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.244{00000000-0000-0000-0000-000000000000}8719<unknown process>man 534500x800000000000000036846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.247{00000000-0000-0000-0000-000000000000}8720<unknown process>man 534500x800000000000000036847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.248{ec2a2542-29af-6254-0000-000000000000}8722-man 534500x800000000000000036848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.249{ec2a2542-29af-6254-0000-000000000000}8721-man 534500x800000000000000036849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.253{00000000-0000-0000-0000-000000000000}8723<unknown process>man 534500x800000000000000036851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.256{ec2a2542-29af-6254-0000-000000000000}8726-man 534500x800000000000000036850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.256{ec2a2542-29af-6254-0000-000000000000}8724-man 534500x800000000000000036852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.257{ec2a2542-29af-6254-0000-000000000000}8725-man 534500x800000000000000036853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.260{00000000-0000-0000-0000-000000000000}8727<unknown process>man 534500x800000000000000036854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.263{ec2a2542-29af-6254-0000-000000000000}8728-man 534500x800000000000000036856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.264{ec2a2542-29af-6254-0000-000000000000}8729-man 534500x800000000000000036855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.264{ec2a2542-29af-6254-0000-000000000000}8730-man 534500x800000000000000036857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.267{00000000-0000-0000-0000-000000000000}8731<unknown process>man 534500x800000000000000036858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.270{00000000-0000-0000-0000-000000000000}8732<unknown process>man 534500x800000000000000036860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.271{ec2a2542-29af-6254-0000-000000000000}8733-man 534500x800000000000000036859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.271{ec2a2542-29af-6254-0000-000000000000}8734-man 534500x800000000000000036861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.274{00000000-0000-0000-0000-000000000000}8735<unknown process>man 534500x800000000000000036862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.277{ec2a2542-29af-6254-0000-000000000000}8736-man 534500x800000000000000036863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.278{ec2a2542-29af-6254-0000-000000000000}8738-man 534500x800000000000000036864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.279{ec2a2542-29af-6254-0000-000000000000}8737-man 534500x800000000000000036865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.282{00000000-0000-0000-0000-000000000000}8739<unknown process>man 534500x800000000000000036866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.285{ec2a2542-29af-6254-0000-000000000000}8740-man 534500x800000000000000036868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.286{ec2a2542-29af-6254-0000-000000000000}8741-man 534500x800000000000000036867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.286{ec2a2542-29af-6254-0000-000000000000}8742-man 534500x800000000000000036869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.289{00000000-0000-0000-0000-000000000000}8743<unknown process>man 534500x800000000000000036870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.292{ec2a2542-29af-6254-0000-000000000000}8744-man 534500x800000000000000036871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.293{ec2a2542-29af-6254-0000-000000000000}8746-man 534500x800000000000000036872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.294{ec2a2542-29af-6254-0000-000000000000}8745-man 534500x800000000000000036873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.297{ec2a2542-29af-6254-0000-000000000000}8747-man 534500x800000000000000036875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.300{ec2a2542-29af-6254-0000-000000000000}8750-man 534500x800000000000000036874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.300{ec2a2542-29af-6254-0000-000000000000}8748-man 534500x800000000000000036876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.301{ec2a2542-29af-6254-0000-000000000000}8749-man 534500x800000000000000036877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.304{ec2a2542-29af-6254-0000-000000000000}8751-man 534500x800000000000000036879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.307{ec2a2542-29af-6254-0000-000000000000}8754-man 534500x800000000000000036878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.307{ec2a2542-29af-6254-0000-000000000000}8752-man 534500x800000000000000036880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.308{ec2a2542-29af-6254-0000-000000000000}8753-man 534500x800000000000000036881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.311{ec2a2542-29af-6254-0000-000000000000}8755-man 534500x800000000000000036882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.314{ec2a2542-29af-6254-0000-000000000000}8756-man 534500x800000000000000036884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.315{ec2a2542-29af-6254-0000-000000000000}8757-man 534500x800000000000000036883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.315{ec2a2542-29af-6254-0000-000000000000}8758-man 534500x800000000000000036885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.318{ec2a2542-29af-6254-0000-000000000000}8759-man 534500x800000000000000036886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.321{ec2a2542-29af-6254-0000-000000000000}8760-man 534500x800000000000000036888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.322{ec2a2542-29af-6254-0000-000000000000}8761-man 534500x800000000000000036887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.322{ec2a2542-29af-6254-0000-000000000000}8762-man 534500x800000000000000036889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.326{ec2a2542-29af-6254-0000-000000000000}8763-man 534500x800000000000000036891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.329{ec2a2542-29af-6254-0000-000000000000}8766-man 534500x800000000000000036890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.329{ec2a2542-29af-6254-0000-000000000000}8764-man 534500x800000000000000036892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.330{ec2a2542-29af-6254-0000-000000000000}8765-man 534500x800000000000000036893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.333{ec2a2542-29af-6254-0000-000000000000}8767-man 354300x800000000000000036894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.334{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34478-false10.0.1.12-8089- 534500x800000000000000036895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.336{00000000-0000-0000-0000-000000000000}8768<unknown process>man 534500x800000000000000036897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.337{ec2a2542-29af-6254-0000-000000000000}8769-man 534500x800000000000000036896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.337{ec2a2542-29af-6254-0000-000000000000}8770-man 534500x800000000000000036898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.340{ec2a2542-29af-6254-0000-000000000000}8771-man 534500x800000000000000036899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.344{ec2a2542-29af-6254-0000-000000000000}8772-man 534500x800000000000000036901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.345{ec2a2542-29af-6254-0000-000000000000}8773-man 534500x800000000000000036900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.345{ec2a2542-29af-6254-0000-000000000000}8774-man 534500x800000000000000036902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.348{ec2a2542-29af-6254-0000-000000000000}8775-man 534500x800000000000000036904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.352{ec2a2542-29af-6254-0000-000000000000}8778-man 534500x800000000000000036903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.352{ec2a2542-29af-6254-0000-000000000000}8776-man 534500x800000000000000036905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.353{ec2a2542-29af-6254-0000-000000000000}8777-man 534500x800000000000000036906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.361{00000000-0000-0000-0000-000000000000}8779<unknown process>man 534500x800000000000000036907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.365{ec2a2542-29af-6254-0000-000000000000}8780-man 534500x800000000000000036908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.366{ec2a2542-29af-6254-0000-000000000000}8782-man 534500x800000000000000036909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.368{00000000-0000-0000-0000-000000000000}8781<unknown process>man 534500x800000000000000036910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.372{00000000-0000-0000-0000-000000000000}8783<unknown process>man 534500x800000000000000036911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.375{ec2a2542-29af-6254-0000-000000000000}8784-man 534500x800000000000000036912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.376{ec2a2542-29af-6254-0000-000000000000}8786-man 534500x800000000000000036913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.377{ec2a2542-29af-6254-0000-000000000000}8785-man 534500x800000000000000036914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.380{ec2a2542-29af-6254-0000-000000000000}8787-man 534500x800000000000000036915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.383{00000000-0000-0000-0000-000000000000}8788<unknown process>man 534500x800000000000000036916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.384{ec2a2542-29af-6254-0000-000000000000}8790-man 534500x800000000000000036917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.385{ec2a2542-29af-6254-0000-000000000000}8789-man 534500x800000000000000036918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.388{ec2a2542-29af-6254-0000-000000000000}8791-man 534500x800000000000000036919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.391{ec2a2542-29af-6254-0000-000000000000}8792-man 534500x800000000000000036921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.392{ec2a2542-29af-6254-0000-000000000000}8793-man 534500x800000000000000036920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.392{ec2a2542-29af-6254-0000-000000000000}8794-man 534500x800000000000000036922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.396{ec2a2542-29af-6254-0000-000000000000}8795-man 534500x800000000000000036924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.399{ec2a2542-29af-6254-0000-000000000000}8798-man 534500x800000000000000036923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.399{ec2a2542-29af-6254-0000-000000000000}8796-man 534500x800000000000000036925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.400{ec2a2542-29af-6254-0000-000000000000}8797-man 534500x800000000000000036926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.403{00000000-0000-0000-0000-000000000000}8799<unknown process>man 534500x800000000000000036927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.406{ec2a2542-29af-6254-0000-000000000000}8800-man 534500x800000000000000036928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.407{ec2a2542-29af-6254-0000-000000000000}8802-man 534500x800000000000000036929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.408{ec2a2542-29af-6254-0000-000000000000}8801-man 534500x800000000000000036930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.411{00000000-0000-0000-0000-000000000000}8803<unknown process>man 534500x800000000000000036931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.414{ec2a2542-29af-6254-0000-000000000000}8804-man 534500x800000000000000036932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.415{ec2a2542-29af-6254-0000-000000000000}8806-man 534500x800000000000000036933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.416{ec2a2542-29af-6254-0000-000000000000}8805-man 534500x800000000000000036934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.419{00000000-0000-0000-0000-000000000000}8807<unknown process>man 534500x800000000000000036936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.422{ec2a2542-29af-6254-0000-000000000000}8810-man 534500x800000000000000036935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.422{ec2a2542-29af-6254-0000-000000000000}8808-man 534500x800000000000000036937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.423{ec2a2542-29af-6254-0000-000000000000}8809-man 534500x800000000000000036938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.426{00000000-0000-0000-0000-000000000000}8811<unknown process>man 534500x800000000000000036939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.433{ec2a2542-29af-6254-0000-000000000000}8812-man 534500x800000000000000036940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.434{ec2a2542-29af-6254-0000-000000000000}8814-man 534500x800000000000000036941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.435{ec2a2542-29af-6254-0000-000000000000}8813-man 534500x800000000000000036942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.438{00000000-0000-0000-0000-000000000000}8815<unknown process>man 534500x800000000000000036943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.441{ec2a2542-29af-6254-0000-000000000000}8816-man 534500x800000000000000036944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.442{ec2a2542-29af-6254-0000-000000000000}8818-man 534500x800000000000000036945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.443{ec2a2542-29af-6254-0000-000000000000}8817-man 534500x800000000000000036946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.452{00000000-0000-0000-0000-000000000000}8819<unknown process>man 534500x800000000000000036947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.457{00000000-0000-0000-0000-000000000000}8820<unknown process>man 534500x800000000000000036949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.458{ec2a2542-29af-6254-0000-000000000000}8821-man 534500x800000000000000036948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.458{ec2a2542-29af-6254-0000-000000000000}8822-man 534500x800000000000000036950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.462{00000000-0000-0000-0000-000000000000}8823<unknown process>man 534500x800000000000000036951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.465{00000000-0000-0000-0000-000000000000}8824<unknown process>man 534500x800000000000000036952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.467{ec2a2542-29af-6254-0000-000000000000}8826-man 534500x800000000000000036953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.469{ec2a2542-29af-6254-0000-000000000000}8825-man 534500x800000000000000036954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.473{ec2a2542-29af-6254-0000-000000000000}8827-man 534500x800000000000000036955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.476{ec2a2542-29af-6254-0000-000000000000}8828-man 534500x800000000000000036957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.477{ec2a2542-29af-6254-0000-000000000000}8829-man 534500x800000000000000036956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.477{ec2a2542-29af-6254-0000-000000000000}8830-man 534500x800000000000000036958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.480{00000000-0000-0000-0000-000000000000}8831<unknown process>man 534500x800000000000000036959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.483{ec2a2542-29af-6254-0000-000000000000}8832-man 534500x800000000000000036960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.484{ec2a2542-29af-6254-0000-000000000000}8834-man 534500x800000000000000036961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.485{ec2a2542-29af-6254-0000-000000000000}8833-man 534500x800000000000000036962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.488{00000000-0000-0000-0000-000000000000}8835<unknown process>man 534500x800000000000000036963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.491{00000000-0000-0000-0000-000000000000}8836<unknown process>man 534500x800000000000000036964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.492{ec2a2542-29af-6254-0000-000000000000}8838-man 534500x800000000000000036965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.493{ec2a2542-29af-6254-0000-000000000000}8837-man 534500x800000000000000036966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.497{00000000-0000-0000-0000-000000000000}8839<unknown process>man 534500x800000000000000036967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.500{ec2a2542-29af-6254-0000-000000000000}8840-man 534500x800000000000000036968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.501{ec2a2542-29af-6254-0000-000000000000}8842-man 534500x800000000000000036969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.502{00000000-0000-0000-0000-000000000000}8841<unknown process>man 534500x800000000000000036970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.505{00000000-0000-0000-0000-000000000000}8843<unknown process>man 534500x800000000000000036971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.508{ec2a2542-29af-6254-0000-000000000000}8844-man 534500x800000000000000036972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.509{ec2a2542-29af-6254-0000-000000000000}8846-man 534500x800000000000000036973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.510{00000000-0000-0000-0000-000000000000}8845<unknown process>man 534500x800000000000000036974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.513{00000000-0000-0000-0000-000000000000}8847<unknown process>man 534500x800000000000000036976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.516{ec2a2542-29af-6254-0000-000000000000}8850-man 534500x800000000000000036975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.516{ec2a2542-29af-6254-0000-000000000000}8848-man 534500x800000000000000036977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.517{ec2a2542-29af-6254-0000-000000000000}8849-man 534500x800000000000000036978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.520{ec2a2542-29af-6254-0000-000000000000}8851-man 534500x800000000000000036979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.523{ec2a2542-29af-6254-0000-000000000000}8852-man 534500x800000000000000036980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.524{ec2a2542-29af-6254-0000-000000000000}8854-man 534500x800000000000000036981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.525{ec2a2542-29af-6254-0000-000000000000}8853-man 534500x800000000000000036982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.528{ec2a2542-29af-6254-0000-000000000000}8855-man 534500x800000000000000036983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.531{00000000-0000-0000-0000-000000000000}8856<unknown process>man 534500x800000000000000036985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.532{ec2a2542-29af-6254-0000-000000000000}8857-man 534500x800000000000000036984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.532{ec2a2542-29af-6254-0000-000000000000}8858-man 534500x800000000000000036986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.535{00000000-0000-0000-0000-000000000000}8859<unknown process>man 534500x800000000000000036987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.538{ec2a2542-29af-6254-0000-000000000000}8860-man 534500x800000000000000036988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.539{ec2a2542-29af-6254-0000-000000000000}8862-man 534500x800000000000000036989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.540{ec2a2542-29af-6254-0000-000000000000}8861-man 534500x800000000000000036990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.543{ec2a2542-29af-6254-0000-000000000000}8863-man 534500x800000000000000036992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.546{ec2a2542-29af-6254-0000-000000000000}8866-man 534500x800000000000000036991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.546{ec2a2542-29af-6254-0000-000000000000}8864-man 534500x800000000000000036993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.547{00000000-0000-0000-0000-000000000000}8865<unknown process>man 534500x800000000000000036994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.550{00000000-0000-0000-0000-000000000000}8867<unknown process>man 534500x800000000000000036995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.553{ec2a2542-29af-6254-0000-000000000000}8868-man 534500x800000000000000036997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.554{ec2a2542-29af-6254-0000-000000000000}8869-man 534500x800000000000000036996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.554{ec2a2542-29af-6254-0000-000000000000}8870-man 534500x800000000000000036998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.557{00000000-0000-0000-0000-000000000000}8871<unknown process>man 534500x800000000000000036999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.560{ec2a2542-29af-6254-0000-000000000000}8872-man 534500x800000000000000037000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.561{ec2a2542-29af-6254-0000-000000000000}8874-man 534500x800000000000000037001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.562{ec2a2542-29af-6254-0000-000000000000}8873-man 534500x800000000000000037002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.565{00000000-0000-0000-0000-000000000000}8875<unknown process>man 534500x800000000000000037003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.571{00000000-0000-0000-0000-000000000000}8876<unknown process>man 534500x800000000000000037004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.573{ec2a2542-29af-6254-0000-000000000000}8878-man 534500x800000000000000037005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.574{ec2a2542-29af-6254-0000-000000000000}8877-man 534500x800000000000000037006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.577{00000000-0000-0000-0000-000000000000}8879<unknown process>man 534500x800000000000000037008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.581{ec2a2542-29af-6254-0000-000000000000}8882-man 534500x800000000000000037007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.581{ec2a2542-29af-6254-0000-000000000000}8880-man 534500x800000000000000037009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.582{ec2a2542-29af-6254-0000-000000000000}8881-man 534500x800000000000000037010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.585{00000000-0000-0000-0000-000000000000}8883<unknown process>man 534500x800000000000000037011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.588{ec2a2542-29af-6254-0000-000000000000}8884-man 534500x800000000000000037013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.589{00000000-0000-0000-0000-000000000000}8885<unknown process>man 534500x800000000000000037012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.589{ec2a2542-29af-6254-0000-000000000000}8886-man 534500x800000000000000037014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.592{ec2a2542-29af-6254-0000-000000000000}8887-man 534500x800000000000000037015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.595{ec2a2542-29af-6254-0000-000000000000}8888-man 534500x800000000000000037016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.596{00000000-0000-0000-0000-000000000000}8890<unknown process>man 534500x800000000000000037017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.597{ec2a2542-29af-6254-0000-000000000000}8889-man 534500x800000000000000037018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.600{ec2a2542-29af-6254-0000-000000000000}8891-man 534500x800000000000000037019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.603{ec2a2542-29af-6254-0000-000000000000}8892-man 534500x800000000000000037021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.604{ec2a2542-29af-6254-0000-000000000000}8893-man 534500x800000000000000037020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.604{ec2a2542-29af-6254-0000-000000000000}8894-man 534500x800000000000000037022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.607{ec2a2542-29af-6254-0000-000000000000}8895-man 534500x800000000000000037023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.610{ec2a2542-29af-6254-0000-000000000000}8896-man 534500x800000000000000037024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.611{ec2a2542-29af-6254-0000-000000000000}8898-man 534500x800000000000000037025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.612{ec2a2542-29af-6254-0000-000000000000}8897-man 534500x800000000000000037026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.615{ec2a2542-29af-6254-0000-000000000000}8899-man 534500x800000000000000037028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.618{ec2a2542-29af-6254-0000-000000000000}8902-man 534500x800000000000000037027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.618{ec2a2542-29af-6254-0000-000000000000}8900-man 534500x800000000000000037029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.619{ec2a2542-29af-6254-0000-000000000000}8901-man 534500x800000000000000037030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.622{00000000-0000-0000-0000-000000000000}8903<unknown process>man 534500x800000000000000037031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.625{ec2a2542-29af-6254-0000-000000000000}8904-man 534500x800000000000000037033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.626{ec2a2542-29af-6254-0000-000000000000}8905-man 534500x800000000000000037032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.626{ec2a2542-29af-6254-0000-000000000000}8906-man 534500x800000000000000037034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.629{00000000-0000-0000-0000-000000000000}8907<unknown process>man 534500x800000000000000037035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.632{ec2a2542-29af-6254-0000-000000000000}8908-man 534500x800000000000000037037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.633{ec2a2542-29af-6254-0000-000000000000}8909-man 534500x800000000000000037036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.633{ec2a2542-29af-6254-0000-000000000000}8910-man 534500x800000000000000037038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.636{00000000-0000-0000-0000-000000000000}8911<unknown process>man 534500x800000000000000037039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.639{ec2a2542-29af-6254-0000-000000000000}8912-man 534500x800000000000000037040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.640{ec2a2542-29af-6254-0000-000000000000}8914-man 534500x800000000000000037041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.641{00000000-0000-0000-0000-000000000000}8913<unknown process>man 534500x800000000000000037042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.644{ec2a2542-29af-6254-0000-000000000000}8915-man 534500x800000000000000037044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.647{ec2a2542-29af-6254-0000-000000000000}8918-man 534500x800000000000000037043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.647{ec2a2542-29af-6254-0000-000000000000}8916-man 534500x800000000000000037045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.648{ec2a2542-29af-6254-0000-000000000000}8917-man 534500x800000000000000037046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.651{00000000-0000-0000-0000-000000000000}8919<unknown process>man 534500x800000000000000037047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.653{ec2a2542-29af-6254-0000-000000000000}8920-man 534500x800000000000000037048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.654{ec2a2542-29af-6254-0000-000000000000}8922-man 534500x800000000000000037049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.655{ec2a2542-29af-6254-0000-000000000000}8921-man 534500x800000000000000037050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.658{00000000-0000-0000-0000-000000000000}8923<unknown process>man 534500x800000000000000037052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.661{ec2a2542-29af-6254-0000-000000000000}8926-man 534500x800000000000000037051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.661{ec2a2542-29af-6254-0000-000000000000}8924-man 534500x800000000000000037053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.663{ec2a2542-29af-6254-0000-000000000000}8925-man 534500x800000000000000037054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.666{ec2a2542-29af-6254-0000-000000000000}8927-man 534500x800000000000000037055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.669{ec2a2542-29af-6254-0000-000000000000}8928-man 534500x800000000000000037057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.670{ec2a2542-29af-6254-0000-000000000000}8929-man 534500x800000000000000037056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.670{ec2a2542-29af-6254-0000-000000000000}8930-man 534500x800000000000000037058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.673{00000000-0000-0000-0000-000000000000}8931<unknown process>man 534500x800000000000000037059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.676{00000000-0000-0000-0000-000000000000}8932<unknown process>man 534500x800000000000000037060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.677{ec2a2542-29af-6254-0000-000000000000}8934-man 534500x800000000000000037061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.678{ec2a2542-29af-6254-0000-000000000000}8933-man 534500x800000000000000037062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.681{ec2a2542-29af-6254-0000-000000000000}8935-man 534500x800000000000000037063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.684{ec2a2542-29af-6254-0000-000000000000}8936-man 534500x800000000000000037065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.685{ec2a2542-29af-6254-0000-000000000000}8937-man 534500x800000000000000037064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.685{ec2a2542-29af-6254-0000-000000000000}8938-man 534500x800000000000000037066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.688{ec2a2542-29af-6254-0000-000000000000}8939-man 534500x800000000000000037067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.691{ec2a2542-29af-6254-0000-000000000000}8940-man 534500x800000000000000037069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.692{ec2a2542-29af-6254-0000-000000000000}8941-man 534500x800000000000000037068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.692{ec2a2542-29af-6254-0000-000000000000}8942-man 534500x800000000000000037070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.695{ec2a2542-29af-6254-0000-000000000000}8943-man 534500x800000000000000037071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.698{ec2a2542-29af-6254-0000-000000000000}8944-man 534500x800000000000000037072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.699{ec2a2542-29af-6254-0000-000000000000}8946-man 534500x800000000000000037073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.700{ec2a2542-29af-6254-0000-000000000000}8945-man 534500x800000000000000037074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.703{00000000-0000-0000-0000-000000000000}8947<unknown process>man 534500x800000000000000037075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.706{ec2a2542-29af-6254-0000-000000000000}8948-man 534500x800000000000000037077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.707{ec2a2542-29af-6254-0000-000000000000}8949-man 534500x800000000000000037076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.707{ec2a2542-29af-6254-0000-000000000000}8950-man 534500x800000000000000037078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.710{ec2a2542-29af-6254-0000-000000000000}8951-man 534500x800000000000000037079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.713{ec2a2542-29af-6254-0000-000000000000}8952-man 534500x800000000000000037081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.714{ec2a2542-29af-6254-0000-000000000000}8953-man 534500x800000000000000037080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.714{ec2a2542-29af-6254-0000-000000000000}8954-man 534500x800000000000000037082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.717{00000000-0000-0000-0000-000000000000}8955<unknown process>man 534500x800000000000000037083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.720{ec2a2542-29af-6254-0000-000000000000}8956-man 534500x800000000000000037085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.721{ec2a2542-29af-6254-0000-000000000000}8957-man 534500x800000000000000037084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.721{ec2a2542-29af-6254-0000-000000000000}8958-man 534500x800000000000000037086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.724{ec2a2542-29af-6254-0000-000000000000}8959-man 534500x800000000000000037087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.727{ec2a2542-29af-6254-0000-000000000000}8960-man 534500x800000000000000037088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.728{ec2a2542-29af-6254-0000-000000000000}8962-man 534500x800000000000000037089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.729{ec2a2542-29af-6254-0000-000000000000}8961-man 534500x800000000000000037090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.731{ec2a2542-29af-6254-0000-000000000000}8963-man 534500x800000000000000037091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.734{ec2a2542-29af-6254-0000-000000000000}8964-man 534500x800000000000000037093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.735{ec2a2542-29af-6254-0000-000000000000}8965-man 534500x800000000000000037092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.735{ec2a2542-29af-6254-0000-000000000000}8966-man 534500x800000000000000037094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.738{ec2a2542-29af-6254-0000-000000000000}8967-man 534500x800000000000000037095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.741{ec2a2542-29af-6254-0000-000000000000}8968-man 534500x800000000000000037096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.743{ec2a2542-29af-6254-0000-000000000000}8970-man 534500x800000000000000037097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.744{ec2a2542-29af-6254-0000-000000000000}8969-man 534500x800000000000000037098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.747{ec2a2542-29af-6254-0000-000000000000}8971-man 534500x800000000000000037099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.750{00000000-0000-0000-0000-000000000000}8972<unknown process>man 534500x800000000000000037101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.751{ec2a2542-29af-6254-0000-000000000000}8973-man 534500x800000000000000037100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.751{ec2a2542-29af-6254-0000-000000000000}8974-man 534500x800000000000000037102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.755{00000000-0000-0000-0000-000000000000}8975<unknown process>man 534500x800000000000000037104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.759{ec2a2542-29af-6254-0000-000000000000}8978-man 534500x800000000000000037103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.759{00000000-0000-0000-0000-000000000000}8976<unknown process>man 534500x800000000000000037105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.760{ec2a2542-29af-6254-0000-000000000000}8977-man 534500x800000000000000037106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.763{00000000-0000-0000-0000-000000000000}8979<unknown process>man 534500x800000000000000037108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.766{ec2a2542-29af-6254-0000-000000000000}8982-man 534500x800000000000000037107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.766{ec2a2542-29af-6254-0000-000000000000}8980-man 534500x800000000000000037109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.767{ec2a2542-29af-6254-0000-000000000000}8981-man 534500x800000000000000037110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.770{00000000-0000-0000-0000-000000000000}8983<unknown process>man 534500x800000000000000037111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.773{ec2a2542-29af-6254-0000-000000000000}8984-man 534500x800000000000000037113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.774{ec2a2542-29af-6254-0000-000000000000}8985-man 534500x800000000000000037112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.774{ec2a2542-29af-6254-0000-000000000000}8986-man 534500x800000000000000037114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.777{ec2a2542-29af-6254-0000-000000000000}8987-man 534500x800000000000000037116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.781{ec2a2542-29af-6254-0000-000000000000}8990-man 534500x800000000000000037115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.781{ec2a2542-29af-6254-0000-000000000000}8988-man 534500x800000000000000037117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.782{ec2a2542-29af-6254-0000-000000000000}8989-man 534500x800000000000000037118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.785{00000000-0000-0000-0000-000000000000}8991<unknown process>man 534500x800000000000000037119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.788{ec2a2542-29af-6254-0000-000000000000}8992-man 534500x800000000000000037121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.789{ec2a2542-29af-6254-0000-000000000000}8993-man 534500x800000000000000037120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.789{ec2a2542-29af-6254-0000-000000000000}8994-man 534500x800000000000000037122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.792{00000000-0000-0000-0000-000000000000}8995<unknown process>man 534500x800000000000000037123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.795{ec2a2542-29af-6254-0000-000000000000}8996-man 534500x800000000000000037125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.796{ec2a2542-29af-6254-0000-000000000000}8997-man 534500x800000000000000037124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.796{ec2a2542-29af-6254-0000-000000000000}8998-man 534500x800000000000000037126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.799{ec2a2542-29af-6254-0000-000000000000}8999-man 534500x800000000000000037127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.803{ec2a2542-29af-6254-0000-000000000000}9000-man 534500x800000000000000037129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.804{ec2a2542-29af-6254-0000-000000000000}9001-man 534500x800000000000000037128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.804{ec2a2542-29af-6254-0000-000000000000}9002-man 534500x800000000000000037130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.809{ec2a2542-29af-6254-0000-000000000000}9003-man 534500x800000000000000037132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.812{ec2a2542-29af-6254-0000-000000000000}9006-man 534500x800000000000000037131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.812{ec2a2542-29af-6254-0000-000000000000}9004-man 534500x800000000000000037133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.813{ec2a2542-29af-6254-0000-000000000000}9005-man 534500x800000000000000037134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.816{00000000-0000-0000-0000-000000000000}9007<unknown process>man 534500x800000000000000037135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.819{ec2a2542-29af-6254-0000-000000000000}9008-man 534500x800000000000000037137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.820{ec2a2542-29af-6254-0000-000000000000}9009-man 534500x800000000000000037136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.820{ec2a2542-29af-6254-0000-000000000000}9010-man 534500x800000000000000037138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.823{ec2a2542-29af-6254-0000-000000000000}9011-man 534500x800000000000000037139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.826{ec2a2542-29af-6254-0000-000000000000}9012-man 534500x800000000000000037141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.827{ec2a2542-29af-6254-0000-000000000000}9013-man 534500x800000000000000037140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.827{ec2a2542-29af-6254-0000-000000000000}9014-man 534500x800000000000000037142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.830{ec2a2542-29af-6254-0000-000000000000}9015-man 534500x800000000000000037143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.833{ec2a2542-29af-6254-0000-000000000000}9016-man 534500x800000000000000037145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.834{ec2a2542-29af-6254-0000-000000000000}9017-man 534500x800000000000000037144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.834{ec2a2542-29af-6254-0000-000000000000}9018-man 534500x800000000000000037146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.837{ec2a2542-29af-6254-0000-000000000000}9019-man 534500x800000000000000037147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.840{ec2a2542-29af-6254-0000-000000000000}9020-man 534500x800000000000000037148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.841{ec2a2542-29af-6254-0000-000000000000}9022-man 534500x800000000000000037149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.842{ec2a2542-29af-6254-0000-000000000000}9021-man 534500x800000000000000037150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.844{ec2a2542-29af-6254-0000-000000000000}9023-man 534500x800000000000000037151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.847{ec2a2542-29af-6254-0000-000000000000}9024-man 534500x800000000000000037153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.848{ec2a2542-29af-6254-0000-000000000000}9025-man 534500x800000000000000037152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.848{ec2a2542-29af-6254-0000-000000000000}9026-man 534500x800000000000000037154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.851{00000000-0000-0000-0000-000000000000}9027<unknown process>man 534500x800000000000000037155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.854{ec2a2542-29af-6254-0000-000000000000}9028-man 534500x800000000000000037157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.855{ec2a2542-29af-6254-0000-000000000000}9029-man 534500x800000000000000037156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.855{ec2a2542-29af-6254-0000-000000000000}9030-man 534500x800000000000000037158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.858{ec2a2542-29af-6254-0000-000000000000}9031-man 534500x800000000000000037159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.861{ec2a2542-29af-6254-0000-000000000000}9032-man 534500x800000000000000037160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.862{ec2a2542-29af-6254-0000-000000000000}9034-man 534500x800000000000000037161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.863{ec2a2542-29af-6254-0000-000000000000}9033-man 534500x800000000000000037162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.866{00000000-0000-0000-0000-000000000000}9035<unknown process>man 534500x800000000000000037163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.868{ec2a2542-29af-6254-0000-000000000000}9036-man 534500x800000000000000037164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.869{ec2a2542-29af-6254-0000-000000000000}9038-man 534500x800000000000000037165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.870{ec2a2542-29af-6254-0000-000000000000}9037-man 534500x800000000000000037166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.872{ec2a2542-29af-6254-0000-000000000000}9039-man 534500x800000000000000037167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.875{ec2a2542-29af-6254-0000-000000000000}9040-man 534500x800000000000000037168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.876{ec2a2542-29af-6254-0000-000000000000}9042-man 534500x800000000000000037169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.877{ec2a2542-29af-6254-0000-000000000000}9041-man 534500x800000000000000037170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.880{ec2a2542-29af-6254-0000-000000000000}9043-man 534500x800000000000000037171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.883{ec2a2542-29af-6254-0000-000000000000}9044-man 534500x800000000000000037173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.884{ec2a2542-29af-6254-0000-000000000000}9045-man 534500x800000000000000037172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.884{ec2a2542-29af-6254-0000-000000000000}9046-man 534500x800000000000000037174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.887{ec2a2542-29af-6254-0000-000000000000}9047-man 534500x800000000000000037175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.890{ec2a2542-29af-6254-0000-000000000000}9048-man 534500x800000000000000037177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.891{ec2a2542-29af-6254-0000-000000000000}9049-man 534500x800000000000000037176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.891{ec2a2542-29af-6254-0000-000000000000}9050-man 534500x800000000000000037178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.895{00000000-0000-0000-0000-000000000000}9051<unknown process>man 534500x800000000000000037180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.898{ec2a2542-29af-6254-0000-000000000000}9054-man 534500x800000000000000037179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.898{ec2a2542-29af-6254-0000-000000000000}9052-man 534500x800000000000000037181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.899{ec2a2542-29af-6254-0000-000000000000}9053-man 534500x800000000000000037182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.902{ec2a2542-29af-6254-0000-000000000000}9055-man 534500x800000000000000037184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.905{ec2a2542-29af-6254-0000-000000000000}9058-man 534500x800000000000000037183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.905{ec2a2542-29af-6254-0000-000000000000}9056-man 534500x800000000000000037185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.907{ec2a2542-29af-6254-0000-000000000000}9057-man 534500x800000000000000037186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.910{ec2a2542-29af-6254-0000-000000000000}9059-man 534500x800000000000000037187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.913{ec2a2542-29af-6254-0000-000000000000}9060-man 534500x800000000000000037189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.914{ec2a2542-29af-6254-0000-000000000000}9061-man 534500x800000000000000037188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.914{ec2a2542-29af-6254-0000-000000000000}9062-man 534500x800000000000000037190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.917{ec2a2542-29af-6254-0000-000000000000}9063-man 534500x800000000000000037191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.920{ec2a2542-29af-6254-0000-000000000000}9064-man 534500x800000000000000037193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.921{ec2a2542-29af-6254-0000-000000000000}9065-man 534500x800000000000000037192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.921{ec2a2542-29af-6254-0000-000000000000}9066-man 534500x800000000000000037194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.924{ec2a2542-29af-6254-0000-000000000000}9067-man 534500x800000000000000037196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.927{ec2a2542-29af-6254-0000-000000000000}9070-man 534500x800000000000000037195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.927{ec2a2542-29af-6254-0000-000000000000}9068-man 534500x800000000000000037197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.928{ec2a2542-29af-6254-0000-000000000000}9069-man 534500x800000000000000037198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.931{ec2a2542-29af-6254-0000-000000000000}9071-man 534500x800000000000000037199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.934{ec2a2542-29af-6254-0000-000000000000}9072-man 534500x800000000000000037201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.935{ec2a2542-29af-6254-0000-000000000000}9073-man 534500x800000000000000037200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.935{ec2a2542-29af-6254-0000-000000000000}9074-man 534500x800000000000000037202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.938{ec2a2542-29af-6254-0000-000000000000}9075-man 534500x800000000000000037203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.941{ec2a2542-29af-6254-0000-000000000000}9076-man 534500x800000000000000037205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.942{ec2a2542-29af-6254-0000-000000000000}9077-man 534500x800000000000000037204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.942{ec2a2542-29af-6254-0000-000000000000}9078-man 534500x800000000000000037206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.945{ec2a2542-29af-6254-0000-000000000000}9079-man 534500x800000000000000037208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.948{ec2a2542-29af-6254-0000-000000000000}9082-man 534500x800000000000000037207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.948{ec2a2542-29af-6254-0000-000000000000}9080-man 534500x800000000000000037209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.949{ec2a2542-29af-6254-0000-000000000000}9081-man 534500x800000000000000037210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.952{00000000-0000-0000-0000-000000000000}9083<unknown process>man 534500x800000000000000037211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.954{ec2a2542-29af-6254-0000-000000000000}9084-man 534500x800000000000000037212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.955{ec2a2542-29af-6254-0000-000000000000}9086-man 534500x800000000000000037213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.956{ec2a2542-29af-6254-0000-000000000000}9085-man 534500x800000000000000037214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.959{ec2a2542-29af-6254-0000-000000000000}9087-man 534500x800000000000000037216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.962{ec2a2542-29af-6254-0000-000000000000}9090-man 534500x800000000000000037215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.962{ec2a2542-29af-6254-0000-000000000000}9088-man 534500x800000000000000037217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.963{ec2a2542-29af-6254-0000-000000000000}9089-man 534500x800000000000000037218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.966{00000000-0000-0000-0000-000000000000}9091<unknown process>man 534500x800000000000000037220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.969{ec2a2542-29af-6254-0000-000000000000}9094-man 534500x800000000000000037219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.969{ec2a2542-29af-6254-0000-000000000000}9092-man 534500x800000000000000037221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.970{ec2a2542-29af-6254-0000-000000000000}9093-man 534500x800000000000000037222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.973{00000000-0000-0000-0000-000000000000}9095<unknown process>man 534500x800000000000000037223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.976{ec2a2542-29af-6254-0000-000000000000}9096-man 534500x800000000000000037225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.977{ec2a2542-29af-6254-0000-000000000000}9097-man 534500x800000000000000037224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.977{ec2a2542-29af-6254-0000-000000000000}9098-man 534500x800000000000000037226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.981{ec2a2542-29af-6254-0000-000000000000}9099-man 534500x800000000000000037227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.983{ec2a2542-29af-6254-0000-000000000000}9100-man 534500x800000000000000037228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.984{ec2a2542-29af-6254-0000-000000000000}9102-man 534500x800000000000000037229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.985{00000000-0000-0000-0000-000000000000}9101<unknown process>man 534500x800000000000000037230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.988{00000000-0000-0000-0000-000000000000}9103<unknown process>man 534500x800000000000000037231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.991{ec2a2542-29af-6254-0000-000000000000}9104-man 534500x800000000000000037233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.992{00000000-0000-0000-0000-000000000000}9105<unknown process>man 534500x800000000000000037232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.992{00000000-0000-0000-0000-000000000000}9106<unknown process>man 534500x800000000000000037234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.995{00000000-0000-0000-0000-000000000000}9107<unknown process>man 534500x800000000000000037235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.998{ec2a2542-29af-6254-0000-000000000000}9108-man 534500x800000000000000037236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:23.999{ec2a2542-29af-6254-0000-000000000000}9110-man 534500x800000000000000037237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.000{ec2a2542-29af-6254-0000-000000000000}9109-man 534500x800000000000000037238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.003{00000000-0000-0000-0000-000000000000}9111<unknown process>man 534500x800000000000000037240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.006{ec2a2542-29b0-6254-0000-000000000000}9114-man 534500x800000000000000037239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.006{ec2a2542-29af-6254-0000-000000000000}9112-man 534500x800000000000000037241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.007{ec2a2542-29b0-6254-0000-000000000000}9113-man 534500x800000000000000037242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.010{00000000-0000-0000-0000-000000000000}9115<unknown process>man 534500x800000000000000037243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.013{00000000-0000-0000-0000-000000000000}9116<unknown process>man 534500x800000000000000037244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.014{ec2a2542-29b0-6254-0000-000000000000}9118-man 534500x800000000000000037245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.015{ec2a2542-29b0-6254-0000-000000000000}9117-man 534500x800000000000000037246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.018{00000000-0000-0000-0000-000000000000}9119<unknown process>man 534500x800000000000000037247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.020{ec2a2542-29b0-6254-0000-000000000000}9120-man 534500x800000000000000037248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.021{ec2a2542-29b0-6254-0000-000000000000}9122-man 534500x800000000000000037249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.022{00000000-0000-0000-0000-000000000000}9121<unknown process>man 534500x800000000000000037250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.024{00000000-0000-0000-0000-000000000000}9123<unknown process>man 534500x800000000000000037252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.028{ec2a2542-29b0-6254-0000-000000000000}9126-man 534500x800000000000000037251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.028{ec2a2542-29b0-6254-0000-000000000000}9124-man 534500x800000000000000037253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.029{ec2a2542-29b0-6254-0000-000000000000}9125-man 534500x800000000000000037254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.032{ec2a2542-29b0-6254-0000-000000000000}9127-man 534500x800000000000000037255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.037{ec2a2542-29b0-6254-0000-000000000000}9128-man 534500x800000000000000037257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.038{ec2a2542-29b0-6254-0000-000000000000}9129-man 534500x800000000000000037256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.038{ec2a2542-29b0-6254-0000-000000000000}9130-man 534500x800000000000000037258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.042{ec2a2542-29b0-6254-0000-000000000000}9131-man 534500x800000000000000037259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.046{ec2a2542-29b0-6254-0000-000000000000}9132-man 534500x800000000000000037261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.047{00000000-0000-0000-0000-000000000000}9133<unknown process>man 534500x800000000000000037260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.047{00000000-0000-0000-0000-000000000000}9134<unknown process>man 534500x800000000000000037262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.051{ec2a2542-29b0-6254-0000-000000000000}9135-man 534500x800000000000000037264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.054{ec2a2542-29b0-6254-0000-000000000000}9138-man 534500x800000000000000037263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.054{ec2a2542-29b0-6254-0000-000000000000}9136-man 534500x800000000000000037265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.055{ec2a2542-29b0-6254-0000-000000000000}9137-man 534500x800000000000000037266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.058{00000000-0000-0000-0000-000000000000}9139<unknown process>man 534500x800000000000000037268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.061{ec2a2542-29b0-6254-0000-000000000000}9142-man 534500x800000000000000037267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.061{ec2a2542-29b0-6254-0000-000000000000}9140-man 534500x800000000000000037269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.062{ec2a2542-29b0-6254-0000-000000000000}9141-man 534500x800000000000000037270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.066{00000000-0000-0000-0000-000000000000}9143<unknown process>man 534500x800000000000000037272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.069{ec2a2542-29b0-6254-0000-000000000000}9146-man 534500x800000000000000037271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.069{ec2a2542-29b0-6254-0000-000000000000}9144-man 534500x800000000000000037273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.070{ec2a2542-29b0-6254-0000-000000000000}9145-man 534500x800000000000000037274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.073{ec2a2542-29b0-6254-0000-000000000000}9147-man 534500x800000000000000037276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.076{ec2a2542-29b0-6254-0000-000000000000}9150-man 534500x800000000000000037275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.076{ec2a2542-29b0-6254-0000-000000000000}9148-man 534500x800000000000000037277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.077{ec2a2542-29b0-6254-0000-000000000000}9149-man 534500x800000000000000037278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.081{ec2a2542-29b0-6254-0000-000000000000}9151-man 534500x800000000000000037279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.085{ec2a2542-29b0-6254-0000-000000000000}9152-man 534500x800000000000000037280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.086{ec2a2542-29b0-6254-0000-000000000000}9154-man 534500x800000000000000037281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.087{ec2a2542-29b0-6254-0000-000000000000}9153-man 534500x800000000000000037282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.090{ec2a2542-29b0-6254-0000-000000000000}9155-man 534500x800000000000000037283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.093{ec2a2542-29b0-6254-0000-000000000000}9156-man 534500x800000000000000037285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.094{ec2a2542-29b0-6254-0000-000000000000}9157-man 534500x800000000000000037284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.094{ec2a2542-29b0-6254-0000-000000000000}9158-man 534500x800000000000000037286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.097{00000000-0000-0000-0000-000000000000}9159<unknown process>man 534500x800000000000000037288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.101{ec2a2542-29b0-6254-0000-000000000000}9162-man 534500x800000000000000037287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.101{ec2a2542-29b0-6254-0000-000000000000}9160-man 534500x800000000000000037289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.103{ec2a2542-29b0-6254-0000-000000000000}9161-man 534500x800000000000000037290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.106{00000000-0000-0000-0000-000000000000}9163<unknown process>man 534500x800000000000000037291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.109{00000000-0000-0000-0000-000000000000}9164<unknown process>man 534500x800000000000000037292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.110{ec2a2542-29b0-6254-0000-000000000000}9166-man 534500x800000000000000037293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.111{ec2a2542-29b0-6254-0000-000000000000}9165-man 534500x800000000000000037294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.114{00000000-0000-0000-0000-000000000000}9167<unknown process>man 534500x800000000000000037295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.117{ec2a2542-29b0-6254-0000-000000000000}9168-man 534500x800000000000000037297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.118{ec2a2542-29b0-6254-0000-000000000000}9169-man 534500x800000000000000037296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.118{ec2a2542-29b0-6254-0000-000000000000}9170-man 534500x800000000000000037298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.122{ec2a2542-29b0-6254-0000-000000000000}9171-man 534500x800000000000000037299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.125{ec2a2542-29b0-6254-0000-000000000000}9172-man 534500x800000000000000037301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.126{ec2a2542-29b0-6254-0000-000000000000}9173-man 534500x800000000000000037300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.126{ec2a2542-29b0-6254-0000-000000000000}9174-man 534500x800000000000000037302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.130{00000000-0000-0000-0000-000000000000}9175<unknown process>man 534500x800000000000000037303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.132{ec2a2542-29b0-6254-0000-000000000000}9176-man 534500x800000000000000037304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.133{ec2a2542-29b0-6254-0000-000000000000}9178-man 534500x800000000000000037305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.134{ec2a2542-29b0-6254-0000-000000000000}9177-man 534500x800000000000000037306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.137{ec2a2542-29b0-6254-0000-000000000000}9179-man 534500x800000000000000037308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.140{ec2a2542-29b0-6254-0000-000000000000}9182-man 534500x800000000000000037307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.140{00000000-0000-0000-0000-000000000000}9180<unknown process>man 534500x800000000000000037309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.141{ec2a2542-29b0-6254-0000-000000000000}9181-man 534500x800000000000000037310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.144{00000000-0000-0000-0000-000000000000}9183<unknown process>man 534500x800000000000000037312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.147{ec2a2542-29b0-6254-0000-000000000000}9186-man 534500x800000000000000037311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.147{ec2a2542-29b0-6254-0000-000000000000}9184-man 534500x800000000000000037313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.148{ec2a2542-29b0-6254-0000-000000000000}9185-man 534500x800000000000000037314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.151{00000000-0000-0000-0000-000000000000}9187<unknown process>man 534500x800000000000000037316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.154{ec2a2542-29b0-6254-0000-000000000000}9190-man 534500x800000000000000037315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.154{ec2a2542-29b0-6254-0000-000000000000}9188-man 534500x800000000000000037317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.155{ec2a2542-29b0-6254-0000-000000000000}9189-man 534500x800000000000000037318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.158{ec2a2542-29b0-6254-0000-000000000000}9191-man 534500x800000000000000037320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.161{ec2a2542-29b0-6254-0000-000000000000}9194-man 534500x800000000000000037319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.161{ec2a2542-29b0-6254-0000-000000000000}9192-man 534500x800000000000000037321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.162{ec2a2542-29b0-6254-0000-000000000000}9193-man 534500x800000000000000037322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.165{00000000-0000-0000-0000-000000000000}9195<unknown process>man 534500x800000000000000037323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.168{ec2a2542-29b0-6254-0000-000000000000}9196-man 534500x800000000000000037324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.169{ec2a2542-29b0-6254-0000-000000000000}9198-man 534500x800000000000000037325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.170{ec2a2542-29b0-6254-0000-000000000000}9197-man 534500x800000000000000037326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.172{00000000-0000-0000-0000-000000000000}9199<unknown process>man 534500x800000000000000037328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.176{ec2a2542-29b0-6254-0000-000000000000}9202-man 534500x800000000000000037327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.176{ec2a2542-29b0-6254-0000-000000000000}9200-man 534500x800000000000000037329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.177{ec2a2542-29b0-6254-0000-000000000000}9201-man 534500x800000000000000037330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.180{ec2a2542-29b0-6254-0000-000000000000}9203-man 534500x800000000000000037331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.183{ec2a2542-29b0-6254-0000-000000000000}9204-man 534500x800000000000000037332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.184{ec2a2542-29b0-6254-0000-000000000000}9206-man 534500x800000000000000037333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.185{ec2a2542-29b0-6254-0000-000000000000}9205-man 534500x800000000000000037334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.188{ec2a2542-29b0-6254-0000-000000000000}9207-man 534500x800000000000000037336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.191{ec2a2542-29b0-6254-0000-000000000000}9210-man 534500x800000000000000037335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.191{ec2a2542-29b0-6254-0000-000000000000}9208-man 534500x800000000000000037337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.192{ec2a2542-29b0-6254-0000-000000000000}9209-man 534500x800000000000000037338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.195{00000000-0000-0000-0000-000000000000}9211<unknown process>man 534500x800000000000000037340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.198{ec2a2542-29b0-6254-0000-000000000000}9214-man 534500x800000000000000037339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.198{ec2a2542-29b0-6254-0000-000000000000}9212-man 534500x800000000000000037341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.199{ec2a2542-29b0-6254-0000-000000000000}9213-man 534500x800000000000000037342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.202{00000000-0000-0000-0000-000000000000}9215<unknown process>man 534500x800000000000000037344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.205{ec2a2542-29b0-6254-0000-000000000000}9218-man 534500x800000000000000037343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.205{ec2a2542-29b0-6254-0000-000000000000}9216-man 534500x800000000000000037345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.206{ec2a2542-29b0-6254-0000-000000000000}9217-man 534500x800000000000000037346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.209{ec2a2542-29b0-6254-0000-000000000000}9219-man 534500x800000000000000037347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.212{ec2a2542-29b0-6254-0000-000000000000}9220-man 534500x800000000000000037349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.213{ec2a2542-29b0-6254-0000-000000000000}9221-man 534500x800000000000000037348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.213{ec2a2542-29b0-6254-0000-000000000000}9222-man 534500x800000000000000037350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.216{00000000-0000-0000-0000-000000000000}9223<unknown process>man 534500x800000000000000037351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.219{00000000-0000-0000-0000-000000000000}9224<unknown process>man 534500x800000000000000037353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.220{ec2a2542-29b0-6254-0000-000000000000}9225-man 534500x800000000000000037352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.220{ec2a2542-29b0-6254-0000-000000000000}9226-man 534500x800000000000000037354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.223{00000000-0000-0000-0000-000000000000}9227<unknown process>man 534500x800000000000000037355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.226{ec2a2542-29b0-6254-0000-000000000000}9228-man 534500x800000000000000037356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.227{ec2a2542-29b0-6254-0000-000000000000}9230-man 534500x800000000000000037357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.228{ec2a2542-29b0-6254-0000-000000000000}9229-man 534500x800000000000000037358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.231{ec2a2542-29b0-6254-0000-000000000000}9231-man 534500x800000000000000037359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.233{ec2a2542-29b0-6254-0000-000000000000}9232-man 534500x800000000000000037360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.234{ec2a2542-29b0-6254-0000-000000000000}9234-man 534500x800000000000000037361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.235{ec2a2542-29b0-6254-0000-000000000000}9233-man 534500x800000000000000037362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.238{ec2a2542-29b0-6254-0000-000000000000}9235-man 534500x800000000000000037364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.241{ec2a2542-29b0-6254-0000-000000000000}9238-man 534500x800000000000000037363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.241{ec2a2542-29b0-6254-0000-000000000000}9236-man 534500x800000000000000037365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.242{ec2a2542-29b0-6254-0000-000000000000}9237-man 534500x800000000000000037366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.245{ec2a2542-29b0-6254-0000-000000000000}9239-man 534500x800000000000000037367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.248{ec2a2542-29b0-6254-0000-000000000000}9240-man 534500x800000000000000037369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.250{ec2a2542-29b0-6254-0000-000000000000}9241-man 534500x800000000000000037368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.250{ec2a2542-29b0-6254-0000-000000000000}9242-man 534500x800000000000000037370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.254{ec2a2542-29b0-6254-0000-000000000000}9243-man 534500x800000000000000037371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.257{00000000-0000-0000-0000-000000000000}9244<unknown process>man 534500x800000000000000037373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.258{ec2a2542-29b0-6254-0000-000000000000}9245-man 534500x800000000000000037372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.258{ec2a2542-29b0-6254-0000-000000000000}9246-man 534500x800000000000000037374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.261{ec2a2542-29b0-6254-0000-000000000000}9247-man 534500x800000000000000037375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.264{ec2a2542-29b0-6254-0000-000000000000}9248-man 534500x800000000000000037377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.265{ec2a2542-29b0-6254-0000-000000000000}9249-man 534500x800000000000000037376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.265{ec2a2542-29b0-6254-0000-000000000000}9250-man 534500x800000000000000037378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.268{ec2a2542-29b0-6254-0000-000000000000}9251-man 534500x800000000000000037379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.271{ec2a2542-29b0-6254-0000-000000000000}9252-man 534500x800000000000000037380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.272{ec2a2542-29b0-6254-0000-000000000000}9254-man 534500x800000000000000037381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.273{ec2a2542-29b0-6254-0000-000000000000}9253-man 534500x800000000000000037382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.276{00000000-0000-0000-0000-000000000000}9255<unknown process>man 534500x800000000000000037383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.279{ec2a2542-29b0-6254-0000-000000000000}9256-man 534500x800000000000000037385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.281{ec2a2542-29b0-6254-0000-000000000000}9257-man 534500x800000000000000037384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.281{ec2a2542-29b0-6254-0000-000000000000}9258-man 534500x800000000000000037386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.285{ec2a2542-29b0-6254-0000-000000000000}9259-man 534500x800000000000000037387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.288{00000000-0000-0000-0000-000000000000}9260<unknown process>man 534500x800000000000000037389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.289{ec2a2542-29b0-6254-0000-000000000000}9261-man 534500x800000000000000037388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.289{ec2a2542-29b0-6254-0000-000000000000}9262-man 534500x800000000000000037390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.292{ec2a2542-29b0-6254-0000-000000000000}9263-man 534500x800000000000000037391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.295{ec2a2542-29b0-6254-0000-000000000000}9264-man 534500x800000000000000037393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.296{ec2a2542-29b0-6254-0000-000000000000}9265-man 534500x800000000000000037392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.296{ec2a2542-29b0-6254-0000-000000000000}9266-man 534500x800000000000000037394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.299{ec2a2542-29b0-6254-0000-000000000000}9267-man 534500x800000000000000037395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.302{ec2a2542-29b0-6254-0000-000000000000}9268-man 534500x800000000000000037397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.303{ec2a2542-29b0-6254-0000-000000000000}9269-man 534500x800000000000000037396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.303{ec2a2542-29b0-6254-0000-000000000000}9270-man 534500x800000000000000037398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.306{ec2a2542-29b0-6254-0000-000000000000}9271-man 534500x800000000000000037399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.309{ec2a2542-29b0-6254-0000-000000000000}9272-man 534500x800000000000000037401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.310{ec2a2542-29b0-6254-0000-000000000000}9273-man 534500x800000000000000037400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.310{ec2a2542-29b0-6254-0000-000000000000}9274-man 534500x800000000000000037402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.313{ec2a2542-29b0-6254-0000-000000000000}9275-man 534500x800000000000000037404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.316{ec2a2542-29b0-6254-0000-000000000000}9278-man 534500x800000000000000037403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.316{ec2a2542-29b0-6254-0000-000000000000}9276-man 534500x800000000000000037405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.317{ec2a2542-29b0-6254-0000-000000000000}9277-man 534500x800000000000000037406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.320{ec2a2542-29b0-6254-0000-000000000000}9279-man 534500x800000000000000037407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.323{ec2a2542-29b0-6254-0000-000000000000}9280-man 534500x800000000000000037409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.324{ec2a2542-29b0-6254-0000-000000000000}9281-man 534500x800000000000000037408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.324{ec2a2542-29b0-6254-0000-000000000000}9282-man 534500x800000000000000037410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.327{ec2a2542-29b0-6254-0000-000000000000}9283-man 534500x800000000000000037412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.330{ec2a2542-29b0-6254-0000-000000000000}9286-man 534500x800000000000000037411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.330{ec2a2542-29b0-6254-0000-000000000000}9284-man 534500x800000000000000037413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.331{ec2a2542-29b0-6254-0000-000000000000}9285-man 534500x800000000000000037414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.334{00000000-0000-0000-0000-000000000000}9287<unknown process>man 534500x800000000000000037415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.337{ec2a2542-29b0-6254-0000-000000000000}9288-man 534500x800000000000000037417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.338{ec2a2542-29b0-6254-0000-000000000000}9289-man 534500x800000000000000037416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.338{ec2a2542-29b0-6254-0000-000000000000}9290-man 534500x800000000000000037418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.341{ec2a2542-29b0-6254-0000-000000000000}9291-man 534500x800000000000000037419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.344{ec2a2542-29b0-6254-0000-000000000000}9292-man 534500x800000000000000037420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.346{ec2a2542-29b0-6254-0000-000000000000}9294-man 534500x800000000000000037421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.347{ec2a2542-29b0-6254-0000-000000000000}9293-man 534500x800000000000000037422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.350{00000000-0000-0000-0000-000000000000}9295<unknown process>man 534500x800000000000000037423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.353{ec2a2542-29b0-6254-0000-000000000000}9296-man 534500x800000000000000037424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.354{ec2a2542-29b0-6254-0000-000000000000}9298-man 534500x800000000000000037425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.355{ec2a2542-29b0-6254-0000-000000000000}9297-man 534500x800000000000000037426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.358{ec2a2542-29b0-6254-0000-000000000000}9299-man 534500x800000000000000037428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.361{ec2a2542-29b0-6254-0000-000000000000}9302-man 534500x800000000000000037427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.361{ec2a2542-29b0-6254-0000-000000000000}9300-man 534500x800000000000000037429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.362{ec2a2542-29b0-6254-0000-000000000000}9301-man 534500x800000000000000037430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.365{00000000-0000-0000-0000-000000000000}9303<unknown process>man 534500x800000000000000037431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.368{ec2a2542-29b0-6254-0000-000000000000}9304-man 534500x800000000000000037433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.369{ec2a2542-29b0-6254-0000-000000000000}9305-man 534500x800000000000000037432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.369{ec2a2542-29b0-6254-0000-000000000000}9306-man 534500x800000000000000037434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.372{ec2a2542-29b0-6254-0000-000000000000}9307-man 534500x800000000000000037435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.375{00000000-0000-0000-0000-000000000000}9308<unknown process>man 534500x800000000000000037437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.376{ec2a2542-29b0-6254-0000-000000000000}9309-man 534500x800000000000000037436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.376{ec2a2542-29b0-6254-0000-000000000000}9310-man 534500x800000000000000037438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.379{00000000-0000-0000-0000-000000000000}9311<unknown process>man 534500x800000000000000037439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.382{ec2a2542-29b0-6254-0000-000000000000}9312-man 534500x800000000000000037441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.383{ec2a2542-29b0-6254-0000-000000000000}9313-man 534500x800000000000000037440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.383{ec2a2542-29b0-6254-0000-000000000000}9314-man 534500x800000000000000037442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.386{00000000-0000-0000-0000-000000000000}9315<unknown process>man 534500x800000000000000037443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.389{ec2a2542-29b0-6254-0000-000000000000}9316-man 534500x800000000000000037445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.390{ec2a2542-29b0-6254-0000-000000000000}9317-man 534500x800000000000000037444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.390{ec2a2542-29b0-6254-0000-000000000000}9318-man 534500x800000000000000037446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.393{00000000-0000-0000-0000-000000000000}9319<unknown process>man 534500x800000000000000037447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.396{ec2a2542-29b0-6254-0000-000000000000}9320-man 534500x800000000000000037449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.397{ec2a2542-29b0-6254-0000-000000000000}9321-man 534500x800000000000000037448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.397{ec2a2542-29b0-6254-0000-000000000000}9322-man 534500x800000000000000037450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.400{00000000-0000-0000-0000-000000000000}9323<unknown process>man 534500x800000000000000037451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.403{ec2a2542-29b0-6254-0000-000000000000}9324-man 534500x800000000000000037452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.404{ec2a2542-29b0-6254-0000-000000000000}9326-man 534500x800000000000000037453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.405{ec2a2542-29b0-6254-0000-000000000000}9325-man 534500x800000000000000037454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.408{ec2a2542-29b0-6254-0000-000000000000}9327-man 534500x800000000000000037456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.411{ec2a2542-29b0-6254-0000-000000000000}9330-man 534500x800000000000000037455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.411{ec2a2542-29b0-6254-0000-000000000000}9328-man 534500x800000000000000037457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.412{ec2a2542-29b0-6254-0000-000000000000}9329-man 534500x800000000000000037458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.414{ec2a2542-29b0-6254-0000-000000000000}9331-man 534500x800000000000000037460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.418{ec2a2542-29b0-6254-0000-000000000000}9334-man 534500x800000000000000037459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.418{ec2a2542-29b0-6254-0000-000000000000}9332-man 534500x800000000000000037461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.419{ec2a2542-29b0-6254-0000-000000000000}9333-man 534500x800000000000000037462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.422{ec2a2542-29b0-6254-0000-000000000000}9335-man 534500x800000000000000037463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.425{00000000-0000-0000-0000-000000000000}9336<unknown process>man 534500x800000000000000037465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.426{ec2a2542-29b0-6254-0000-000000000000}9337-man 534500x800000000000000037464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.426{ec2a2542-29b0-6254-0000-000000000000}9338-man 534500x800000000000000037466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.429{00000000-0000-0000-0000-000000000000}9339<unknown process>man 534500x800000000000000037467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.432{ec2a2542-29b0-6254-0000-000000000000}9340-man 534500x800000000000000037468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.433{ec2a2542-29b0-6254-0000-000000000000}9342-man 534500x800000000000000037469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.434{ec2a2542-29b0-6254-0000-000000000000}9341-man 534500x800000000000000037470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.436{ec2a2542-29b0-6254-0000-000000000000}9343-man 534500x800000000000000037471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.440{ec2a2542-29b0-6254-0000-000000000000}9344-man 534500x800000000000000037473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.441{ec2a2542-29b0-6254-0000-000000000000}9345-man 534500x800000000000000037472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.441{ec2a2542-29b0-6254-0000-000000000000}9346-man 534500x800000000000000037474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.444{00000000-0000-0000-0000-000000000000}9347<unknown process>man 534500x800000000000000037475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.447{ec2a2542-29b0-6254-0000-000000000000}9348-man 534500x800000000000000037477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.448{ec2a2542-29b0-6254-0000-000000000000}9349-man 534500x800000000000000037476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.448{ec2a2542-29b0-6254-0000-000000000000}9350-man 534500x800000000000000037478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.452{ec2a2542-29b0-6254-0000-000000000000}9351-man 534500x800000000000000037479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.454{00000000-0000-0000-0000-000000000000}9352<unknown process>man 534500x800000000000000037481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.455{ec2a2542-29b0-6254-0000-000000000000}9353-man 534500x800000000000000037480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.455{ec2a2542-29b0-6254-0000-000000000000}9354-man 534500x800000000000000037482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.459{ec2a2542-29b0-6254-0000-000000000000}9355-man 534500x800000000000000037483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.461{ec2a2542-29b0-6254-0000-000000000000}9356-man 534500x800000000000000037484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.462{ec2a2542-29b0-6254-0000-000000000000}9358-man 534500x800000000000000037485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.463{ec2a2542-29b0-6254-0000-000000000000}9357-man 534500x800000000000000037486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.466{00000000-0000-0000-0000-000000000000}9359<unknown process>man 534500x800000000000000037488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.469{ec2a2542-29b0-6254-0000-000000000000}9362-man 534500x800000000000000037487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.469{ec2a2542-29b0-6254-0000-000000000000}9360-man 534500x800000000000000037489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.470{ec2a2542-29b0-6254-0000-000000000000}9361-man 534500x800000000000000037490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.473{ec2a2542-29b0-6254-0000-000000000000}9363-man 534500x800000000000000037491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.475{ec2a2542-29b0-6254-0000-000000000000}9364-man 534500x800000000000000037492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.476{ec2a2542-29b0-6254-0000-000000000000}9366-man 534500x800000000000000037493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.477{ec2a2542-29b0-6254-0000-000000000000}9365-man 534500x800000000000000037494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.479{ec2a2542-29b0-6254-0000-000000000000}9367-man 534500x800000000000000037496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.483{ec2a2542-29b0-6254-0000-000000000000}9370-man 534500x800000000000000037495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.483{ec2a2542-29b0-6254-0000-000000000000}9368-man 534500x800000000000000037497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.484{ec2a2542-29b0-6254-0000-000000000000}9369-man 534500x800000000000000037498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.487{ec2a2542-29b0-6254-0000-000000000000}9371-man 534500x800000000000000037499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.490{ec2a2542-29b0-6254-0000-000000000000}9372-man 534500x800000000000000037501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.491{ec2a2542-29b0-6254-0000-000000000000}9373-man 534500x800000000000000037500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.491{ec2a2542-29b0-6254-0000-000000000000}9374-man 534500x800000000000000037502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.494{ec2a2542-29b0-6254-0000-000000000000}9375-man 534500x800000000000000037504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.498{ec2a2542-29b0-6254-0000-000000000000}9378-man 534500x800000000000000037503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.498{ec2a2542-29b0-6254-0000-000000000000}9376-man 534500x800000000000000037505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.499{ec2a2542-29b0-6254-0000-000000000000}9377-man 534500x800000000000000037506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.504{00000000-0000-0000-0000-000000000000}9379<unknown process>man 534500x800000000000000037507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.508{ec2a2542-29b0-6254-0000-000000000000}9380-man 534500x800000000000000037508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.509{ec2a2542-29b0-6254-0000-000000000000}9382-man 534500x800000000000000037509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.510{ec2a2542-29b0-6254-0000-000000000000}9381-man 534500x800000000000000037510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.513{00000000-0000-0000-0000-000000000000}9383<unknown process>man 534500x800000000000000037511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.516{ec2a2542-29b0-6254-0000-000000000000}9384-man 534500x800000000000000037513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.517{ec2a2542-29b0-6254-0000-000000000000}9385-man 534500x800000000000000037512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.517{ec2a2542-29b0-6254-0000-000000000000}9386-man 534500x800000000000000037514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.520{ec2a2542-29b0-6254-0000-000000000000}9387-man 534500x800000000000000037516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.523{ec2a2542-29b0-6254-0000-000000000000}9390-man 534500x800000000000000037515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.523{ec2a2542-29b0-6254-0000-000000000000}9388-man 534500x800000000000000037517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.524{ec2a2542-29b0-6254-0000-000000000000}9389-man 534500x800000000000000037518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.527{ec2a2542-29b0-6254-0000-000000000000}9391-man 534500x800000000000000037520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.530{ec2a2542-29b0-6254-0000-000000000000}9394-man 534500x800000000000000037519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.530{ec2a2542-29b0-6254-0000-000000000000}9392-man 534500x800000000000000037521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.531{ec2a2542-29b0-6254-0000-000000000000}9393-man 534500x800000000000000037522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.534{ec2a2542-29b0-6254-0000-000000000000}9395-man 534500x800000000000000037523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.536{ec2a2542-29b0-6254-0000-000000000000}9396-man 534500x800000000000000037524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.537{ec2a2542-29b0-6254-0000-000000000000}9398-man 534500x800000000000000037525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.538{ec2a2542-29b0-6254-0000-000000000000}9397-man 534500x800000000000000037526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.540{ec2a2542-29b0-6254-0000-000000000000}9399-man 534500x800000000000000037527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.543{ec2a2542-29b0-6254-0000-000000000000}9400-man 534500x800000000000000037528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.544{ec2a2542-29b0-6254-0000-000000000000}9402-man 534500x800000000000000037529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.545{00000000-0000-0000-0000-000000000000}9401<unknown process>man 534500x800000000000000037530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.551{00000000-0000-0000-0000-000000000000}9403<unknown process>man 534500x800000000000000037531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.555{ec2a2542-29b0-6254-0000-000000000000}9404-man 534500x800000000000000037532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.556{ec2a2542-29b0-6254-0000-000000000000}9406-man 534500x800000000000000037533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.557{ec2a2542-29b0-6254-0000-000000000000}9405-man 534500x800000000000000037534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.560{00000000-0000-0000-0000-000000000000}9407<unknown process>man 534500x800000000000000037535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.563{ec2a2542-29b0-6254-0000-000000000000}9408-man 534500x800000000000000037537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.564{ec2a2542-29b0-6254-0000-000000000000}9409-man 534500x800000000000000037536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.564{ec2a2542-29b0-6254-0000-000000000000}9410-man 534500x800000000000000037538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.567{ec2a2542-29b0-6254-0000-000000000000}9411-man 534500x800000000000000037539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.570{ec2a2542-29b0-6254-0000-000000000000}9412-man 534500x800000000000000037541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.571{ec2a2542-29b0-6254-0000-000000000000}9413-man 534500x800000000000000037540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.571{ec2a2542-29b0-6254-0000-000000000000}9414-man 534500x800000000000000037542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.574{00000000-0000-0000-0000-000000000000}9415<unknown process>man 534500x800000000000000037543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.577{ec2a2542-29b0-6254-0000-000000000000}9416-man 534500x800000000000000037544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.578{ec2a2542-29b0-6254-0000-000000000000}9418-man 534500x800000000000000037545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.579{ec2a2542-29b0-6254-0000-000000000000}9417-man 534500x800000000000000037546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.582{ec2a2542-29b0-6254-0000-000000000000}9419-man 534500x800000000000000037547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.584{ec2a2542-29b0-6254-0000-000000000000}9420-man 534500x800000000000000037548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.585{ec2a2542-29b0-6254-0000-000000000000}9422-man 534500x800000000000000037549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.586{ec2a2542-29b0-6254-0000-000000000000}9421-man 534500x800000000000000037550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.589{00000000-0000-0000-0000-000000000000}9423<unknown process>man 534500x800000000000000037552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.592{ec2a2542-29b0-6254-0000-000000000000}9426-man 534500x800000000000000037551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.592{ec2a2542-29b0-6254-0000-000000000000}9424-man 534500x800000000000000037553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.593{ec2a2542-29b0-6254-0000-000000000000}9425-man 534500x800000000000000037554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.596{ec2a2542-29b0-6254-0000-000000000000}9427-man 534500x800000000000000037555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.598{ec2a2542-29b0-6254-0000-000000000000}9428-man 534500x800000000000000037556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.599{ec2a2542-29b0-6254-0000-000000000000}9430-man 534500x800000000000000037557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.600{ec2a2542-29b0-6254-0000-000000000000}9429-man 534500x800000000000000037558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.602{ec2a2542-29b0-6254-0000-000000000000}9431-man 534500x800000000000000037559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.605{ec2a2542-29b0-6254-0000-000000000000}9432-man 534500x800000000000000037561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.606{ec2a2542-29b0-6254-0000-000000000000}9433-man 534500x800000000000000037560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.606{ec2a2542-29b0-6254-0000-000000000000}9434-man 534500x800000000000000037562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.611{00000000-0000-0000-0000-000000000000}9435<unknown process>man 534500x800000000000000037564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.614{ec2a2542-29b0-6254-0000-000000000000}9438-man 534500x800000000000000037563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.614{ec2a2542-29b0-6254-0000-000000000000}9436-man 534500x800000000000000037565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.615{ec2a2542-29b0-6254-0000-000000000000}9437-man 534500x800000000000000037566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.618{00000000-0000-0000-0000-000000000000}9439<unknown process>man 534500x800000000000000037568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.621{ec2a2542-29b0-6254-0000-000000000000}9442-man 534500x800000000000000037567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.621{00000000-0000-0000-0000-000000000000}9440<unknown process>man 534500x800000000000000037569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.622{ec2a2542-29b0-6254-0000-000000000000}9441-man 534500x800000000000000037570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.625{ec2a2542-29b0-6254-0000-000000000000}9443-man 534500x800000000000000037571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.628{ec2a2542-29b0-6254-0000-000000000000}9444-man 534500x800000000000000037573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.629{ec2a2542-29b0-6254-0000-000000000000}9445-man 534500x800000000000000037572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.629{ec2a2542-29b0-6254-0000-000000000000}9446-man 534500x800000000000000037574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.632{00000000-0000-0000-0000-000000000000}9447<unknown process>man 534500x800000000000000037575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.635{ec2a2542-29b0-6254-0000-000000000000}9448-man 534500x800000000000000037577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.636{ec2a2542-29b0-6254-0000-000000000000}9449-man 534500x800000000000000037576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.636{ec2a2542-29b0-6254-0000-000000000000}9450-man 534500x800000000000000037578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.639{ec2a2542-29b0-6254-0000-000000000000}9451-man 534500x800000000000000037579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.642{ec2a2542-29b0-6254-0000-000000000000}9452-man 534500x800000000000000037581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.643{ec2a2542-29b0-6254-0000-000000000000}9453-man 534500x800000000000000037580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.643{ec2a2542-29b0-6254-0000-000000000000}9454-man 534500x800000000000000037582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.646{ec2a2542-29b0-6254-0000-000000000000}9455-man 534500x800000000000000037584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.649{ec2a2542-29b0-6254-0000-000000000000}9458-man 534500x800000000000000037583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.649{ec2a2542-29b0-6254-0000-000000000000}9456-man 534500x800000000000000037585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.650{ec2a2542-29b0-6254-0000-000000000000}9457-man 534500x800000000000000037586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.653{00000000-0000-0000-0000-000000000000}9459<unknown process>man 534500x800000000000000037588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.656{ec2a2542-29b0-6254-0000-000000000000}9462-man 534500x800000000000000037587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.656{ec2a2542-29b0-6254-0000-000000000000}9460-man 534500x800000000000000037589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.657{ec2a2542-29b0-6254-0000-000000000000}9461-man 534500x800000000000000037590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.660{ec2a2542-29b0-6254-0000-000000000000}9463-man 534500x800000000000000037591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.662{ec2a2542-29b0-6254-0000-000000000000}9464-man 534500x800000000000000037592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.663{ec2a2542-29b0-6254-0000-000000000000}9466-man 534500x800000000000000037593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.664{ec2a2542-29b0-6254-0000-000000000000}9465-man 534500x800000000000000037594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.667{ec2a2542-29b0-6254-0000-000000000000}9467-man 534500x800000000000000037596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.670{ec2a2542-29b0-6254-0000-000000000000}9470-man 534500x800000000000000037595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.670{ec2a2542-29b0-6254-0000-000000000000}9468-man 534500x800000000000000037597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.671{ec2a2542-29b0-6254-0000-000000000000}9469-man 534500x800000000000000037598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.674{ec2a2542-29b0-6254-0000-000000000000}9471-man 534500x800000000000000037599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.676{ec2a2542-29b0-6254-0000-000000000000}9472-man 534500x800000000000000037600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.677{ec2a2542-29b0-6254-0000-000000000000}9474-man 534500x800000000000000037601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.678{ec2a2542-29b0-6254-0000-000000000000}9473-man 534500x800000000000000037602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.680{00000000-0000-0000-0000-000000000000}9475<unknown process>man 534500x800000000000000037603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.683{ec2a2542-29b0-6254-0000-000000000000}9476-man 534500x800000000000000037604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.684{ec2a2542-29b0-6254-0000-000000000000}9478-man 534500x800000000000000037605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.685{ec2a2542-29b0-6254-0000-000000000000}9477-man 534500x800000000000000037606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.688{ec2a2542-29b0-6254-0000-000000000000}9479-man 534500x800000000000000037607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.692{ec2a2542-29b0-6254-0000-000000000000}9480-man 534500x800000000000000037609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.693{ec2a2542-29b0-6254-0000-000000000000}9481-man 534500x800000000000000037608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.693{ec2a2542-29b0-6254-0000-000000000000}9482-man 534500x800000000000000037610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.696{00000000-0000-0000-0000-000000000000}9483<unknown process>man 534500x800000000000000037611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.699{ec2a2542-29b0-6254-0000-000000000000}9484-man 534500x800000000000000037612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.700{ec2a2542-29b0-6254-0000-000000000000}9486-man 534500x800000000000000037613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.701{ec2a2542-29b0-6254-0000-000000000000}9485-man 534500x800000000000000037614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.704{00000000-0000-0000-0000-000000000000}9487<unknown process>man 534500x800000000000000037616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.707{ec2a2542-29b0-6254-0000-000000000000}9490-man 534500x800000000000000037615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.707{ec2a2542-29b0-6254-0000-000000000000}9488-man 534500x800000000000000037617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.708{ec2a2542-29b0-6254-0000-000000000000}9489-man 534500x800000000000000037618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.711{ec2a2542-29b0-6254-0000-000000000000}9491-man 534500x800000000000000037619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.713{ec2a2542-29b0-6254-0000-000000000000}9492-man 534500x800000000000000037620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.714{ec2a2542-29b0-6254-0000-000000000000}9494-man 534500x800000000000000037621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.715{ec2a2542-29b0-6254-0000-000000000000}9493-man 534500x800000000000000037622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.718{00000000-0000-0000-0000-000000000000}9495<unknown process>man 534500x800000000000000037623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.720{ec2a2542-29b0-6254-0000-000000000000}9496-man 534500x800000000000000037624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.721{ec2a2542-29b0-6254-0000-000000000000}9498-man 534500x800000000000000037625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.722{ec2a2542-29b0-6254-0000-000000000000}9497-man 534500x800000000000000037626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.725{00000000-0000-0000-0000-000000000000}9499<unknown process>man 534500x800000000000000037627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.727{ec2a2542-29b0-6254-0000-000000000000}9500-man 534500x800000000000000037628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.728{ec2a2542-29b0-6254-0000-000000000000}9502-man 534500x800000000000000037629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.729{ec2a2542-29b0-6254-0000-000000000000}9501-man 534500x800000000000000037630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.731{00000000-0000-0000-0000-000000000000}9503<unknown process>man 534500x800000000000000037631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.734{ec2a2542-29b0-6254-0000-000000000000}9504-man 534500x800000000000000037632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.735{ec2a2542-29b0-6254-0000-000000000000}9506-man 534500x800000000000000037633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.736{ec2a2542-29b0-6254-0000-000000000000}9505-man 534500x800000000000000037634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.739{00000000-0000-0000-0000-000000000000}9507<unknown process>man 534500x800000000000000037635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.741{ec2a2542-29b0-6254-0000-000000000000}9508-man 534500x800000000000000037636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.742{ec2a2542-29b0-6254-0000-000000000000}9510-man 534500x800000000000000037637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.743{ec2a2542-29b0-6254-0000-000000000000}9509-man 534500x800000000000000037638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.746{ec2a2542-29b0-6254-0000-000000000000}9511-man 534500x800000000000000037639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.748{ec2a2542-29b0-6254-0000-000000000000}9512-man 534500x800000000000000037640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.749{ec2a2542-29b0-6254-0000-000000000000}9514-man 534500x800000000000000037641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.751{ec2a2542-29b0-6254-0000-000000000000}9513-man 534500x800000000000000037642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.754{00000000-0000-0000-0000-000000000000}9515<unknown process>man 534500x800000000000000037644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.757{ec2a2542-29b0-6254-0000-000000000000}9518-man 534500x800000000000000037643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.757{ec2a2542-29b0-6254-0000-000000000000}9516-man 534500x800000000000000037645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.758{ec2a2542-29b0-6254-0000-000000000000}9517-man 534500x800000000000000037646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.761{00000000-0000-0000-0000-000000000000}9519<unknown process>man 534500x800000000000000037647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.764{ec2a2542-29b0-6254-0000-000000000000}9520-man 534500x800000000000000037648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.765{ec2a2542-29b0-6254-0000-000000000000}9522-man 534500x800000000000000037649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.766{ec2a2542-29b0-6254-0000-000000000000}9521-man 534500x800000000000000037650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.768{00000000-0000-0000-0000-000000000000}9523<unknown process>man 534500x800000000000000037651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.771{ec2a2542-29b0-6254-0000-000000000000}9524-man 534500x800000000000000037652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.772{ec2a2542-29b0-6254-0000-000000000000}9526-man 534500x800000000000000037653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.773{ec2a2542-29b0-6254-0000-000000000000}9525-man 534500x800000000000000037654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.776{00000000-0000-0000-0000-000000000000}9527<unknown process>man 534500x800000000000000037655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.778{ec2a2542-29b0-6254-0000-000000000000}9528-man 534500x800000000000000037656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.779{ec2a2542-29b0-6254-0000-000000000000}9530-man 534500x800000000000000037657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.780{ec2a2542-29b0-6254-0000-000000000000}9529-man 534500x800000000000000037658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.803{00000000-0000-0000-0000-000000000000}9531<unknown process>man 534500x800000000000000037659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.806{ec2a2542-29b0-6254-0000-000000000000}9532-man 534500x800000000000000037661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.807{ec2a2542-29b0-6254-0000-000000000000}9533-man 534500x800000000000000037660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.807{ec2a2542-29b0-6254-0000-000000000000}9534-man 534500x800000000000000037662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.828{00000000-0000-0000-0000-000000000000}9535<unknown process>man 534500x800000000000000037664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.832{ec2a2542-29b0-6254-0000-000000000000}9538-man 534500x800000000000000037663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.832{ec2a2542-29b0-6254-0000-000000000000}9536-man 534500x800000000000000037665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.833{ec2a2542-29b0-6254-0000-000000000000}9537-man 534500x800000000000000037666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.838{00000000-0000-0000-0000-000000000000}9539<unknown process>man 534500x800000000000000037667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.841{ec2a2542-29b0-6254-0000-000000000000}9540-man 534500x800000000000000037668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.842{ec2a2542-29b0-6254-0000-000000000000}9542-man 534500x800000000000000037669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.843{ec2a2542-29b0-6254-0000-000000000000}9541-man 534500x800000000000000037670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.846{ec2a2542-29b0-6254-0000-000000000000}9543-man 534500x800000000000000037671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.849{ec2a2542-29b0-6254-0000-000000000000}9544-man 534500x800000000000000037673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.850{ec2a2542-29b0-6254-0000-000000000000}9545-man 534500x800000000000000037672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.850{ec2a2542-29b0-6254-0000-000000000000}9546-man 534500x800000000000000037674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.854{00000000-0000-0000-0000-000000000000}9547<unknown process>man 534500x800000000000000037676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.858{ec2a2542-29b0-6254-0000-000000000000}9550-man 534500x800000000000000037675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.858{ec2a2542-29b0-6254-0000-000000000000}9548-man 534500x800000000000000037677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.860{00000000-0000-0000-0000-000000000000}9549<unknown process>man 534500x800000000000000037678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.863{ec2a2542-29b0-6254-0000-000000000000}9551-man 534500x800000000000000037680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.867{ec2a2542-29b0-6254-0000-000000000000}9554-man 534500x800000000000000037679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.867{ec2a2542-29b0-6254-0000-000000000000}9552-man 534500x800000000000000037681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.868{ec2a2542-29b0-6254-0000-000000000000}9553-man 534500x800000000000000037682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.872{ec2a2542-29b0-6254-0000-000000000000}9555-man 534500x800000000000000037684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.875{ec2a2542-29b0-6254-0000-000000000000}9558-man 534500x800000000000000037683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.875{ec2a2542-29b0-6254-0000-000000000000}9556-man 534500x800000000000000037685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.876{ec2a2542-29b0-6254-0000-000000000000}9557-man 534500x800000000000000037686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.879{ec2a2542-29b0-6254-0000-000000000000}9559-man 534500x800000000000000037687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.882{ec2a2542-29b0-6254-0000-000000000000}9560-man 534500x800000000000000037689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.883{ec2a2542-29b0-6254-0000-000000000000}9561-man 534500x800000000000000037688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.883{ec2a2542-29b0-6254-0000-000000000000}9562-man 534500x800000000000000037690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.886{ec2a2542-29b0-6254-0000-000000000000}9563-man 534500x800000000000000037691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.889{ec2a2542-29b0-6254-0000-000000000000}9564-man 534500x800000000000000037693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.890{00000000-0000-0000-0000-000000000000}9565<unknown process>man 534500x800000000000000037692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.890{ec2a2542-29b0-6254-0000-000000000000}9566-man 534500x800000000000000037694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.893{ec2a2542-29b0-6254-0000-000000000000}9567-man 534500x800000000000000037695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.896{ec2a2542-29b0-6254-0000-000000000000}9568-man 534500x800000000000000037697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.897{ec2a2542-29b0-6254-0000-000000000000}9569-man 534500x800000000000000037696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.897{ec2a2542-29b0-6254-0000-000000000000}9570-man 534500x800000000000000037698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.900{00000000-0000-0000-0000-000000000000}9571<unknown process>man 534500x800000000000000037699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.903{00000000-0000-0000-0000-000000000000}9572<unknown process>man 534500x800000000000000037700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.904{ec2a2542-29b0-6254-0000-000000000000}9574-man 534500x800000000000000037701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.905{ec2a2542-29b0-6254-0000-000000000000}9573-man 534500x800000000000000037702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.908{ec2a2542-29b0-6254-0000-000000000000}9575-man 534500x800000000000000037704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.911{ec2a2542-29b0-6254-0000-000000000000}9578-man 534500x800000000000000037703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.911{ec2a2542-29b0-6254-0000-000000000000}9576-man 534500x800000000000000037705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.912{ec2a2542-29b0-6254-0000-000000000000}9577-man 534500x800000000000000037706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.915{ec2a2542-29b0-6254-0000-000000000000}9579-man 534500x800000000000000037707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.918{ec2a2542-29b0-6254-0000-000000000000}9580-man 534500x800000000000000037709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.919{ec2a2542-29b0-6254-0000-000000000000}9581-man 534500x800000000000000037708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.919{ec2a2542-29b0-6254-0000-000000000000}9582-man 534500x800000000000000037710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:24.922{ec2a2542-29b0-6254-0000-000000000000}9583-man 354300x800000000000000041276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:46.732{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54800-false10.0.1.12-8000- 354300x800000000000000041277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:52.641{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54802-false10.0.1.12-8000- 354300x800000000000000041278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:14:57.690{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54804-false10.0.1.12-8000- 23542300x800000000000000041279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:01.666{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:03.643{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54806-false10.0.1.12-8000- 354300x800000000000000041281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:08.664{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54808-false10.0.1.12-8000- 354300x800000000000000041282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:13.679{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54810-false10.0.1.12-8000- 354300x800000000000000041283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:18.802{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54812-false10.0.1.12-8000- 354300x800000000000000041284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:23.344{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34524-false10.0.1.12-8089- 354300x800000000000000041285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:24.786{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54816-false10.0.1.12-8000- 354300x800000000000000041286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:30.651{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54818-false10.0.1.12-8000- 23542300x800000000000000041287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:31.811{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:35.784{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54820-false10.0.1.12-8000- 154100x800000000000000041289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:39.892{ec2a2542-29fb-6254-68d4-3ef16a550000}11147/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000041290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:39.911{ec2a2542-29fb-6254-68d4-3ef16a550000}11147/bin/psroot 354300x800000000000000041291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:41.736{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54822-false10.0.1.12-8000- 354300x800000000000000041292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:47.730{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54824-false10.0.1.12-8000- 354300x800000000000000041293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:52.805{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54826-false10.0.1.12-8000- 354300x800000000000000041294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:15:58.654{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54828-false10.0.1.12-8000- 23542300x800000000000000041295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:01.811{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:04.641{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54830-false10.0.1.12-8000- 354300x800000000000000041297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:09.831{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54832-false10.0.1.12-8000- 354300x800000000000000041298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:15.745{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54834-false10.0.1.12-8000- 354300x800000000000000041299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:20.834{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54836-false10.0.1.12-8000- 354300x800000000000000041300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:23.349{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34548-false10.0.1.12-8089- 354300x800000000000000041301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:26.732{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54840-false10.0.1.12-8000- 23542300x800000000000000041302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:31.812{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:32.614{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54842-false10.0.1.12-8000- 354300x800000000000000041304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:37.796{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54844-false10.0.1.12-8000- 154100x800000000000000041305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:40.912{ec2a2542-2a38-6254-6864-3c97a4550000}11148/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000041306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:40.924{ec2a2542-2a38-6254-6864-3c97a4550000}11148/bin/psroot 354300x800000000000000041307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:43.721{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54846-false10.0.1.12-8000- 354300x800000000000000041308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:48.777{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54848-false10.0.1.12-8000- 354300x800000000000000041309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:54.600{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54850-false10.0.1.12-8000- 354300x800000000000000041310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:16:59.665{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54852-false10.0.1.12-8000- 154100x800000000000000041311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:00.425{ec2a2542-2a4c-6254-68c2-9a2a32560000}11150/bin/dash-----/bin/sh -c cd / && run-parts --report /etc/cron.hourly/rootroot{ec2a2542-0000-0000-0000-000000000000}05no level-{00000000-0000-0000-0000-000000000000}11149--- 154100x800000000000000041312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:00.426{ec2a2542-2a4c-6254-38ca-85a6b9550000}11151/bin/run-parts-----run-parts --report /etc/cron.hourly/root{ec2a2542-0000-0000-0000-000000000000}05no level-{ec2a2542-2a4c-6254-68c2-9a2a32560000}11150/bin/dash/bin/shroot 534500x800000000000000041315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:00.427{ec2a2542-29c5-6254-0000-000000000000}11149-root 534500x800000000000000041314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:00.427{ec2a2542-2a4c-6254-68c2-9a2a32560000}11150/bin/dashroot 534500x800000000000000041313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:00.427{ec2a2542-2a4c-6254-38ca-85a6b9550000}11151/bin/run-partsroot 23542300x800000000000000041316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:01.810{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:04.722{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54854-false10.0.1.12-8000- 354300x800000000000000041318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:09.756{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54856-false10.0.1.12-8000- 354300x800000000000000041319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:14.818{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54858-false10.0.1.12-8000- 354300x800000000000000041320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:20.636{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54860-false10.0.1.12-8000- 354300x800000000000000041321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:23.356{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34572-false10.0.1.12-8089- 354300x800000000000000041322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:25.742{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54864-false10.0.1.12-8000- 354300x800000000000000041323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:30.795{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54866-false10.0.1.12-8000- 23542300x800000000000000041324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:31.811{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:36.629{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54868-false10.0.1.12-8000- 354300x800000000000000041326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:41.776{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54870-false10.0.1.12-8000- 154100x800000000000000041327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:41.926{ec2a2542-2a75-6254-6854-0717f9550000}11152/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000041328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:41.939{ec2a2542-2a75-6254-6854-0717f9550000}11152/bin/psroot 354300x800000000000000041329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:47.634{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54872-false10.0.1.12-8000- 354300x800000000000000041330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:52.659{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54874-false10.0.1.12-8000- 154100x800000000000000041331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:55.956{ec2a2542-2a83-6254-98a8-ba8e34560000}11153/usr/bin/clear_console-----/usr/bin/clear_console -q/home/ubuntuubuntu{ec2a2542-2929-6254-e803-000000000000}10004no level-{ec2a2542-2928-6254-0834-066f98550000}2749/bin/bash-bashubuntu 534500x800000000000000041333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:55.958{ec2a2542-2928-6254-0834-066f98550000}2749/bin/bashubuntu 534500x800000000000000041332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:55.958{ec2a2542-2a83-6254-98a8-ba8e34560000}11153/usr/bin/clear_consoleubuntu 534500x800000000000000041334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:56.069{ec2a2542-2928-6254-0000-000000000000}2748-ubuntu 534500x800000000000000041335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:56.071{ec2a2542-2924-6254-e057-8c3ef0550000}2682/usr/sbin/sshdroot 23542300x800000000000000041338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:56.072{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/transient/session-4.scope--- 23542300x800000000000000041337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:56.072{ec2a2542-0ff1-6254-58a9-8a1e10560000}1root/lib/systemd/systemd/run/systemd/units/invocation:session-4.scope--- 23542300x800000000000000041336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:56.072{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/sessions/4.ref--- 23542300x800000000000000041339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:56.074{ec2a2542-0ffd-6254-8063-961ac7550000}918root/lib/systemd/systemd-logind/run/systemd/sessions/4--- 354300x800000000000000041340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:17:57.775{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54876-false10.0.1.12-8000- 23542300x800000000000000041341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:01.811{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:03.713{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54878-false10.0.1.12-8000- 354300x800000000000000041343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:08.782{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54880-false10.0.1.12-8000- 354300x800000000000000041344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:14.621{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54882-false10.0.1.12-8000- 154100x800000000000000041346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:15.278{ec2a2542-2a97-6254-e0f7-e826b6550000}11154/usr/sbin/sshd-----/usr/sbin/sshd -D -R/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}1010--- 354300x800000000000000041345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:15.278{ec2a2542-0ffd-6254-e0d7-7e6a46560000}1010/usr/sbin/sshdroottcpfalsefalse10.0.1.14-63310-false10.0.1.20-22- 534500x800000000000000041347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.800{ec2a2542-2a97-6254-0000-000000000000}11155-sshd 154100x800000000000000041350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.809{ec2a2542-2a99-6254-383a-34f1d8550000}11157/bin/run-parts-----run-parts --lsbsysinit /etc/update-motd.d/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-6842-a581c6550000}11156/bin/dashshroot 154100x800000000000000041349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.809{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env-----/usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-6842-a581c6550000}11156/bin/dashshroot 154100x800000000000000041348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.809{ec2a2542-2a99-6254-6842-a581c6550000}11156/bin/dash-----sh -c /usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d > /run/motd.dynamic.new/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a97-6254-e0f7-e826b6550000}11154/usr/sbin/sshd/usr/sbin/sshdroot 154100x800000000000000041351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.812{ec2a2542-2a99-6254-6822-14643f560000}11158/bin/dash-----/bin/sh /etc/update-motd.d/00-header/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.813{ec2a2542-2a99-6254-806e-d580f4550000}11159/bin/unameroot 154100x800000000000000041352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.813{ec2a2542-2a99-6254-806e-d580f4550000}11159/bin/uname-----uname -o/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-6822-14643f560000}11158/bin/dash/bin/shroot 154100x800000000000000041356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.814{ec2a2542-2a99-6254-806e-caee1c560000}11161/bin/uname-----uname -m/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-6822-14643f560000}11158/bin/dash/bin/shroot 534500x800000000000000041355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.814{ec2a2542-2a99-6254-808e-d27519560000}11160/bin/unameroot 154100x800000000000000041354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.814{ec2a2542-2a99-6254-808e-d27519560000}11160/bin/uname-----uname -r/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-6822-14643f560000}11158/bin/dash/bin/shroot 154100x800000000000000041359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.815{ec2a2542-2a99-6254-68a2-aa3df5550000}11162/bin/dash-----/bin/sh /etc/update-motd.d/10-help-text/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.815{ec2a2542-2a99-6254-6822-14643f560000}11158/bin/dashroot 534500x800000000000000041357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.815{ec2a2542-2a99-6254-806e-caee1c560000}11161/bin/unameroot 154100x800000000000000041362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.816{ec2a2542-2a99-6254-505c-d971cb550000}11164/bin/grep-----grep -c ^processor /proc/cpuinfo/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-68e2-c00187550000}11163/bin/dash/bin/shroot 154100x800000000000000041361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.816{ec2a2542-2a99-6254-68e2-c00187550000}11163/bin/dash-----/bin/sh /etc/update-motd.d/50-landscape-sysinfo/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.816{ec2a2542-2a99-6254-68a2-aa3df5550000}11162/bin/dashroot 534500x800000000000000041363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.817{ec2a2542-2a99-6254-505c-d971cb550000}11164/bin/greproot 154100x800000000000000041367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.818{ec2a2542-2a99-6254-98ef-4b0067550000}11167/usr/bin/bc-----bc/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11165--- 534500x800000000000000041366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.818{00000000-0000-0000-0000-000000000000}11166<unknown process>root 534500x800000000000000041365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.818{ec2a2542-2a99-6254-b8b0-7cbb18560000}11168/usr/bin/cutroot 154100x800000000000000041364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.818{ec2a2542-2a99-6254-b8b0-7cbb18560000}11168/usr/bin/cut-----cut -f1 -d /proc/loadavg/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11166--- 154100x800000000000000041372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.819{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6-----/usr/bin/python3 /usr/bin/landscape-sysinfo/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-68e2-c00187550000}11163/bin/dash/bin/shroot 534500x800000000000000041371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.819{ec2a2542-2a99-6254-08bf-a86fe4550000}11169/bin/dateroot 154100x800000000000000041370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.819{ec2a2542-2a99-6254-08bf-a86fe4550000}11169/bin/date-----/bin/date/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-68e2-c00187550000}11163/bin/dash/bin/shroot 534500x800000000000000041369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.819{00000000-0000-0000-0000-000000000000}11165<unknown process>root 534500x800000000000000041368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.819{ec2a2542-2a99-6254-98ef-4b0067550000}11167/usr/bin/bcroot 154100x800000000000000041374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.925{ec2a2542-2a99-6254-b881-d0acc07f0000}11171/sbin/ldconfig.real-----/sbin/ldconfig.real -p/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6/usr/bin/python3root 154100x800000000000000041373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.925{ec2a2542-2a99-6254-68d2-3ccda0550000}11171/bin/dash-----/bin/sh /sbin/ldconfig -p/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000041375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.927{ec2a2542-2a99-6254-68d2-3ccda0550000}11171/bin/dashroot 154100x800000000000000041377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.954{ec2a2542-2a99-6254-b881-07e4e57f0000}11172/sbin/ldconfig.real-----/sbin/ldconfig.real -p/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6/usr/bin/python3root 154100x800000000000000041376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.954{ec2a2542-2a99-6254-6872-df5e69550000}11172/bin/dash-----/bin/sh /sbin/ldconfig -p/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000041378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:17.956{ec2a2542-2a99-6254-6872-df5e69550000}11172/bin/dashroot 534500x800000000000000041379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.066{00000000-0000-0000-0000-000000000000}11173<unknown process>root 154100x800000000000000041380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.100{ec2a2542-2a9a-6254-f0a3-05debf550000}11174/usr/bin/who-----who -q/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000041381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.103{ec2a2542-2a9a-6254-f0a3-05debf550000}11174/usr/bin/whoroot 154100x800000000000000041384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.152{ec2a2542-2a9a-6254-68e2-f9d668550000}11175/bin/dash-----/bin/sh /etc/update-motd.d/50-motd-news/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.152{ec2a2542-2a99-6254-68e2-c00187550000}11163/bin/dashroot 534500x800000000000000041382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.152{ec2a2542-2a99-6254-a036-7b0000000000}11170/usr/bin/python3.6root 534500x800000000000000041391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.153{ec2a2542-2a9a-6254-d0f9-2b3d68550000}11176/bin/catroot 154100x800000000000000041388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.153{ec2a2542-2a9a-6254-7802-19f96e550000}11177/usr/bin/head-----head -n 10/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-f9d668550000}11175/bin/dash/bin/shroot 154100x800000000000000041387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.153{ec2a2542-2a9a-6254-b8b0-dcca53560000}11179/usr/bin/cut-----cut -c -80/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-f9d668550000}11175/bin/dash/bin/shroot 154100x800000000000000041386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.153{ec2a2542-2a9a-6254-e055-53450e560000}11178/usr/bin/tr-----tr -d \000-\011\013\014\016-\037/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-f9d668550000}11175/bin/dash/bin/shroot 154100x800000000000000041385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.153{ec2a2542-2a9a-6254-d0f9-2b3d68550000}11176/bin/cat-----cat /var/cache/motd-news/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-f9d668550000}11175/bin/dash/bin/shroot 534500x800000000000000041393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.154{ec2a2542-2a9a-6254-68e2-f9d668550000}11175/bin/dashroot 534500x800000000000000041392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.154{ec2a2542-2a9a-6254-b8b0-dcca53560000}11179/usr/bin/cutroot 534500x800000000000000041390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.154{ec2a2542-2a9a-6254-e055-53450e560000}11178/usr/bin/trroot 534500x800000000000000041389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.154{ec2a2542-2a9a-6254-7802-19f96e550000}11177/usr/bin/headroot 534500x800000000000000041395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.155{ec2a2542-2a9a-6254-6812-3d2a78550000}11180/bin/dashroot 154100x800000000000000041394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.155{ec2a2542-2a9a-6254-6812-3d2a78550000}11180/bin/dash-----/bin/sh /etc/update-motd.d/88-esm-announce/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 154100x800000000000000041397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.156{ec2a2542-2a9a-6254-d049-ff6807560000}11182/bin/cat-----cat /var/lib/update-notifier/updates-available/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68b2-408630560000}11181/bin/dash/bin/shroot 154100x800000000000000041396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.156{ec2a2542-2a9a-6254-68b2-408630560000}11181/bin/dash-----/bin/sh /etc/update-motd.d/90-updates-available/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 154100x800000000000000041400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.157{ec2a2542-2a9a-6254-68c2-4f42c4550000}11183/bin/dash-----/bin/sh /etc/update-motd.d/91-contract-ua-esm-status/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.157{ec2a2542-2a9a-6254-68b2-408630560000}11181/bin/dashroot 534500x800000000000000041398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.157{ec2a2542-2a9a-6254-d049-ff6807560000}11182/bin/catroot 154100x800000000000000041408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.158{ec2a2542-2a9a-6254-6802-bfb7f5550000}11184/bin/dash-----/bin/sh -e /usr/lib/ubuntu-release-upgrader/release-upgrade-motd/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 154100x800000000000000041402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.158{ec2a2542-2a9a-6254-6882-e47558550000}11184/bin/dash-----/bin/sh /etc/update-motd.d/91-release-upgrade/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.158{ec2a2542-2a9a-6254-68c2-4f42c4550000}11183/bin/dashroot 154100x800000000000000041404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.160{ec2a2542-2a9a-6254-b840-719c09560000}11187/usr/bin/cut-----cut -d -f4/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11185--- 154100x800000000000000041403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.160{ec2a2542-2a9a-6254-a036-7b0000000000}11186/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -sd/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11185--- 534500x800000000000000041407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.200{00000000-0000-0000-0000-000000000000}11185<unknown process>root 534500x800000000000000041406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.200{ec2a2542-2a9a-6254-b840-719c09560000}11187/usr/bin/cutroot 534500x800000000000000041405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.200{ec2a2542-2a9a-6254-a036-7b0000000000}11186/usr/bin/python3.6root 154100x800000000000000041411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.201{ec2a2542-2a9a-6254-88b4-f52f27560000}11189/usr/bin/stat-----stat -c %Y /var/lib/ubuntu-release-upgrader/release-upgrade-available/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6882-e47558550000}11184/bin/dash/bin/shroot 534500x800000000000000041410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.201{ec2a2542-2a9a-6254-086f-df513c560000}11188/bin/dateroot 154100x800000000000000041409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.201{ec2a2542-2a9a-6254-086f-df513c560000}11188/bin/date-----date +%s/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6882-e47558550000}11184/bin/dash/bin/shroot 154100x800000000000000041413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.202{ec2a2542-2a9a-6254-9885-338c0c560000}11190/usr/bin/expr-----expr 1649682689 + 86400/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6882-e47558550000}11184/bin/dash/bin/shroot 534500x800000000000000041412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.202{ec2a2542-2a9a-6254-88b4-f52f27560000}11189/usr/bin/statroot 154100x800000000000000041415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.203{ec2a2542-2a9a-6254-d079-6814de550000}11191/bin/cat-----cat /var/lib/ubuntu-release-upgrader/release-upgrade-available/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6882-e47558550000}11184/bin/dash/bin/shroot 534500x800000000000000041414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.203{ec2a2542-2a9a-6254-9885-338c0c560000}11190/usr/bin/exprroot 154100x800000000000000041419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.204{ec2a2542-2a9a-6254-6862-2ecf3f560000}11192/bin/dash-----/bin/sh /usr/share/unattended-upgrades/update-motd-unattended-upgrades/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 154100x800000000000000041418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.204{ec2a2542-2a9a-6254-6862-176d11560000}11192/bin/dash-----/bin/sh /etc/update-motd.d/92-unattended-upgrades/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.204{ec2a2542-2a9a-6254-6882-e47558550000}11184/bin/dashroot 534500x800000000000000041416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.204{ec2a2542-2a9a-6254-d079-6814de550000}11191/bin/catroot 154100x800000000000000041422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.205{ec2a2542-2a9a-6254-6852-5ac70a560000}11193/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 154100x800000000000000041421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.205{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash-----/bin/sh /etc/update-motd.d/95-hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.205{ec2a2542-2a9a-6254-6862-176d11560000}11192/bin/dashroot 154100x800000000000000041423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.206{ec2a2542-2a9a-6254-7394-e74029560000}11194/usr/bin/apt-config-----apt-config shell StateDir Dir::State/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 154100x800000000000000041424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.216{ec2a2542-2a9a-6254-7031-a93032560000}11195/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-7394-e74029560000}11194/usr/bin/apt-configapt-configroot 534500x800000000000000041425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.218{ec2a2542-2a9a-6254-7031-a93032560000}11195/usr/bin/dpkgroot 154100x800000000000000041427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.219{ec2a2542-2a9a-6254-73d4-9634ce550000}11196/usr/bin/apt-config-----apt-config shell ListDir Dir::State::Lists/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.219{ec2a2542-2a9a-6254-7394-e74029560000}11194/usr/bin/apt-configroot 154100x800000000000000041428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.223{ec2a2542-2a9a-6254-7021-b8d137560000}11197/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-73d4-9634ce550000}11196/usr/bin/apt-configapt-configroot 154100x800000000000000041431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.225{ec2a2542-2a9a-6254-7314-935f38560000}11198/usr/bin/apt-config-----apt-config shell DpkgStatus Dir::State::status/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.225{ec2a2542-2a9a-6254-73d4-9634ce550000}11196/usr/bin/apt-configroot 534500x800000000000000041429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.225{ec2a2542-2a9a-6254-7021-b8d137560000}11197/usr/bin/dpkgroot 154100x800000000000000041432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.232{ec2a2542-2a9a-6254-7051-c429d9550000}11199/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-7314-935f38560000}11198/usr/bin/apt-configapt-configroot 534500x800000000000000041433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.234{ec2a2542-2a9a-6254-7051-c429d9550000}11199/usr/bin/dpkgroot 154100x800000000000000041435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.235{ec2a2542-2a9a-6254-7304-9dcae3550000}11200/usr/bin/apt-config-----apt-config shell EtcDir Dir::Etc/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.235{ec2a2542-2a9a-6254-7314-935f38560000}11198/usr/bin/apt-configroot 154100x800000000000000041436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.239{ec2a2542-2a9a-6254-70d1-93e664550000}11201/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-7304-9dcae3550000}11200/usr/bin/apt-configapt-configroot 534500x800000000000000041437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.248{ec2a2542-2a9a-6254-70d1-93e664550000}11201/usr/bin/dpkgroot 154100x800000000000000041439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.249{ec2a2542-2a9a-6254-7354-cbbc6f550000}11202/usr/bin/apt-config-----apt-config shell SourceList Dir::Etc::sourcelist/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.249{ec2a2542-2a9a-6254-7304-9dcae3550000}11200/usr/bin/apt-configroot 154100x800000000000000041440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.253{ec2a2542-2a9a-6254-7071-341221560000}11203/usr/bin/dpkg-----/usr/bin/dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-7354-cbbc6f550000}11202/usr/bin/apt-configapt-configroot 534500x800000000000000041441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.255{ec2a2542-2a9a-6254-7071-341221560000}11203/usr/bin/dpkgroot 154100x800000000000000041443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.256{ec2a2542-2a9a-6254-90e0-0f2a46560000}11204/usr/bin/find-----find /var/lib/apt/lists/ /etc/apt/sources.list //var/lib/dpkg/status -type f -newer /var/lib/update-notifier/hwe-eol -print -quit/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.256{ec2a2542-2a9a-6254-7354-cbbc6f550000}11202/usr/bin/apt-configroot 154100x800000000000000041447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.257{ec2a2542-2a9a-6254-a8a0-dbe2dc550000}11205/bin/mktemp-----mktemp -p /var/lib/update-notifier/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.257{ec2a2542-2a9a-6254-90e0-0f2a46560000}11204/usr/bin/findroot 534500x800000000000000041446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.258{ec2a2542-2a9a-6254-e8e8-2cb251560000}11206/usr/bin/dirnameroot 154100x800000000000000041445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.258{ec2a2542-2a9a-6254-e8e8-2cb251560000}11206/usr/bin/dirname-----dirname /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11205--- 154100x800000000000000041449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.259{ec2a2542-2a9a-6254-a036-7b0000000000}11207/usr/bin/python3.6-----/usr/bin/python3 /usr/bin/hwe-support-status/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.259{ec2a2542-2a9a-6254-a8a0-dbe2dc550000}11205/bin/mktemproot 154100x800000000000000041450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.352{ec2a2542-2a9a-6254-a036-7b0000000000}11208/usr/bin/python3.6-----/usr/bin/python3 -Es /usr/bin/lsb_release -c -s/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-a036-7b0000000000}11207/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000041451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.400{ec2a2542-2a9a-6254-a036-7b0000000000}11208/usr/bin/python3.6root 154100x800000000000000041452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.401{ec2a2542-2a9a-6254-7051-39cfd7550000}11209/usr/bin/dpkg-----dpkg --print-foreign-architectures/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-a036-7b0000000000}11207/usr/bin/python3.6/usr/bin/python3root 534500x800000000000000041453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.404{ec2a2542-2a9a-6254-7051-39cfd7550000}11209/usr/bin/dpkgroot 154100x800000000000000041455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.424{ec2a2542-2a9a-6254-88db-1cdec2550000}11210/bin/mv-----mv /var/lib/update-notifier/tmp.qS2ZGiBson /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.424{ec2a2542-2a9a-6254-a036-7b0000000000}11207/usr/bin/python3.6root 154100x800000000000000041457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.425{ec2a2542-2a9a-6254-d009-8efdb8550000}11211/bin/cat-----cat /var/lib/update-notifier/hwe-eol/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.425{ec2a2542-2a9a-6254-88db-1cdec2550000}11210/bin/mvroot 154100x800000000000000041459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.426{ec2a2542-2a9a-6254-70e3-988db9550000}11212/bin/rm-----rm -f /var/lib/update-notifier/tmp.qS2ZGiBson/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dash/bin/shroot 534500x800000000000000041458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.426{ec2a2542-2a9a-6254-d009-8efdb8550000}11211/bin/catroot 154100x800000000000000041462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.427{ec2a2542-2a9a-6254-68d2-c9d52c560000}11213/bin/dash-----/bin/sh /etc/update-motd.d/97-overlayroot/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.427{ec2a2542-2a9a-6254-68e2-a82f76550000}11193/bin/dashroot 534500x800000000000000041460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.427{ec2a2542-2a9a-6254-70e3-988db9550000}11212/bin/rmroot 154100x800000000000000041465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.428{ec2a2542-2a9a-6254-508c-f97353560000}11215/bin/grep-----grep -E overlayroot|/media/root-ro|/media/root-rw /proc/mounts/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11214--- 154100x800000000000000041464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.428{ec2a2542-2a9a-6254-18ea-799f6b550000}11216/usr/bin/sort-----sort -r/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11214--- 154100x800000000000000041463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.428{ec2a2542-2a9a-6254-6832-3e7fce550000}11215/bin/dash-----/bin/sh /bin/egrep overlayroot|/media/root-ro|/media/root-rw /proc/mounts/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11214--- 154100x800000000000000041471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.430{ec2a2542-2a9a-6254-6822-69e684550000}11217/bin/dash-----/bin/sh /usr/lib/update-notifier/update-motd-fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.430{ec2a2542-2a9a-6254-68d2-c9d52c560000}11213/bin/dashroot 154100x800000000000000041469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.430{ec2a2542-2a9a-6254-6832-21c3d5550000}11217/bin/dash-----/bin/sh /etc/update-motd.d/98-fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.430{00000000-0000-0000-0000-000000000000}11214<unknown process>root 534500x800000000000000041467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.430{ec2a2542-2a9a-6254-18ea-799f6b550000}11216/usr/bin/sortroot 534500x800000000000000041466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.430{ec2a2542-2a9a-6254-6832-3e7fce550000}11215/bin/dashroot 154100x800000000000000041472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.431{ec2a2542-2a9a-6254-8804-523650560000}11218/usr/bin/stat-----stat -c %Y /var/lib/update-notifier/fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6832-21c3d5550000}11217/bin/dash/bin/shroot 154100x800000000000000041476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.432{ec2a2542-2a9a-6254-083f-d77b85550000}11219/bin/date-----date -d now - 6824.95 seconds +%s/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6832-21c3d5550000}11217/bin/dash/bin/shroot 534500x800000000000000041473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.432{ec2a2542-2a9a-6254-8804-523650560000}11218/usr/bin/statroot 154100x800000000000000041474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.433{ec2a2542-2a9a-6254-f0ec-3d9e0d560000}11220/usr/bin/gawk-----awk {print $1} /proc/uptime/root{ec2a2542-0000-0000-0000-000000000000}06no level-{00000000-0000-0000-0000-000000000000}11219--- 534500x800000000000000041475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.434{ec2a2542-2a9a-6254-f0ec-3d9e0d560000}11220/usr/bin/gawkroot 154100x800000000000000041478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.435{ec2a2542-2a9a-6254-08cf-18ff10560000}11221/bin/date-----date +%s/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6832-21c3d5550000}11217/bin/dash/bin/shroot 534500x800000000000000041477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.435{ec2a2542-2a9a-6254-083f-d77b85550000}11219/bin/dateroot 534500x800000000000000041481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.436{ec2a2542-2a9a-6254-d059-8f36ca550000}11222/bin/catroot 154100x800000000000000041480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.436{ec2a2542-2a9a-6254-d059-8f36ca550000}11222/bin/cat-----cat /var/lib/update-notifier/fsck-at-reboot/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a9a-6254-6832-21c3d5550000}11217/bin/dash/bin/shroot 534500x800000000000000041479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.436{ec2a2542-2a9a-6254-08cf-18ff10560000}11221/bin/dateroot 154100x800000000000000041484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.437{ec2a2542-2a9a-6254-6822-a14f31560000}11223/bin/dash-----/bin/sh -e /usr/lib/update-notifier/update-motd-reboot-required/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 154100x800000000000000041483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.437{ec2a2542-2a9a-6254-6852-edb7c7550000}11223/bin/dash-----/bin/sh /etc/update-motd.d/98-reboot-required/root{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/env/usr/bin/envroot 534500x800000000000000041482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.437{ec2a2542-2a9a-6254-6832-21c3d5550000}11217/bin/dashroot 534500x800000000000000041487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.439{ec2a2542-2a99-6254-6842-a581c6550000}11156/bin/dashroot 534500x800000000000000041486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.439{ec2a2542-2a99-6254-788c-67af81550000}11157/usr/bin/envroot 534500x800000000000000041485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.439{ec2a2542-2a9a-6254-6852-edb7c7550000}11223/bin/dashroot 154100x800000000000000041488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.494{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash------bash/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{00000000-0000-0000-0000-000000000000}11224--- 154100x800000000000000041489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.498{ec2a2542-2a9a-6254-886e-d57578550000}11227/usr/bin/locale-check-----/usr/bin/locale-check C.UTF-8/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{00000000-0000-0000-0000-000000000000}11226--- 534500x800000000000000041491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.499{ec2a2542-2a9a-6254-0000-000000000000}11226-ubuntu 534500x800000000000000041490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.499{ec2a2542-2a9a-6254-886e-d57578550000}11227/usr/bin/locale-checkubuntu 154100x800000000000000041492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.500{ec2a2542-2a9a-6254-3070-0d8f36560000}11228/usr/bin/locale-----locale/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.502{ec2a2542-2a9a-6254-3070-0d8f36560000}11228/usr/bin/localeubuntu 534500x800000000000000041494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.504{ec2a2542-2a9a-6254-0000-000000000000}11229-ubuntu 154100x800000000000000041495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.523{ec2a2542-2a9a-6254-68e2-f1f6a7550000}11231/bin/dash-----/bin/sh /usr/bin/lesspipe/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{00000000-0000-0000-0000-000000000000}11230--- 154100x800000000000000041496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.524{ec2a2542-2a9a-6254-e83b-181777550000}11232/usr/bin/basename-----basename /usr/bin/lesspipe/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-68e2-f1f6a7550000}11231/bin/dash/bin/shubuntu 534500x800000000000000041497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.525{ec2a2542-2a9a-6254-e83b-181777550000}11232/usr/bin/basenameubuntu 154100x800000000000000041498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.526{ec2a2542-2a9a-6254-e868-aa0a8a550000}11234/usr/bin/dirname-----dirname /usr/bin/lesspipe/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{00000000-0000-0000-0000-000000000000}11233--- 534500x800000000000000041502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.527{ec2a2542-2a9a-6254-0000-000000000000}11230-ubuntu 534500x800000000000000041501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.527{ec2a2542-2a9a-6254-68e2-f1f6a7550000}11231/bin/dashubuntu 534500x800000000000000041500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.527{ec2a2542-2a9a-6254-0000-000000000000}11233-ubuntu 534500x800000000000000041499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.527{ec2a2542-2a9a-6254-e868-aa0a8a550000}11234/usr/bin/dirnameubuntu 154100x800000000000000041503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.529{ec2a2542-2a9a-6254-4879-4890a5550000}11236/usr/bin/dircolors-----dircolors -b/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{00000000-0000-0000-0000-000000000000}11235--- 534500x800000000000000041505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.530{ec2a2542-2a9a-6254-0000-000000000000}11235-ubuntu 534500x800000000000000041504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:18.530{ec2a2542-2a9a-6254-4879-4890a5550000}11236/usr/bin/dircolorsubuntu 354300x800000000000000041506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:19.761{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54884-false10.0.1.12-8000- 154100x800000000000000041507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:22.651{ec2a2542-2a9e-6254-e8e6-171a2c560000}11237/bin/ls-----ls --color=auto -l/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:22.653{ec2a2542-2a9e-6254-e8e6-171a2c560000}11237/bin/lsubuntu 354300x800000000000000041509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:23.361{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34596-false10.0.1.12-8089- 354300x800000000000000041510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:25.637{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54888-false10.0.1.12-8000- 154100x800000000000000041511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:27.387{ec2a2542-2aa3-6254-92dc-2e6000000000}11238/usr/bin/qemu-mipsel-static-----/usr/bin/qemu-mipsel-static ./mipsel-test/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:27.398{ec2a2542-2aa3-6254-92dc-2e6000000000}11238/usr/bin/qemu-mipsel-staticubuntu 534500x800000000000000041512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:27.398{ec2a2542-2aa3-6254-92dc-2e6000000000}11238/usr/bin/qemu-mipsel-staticubuntu 354300x800000000000000041514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:30.791{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54890-false10.0.1.12-8000- 23542300x800000000000000041515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:31.811{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:35.832{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54892-false10.0.1.12-8000- 354300x800000000000000041517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:41.745{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54894-false10.0.1.12-8000- 154100x800000000000000041518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:42.940{ec2a2542-2ab2-6254-68a4-f393c4550000}11240/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000041519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:42.952{ec2a2542-2ab2-6254-68a4-f393c4550000}11240/bin/psroot 534500x800000000000000041520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:43.215{00000000-0000-0000-0000-000000000000}114<unknown process>root 354300x800000000000000041521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:46.817{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54896-false10.0.1.12-8000- 354300x800000000000000041522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:52.796{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54898-false10.0.1.12-8000- 534500x800000000000000041524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:55.507{00000000-0000-0000-0000-000000000000}2537<unknown process>root 534500x800000000000000041523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:55.507{00000000-0000-0000-0000-000000000000}4840<unknown process>root 354300x800000000000000041525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:58.702{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54900-false10.0.1.12-8000- 154100x800000000000000041526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:59.923{ec2a2542-2ac3-6254-08e6-a1bbda550000}11241/usr/bin/clear-----clear/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:18:59.925{ec2a2542-2ac3-6254-08e6-a1bbda550000}11241/usr/bin/clearubuntu 154100x800000000000000041528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:01.453{ec2a2542-2ac5-6254-e896-981b2a560000}11242/bin/ls-----ls --color=auto -l/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:01.455{ec2a2542-2ac5-6254-e896-981b2a560000}11242/bin/lsubuntu 23542300x800000000000000041530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:01.734{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 534500x800000000000000041531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:03.695{00000000-0000-0000-0000-000000000000}5179<unknown process>root 534500x800000000000000041533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:03.699{00000000-0000-0000-0000-000000000000}116<unknown process>root 534500x800000000000000041532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:03.699{ec2a2542-2a9a-6254-0000-000000000000}311-root 354300x800000000000000041534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:03.770{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54902-false10.0.1.12-8000- 534500x800000000000000041535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:04.559{00000000-0000-0000-0000-000000000000}7<unknown process>root 534500x800000000000000041538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.180{00000000-0000-0000-0000-000000000000}4915<unknown process>root 534500x800000000000000041537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.180{00000000-0000-0000-0000-000000000000}1695<unknown process>root 534500x800000000000000041536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.180{00000000-0000-0000-0000-000000000000}11243<unknown process>ubuntu 23542300x800000000000000041540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.182{ec2a2542-2a9a-6254-08e4-199053560000}11225ubuntu/bin/bash/tmp/sh-thd.GppEhu--- 534500x800000000000000041539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.182{00000000-0000-0000-0000-000000000000}11244<unknown process>ubuntu 154100x800000000000000041541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.898{ec2a2542-2aca-6254-e0a1-1ca9a1550000}11245/bin/chmod-----chmod 777 acidrain/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:06.899{ec2a2542-2aca-6254-e0a1-1ca9a1550000}11245/bin/chmodubuntu 154100x800000000000000041543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:08.304{ec2a2542-2acc-6254-e8c6-e44561550000}11247/bin/ls-----ls --color=auto -l/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 534500x800000000000000041544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:08.307{ec2a2542-2acc-6254-e8c6-e44561550000}11247/bin/lsubuntu 354300x800000000000000041545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:09.632{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54904-false10.0.1.12-8000- 534500x800000000000000041546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:12.235{00000000-0000-0000-0000-000000000000}11248<unknown process>ubuntu 354300x800000000000000041547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:14.705{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54906-false10.0.1.12-8000- 354300x800000000000000041548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:20.646{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54908-false10.0.1.12-8000- 354300x800000000000000041549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:23.365{ec2a2542-1080-6254-602c-d54703560000}1780/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.20-34620-false10.0.1.12-8089- 354300x800000000000000041550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:25.720{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54912-false10.0.1.12-8000- 354300x800000000000000041551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:30.725{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54914-false10.0.1.12-8000- 23542300x800000000000000041552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:31.810{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000041553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:35.760{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54916-false10.0.1.12-8000- 534500x800000000000000041554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:36.467{00000000-0000-0000-0000-000000000000}2357<unknown process>root 534500x800000000000000041555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:37.135{00000000-0000-0000-0000-000000000000}595<unknown process>root 354300x800000000000000041556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:41.727{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54918-false10.0.1.12-8000- 534500x800000000000000041557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:43.951{00000000-0000-0000-0000-000000000000}119<unknown process>root 154100x800000000000000041558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:43.967{ec2a2542-2aef-6254-6864-48c40b560000}11249/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/5163root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}938--- 534500x800000000000000041559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:43.987{ec2a2542-2aef-6254-6864-48c40b560000}11249/bin/psroot 534500x800000000000000041560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:45.735{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452/lib/systemd/systemd-journaldroot 534500x800000000000000041561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:45.740{ec2a2542-0ff8-6254-c88a-1cbc6c550000}452/lib/systemd/systemd-journaldroot 354300x800000000000000041562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:47.615{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54920-false10.0.1.12-8000- 354300x800000000000000041563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:52.802{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54922-false10.0.1.12-8000- 154100x800000000000000041564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.746{ec2a2542-2afb-6254-08ae-866f8c550000}11252/usr/bin/sudo-----sudo ./acidrain/home/ubuntuubuntu{ec2a2542-2a9b-6254-e803-000000000000}10006no level-{ec2a2542-2a9a-6254-08e4-199053560000}11225/bin/bash-bashubuntu 354300x800000000000000041567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.751{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-55723-false10.0.0.2-53- 354300x800000000000000041566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.751{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse10.0.1.20-60459-false10.0.0.2-53- 354300x800000000000000041565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.751{ec2a2542-2afb-6254-08ae-866f8c550000}11252/usr/bin/sudoubuntuudptruefalse127.0.0.1-44815-false127.0.0.53-53- 354300x800000000000000041569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.761{ec2a2542-2afb-6254-08ae-866f8c550000}11252/usr/bin/sudoubuntuudpfalsefalse127.0.0.53-53-false127.0.0.1-44815- 354300x800000000000000041568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.761{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-44815- 354300x800000000000000041571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.763{ec2a2542-0ff9-6254-c097-bd9a19560000}737/lib/systemd/systemd-resolvedsystemd-resolveudptruefalse127.0.0.53-53-false127.0.0.1-48992- 354300x800000000000000041570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.763{ec2a2542-2afb-6254-08ae-866f8c550000}11252/usr/bin/sudoubuntuudptruefalse127.0.0.1-48992-false127.0.0.53-53- 154100x800000000000000041572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.768{ec2a2542-2afb-6254-12f7-2e6000000000}11253/usr/bin/qemu-mips-static-----/usr/bin/qemu-mips-static ./acidrain/home/ubunturoot{ec2a2542-0000-0000-0000-000000000000}06no level-{ec2a2542-2afb-6254-08ae-866f8c550000}11252/usr/bin/sudosudoubuntu 534500x800000000000000041574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.771{ec2a2542-2afb-6254-12f7-2e6000000000}11253/usr/bin/qemu-mips-staticroot 534500x800000000000000041573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.771{ec2a2542-2afb-6254-12f7-2e6000000000}11253/usr/bin/qemu-mips-staticroot 534500x800000000000000041575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:55.772{ec2a2542-2afb-6254-08ae-866f8c550000}11252/usr/bin/sudoroot 354300x800000000000000041576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:19:58.793{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54924-false10.0.1.12-8000- 23542300x800000000000000041577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:01.813{ec2a2542-1080-6254-602c-d54703560000}1780root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 924900x800000000000000041578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.029{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop0root 924900x800000000000000041579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.030{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop0root 924900x800000000000000041584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop5root 924900x800000000000000041583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop4root 924900x800000000000000041582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop3root 924900x800000000000000041581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop2root 924900x800000000000000041580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop1root 924900x800000000000000041587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.033{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop1root 924900x800000000000000041585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.033{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/dev/loop0root 924900x800000000000000041588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.034{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/dev/loop0root 23542300x800000000000000041586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.034{ec2a2542-2b02-6254-f8ad-704b96550000}11257root/lib/systemd/systemd-udevd/run/udev/watch/9--- 924900x800000000000000041590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.035{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop6root 154100x800000000000000041589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.035{ec2a2542-2b02-6254-6852-6e8671550000}11258/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop0/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 534500x800000000000000041592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.036{ec2a2542-2b02-6254-6852-6e8671550000}11258/bin/dashroot 924900x800000000000000041591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255/usr/bin/qemu-mips-static/dev/loop7root 23542300x800000000000000041595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.037{ec2a2542-2b02-6254-f8ad-704b96550000}11259root/lib/systemd/systemd-udevd/run/udev/watch/11--- 924900x800000000000000041594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.037{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/dev/loop1root 924900x800000000000000041593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.037{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop2root 924900x800000000000000041596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.038{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/dev/loop1root 154100x800000000000000041597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.039{ec2a2542-2b02-6254-6882-1184ba550000}11260/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop1/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 534500x800000000000000041598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.040{ec2a2542-2b02-6254-6882-1184ba550000}11260/bin/dashroot 23542300x800000000000000041601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.041{ec2a2542-2b02-6254-f8ad-704b96550000}11261root/lib/systemd/systemd-udevd/run/udev/watch/10--- 924900x800000000000000041600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.041{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/dev/loop2root 924900x800000000000000041599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.041{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop3root 924900x800000000000000041603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.042{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/dev/loop2root 23542300x800000000000000041602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.042{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ld.so.conf.d/x86_64-linux-gnu.conf--- 154100x800000000000000041604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.043{ec2a2542-2b02-6254-68c2-b4379d550000}11262/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop2/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 924900x800000000000000041606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.044{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop4root 534500x800000000000000041605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.044{ec2a2542-2b02-6254-68c2-b4379d550000}11262/bin/dashroot 924900x800000000000000041610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.045{ec2a2542-2b02-6254-f8ad-704b96550000}11263/lib/systemd/systemd-udevd/dev/loop3root 23542300x800000000000000041609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.045{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ld.so.conf.d/libc.conf--- 23542300x800000000000000041608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.045{ec2a2542-2b02-6254-f8ad-704b96550000}11263root/lib/systemd/systemd-udevd/run/udev/watch/17--- 924900x800000000000000041607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.045{ec2a2542-2b02-6254-f8ad-704b96550000}11263/lib/systemd/systemd-udevd/dev/loop3root 154100x800000000000000041611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.046{ec2a2542-2b02-6254-6882-9ff9db550000}11264/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop3/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11263/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 23542300x800000000000000041616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.048{ec2a2542-2b02-6254-f8ad-704b96550000}11265root/lib/systemd/systemd-udevd/run/udev/watch/18--- 924900x800000000000000041615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.048{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop5root 924900x800000000000000041614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.048{ec2a2542-2b02-6254-f8ad-704b96550000}11265/lib/systemd/systemd-udevd/dev/loop4root 23542300x800000000000000041613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.048{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/terminfo/README--- 534500x800000000000000041612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.048{ec2a2542-2b02-6254-6882-9ff9db550000}11264/bin/dashroot 924900x800000000000000041617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.049{ec2a2542-2b02-6254-f8ad-704b96550000}11265/lib/systemd/systemd-udevd/dev/loop4root 154100x800000000000000041623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.051{ec2a2542-2b02-6254-68c2-9464ac550000}11266/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop4/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11265/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 924900x800000000000000041622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.051{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/dev/loop5root 924900x800000000000000041621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.051{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop6root 23542300x800000000000000041620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/overlayroot.conf--- 23542300x800000000000000041619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.051{ec2a2542-2b02-6254-f8ad-704b96550000}11259root/lib/systemd/systemd-udevd/run/udev/watch/20--- 924900x800000000000000041618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.051{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/dev/loop5root 154100x800000000000000041624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.052{ec2a2542-2b02-6254-a82f-633402560000}11267/lib/udev/probe-bcache-----/lib/udev/probe-bcache -o udev /dev/loop5/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 154100x800000000000000041629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.053{ec2a2542-2b02-6254-68f2-a11c92550000}11268/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop5/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 924900x800000000000000041628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.053{ec2a2542-0ff8-6254-f8ad-704b96550000}485/lib/systemd/systemd-udevd/dev/loop7root 534500x800000000000000041627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.053{ec2a2542-2b02-6254-68c2-9464ac550000}11266/bin/dashroot 534500x800000000000000041626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.053{ec2a2542-2b02-6254-a82f-633402560000}11267/lib/udev/probe-bcacheroot 924900x800000000000000041625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.053{ec2a2542-2b02-6254-a82f-633402560000}11267/lib/udev/probe-bcache/dev/loop5root 23542300x800000000000000041633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.054{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01procps--- 534500x800000000000000041632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.054{ec2a2542-2b02-6254-68f2-a11c92550000}11268/bin/dashroot 23542300x800000000000000041631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.054{ec2a2542-2b02-6254-f8ad-704b96550000}11257root/lib/systemd/systemd-udevd/run/udev/watch/3--- 924900x800000000000000041630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.054{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/dev/loop6root 23542300x800000000000000041636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.056{ec2a2542-2b02-6254-f8ad-704b96550000}11261root/lib/systemd/systemd-udevd/run/udev/watch/2--- 924900x800000000000000041635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.056{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/dev/loop6root 924900x800000000000000041634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.056{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/dev/loop7root 924900x800000000000000041638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.057{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/dev/loop7root 23542300x800000000000000041637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.057{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01ufw--- 154100x800000000000000041642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.058{ec2a2542-2b02-6254-a8df-922066550000}11270/lib/udev/probe-bcache-----/lib/udev/probe-bcache -o udev /dev/loop6/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 154100x800000000000000041639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.058{ec2a2542-2b02-6254-a86f-6de915560000}11269/lib/udev/probe-bcache-----/lib/udev/probe-bcache -o udev /dev/loop7/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 154100x800000000000000041645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.059{ec2a2542-2b02-6254-6862-b6b0df550000}11271/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop7/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 23542300x800000000000000041644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.059{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01apparmor--- 924900x800000000000000041643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.059{ec2a2542-2b02-6254-a8df-922066550000}11270/lib/udev/probe-bcache/dev/loop6root 534500x800000000000000041641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.059{ec2a2542-2b02-6254-a86f-6de915560000}11269/lib/udev/probe-bcacheroot 924900x800000000000000041640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.059{ec2a2542-2b02-6254-a86f-6de915560000}11269/lib/udev/probe-bcache/dev/loop7root 23542300x800000000000000041648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.061{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01kmod--- 534500x800000000000000041647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.061{ec2a2542-2b02-6254-6862-b6b0df550000}11271/bin/dashroot 534500x800000000000000041646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.061{ec2a2542-2b02-6254-a8df-922066550000}11270/lib/udev/probe-bcacheroot 154100x800000000000000041649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.062{ec2a2542-2b02-6254-6812-630b92550000}11272/bin/dash-----/bin/sh /lib/udev/bcache-export-cached /dev/loop6/root{ec2a2542-0000-0000-0000-000000000000}04294967295no level-{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevd/lib/systemd/systemd-udevdroot 534500x800000000000000041651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.064{ec2a2542-2b02-6254-6812-630b92550000}11272/bin/dashroot 23542300x800000000000000041650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.064{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01plymouth-log--- 534500x800000000000000041653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.065{ec2a2542-2b02-6254-f8ad-704b96550000}11265/lib/systemd/systemd-udevdroot 23542300x800000000000000041652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.065{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 534500x800000000000000041658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.066{ec2a2542-2b02-6254-f8ad-704b96550000}11263/lib/systemd/systemd-udevdroot 23542300x800000000000000041657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.066{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01iscsid--- 534500x800000000000000041656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.066{ec2a2542-2b02-6254-f8ad-704b96550000}11261/lib/systemd/systemd-udevdroot 534500x800000000000000041655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.066{ec2a2542-2b02-6254-f8ad-704b96550000}11259/lib/systemd/systemd-udevdroot 534500x800000000000000041654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.066{ec2a2542-2b02-6254-f8ad-704b96550000}11257/lib/systemd/systemd-udevdroot 23542300x800000000000000041659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.069{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01udev--- 23542300x800000000000000041660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.071{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01screen-cleanup--- 23542300x800000000000000041661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.073{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01ebtables--- 23542300x800000000000000041662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01lvm2--- 23542300x800000000000000041663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.078{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01keyboard-setup.sh--- 23542300x800000000000000041664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.080{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01cryptdisks--- 23542300x800000000000000041665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.083{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01cryptdisks-early--- 23542300x800000000000000041666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.089{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rcS.d/S01open-iscsi--- 23542300x800000000000000041667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.092{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/moduli--- 23542300x800000000000000041668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.094{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_dsa_key.pub--- 23542300x800000000000000041669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.097{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_ed25519_key.pub--- 23542300x800000000000000041670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.100{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_config--- 23542300x800000000000000041671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.103{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_rsa_key--- 23542300x800000000000000041672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.105{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_ecdsa_key.pub--- 23542300x800000000000000041673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.108{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_dsa_key--- 23542300x800000000000000041674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.110{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_ecdsa_key--- 23542300x800000000000000041675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.113{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_rsa_key.pub--- 23542300x800000000000000041676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/sshd_config--- 23542300x800000000000000041677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.119{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_host_ed25519_key--- 23542300x800000000000000041678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.121{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssh/ssh_import_id--- 23542300x800000000000000041679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.124{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ltrace.conf--- 23542300x800000000000000041680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.127{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/passwd---- 23542300x800000000000000041681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.130{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/skel/.bashrc--- 23542300x800000000000000041682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.135{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/skel/.bash_logout--- 23542300x800000000000000041683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.138{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/skel/.profile--- 23542300x800000000000000041684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.141{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rsyslog.d/21-cloudinit.conf--- 23542300x800000000000000041685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rsyslog.d/50-default.conf--- 23542300x800000000000000041686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.146{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rsyslog.d/20-ufw.conf--- 23542300x800000000000000041687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.149{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pollinate/entropy.ubuntu.com.pem--- 23542300x800000000000000041688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.152{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/xdg/user-dirs.defaults--- 23542300x800000000000000041689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.155{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/xdg/autostart/snap-userd-autostart.desktop--- 23542300x800000000000000041690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.157{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/xdg/autostart/xdg-user-dirs.desktop--- 23542300x800000000000000041692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.160{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/xdg/systemd/user--- 23542300x800000000000000041691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.160{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/xdg/user-dirs.conf--- 23542300x800000000000000041693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.163{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/ssh--- 23542300x800000000000000041694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.165{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/hibagent--- 23542300x800000000000000041695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.168{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/lvm2--- 23542300x800000000000000041696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.170{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/rsyslog--- 23542300x800000000000000041697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.172{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/udev--- 23542300x800000000000000041698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.175{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/irqbalance--- 23542300x800000000000000041699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.177{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/hwclock.sh--- 23542300x800000000000000041700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.179{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/open-vm-tools--- 23542300x800000000000000041701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.182{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/plymouth--- 23542300x800000000000000041702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.184{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/binfmt-support--- 23542300x800000000000000041703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.186{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/keyboard-setup.sh--- 23542300x800000000000000041704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.189{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/ufw--- 23542300x800000000000000041705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.191{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/uuidd--- 23542300x800000000000000041706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/lxcfs--- 23542300x800000000000000041707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.201{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/open-iscsi--- 23542300x800000000000000041708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.203{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/lvm2-lvmpolld--- 23542300x800000000000000041709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.206{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/procps--- 23542300x800000000000000041710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.208{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/lvm2-lvmetad--- 23542300x800000000000000041711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.211{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/mdadm-waitidle--- 23542300x800000000000000041712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.213{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/cron--- 23542300x800000000000000041713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/apport--- 23542300x800000000000000041714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.217{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/dbus--- 23542300x800000000000000041715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.219{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/cryptdisks--- 23542300x800000000000000041716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.222{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/grub-common--- 23542300x800000000000000041717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.224{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/console-setup.sh--- 23542300x800000000000000041718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.226{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/cryptdisks-early--- 23542300x800000000000000041719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.228{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/mdadm--- 23542300x800000000000000041720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.230{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/kmod--- 23542300x800000000000000041721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.233{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/ebtables--- 23542300x800000000000000041722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.235{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/plymouth-log--- 23542300x800000000000000041723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.237{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/unattended-upgrades--- 23542300x800000000000000041724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.239{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/atd--- 23542300x800000000000000041725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.242{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/rsync--- 23542300x800000000000000041726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.244{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/lxd--- 23542300x800000000000000041727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.246{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/apparmor--- 23542300x800000000000000041728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.248{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/screen-cleanup--- 23542300x800000000000000041729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.251{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/acpid--- 23542300x800000000000000041730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.253{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/iscsid--- 23542300x800000000000000041752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01apport--- 23542300x800000000000000041751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01rsyslog--- 23542300x800000000000000041750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01lxd--- 23542300x800000000000000041749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01grub-common--- 23542300x800000000000000041748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01lvm2-lvmetad--- 23542300x800000000000000041747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01open-vm-tools--- 23542300x800000000000000041746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01irqbalance--- 23542300x800000000000000041745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01atd--- 23542300x800000000000000041744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01dbus--- 23542300x800000000000000041743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01mdadm--- 23542300x800000000000000041742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01uuidd--- 23542300x800000000000000041741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01lxcfs--- 23542300x800000000000000041740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01cron--- 23542300x800000000000000041739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01acpid--- 23542300x800000000000000041738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01binfmt-support--- 23542300x800000000000000041737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01lvm2-lvmpolld--- 23542300x800000000000000041736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01ssh--- 23542300x800000000000000041735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01plymouth--- 23542300x800000000000000041734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01splunk--- 23542300x800000000000000041733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01console-setup.sh--- 23542300x800000000000000041732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01rsync--- 23542300x800000000000000041731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/init.d/splunk--- 23542300x800000000000000041753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.257{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc2.d/S01unattended-upgrades--- 23542300x800000000000000041755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/newt/palette--- 23542300x800000000000000041754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/newt/palette.ubuntu--- 23542300x800000000000000041756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.261{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/newt/palette.original--- 23542300x800000000000000041758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.263{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/udev/rules.d/60-cdrom_id.rules--- 23542300x800000000000000041757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.263{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/udev/rules.d/70-snap.snapd.rules--- 23542300x800000000000000041760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.266{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/qemu-binfmt/mipsel--- 23542300x800000000000000041759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.266{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/udev/udev.conf--- 23542300x800000000000000041775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01lxcfs--- 23542300x800000000000000041774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01lvm2-lvmetad--- 23542300x800000000000000041773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01atd--- 23542300x800000000000000041772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01ufw--- 23542300x800000000000000041771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01open-iscsi--- 23542300x800000000000000041770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01lvm2-lvmpolld--- 23542300x800000000000000041769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01lxd--- 23542300x800000000000000041768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01irqbalance--- 23542300x800000000000000041767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01ebtables--- 23542300x800000000000000041766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01uuidd--- 23542300x800000000000000041765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01mdadm--- 23542300x800000000000000041764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01rsyslog--- 23542300x800000000000000041763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01iscsid--- 23542300x800000000000000041762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01open-vm-tools--- 23542300x800000000000000041761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc1.d/K01splunk--- 23542300x800000000000000041777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.270{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/mtab--- 23542300x800000000000000041776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.270{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/locale.alias--- 23542300x800000000000000041778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.272{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000041780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.273{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/issue--- 534500x800000000000000041779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.273{ec2a2542-2b02-6254-0000-000000000000}11273-root 23542300x800000000000000041781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.275{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/626dceaf.0--- 23542300x800000000000000041782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.278{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/349f2832.0--- 23542300x800000000000000041783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.280{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/b7a5b843.0--- 23542300x800000000000000041784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.283{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/COMODO_RSA_Certification_Authority.pem--- 23542300x800000000000000041785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.286{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Microsec_e-Szigno_Root_CA_2009.pem--- 23542300x800000000000000041787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.288{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/8160b96c.0--- 23542300x800000000000000041786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.288{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/a94d09e5.0--- 23542300x800000000000000041788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.291{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/OISTE_WISeKey_Global_Root_GB_CA.pem--- 23542300x800000000000000041789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.293{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Trustis_FPS_Root_CA.pem--- 23542300x800000000000000041790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.296{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem--- 23542300x800000000000000041791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.300{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Amazon_Root_CA_2.pem--- 23542300x800000000000000041792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.302{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/32888f65.0--- 23542300x800000000000000041793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.304{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/b1159c4c.0--- 23542300x800000000000000041794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.307{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R5.pem--- 23542300x800000000000000041795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.309{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/064e0aa9.0--- 23542300x800000000000000041796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.312{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/AffirmTrust_Networking.pem--- 23542300x800000000000000041797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.314{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/AC_RAIZ_FNMT-RCM.pem--- 23542300x800000000000000041798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.318{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/8d89cda1.0--- 23542300x800000000000000041799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.320{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5d3033c5.0--- 23542300x800000000000000041800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.322{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Secure_Global_CA.pem--- 23542300x800000000000000041801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GTS_Root_R2.pem--- 23542300x800000000000000041802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.327{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f081611a.0--- 23542300x800000000000000041803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.329{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/emSign_Root_CA_-_G1.pem--- 23542300x800000000000000041804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.333{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TeliaSonera_Root_CA_v1.pem--- 23542300x800000000000000041805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.335{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Certigna.pem--- 23542300x800000000000000041806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.337{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/cc450945.0--- 23542300x800000000000000041807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.340{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/76faf6c0.0--- 23542300x800000000000000041808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.342{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/UCA_Extended_Validation_Root.pem--- 23542300x800000000000000041809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.344{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/d4dae3dd.0--- 23542300x800000000000000041810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.346{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/8cb5ee0f.0--- 23542300x800000000000000041811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.349{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/d7e8dc79.0--- 23542300x800000000000000041813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.351{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/1636090b.0--- 23542300x800000000000000041812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.351{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Microsoft_RSA_Root_Certificate_Authority_2017.pem--- 23542300x800000000000000041814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.353{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_3.pem--- 23542300x800000000000000041815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.355{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.pem--- 23542300x800000000000000041816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.358{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GDCA_TrustAUTH_R5_ROOT.pem--- 23542300x800000000000000041817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.361{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/1e09d511.0--- 23542300x800000000000000041818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.363{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/emSign_Root_CA_-_C1.pem--- 23542300x800000000000000041819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.365{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/d887a5bb.0--- 23542300x800000000000000041821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.368{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/d853d49e.0--- 23542300x800000000000000041820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.368{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/QuoVadis_Root_CA_3_G3.pem--- 23542300x800000000000000041822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.371{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/773e07ad.0--- 23542300x800000000000000041823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.373{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/988a38cb.0--- 23542300x800000000000000041824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.376{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/c28a8a30.0--- 23542300x800000000000000041825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.378{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SwissSign_Gold_CA_-_G2.pem--- 23542300x800000000000000041826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.380{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/6fa5da56.0--- 23542300x800000000000000041827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.382{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/6b99d060.0--- 23542300x800000000000000041828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.385{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/fc5a8f99.0--- 23542300x800000000000000041829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.387{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/b727005e.0--- 23542300x800000000000000041830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.389{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e868b802.0--- 23542300x800000000000000041831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.391{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Global_Root_G2.pem--- 23542300x800000000000000041832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.393{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/1e08bfd1.0--- 23542300x800000000000000041833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.395{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/8d86cdd1.0--- 23542300x800000000000000041834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.398{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/a3418fda.0--- 23542300x800000000000000041835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.401{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/certSIGN_Root_CA_G2.pem--- 23542300x800000000000000041836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.404{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/EC-ACC.pem--- 23542300x800000000000000041837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.406{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem--- 23542300x800000000000000041839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.409{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/d6325660.0--- 23542300x800000000000000041838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.409{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Global_Chambersign_Root_-_2008.pem--- 23542300x800000000000000041840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.412{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ce5e74ef.0--- 23542300x800000000000000041841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.414{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Trustwave_Global_ECC_P384_Certification_Authority.pem--- 23542300x800000000000000041842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.416{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/c47d9980.0--- 23542300x800000000000000041843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.418{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Entrust_Root_Certification_Authority_-_EC1.pem--- 23542300x800000000000000041844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.420{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Buypass_Class_3_Root_CA.pem--- 23542300x800000000000000041846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/607986c7.0--- 23542300x800000000000000041845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Amazon_Root_CA_3.pem--- 23542300x800000000000000041847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.425{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GTS_Root_R4.pem--- 23542300x800000000000000041848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.427{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem--- 23542300x800000000000000041850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.430{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/09789157.0--- 23542300x800000000000000041849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.430{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Network_Solutions_Certificate_Authority.pem--- 23542300x800000000000000041851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.432{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/40547a79.0--- 23542300x800000000000000041852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.435{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/0b1b94ef.0--- 23542300x800000000000000041853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.437{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e-Szigno_Root_CA_2017.pem--- 23542300x800000000000000041855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.439{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/3bde41ac.0--- 23542300x800000000000000041854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.439{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GTS_Root_R1.pem--- 23542300x800000000000000041857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.442{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e18bfb83.0--- 23542300x800000000000000041856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.442{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/certSIGN_ROOT_CA.pem--- 23542300x800000000000000041858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.444{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/062cdee6.0--- 23542300x800000000000000041859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.446{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GlobalSign_Root_CA_-_R6.pem--- 23542300x800000000000000041860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.448{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Trustwave_Global_Certification_Authority.pem--- 23542300x800000000000000041861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.451{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Chambers_of_Commerce_Root_-_2008.pem--- 23542300x800000000000000041862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.453{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/aee5f10d.0--- 23542300x800000000000000041864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e73d606e.0--- 23542300x800000000000000041863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/3fb36b73.0--- 23542300x800000000000000041865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.457{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/7f3d5d1d.0--- 23542300x800000000000000041866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.459{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/emSign_ECC_Root_CA_-_G3.pem--- 23542300x800000000000000041867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.461{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ISRG_Root_X1.pem--- 23542300x800000000000000041868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.463{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Go_Daddy_Root_Certificate_Authority_-_G2.pem--- 23542300x800000000000000041870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5cd81ad7.0--- 23542300x800000000000000041869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem--- 23542300x800000000000000041871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.468{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Staat_der_Nederlanden_EV_Root_CA.pem--- 23542300x800000000000000041872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.471{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Cybertrust_Global_Root.pem--- 23542300x800000000000000041873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.473{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Entrust.net_Premium_2048_Secure_Server_CA.pem--- 23542300x800000000000000041874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.475{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TrustCor_RootCert_CA-2.pem--- 23542300x800000000000000041875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.477{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/de6d66f3.0--- 23542300x800000000000000041876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.480{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ee64a828.0--- 23542300x800000000000000041877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.482{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/68dd7389.0--- 23542300x800000000000000041878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.485{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem--- 23542300x800000000000000041880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.487{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/406c9bb1.0--- 23542300x800000000000000041879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.487{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SSL.com_Root_Certification_Authority_RSA.pem--- 23542300x800000000000000041881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.489{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f3377b1b.0--- 23542300x800000000000000041882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.521{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Trustwave_Global_ECC_P256_Certification_Authority.pem--- 23542300x800000000000000041884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.524{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/0c4c9b6c.0--- 23542300x800000000000000041883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.524{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f39fc864.0--- 23542300x800000000000000041885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.526{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_RSA_R2.pem--- 23542300x800000000000000041886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.528{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f51bb24c.0--- 23542300x800000000000000041887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.531{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SwissSign_Silver_CA_-_G2.pem--- 23542300x800000000000000041888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.533{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/COMODO_Certification_Authority.pem--- 23542300x800000000000000041889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.536{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Actalis_Authentication_Root_CA.pem--- 23542300x800000000000000041890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.538{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Amazon_Root_CA_1.pem--- 23542300x800000000000000041891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.540{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/0a775a30.0--- 23542300x800000000000000041892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.541{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/14bc7599.0--- 23542300x800000000000000041893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.543{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/48bec511.0--- 23542300x800000000000000041894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.545{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ca-certificates.crt--- 23542300x800000000000000041895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.548{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ef954a4e.0--- 23542300x800000000000000041896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.550{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Amazon_Root_CA_4.pem--- 23542300x800000000000000041898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.553{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/cbf06781.0--- 23542300x800000000000000041897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.553{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/XRamp_Global_CA_Root.pem--- 23542300x800000000000000041899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.555{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SecureTrust_CA.pem--- 23542300x800000000000000041900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.558{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/9c2e7d30.0--- 23542300x800000000000000041901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.560{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f387163d.0--- 23542300x800000000000000041902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.563{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GeoTrust_Primary_Certification_Authority_-_G2.pem--- 23542300x800000000000000041903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.565{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Atos_TrustedRoot_2011.pem--- 23542300x800000000000000041905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.567{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/6d41d539.0--- 23542300x800000000000000041904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.567{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/QuoVadis_Root_CA.pem--- 23542300x800000000000000041906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.568{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/1001acf7.0--- 23542300x800000000000000041907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.570{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ca6e4ad9.0--- 23542300x800000000000000041908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.572{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/c01eb047.0--- 23542300x800000000000000041910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/b66938e9.0--- 23542300x800000000000000041909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Security_Communication_Root_CA.pem--- 23542300x800000000000000041912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/080911ac.0--- 23542300x800000000000000041911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SSL.com_Root_Certification_Authority_ECC.pem--- 23542300x800000000000000041913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.580{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Global_Root_G3.pem--- 23542300x800000000000000041915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.583{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/106f3e4d.0--- 23542300x800000000000000041914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.583{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/QuoVadis_Root_CA_2.pem--- 23542300x800000000000000041916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.586{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Buypass_Class_2_Root_CA.pem--- 23542300x800000000000000041917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.589{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/2ae6433e.0--- 23542300x800000000000000041918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.591{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/USERTrust_ECC_Certification_Authority.pem--- 23542300x800000000000000041919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.593{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/9c8dfbd4.0--- 23542300x800000000000000041920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.595{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/18856ac4.0--- 23542300x800000000000000041922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.597{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/1d3472b9.0--- 23542300x800000000000000041921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.597{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TrustCor_RootCert_CA-1.pem--- 23542300x800000000000000041923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.600{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/7aaf71c0.0--- 23542300x800000000000000041924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.602{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Hongkong_Post_Root_CA_3.pem--- 23542300x800000000000000041925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.605{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ACCVRAIZ1.pem--- 23542300x800000000000000041926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.607{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TWCA_Root_Certification_Authority.pem--- 23542300x800000000000000041927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.610{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Certum_Trusted_Network_CA.pem--- 23542300x800000000000000041928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5e98733a.0--- 23542300x800000000000000041929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.615{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/AffirmTrust_Premium.pem--- 23542300x800000000000000041930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.618{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/VeriSign_Universal_Root_Certification_Authority.pem--- 23542300x800000000000000041933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/54657681.0--- 23542300x800000000000000041932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/706f604c.0--- 23542300x800000000000000041931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TrustCor_ECA-1.pem--- 23542300x800000000000000041934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.624{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Certum_Trusted_Network_CA_2.pem--- 23542300x800000000000000041935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.627{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/UCA_Global_G2_Root.pem--- 23542300x800000000000000041936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.629{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/IdenTrust_Public_Sector_Root_CA_1.pem--- 23542300x800000000000000041937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.632{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GTS_Root_R3.pem--- 23542300x800000000000000041938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.635{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Global_Root_CA.pem--- 23542300x800000000000000041939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.637{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Certigna_Root_CA.pem--- 23542300x800000000000000041940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.639{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/AffirmTrust_Premium_ECC.pem--- 23542300x800000000000000041942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.642{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/c01cdfa2.0--- 23542300x800000000000000041941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.642{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Starfield_Root_Certificate_Authority_-_G2.pem--- 23542300x800000000000000041944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.645{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/bf53fb88.0--- 23542300x800000000000000041943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.645{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/AffirmTrust_Commercial.pem--- 23542300x800000000000000041946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.648{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/4304c5e5.0--- 23542300x800000000000000041945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.648{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/OISTE_WISeKey_Global_Root_GC_CA.pem--- 23542300x800000000000000041947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.650{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Security_Communication_RootCA2.pem--- 23542300x800000000000000041949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.653{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/9b5697b0.0--- 23542300x800000000000000041948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.653{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/CFCA_EV_ROOT.pem--- 23542300x800000000000000041950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.655{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Assured_ID_Root_G3.pem--- 23542300x800000000000000041951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.658{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/NAVER_Global_Root_Certification_Authority.pem--- 23542300x800000000000000041953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.661{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/40193066.0--- 23542300x800000000000000041952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.661{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/fe8a2cd8.0--- 23542300x800000000000000041954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.663{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/eed8c118.0--- 23542300x800000000000000041956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/76cb8f92.0--- 23542300x800000000000000041955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem--- 23542300x800000000000000041957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.668{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_EV_2009.pem--- 23542300x800000000000000041958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/QuoVadis_Root_CA_3.pem--- 23542300x800000000000000041959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.673{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SZAFIR_ROOT_CA2.pem--- 23542300x800000000000000041960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.675{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Microsoft_ECC_Root_Certificate_Authority_2017.pem--- 23542300x800000000000000041961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.677{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem--- 23542300x800000000000000041963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.678{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/4f316efb.0--- 23542300x800000000000000041962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.678{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/4bfab552.0--- 23542300x800000000000000041964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.708{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/QuoVadis_Root_CA_1_G3.pem--- 23542300x800000000000000041965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.710{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SecureSign_RootCA11.pem--- 23542300x800000000000000041967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.713{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/dc4d6a89.0--- 23542300x800000000000000041966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.713{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Starfield_Class_2_CA.pem--- 23542300x800000000000000041969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.715{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f249de83.0--- 23542300x800000000000000041968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.715{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Entrust_Root_Certification_Authority.pem--- 23542300x800000000000000041970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.717{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Staat_der_Nederlanden_Root_CA_-_G3.pem--- 23542300x800000000000000041971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.720{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/4a6481c9.0--- 23542300x800000000000000041972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.723{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TWCA_Global_Root_CA.pem--- 23542300x800000000000000041973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.725{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem--- 23542300x800000000000000041974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.727{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5ad8a5d6.0--- 23542300x800000000000000041977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.729{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/06dc52d5.0--- 23542300x800000000000000041976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.729{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e36a6752.0--- 23542300x800000000000000041975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.729{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/653b494a.0--- 23542300x800000000000000041979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/244b5494.0--- 23542300x800000000000000041978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/116bf586.0--- 23542300x800000000000000041980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.732{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Go_Daddy_Class_2_CA.pem--- 23542300x800000000000000041981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.734{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Baltimore_CyberTrust_Root.pem--- 23542300x800000000000000041982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G4.pem--- 23542300x800000000000000041985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/4042bcee.0--- 23542300x800000000000000041984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/57bcb2da.0--- 23542300x800000000000000041983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ePKI_Root_Certification_Authority.pem--- 23542300x800000000000000041986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.742{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/emSign_ECC_Root_CA_-_C3.pem--- 23542300x800000000000000041987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.745{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/75d1b2ed.0--- 23542300x800000000000000041992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/3513523f.0--- 23542300x800000000000000041991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/0f6fa695.0--- 23542300x800000000000000041990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f30dd6ad.0--- 23542300x800000000000000041989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/2b349938.0--- 23542300x800000000000000041988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/QuoVadis_Root_CA_2_G3.pem--- 23542300x800000000000000041995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.751{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/930ac5d2.0--- 23542300x800000000000000041994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.751{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/cd58d51e.0--- 23542300x800000000000000041993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.751{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Comodo_AAA_Services_root.pem--- 23542300x800000000000000041997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.753{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/4b718d9b.0--- 23542300x800000000000000041996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.753{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GlobalSign_Root_CA_-_R3.pem--- 23542300x800000000000000041998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.756{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GlobalSign_Root_CA_-_R2.pem--- 23542300x800000000000000041999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.759{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Sonera_Class_2_Root_CA.pem--- 23542300x800000000000000042000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.762{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Izenpe.com.pem--- 23542300x800000000000000042002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.766{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/9d04f354.0--- 23542300x800000000000000042001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.766{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Assured_ID_Root_G2.pem--- 23542300x800000000000000042003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.769{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GlobalSign_Root_CA.pem--- 23542300x800000000000000042004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.771{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/b0e59380.0--- 23542300x800000000000000042007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.774{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/03179a64.0--- 23542300x800000000000000042006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.774{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/7719f463.0--- 23542300x800000000000000042005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.774{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem--- 23542300x800000000000000042008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.776{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/DigiCert_Trusted_Root_G4.pem--- 23542300x800000000000000042010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e8de2f56.0--- 23542300x800000000000000042009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/0bf05006.0--- 23542300x800000000000000042012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/93bc0acc.0--- 23542300x800000000000000042011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/IdenTrust_Commercial_Root_CA_1.pem--- 23542300x800000000000000042013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.781{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Hongkong_Post_Root_CA_1.pem--- 23542300x800000000000000042015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.784{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5443e9e3.0--- 23542300x800000000000000042014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.784{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_2009.pem--- 23542300x800000000000000042016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.786{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem--- 23542300x800000000000000042017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.789{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/E-Tugra_Certification_Authority.pem--- 23542300x800000000000000042025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5f618aec.0--- 23542300x800000000000000042024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/02265526.0--- 23542300x800000000000000042023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5f15c80c.0--- 23542300x800000000000000042022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/2923b3f9.0--- 23542300x800000000000000042021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/e113c810.0--- 23542300x800000000000000042020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/dd8e9d41.0--- 23542300x800000000000000042019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5273a94c.0--- 23542300x800000000000000042018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G2.pem--- 23542300x800000000000000042027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/0f5dc4f3.0--- 23542300x800000000000000042026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_ECC.pem--- 23542300x800000000000000042033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/3e44d2f7.0--- 23542300x800000000000000042032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/cd8c0d63.0--- 23542300x800000000000000042031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/ff34af3f.0--- 23542300x800000000000000042030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/f0c70a8d.0--- 23542300x800000000000000042029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/5a4d6896.0--- 23542300x800000000000000042028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/COMODO_ECC_Certification_Authority.pem--- 23542300x800000000000000042036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.798{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/749e9e03.0--- 23542300x800000000000000042035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.798{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/3e45d192.0--- 23542300x800000000000000042034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.798{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/CA_Disig_Root_R2.pem--- 23542300x800000000000000042037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.801{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R4.pem--- 23542300x800000000000000042038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.804{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ssl/openssl.cnf--- 23542300x800000000000000042039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.806{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/polkit-1/nullbackend.conf.d/50-nullbackend.conf--- 23542300x800000000000000042040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.809{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/polkit-1/localauthority.conf.d/50-localauthority.conf--- 23542300x800000000000000042041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.812{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf--- 23542300x800000000000000042042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.815{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/legal--- 23542300x800000000000000042043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.818{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ethertypes--- 23542300x800000000000000042044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.821{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ucf.conf--- 23542300x800000000000000042045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.823{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile--- 23542300x800000000000000042046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.826{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/qemu-ifup--- 23542300x800000000000000042047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.828{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fuse.conf--- 23542300x800000000000000042048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.831{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iscsi/iscsid.conf--- 23542300x800000000000000042049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.834{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iscsi/initiatorname.iscsi--- 23542300x800000000000000042050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.836{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rmt--- 23542300x800000000000000042051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.839{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/gai.conf--- 23542300x800000000000000042052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.841{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hibinit-config.cfg--- 23542300x800000000000000042053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.843{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/localtime--- 23542300x800000000000000042054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.845{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.conf--- 23542300x800000000000000042055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.848{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rpc--- 23542300x800000000000000042056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.851{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/user6.rules--- 23542300x800000000000000042057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.853{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/before.rules--- 23542300x800000000000000042058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.856{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/after.rules--- 23542300x800000000000000042059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/after.init--- 23542300x800000000000000042060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.860{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/user.rules--- 23542300x800000000000000042061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.862{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/ufw.conf--- 23542300x800000000000000042062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.864{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/after6.rules--- 23542300x800000000000000042063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.867{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/before6.rules--- 23542300x800000000000000042064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.869{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/applications.d/openssh-server--- 23542300x800000000000000042065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.873{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/before.init--- 23542300x800000000000000042066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.875{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ufw/sysctl.conf--- 23542300x800000000000000042067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/netplan/50-cloud-init.yaml--- 23542300x800000000000000042068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.880{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dnsmasq.d-available/lxd--- 23542300x800000000000000042069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.882{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modules-load.d/modules.conf--- 23542300x800000000000000042070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.886{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/passwd--- 23542300x800000000000000042071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.888{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hibagent-config.cfg--- 23542300x800000000000000042072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.889{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dnsmasq.d/lxd--- 23542300x800000000000000042084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01ebtables--- 23542300x800000000000000042083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01uuidd--- 23542300x800000000000000042082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01mdadm--- 23542300x800000000000000042081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01rsyslog--- 23542300x800000000000000042080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01unattended-upgrades--- 23542300x800000000000000042079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01iscsid--- 23542300x800000000000000042078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01mdadm-waitidle--- 23542300x800000000000000042077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01cryptdisks--- 23542300x800000000000000042076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01open-vm-tools--- 23542300x800000000000000042075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01splunk--- 23542300x800000000000000042074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01plymouth--- 23542300x800000000000000042073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sos/sos.conf--- 23542300x800000000000000042092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01lxcfs--- 23542300x800000000000000042091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01lvm2-lvmetad--- 23542300x800000000000000042090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01atd--- 23542300x800000000000000042089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01open-iscsi--- 23542300x800000000000000042088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01cryptdisks-early--- 23542300x800000000000000042087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01lvm2-lvmpolld--- 23542300x800000000000000042086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01lxd--- 23542300x800000000000000042085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc6.d/K01irqbalance--- 23542300x800000000000000042093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.898{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/issue.net--- 23542300x800000000000000042094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.901{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/Z99-cloudinit-warnings.sh--- 23542300x800000000000000042095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.903{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/bash_completion.sh--- 23542300x800000000000000042096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.905{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/Z99-cloud-locale-test.sh--- 23542300x800000000000000042097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.908{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/Z97-byobu.sh--- 23542300x800000000000000042098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.910{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/cedilla-portuguese.sh--- 23542300x800000000000000042099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.912{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/01-locale-fix.sh--- 23542300x800000000000000042100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.915{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/profile.d/apps-bin-path.sh--- 23542300x800000000000000042101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.917{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/popularity-contest.conf--- 23542300x800000000000000042102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/nanorc--- 23542300x800000000000000042103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.927{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/selinux/semanage.conf--- 23542300x800000000000000042104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.930{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sudoers.d/README--- 23542300x800000000000000042105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.932{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sudoers.d/90-cloud-init-users--- 23542300x800000000000000042106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.935{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/locale.gen--- 23542300x800000000000000042107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.939{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/groff/man.local--- 23542300x800000000000000042108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.941{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/groff/mdoc.local--- 23542300x800000000000000042109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.943{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000042111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.944{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ca-certificates.conf.dpkg-old--- 534500x800000000000000042110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.944{ec2a2542-2b02-6254-0000-000000000000}11274-root 23542300x800000000000000042112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.947{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pulse/client.conf--- 23542300x800000000000000042113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.950{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ec2_version--- 23542300x800000000000000042114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.953{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient-enter-hooks.d/debug--- 23542300x800000000000000042115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.958{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient-enter-hooks.d/resolved--- 23542300x800000000000000042116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.961{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/debug--- 23542300x800000000000000042117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.964{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient.conf--- 23542300x800000000000000042118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.966{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient-exit-hooks.d/timesyncd--- 23542300x800000000000000042119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.970{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient-exit-hooks.d/hook-dhclient--- 23542300x800000000000000042121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.973{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient-exit-hooks.d/debug--- 23542300x800000000000000042120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.973{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes--- 23542300x800000000000000042122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.976{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dpkg/origins/ubuntu--- 23542300x800000000000000042124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.979{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dpkg/origins/default--- 23542300x800000000000000042123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.979{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dpkg/origins/debian--- 23542300x800000000000000042125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.981{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dpkg/dpkg.cfg--- 23542300x800000000000000042126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.984{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/blacklist-firewire.conf--- 23542300x800000000000000042127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.986{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/blacklist-xen-fbfront.conf--- 23542300x800000000000000042128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.989{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/iwlwifi.conf--- 23542300x800000000000000042129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.991{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/blacklist.conf--- 23542300x800000000000000042130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.993{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/blacklist-rare-network.conf--- 23542300x800000000000000042131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.996{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/blacklist-framebuffer.conf--- 23542300x800000000000000042132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:02.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/qemu-system-x86.conf--- 23542300x800000000000000042133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.002{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/blacklist-ath_pci.conf--- 23542300x800000000000000042134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.005{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modprobe.d/mdadm.conf--- 23542300x800000000000000042135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.008{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/popularity-contest--- 23542300x800000000000000042136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.011{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/apt-compat--- 23542300x800000000000000042137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.014{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/logrotate--- 23542300x800000000000000042138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.016{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/passwd--- 23542300x800000000000000042139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.020{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/dpkg--- 23542300x800000000000000042140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.022{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/apport--- 23542300x800000000000000042141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.025{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/mlocate--- 23542300x800000000000000042142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.029{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/bsdmainutils--- 23542300x800000000000000042143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/mdadm--- 23542300x800000000000000042144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.033{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/man-db--- 23542300x800000000000000042145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/.placeholder--- 23542300x800000000000000042146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.039{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.daily/update-notifier-common--- 23542300x800000000000000042147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.042{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/network/interfaces--- 23542300x800000000000000042148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.045{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/network/if-pre-up.d/ethtool--- 23542300x800000000000000042149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/network/if-up.d/openssh-server--- 23542300x800000000000000042150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.053{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/network/if-up.d/ethtool--- 23542300x800000000000000042151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.057{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pm/sleep.d/10_grub-common--- 23542300x800000000000000042152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.059{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pm/sleep.d/10_unattended-upgrades-hibernate--- 23542300x800000000000000042153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.062{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.d/popularity-contest--- 23542300x800000000000000042154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.065{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.d/mdadm--- 23542300x800000000000000042155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.d/.placeholder--- 23542300x800000000000000042156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.070{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sudoers--- 23542300x800000000000000042157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.073{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rsyslog.conf--- 23542300x800000000000000042158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/mke2fs.conf--- 23542300x800000000000000042159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.078{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/group--- 23542300x800000000000000042160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.082{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/nsswitch.conf--- 23542300x800000000000000042161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.085{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/debconf.conf--- 23542300x800000000000000042162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.088{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-ptrace.conf--- 23542300x800000000000000042163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.090{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-ipv6-privacy.conf--- 23542300x800000000000000042164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.093{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/README--- 23542300x800000000000000042165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.096{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-link-restrictions.conf--- 23542300x800000000000000042166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.098{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/99-cloudimg-ipv6.conf--- 23542300x800000000000000042167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.100{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/99-sysctl.conf--- 23542300x800000000000000042168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.103{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-magic-sysrq.conf--- 23542300x800000000000000042169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.106{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-zeropage.conf--- 23542300x800000000000000042170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.108{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-network-security.conf--- 23542300x800000000000000042171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.111{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-console-messages.conf--- 23542300x800000000000000042172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.113{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-lxd-inotify.conf--- 23542300x800000000000000042173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.115{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.d/10-kernel-hardening.conf--- 23542300x800000000000000042195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01unattended-upgrades--- 23542300x800000000000000042194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01apport--- 23542300x800000000000000042193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01rsyslog--- 23542300x800000000000000042192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01lxd--- 23542300x800000000000000042191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01grub-common--- 23542300x800000000000000042190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01lvm2-lvmetad--- 23542300x800000000000000042189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01open-vm-tools--- 23542300x800000000000000042188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01irqbalance--- 23542300x800000000000000042187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01atd--- 23542300x800000000000000042186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01dbus--- 23542300x800000000000000042185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01mdadm--- 23542300x800000000000000042184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01uuidd--- 23542300x800000000000000042183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01lxcfs--- 23542300x800000000000000042182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01cron--- 23542300x800000000000000042181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01acpid--- 23542300x800000000000000042180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01binfmt-support--- 23542300x800000000000000042179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01lvm2-lvmpolld--- 23542300x800000000000000042178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01ssh--- 23542300x800000000000000042177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01plymouth--- 23542300x800000000000000042176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01splunk--- 23542300x800000000000000042175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01console-setup.sh--- 23542300x800000000000000042174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc4.d/S01rsync--- 23542300x800000000000000042196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.119{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/group---- 23542300x800000000000000042197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.122{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/lxc/lxc-default-with-nesting--- 23542300x800000000000000042198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.125{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/lxc/lxc-default-cgns--- 23542300x800000000000000042199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.127{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/lxc/lxc-default-with-mounting--- 23542300x800000000000000042200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.129{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/lxc/lxc-default--- 23542300x800000000000000042201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.133{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/sbin.dhclient--- 23542300x800000000000000042202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.135{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/usr.sbin.rsyslogd--- 23542300x800000000000000042203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.138{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/lxc/container-base--- 23542300x800000000000000042204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.141{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/lxc/start-container--- 23542300x800000000000000042205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.143{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/audio--- 23542300x800000000000000042206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.146{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dovecot-common--- 23542300x800000000000000042207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.149{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/gnupg--- 23542300x800000000000000042208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.151{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ssl_keys--- 23542300x800000000000000042209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.153{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-console-email--- 23542300x800000000000000042210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.156{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/nis--- 23542300x800000000000000042211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.159{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dbus-accessibility--- 23542300x800000000000000042212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.161{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/base--- 23542300x800000000000000042213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.164{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-bittorrent-clients--- 23542300x800000000000000042214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.167{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/xdg-desktop--- 23542300x800000000000000042215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.169{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dbus-accessibility-strict--- 23542300x800000000000000042216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.171{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/smbpass--- 23542300x800000000000000042217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.173{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/enchant--- 23542300x800000000000000042218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.176{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ssl_certs--- 23542300x800000000000000042219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.178{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/consoles--- 23542300x800000000000000042220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.180{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/kde--- 23542300x800000000000000042221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.183{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/kerberosclient--- 23542300x800000000000000042222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.185{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/wayland--- 23542300x800000000000000042223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.188{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/launchpad-integration--- 23542300x800000000000000042224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.191{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-unity7-base--- 23542300x800000000000000042225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.193{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/user-download--- 23542300x800000000000000042226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.195{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/samba--- 23542300x800000000000000042227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.197{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/svn-repositories--- 23542300x800000000000000042228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.200{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/libpam-systemd--- 23542300x800000000000000042229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.202{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ibus--- 23542300x800000000000000042230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.204{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers--- 23542300x800000000000000042231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.207{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-konsole--- 23542300x800000000000000042232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.209{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/python--- 23542300x800000000000000042233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.211{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/private-files--- 23542300x800000000000000042234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.214{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/cups-client--- 23542300x800000000000000042235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.216{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/video--- 23542300x800000000000000042236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.218{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/p11-kit--- 23542300x800000000000000042237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.220{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-email--- 23542300x800000000000000042238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.223{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/freedesktop.org--- 23542300x800000000000000042239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.225{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ruby--- 23542300x800000000000000042240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.227{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/mysql--- 23542300x800000000000000042241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.230{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/apparmor_api/introspect--- 23542300x800000000000000042242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.233{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/apparmor_api/find_mountpoint--- 23542300x800000000000000042243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.235{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/apparmor_api/is_enabled--- 23542300x800000000000000042244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.238{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/apparmor_api/examine--- 23542300x800000000000000042245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.241{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/apparmor_api/change_profile--- 23542300x800000000000000042246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.243{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/orbit2--- 23542300x800000000000000042247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.245{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/X--- 23542300x800000000000000042248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.248{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/user-mail--- 23542300x800000000000000042249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.250{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-console-browsers--- 23542300x800000000000000042250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.252{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/postfix-common--- 23542300x800000000000000042251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.255{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dbus--- 23542300x800000000000000042252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.257{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/authentication--- 23542300x800000000000000042253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.260{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/web-data--- 23542300x800000000000000042254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.262{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/apache2-common--- 23542300x800000000000000042255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.265{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-gnome-terminal--- 23542300x800000000000000042256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.268{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/php--- 23542300x800000000000000042257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.270{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/text-editors--- 23542300x800000000000000042258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.273{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/plugins-common--- 23542300x800000000000000042259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.275{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/multimedia--- 23542300x800000000000000042260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.278{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/kde--- 23542300x800000000000000042261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.280{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/mailto--- 23542300x800000000000000042262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.282{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration--- 23542300x800000000000000042263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.284{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/user-files--- 23542300x800000000000000042264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.287{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/productivity--- 23542300x800000000000000042265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.289{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration-xul--- 23542300x800000000000000042266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.291{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-browsers.d/java--- 23542300x800000000000000042267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.294{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dconf--- 23542300x800000000000000042268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.297{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/nameservice--- 23542300x800000000000000042269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.299{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-unity7-launcher--- 23542300x800000000000000042270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.302{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/fcitx-strict--- 23542300x800000000000000042271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.304{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dbus-session-strict--- 23542300x800000000000000042272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.307{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/user-tmp--- 23542300x800000000000000042273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.309{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/fcitx--- 23542300x800000000000000042274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.311{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ldapclient--- 23542300x800000000000000042275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.314{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/mozc--- 23542300x800000000000000042276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.317{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-helpers--- 23542300x800000000000000042277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.319{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/php5--- 23542300x800000000000000042278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.322{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-feed-readers--- 23542300x800000000000000042279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-unity7-messaging--- 23542300x800000000000000042280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.328{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/xad--- 23542300x800000000000000042281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.331{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/perl--- 23542300x800000000000000042282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.334{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/gnome--- 23542300x800000000000000042283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.336{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/aspell--- 23542300x800000000000000042284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.339{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/openssl--- 23542300x800000000000000042285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.343{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/likewise--- 23542300x800000000000000042286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.345{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/bash--- 23542300x800000000000000042287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.347{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dbus-strict--- 23542300x800000000000000042288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.350{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/dbus-session--- 23542300x800000000000000042289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.352{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-xterm--- 23542300x800000000000000042290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.355{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/nvidia--- 23542300x800000000000000042291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.358{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/fonts--- 23542300x800000000000000042292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.361{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/user-manpages--- 23542300x800000000000000042293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.364{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/wutmp--- 23542300x800000000000000042294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.367{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/mdns--- 23542300x800000000000000042295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.370{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/user-write--- 23542300x800000000000000042296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.376{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/private-files-strict--- 23542300x800000000000000042297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.378{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/ubuntu-media-players--- 23542300x800000000000000042298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.383{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/mir--- 23542300x800000000000000042299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.386{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/abstractions/winbind--- 23542300x800000000000000042300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.389{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/usr.lib.snapd.snap-confine.real--- 23542300x800000000000000042301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.391{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/sbin.dhclient--- 23542300x800000000000000042302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.394{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/.features--- 23542300x800000000000000042303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.396{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/usr.lib.snapd.snap-confine.real--- 23542300x800000000000000042304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.399{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/usr.bin.lxc-start--- 23542300x800000000000000042305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.402{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/usr.sbin.tcpdump--- 23542300x800000000000000042306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.405{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/usr.bin.man--- 23542300x800000000000000042307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.407{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/cache/lxc-containers--- 23542300x800000000000000042308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.410{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/sbin.dhclient--- 23542300x800000000000000042309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.412{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/README--- 23542300x800000000000000042310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.414{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/usr.sbin.rsyslogd--- 23542300x800000000000000042311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.417{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/usr.lib.snapd.snap-confine.real--- 23542300x800000000000000042312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.419{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/usr.bin.lxc-start--- 23542300x800000000000000042313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.421{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/usr.sbin.tcpdump--- 23542300x800000000000000042314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.424{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/local/usr.bin.man--- 23542300x800000000000000042315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.427{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/usr.bin.lxc-start--- 23542300x800000000000000042316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.460{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/usr.sbin.tcpdump--- 23542300x800000000000000042318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.463{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/disable/usr.sbin.rsyslogd--- 23542300x800000000000000042317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.463{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/usr.bin.man--- 23542300x800000000000000042319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/sys--- 23542300x800000000000000042320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.469{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/apparmorfs--- 23542300x800000000000000042321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.471{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/xdg-user-dirs--- 23542300x800000000000000042322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.474{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/proc--- 23542300x800000000000000042323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.476{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/alias--- 23542300x800000000000000042324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.478{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/securityfs--- 23542300x800000000000000042325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.480{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/kernelvars--- 23542300x800000000000000042326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.482{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/xdg-user-dirs.d/site.local--- 23542300x800000000000000042327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.485{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/global--- 23542300x800000000000000042328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.488{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/multiarch.d/site.local--- 23542300x800000000000000042329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.491{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/multiarch--- 23542300x800000000000000042330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.493{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/home.d/ubuntu--- 23542300x800000000000000042331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.495{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/home.d/site.local--- 23542300x800000000000000042332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.497{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/dovecot--- 23542300x800000000000000042333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.500{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/tunables/home--- 23542300x800000000000000042334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.502{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor.d/lxc-containers--- 23542300x800000000000000042335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.506{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/calendar/default--- 23542300x800000000000000042336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.539{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_setup_font.sh--- 23542300x800000000000000042337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.541{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.KOI8-R.inc--- 23542300x800000000000000042338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.544{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/ISO-8859-1.acm--- 23542300x800000000000000042339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.547{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-9.inc--- 23542300x800000000000000042340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.549{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_Uni2-Fixed16.psf.gz--- 23542300x800000000000000042341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.552{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/vtrgb.vga--- 23542300x800000000000000042342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.555{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-8.inc--- 23542300x800000000000000042343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.558{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.VISCII.inc--- 23542300x800000000000000042344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.561{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-7.inc--- 23542300x800000000000000042345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.563{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-15.inc--- 23542300x800000000000000042346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.565{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.GEORGIAN-ACADEMY.inc--- 23542300x800000000000000042347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.568{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_ISO-8859-1.acm.gz--- 23542300x800000000000000042348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.570{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-10.inc--- 23542300x800000000000000042349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.573{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/remap.inc--- 23542300x800000000000000042350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-16.inc--- 23542300x800000000000000042351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_UTF-8_del.kmap.gz--- 23542300x800000000000000042352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.580{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.GEORGIAN-PS.inc--- 23542300x800000000000000042353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.582{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_ISO-8859-1_del.kmap.gz--- 23542300x800000000000000042354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.586{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-2.inc--- 23542300x800000000000000042355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.590{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.IBM1133.inc--- 23542300x800000000000000042356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.593{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-6.inc--- 23542300x800000000000000042357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.595{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.TIS-620.inc--- 23542300x800000000000000042358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.598{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-1.inc--- 23542300x800000000000000042359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.601{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-3.inc--- 23542300x800000000000000042360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.603{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_setup_terminal.sh--- 23542300x800000000000000042361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.606{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.CP1255.inc--- 23542300x800000000000000042362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.608{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-11.inc--- 23542300x800000000000000042363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.610{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.CP1251.inc--- 23542300x800000000000000042364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-5.inc--- 23542300x800000000000000042365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.615{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-14.inc--- 23542300x800000000000000042366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.618{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ARMSCII-8.inc--- 23542300x800000000000000042367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.KOI8-U.inc--- 23542300x800000000000000042368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.623{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/Uni2-Fixed16.psf.gz--- 23542300x800000000000000042369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.627{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/cached_setup_keyboard.sh--- 23542300x800000000000000042370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.629{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-13.inc--- 23542300x800000000000000042371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.632{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.CP1256.inc--- 23542300x800000000000000042372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.635{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISO-8859-4.inc--- 23542300x800000000000000042373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.638{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/compose.ISIRI-3342.inc--- 23542300x800000000000000042374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.641{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/console-setup/vtrgb--- 23542300x800000000000000042375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.646{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/updatedb.conf--- 23542300x800000000000000042376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.648{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ca-certificates.conf--- 23542300x800000000000000042377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.652{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apport/crashdb.conf--- 23542300x800000000000000042378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.655{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apport/blacklist.d/apport--- 23542300x800000000000000042379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.658{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apport/blacklist.d/README.blacklist--- 23542300x800000000000000042380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.661{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/bash_completion.d/grub--- 23542300x800000000000000042381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.664{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/bash_completion.d/git-prompt--- 23542300x800000000000000042382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.667{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/bash_completion.d/apport_completion--- 23542300x800000000000000042383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.669{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/qemu-ifdown--- 23542300x800000000000000042384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.672{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.monthly/.placeholder--- 23542300x800000000000000042385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.675{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/subgid---- 23542300x800000000000000042386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.677{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vim/vimrc--- 23542300x800000000000000042387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.680{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vim/vimrc.tiny--- 23542300x800000000000000042388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.684{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postinst.d/zz-update-grub--- 23542300x800000000000000042389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.687{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postinst.d/update-notifier--- 23542300x800000000000000042390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.690{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postinst.d/initramfs-tools--- 23542300x800000000000000042391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.692{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postinst.d/apt-auto-removal--- 23542300x800000000000000042392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.695{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postinst.d/unattended-upgrades--- 23542300x800000000000000042393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.697{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postinst.d/xx-update-initrd-links--- 23542300x800000000000000042394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.700{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postrm.d/zz-update-grub--- 23542300x800000000000000042395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.702{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel/postrm.d/initramfs-tools--- 23542300x800000000000000042396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.705{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/gdb/gdbinit--- 23542300x800000000000000042397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.707{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/login--- 23542300x800000000000000042398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.710{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/runuser-l--- 23542300x800000000000000042399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.712{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/polkit-1--- 23542300x800000000000000042400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.715{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/common-session--- 23542300x800000000000000042401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.717{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/common-session-noninteractive--- 23542300x800000000000000042402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.720{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/sudo--- 23542300x800000000000000042403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.723{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/passwd--- 23542300x800000000000000042404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.725{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/sshd--- 23542300x800000000000000042405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.728{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/chpasswd--- 23542300x800000000000000042406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/su--- 23542300x800000000000000042407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.732{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/common-password--- 23542300x800000000000000042408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.734{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/other--- 23542300x800000000000000042409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/cron--- 23542300x800000000000000042410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.740{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/common-account--- 23542300x800000000000000042411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.743{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/newusers--- 23542300x800000000000000042412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.746{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/chsh--- 23542300x800000000000000042413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/common-auth--- 23542300x800000000000000042414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.750{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/chfn--- 23542300x800000000000000042415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.753{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/systemd-user--- 23542300x800000000000000042416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.756{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/vmtoolsd--- 23542300x800000000000000042417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.759{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/atd--- 23542300x800000000000000042418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.761{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.d/runuser--- 23542300x800000000000000042419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.765{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/initramfs-tools/initramfs.conf--- 23542300x800000000000000042420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.768{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/initramfs-tools/update-initramfs.conf--- 23542300x800000000000000042421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.776{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/initramfs-tools/modules--- 23542300x800000000000000042422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.780{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/depmod.d/ubuntu.conf--- 23542300x800000000000000042423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.782{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hosts.allow--- 23542300x800000000000000042424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.785{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/crontab--- 23542300x800000000000000042425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.787{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000042427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.788{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/acpi/events/hibinit-power--- 534500x800000000000000042426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.788{ec2a2542-2b02-6254-0000-000000000000}11275-root 23542300x800000000000000042428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.790{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/acpi/events/hibinit-sleep--- 23542300x800000000000000042429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/acpi/actions/hibinit-power.sh--- 23542300x800000000000000042430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/acpi/actions/sleep.sh--- 23542300x800000000000000042431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.800{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/mailcap--- 23542300x800000000000000042432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.802{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/pam.conf--- 23542300x800000000000000042433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.805{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ld.so.conf--- 23542300x800000000000000042434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.808{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/zsh_command_not_found--- 23542300x800000000000000042435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.811{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/mime.types--- 23542300x800000000000000042436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.813{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/manpath.config--- 23542300x800000000000000042437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.816{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hostname--- 23542300x800000000000000042438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.818{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fstab--- 23542300x800000000000000042439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.821{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ldap/ldap.conf--- 23542300x800000000000000042440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.824{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/machine-id--- 23542300x800000000000000042441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.826{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/machine-info--- 23542300x800000000000000042442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.828{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/at.deny--- 23542300x800000000000000042443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.831{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_dsfield--- 23542300x800000000000000042444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.834{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/group--- 23542300x800000000000000042445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.837{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_protos.d/README--- 23542300x800000000000000042446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.840{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/ematch_map--- 23542300x800000000000000042447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.842{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_tables.d/README--- 23542300x800000000000000042448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.845{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/nl_protos--- 23542300x800000000000000042449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.847{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_protos--- 23542300x800000000000000042450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.849{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_tables--- 23542300x800000000000000042451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.852{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_scopes--- 23542300x800000000000000042452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.855{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/rt_realms--- 23542300x800000000000000042454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/resolv.conf--- 23542300x800000000000000042453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/iproute2/bpf_pinning--- 23542300x800000000000000042455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.861{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.hourly/.placeholder--- 23542300x800000000000000042456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.864{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/screenrc--- 23542300x800000000000000042457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.867{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzdiff.1.gz--- 23542300x800000000000000042458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.870{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/infobrowser--- 23542300x800000000000000042459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.873{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rlogin.1.gz--- 23542300x800000000000000042460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.875{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi.pl.1.gz--- 23542300x800000000000000042461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/traceroute6--- 23542300x800000000000000042462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.880{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pftp--- 23542300x800000000000000042463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.883{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzgrep--- 23542300x800000000000000042464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.886{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/from--- 23542300x800000000000000042465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.889{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzmore.1.gz--- 23542300x800000000000000042467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.892{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/newt-palette--- 23542300x800000000000000042466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.892{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi.ru.1.gz--- 23542300x800000000000000042468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.894{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/jsonschema--- 23542300x800000000000000042469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/unlzma.1.gz--- 23542300x800000000000000042470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.899{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/README--- 23542300x800000000000000042471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.903{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex.1.gz--- 23542300x800000000000000042472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.906{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/c89--- 23542300x800000000000000042473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.908{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/awk--- 23542300x800000000000000042474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.911{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/editor--- 23542300x800000000000000042475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.913{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rmt--- 23542300x800000000000000042476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.916{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/cc.1.gz--- 23542300x800000000000000042477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.919{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzma.1.gz--- 23542300x800000000000000042478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.921{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/w--- 23542300x800000000000000042479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi.1.gz--- 23542300x800000000000000042480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.927{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/nc.1.gz--- 23542300x800000000000000042481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.929{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/from.1.gz--- 23542300x800000000000000042482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.932{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzless.1.gz--- 23542300x800000000000000042483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.936{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/locate--- 23542300x800000000000000042484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.939{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzcat.1.gz--- 23542300x800000000000000042485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.942{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex.ja.1.gz--- 23542300x800000000000000042486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.945{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view.ru.1.gz--- 23542300x800000000000000042487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.948{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/jsonpatch--- 23542300x800000000000000042488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.950{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rmt.8.gz--- 23542300x800000000000000042489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.995{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/netrc.5.gz--- 23542300x800000000000000042490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:03.997{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view.pl.1.gz--- 23542300x800000000000000042491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.000{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/nawk.1.gz--- 23542300x800000000000000042492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.003{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzdiff--- 23542300x800000000000000042493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.005{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view.1.gz--- 23542300x800000000000000042494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.008{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzgrep.1.gz--- 23542300x800000000000000042495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.011{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/mt--- 23542300x800000000000000042496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.013{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/telnet--- 23542300x800000000000000042497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.016{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/c99.1.gz--- 23542300x800000000000000042498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.019{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex--- 23542300x800000000000000042499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.021{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/infobrowser.1.gz--- 23542300x800000000000000042500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.024{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rvim--- 23542300x800000000000000042501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzcmp.1.gz--- 23542300x800000000000000042502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.029{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vimdiff--- 23542300x800000000000000042503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.032{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/cpp--- 23542300x800000000000000042504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.035{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/netcat.1.gz--- 23542300x800000000000000042505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.037{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view.ja.1.gz--- 23542300x800000000000000042506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.040{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzfgrep.1.gz--- 23542300x800000000000000042507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.043{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/builtins.7.gz--- 23542300x800000000000000042508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.045{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/c++.1.gz--- 23542300x800000000000000042509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.047{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/c99--- 23542300x800000000000000042510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzmore--- 23542300x800000000000000042511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.053{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/telnet.1.gz--- 23542300x800000000000000042512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.061{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rsh--- 23542300x800000000000000042513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.064{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vim--- 23542300x800000000000000042514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzless--- 23542300x800000000000000042515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.070{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzcmp--- 23542300x800000000000000042516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.073{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/mt.1.gz--- 23542300x800000000000000042517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.075{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/updatedb.8.gz--- 23542300x800000000000000042518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.078{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi.it.1.gz--- 23542300x800000000000000042519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.081{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/jsondiff--- 23542300x800000000000000042520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.083{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzegrep.1.gz--- 23542300x800000000000000042521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.086{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/write.1.gz--- 23542300x800000000000000042522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.089{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/jsonpointer--- 23542300x800000000000000042523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.092{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/c++--- 23542300x800000000000000042524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.094{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ftp--- 23542300x800000000000000042525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.096{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/traceroute6.8.gz--- 23542300x800000000000000042526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.099{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pftp.1.gz--- 23542300x800000000000000042527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.101{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzma--- 23542300x800000000000000042528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.104{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pager--- 23542300x800000000000000042529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.112{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/c89.1.gz--- 23542300x800000000000000042530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.115{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi--- 23542300x800000000000000042531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.118{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzfgrep--- 23542300x800000000000000042532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.121{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex.fr.1.gz--- 23542300x800000000000000042533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.123{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ftp.1.gz--- 23542300x800000000000000042534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.126{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/editor.1.gz--- 23542300x800000000000000042535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.128{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/updatedb--- 23542300x800000000000000042536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.131{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view.fr.1.gz--- 23542300x800000000000000042537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.133{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzcat--- 23542300x800000000000000042538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.136{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/write--- 23542300x800000000000000042539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.138{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/unlzma--- 23542300x800000000000000042540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.139{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi.ja.1.gz--- 23542300x800000000000000042541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.142{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view.it.1.gz--- 23542300x800000000000000042542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.145{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pico.1.gz--- 23542300x800000000000000042543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.147{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pinentry.1.gz--- 23542300x800000000000000042544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.150{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rcp--- 23542300x800000000000000042545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.152{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex.pl.1.gz--- 23542300x800000000000000042546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.155{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex.ru.1.gz--- 23542300x800000000000000042547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.157{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rcp.1.gz--- 23542300x800000000000000042548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.159{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rview--- 23542300x800000000000000042549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.161{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/netcat--- 23542300x800000000000000042550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.164{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rsh.1.gz--- 23542300x800000000000000042551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.166{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/nc--- 23542300x800000000000000042552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.168{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/cc--- 23542300x800000000000000042553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.170{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vi.fr.1.gz--- 23542300x800000000000000042554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.173{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/awk.1.gz--- 23542300x800000000000000042555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.175{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/view--- 23542300x800000000000000042556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.178{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pager.1.gz--- 23542300x800000000000000042557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.180{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/locate.1.gz--- 23542300x800000000000000042558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.182{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/w.1.gz--- 23542300x800000000000000042559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.184{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/lzegrep--- 23542300x800000000000000042560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.186{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/nawk--- 23542300x800000000000000042561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.189{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/rlogin--- 23542300x800000000000000042562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.192{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/text.plymouth--- 23542300x800000000000000042563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.194{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pico--- 23542300x800000000000000042565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/vtrgb--- 23542300x800000000000000042564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/pinentry--- 23542300x800000000000000042566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.200{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/alternatives/ex.it.1.gz--- 23542300x800000000000000042567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.207{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/debian_version--- 23542300x800000000000000042568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.210{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/magic.mime--- 23542300x800000000000000042569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.212{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/subgid--- 23542300x800000000000000042570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.214{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/.pwd.lock--- 23542300x800000000000000042592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01unattended-upgrades--- 23542300x800000000000000042591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01apport--- 23542300x800000000000000042590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01rsyslog--- 23542300x800000000000000042589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01lxd--- 23542300x800000000000000042588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01grub-common--- 23542300x800000000000000042587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01lvm2-lvmetad--- 23542300x800000000000000042586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01open-vm-tools--- 23542300x800000000000000042585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01irqbalance--- 23542300x800000000000000042584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01atd--- 23542300x800000000000000042583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01dbus--- 23542300x800000000000000042582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01mdadm--- 23542300x800000000000000042581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01uuidd--- 23542300x800000000000000042580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01lxcfs--- 23542300x800000000000000042579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01cron--- 23542300x800000000000000042578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01acpid--- 23542300x800000000000000042577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01binfmt-support--- 23542300x800000000000000042576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01lvm2-lvmpolld--- 23542300x800000000000000042575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01ssh--- 23542300x800000000000000042574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01plymouth--- 23542300x800000000000000042573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01splunk--- 23542300x800000000000000042572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01console-setup.sh--- 23542300x800000000000000042571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc5.d/S01rsync--- 23542300x800000000000000042593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.217{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/wgetrc--- 23542300x800000000000000042594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.220{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/mdadm/mdadm.conf--- 23542300x800000000000000042595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.223{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/python3/debian_config--- 534500x800000000000000042597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.225{ec2a2542-2b02-6254-0000-000000000000}11276-root 23542300x800000000000000042596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.225{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000042598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.226{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apm/event.d/20hdparm--- 23542300x800000000000000042599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.229{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/timezone--- 23542300x800000000000000042600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.231{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/shadow---- 23542300x800000000000000042601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.233{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/networks--- 23542300x800000000000000042602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.236{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/magic--- 23542300x800000000000000042603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.238{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/bindresvport.blacklist--- 23542300x800000000000000042604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.240{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/bash.bashrc--- 23542300x800000000000000042605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.248{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/deluser.conf--- 23542300x800000000000000042606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.251{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/login.defs--- 23542300x800000000000000042607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.253{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/perl/Net/libnet.cfg--- 23542300x800000000000000042608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.257{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hosts.deny--- 23542300x800000000000000042609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/subuid---- 23542300x800000000000000042610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.262{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/environment--- 23542300x800000000000000042611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.264{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/gshadow---- 23542300x800000000000000042612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/mthca.driver--- 23542300x800000000000000042613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.269{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/mlx4.driver--- 23542300x800000000000000042614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.272{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/qedr.driver--- 23542300x800000000000000042615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.274{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/rxe.driver--- 23542300x800000000000000042616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.277{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/vmw_pvrdma.driver--- 23542300x800000000000000042617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.279{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/mlx5.driver--- 23542300x800000000000000042618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.281{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/ocrdma.driver--- 23542300x800000000000000042619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.285{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/hfi1verbs.driver--- 23542300x800000000000000042620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.317{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/hns.driver--- 23542300x800000000000000042621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.319{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/nes.driver--- 23542300x800000000000000042622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.322{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/ipathverbs.driver--- 23542300x800000000000000042623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/i40iw.driver--- 23542300x800000000000000042624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.327{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/bnxt_re.driver--- 23542300x800000000000000042625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.330{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/cxgb3.driver--- 23542300x800000000000000042626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.333{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libibverbs.d/cxgb4.driver--- 23542300x800000000000000042627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.336{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/byobu/backend--- 23542300x800000000000000042628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.340{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/byobu/socketdir--- 23542300x800000000000000042629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.345{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/gshadow--- 23542300x800000000000000042630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.348{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/crypttab--- 23542300x800000000000000042631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.351{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/host.conf--- 23542300x800000000000000042632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.353{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/subuid--- 23542300x800000000000000042633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.357{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-manager/meta-release--- 23542300x800000000000000042634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.360{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-manager/release-upgrades--- 23542300x800000000000000042635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.363{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-manager/release-upgrades.d/ubuntu-advantage-upgrades.cfg--- 23542300x800000000000000042636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.366{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/mailcap.order--- 23542300x800000000000000042637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.368{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/inputrc--- 23542300x800000000000000042638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.371{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/NetworkManager/dispatcher.d/hook-network-manager--- 23542300x800000000000000042639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.374{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/shadow--- 23542300x800000000000000042640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.377{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/rsyslog--- 23542300x800000000000000042641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.380{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/ufw--- 23542300x800000000000000042642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.389{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/dpkg--- 23542300x800000000000000042643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.391{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/apport--- 23542300x800000000000000042644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/ubuntu-advantage-tools--- 23542300x800000000000000042645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.426{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/alternatives--- 23542300x800000000000000042646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.428{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/unattended-upgrades--- 23542300x800000000000000042647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.431{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/lxd--- 23542300x800000000000000042648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.433{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logrotate.d/apt--- 23542300x800000000000000042649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.436{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/resolved.conf--- 23542300x800000000000000042650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.439{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/resolved.conf.d/disable-dnssec.conf--- 23542300x800000000000000042651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.441{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/logind.conf--- 23542300x800000000000000042652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.444{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/timesyncd.conf--- 23542300x800000000000000042653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.447{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/journald.conf--- 23542300x800000000000000042654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.450{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/user.conf--- 23542300x800000000000000042655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.452{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system.conf--- 23542300x800000000000000042656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/getty.target.wants/getty@tty1.service--- 23542300x800000000000000042657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.458{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/graphical.target.wants/accounts-daemon.service--- 23542300x800000000000000042658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.461{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/dbus-org.freedesktop.resolve1.service--- 23542300x800000000000000042659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.464{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service--- 23542300x800000000000000042660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/default.target.wants/ureadahead.service--- 23542300x800000000000000042661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.470{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/lxd-containers.service--- 23542300x800000000000000042662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.474{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/hibinit-agent.service--- 23542300x800000000000000042663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.477{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/systemd-resolved.service--- 23542300x800000000000000042664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.480{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/ssh.service--- 23542300x800000000000000042665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.482{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/qemu-kvm.service--- 23542300x800000000000000042666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.485{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/unattended-upgrades.service--- 23542300x800000000000000042667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.488{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/pollinate.service--- 23542300x800000000000000042668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.496{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/ua-license-check.path--- 23542300x800000000000000042669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.499{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/cron.service--- 23542300x800000000000000042670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.501{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snapd.core-fixup.service--- 23542300x800000000000000042671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.505{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/ebtables.service--- 23542300x800000000000000042672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.509{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snap-snapd-14978.mount--- 23542300x800000000000000042673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.512{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/remote-fs.target--- 23542300x800000000000000042674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.515{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/console-setup.service--- 23542300x800000000000000042675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/rsyslog.service--- 23542300x800000000000000042676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.520{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/binfmt-support.service--- 23542300x800000000000000042677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.523{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snap.amazon-ssm-agent.amazon-ssm-agent.service--- 23542300x800000000000000042678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.525{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/lxcfs.service--- 23542300x800000000000000042679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.528{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snapd.seeded.service--- 23542300x800000000000000042680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.531{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/ua-reboot-cmds.service--- 23542300x800000000000000042681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.534{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snap-amazon\x2dssm\x2dagent-5163.mount--- 23542300x800000000000000042682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.538{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snapd.autoimport.service--- 23542300x800000000000000042683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.540{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/ondemand.service--- 23542300x800000000000000042684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.543{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snapd.service--- 23542300x800000000000000042685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.545{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/networkd-dispatcher.service--- 23542300x800000000000000042686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.548{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/ufw.service--- 23542300x800000000000000042687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.550{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snapd.apparmor.service--- 23542300x800000000000000042688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.553{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/open-vm-tools.service--- 23542300x800000000000000042689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.555{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snapd.recovery-chooser-trigger.service--- 23542300x800000000000000042690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.557{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snap-snapd-15177.mount--- 23542300x800000000000000042691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.560{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snap-core18-2344.mount--- 23542300x800000000000000042692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.562{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/irqbalance.service--- 23542300x800000000000000042693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.565{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/snap-core18-2284.mount--- 23542300x800000000000000042694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.568{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/rsync.service--- 23542300x800000000000000042695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.570{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/sysmon.service--- 23542300x800000000000000042696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.573{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/atd.service--- 23542300x800000000000000042697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/multi-user.target.wants/systemd-networkd.service--- 23542300x800000000000000042698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/snap-snapd-14978.mount--- 23542300x800000000000000042699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.581{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/open-vm-tools.service.requires/vgauth.service--- 23542300x800000000000000042700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.584{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/snap.amazon-ssm-agent.amazon-ssm-agent.service--- 23542300x800000000000000042701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.586{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sshd.service--- 23542300x800000000000000042702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.590{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/cloud-final.service.wants/snapd.seeded.service--- 23542300x800000000000000042703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.592{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/blk-availability.service--- 23542300x800000000000000042704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.595{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/lvm2-monitor.service--- 23542300x800000000000000042705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.597{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/keyboard-setup.service--- 23542300x800000000000000042706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.600{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/lvm2-lvmetad.socket--- 23542300x800000000000000042707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.602{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/open-iscsi.service--- 23542300x800000000000000042708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.605{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/apparmor.service--- 23542300x800000000000000042709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.607{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/lvm2-lvmpolld.socket--- 23542300x800000000000000042710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.610{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/setvtrgb.service--- 23542300x800000000000000042711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.612{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service--- 23542300x800000000000000042712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.615{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/snap-amazon\x2dssm\x2dagent-5163.mount--- 23542300x800000000000000042713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.617{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/vmtoolsd.service--- 23542300x800000000000000042714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.620{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/timers.target.wants/apt-daily.timer--- 23542300x800000000000000042715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.622{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/timers.target.wants/motd-news.timer--- 23542300x800000000000000042716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.625{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/timers.target.wants/snapd.snap-repair.timer--- 354300x800000000000000042717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.642{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54926-false10.0.1.12-8000- 23542300x800000000000000042718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.673{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/timers.target.wants/apt-daily-upgrade.timer--- 23542300x800000000000000042719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.675{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/timers.target.wants/fstrim.timer--- 23542300x800000000000000042720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.678{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/timers.target.wants/ua-timer.timer--- 23542300x800000000000000042721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.681{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/paths.target.wants/apport-autoreport.path--- 23542300x800000000000000042722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.684{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/paths.target.wants/acpid.path--- 23542300x800000000000000042723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.687{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf--- 23542300x800000000000000042724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.690{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/snap-snapd-15177.mount--- 23542300x800000000000000042725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.693{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/snap-core18-2344.mount--- 23542300x800000000000000042726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.696{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/snap-core18-2284.mount--- 23542300x800000000000000042727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.699{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/iscsi.service--- 23542300x800000000000000042728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.702{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/syslog.service--- 23542300x800000000000000042729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.704{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/cloud-init.target.wants/cloud-config.service--- 23542300x800000000000000042730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.706{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service--- 23542300x800000000000000042731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.709{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/cloud-init.target.wants/cloud-init-hotplugd.socket--- 23542300x800000000000000042732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.711{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/cloud-init.target.wants/cloud-final.service--- 23542300x800000000000000042733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.714{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/cloud-init.target.wants/cloud-init.service--- 23542300x800000000000000042734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.717{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sysmon.service--- 23542300x800000000000000042735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.721{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/final.target.wants/snapd.system-shutdown.service--- 23542300x800000000000000042736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.724{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/snapd.socket--- 23542300x800000000000000042737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.726{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/lxd.socket--- 23542300x800000000000000042738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.729{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/acpid.socket--- 23542300x800000000000000042739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.731{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/systemd-networkd.socket--- 23542300x800000000000000042740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.734{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/apport-forward.socket--- 23542300x800000000000000042741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.736{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/dm-event.socket--- 23542300x800000000000000042742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/uuidd.socket--- 23542300x800000000000000042743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.742{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/systemd/system/sockets.target.wants/iscsid.socket--- 23542300x800000000000000042744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/os-release--- 23542300x800000000000000042745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.750{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ld.so.cache--- 23542300x800000000000000042746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.752{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/91-contract-ua-esm-status--- 23542300x800000000000000042747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.754{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/00-header--- 23542300x800000000000000042748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.758{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/10-help-text--- 23542300x800000000000000042749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.761{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/92-unattended-upgrades--- 23542300x800000000000000042750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.763{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/97-overlayroot--- 23542300x800000000000000042751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.766{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/50-landscape-sysinfo--- 23542300x800000000000000042752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.768{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/88-esm-announce--- 23542300x800000000000000042753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.770{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/50-motd-news--- 23542300x800000000000000042754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.773{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/90-updates-available--- 23542300x800000000000000042755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.775{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/98-reboot-required--- 23542300x800000000000000042756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/91-release-upgrade--- 23542300x800000000000000042757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.780{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/95-hwe-eol--- 23542300x800000000000000042758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.782{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/update-motd.d/98-fsck-at-reboot--- 23542300x800000000000000042759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.785{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/tmpfiles.d/screen-cleanup.conf--- 23542300x800000000000000042760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.787{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dbus-1/system.d/com.ubuntu.LanguageSelector.conf--- 23542300x800000000000000042763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.790{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dbus-1/system.d/org.freedesktop.Accounts.conf--- 534500x800000000000000042762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.790{ec2a2542-2b04-6254-0000-000000000000}11277-root 23542300x800000000000000042761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.790{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000042764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dbus-1/system.d/com.ubuntu.SoftwareProperties.conf--- 23542300x800000000000000042765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf--- 23542300x800000000000000042766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.797{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/dbus-1/system.d/dnsmasq.conf--- 23542300x800000000000000042767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.800{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/cloud.cfg--- 23542300x800000000000000042768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.864{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/cloud.cfg.d/README--- 23542300x800000000000000042769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.867{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/cloud.cfg.d/05_logging.cfg--- 23542300x800000000000000042770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.870{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/cloud.cfg.d/95_mirrors.cfg--- 23542300x800000000000000042771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.874{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/cloud.cfg.d/90_dpkg.cfg--- 23542300x800000000000000042772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/build.info--- 23542300x800000000000000042773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.880{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chef_client.rb.tmpl--- 23542300x800000000000000042774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.882{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/hosts.suse.tmpl--- 23542300x800000000000000042775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.885{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.rhel.tmpl--- 23542300x800000000000000042776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.887{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/hosts.freebsd.tmpl--- 23542300x800000000000000042777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.889{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/hosts.debian.tmpl--- 23542300x800000000000000042778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.891{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.opensuse.tmpl--- 23542300x800000000000000042779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.893{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.ubuntu.tmpl--- 23542300x800000000000000042780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.alpine.tmpl--- 23542300x800000000000000042781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.899{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.fedora.tmpl--- 23542300x800000000000000042782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.907{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.fedora.tmpl--- 23542300x800000000000000042783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.909{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.debian.tmpl--- 23542300x800000000000000042784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.911{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.debian.tmpl--- 23542300x800000000000000042785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.915{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/resolv.conf.tmpl--- 23542300x800000000000000042786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.918{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/hosts.alpine.tmpl--- 23542300x800000000000000042787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.920{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.opensuse.tmpl--- 23542300x800000000000000042788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.922{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.alpine.tmpl--- 23542300x800000000000000042789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.photon.tmpl--- 23542300x800000000000000042790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.927{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.photon.tmpl--- 23542300x800000000000000042791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.930{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/timesyncd.conf.tmpl--- 23542300x800000000000000042792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.933{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.sles.tmpl--- 23542300x800000000000000042793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.935{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/hosts.photon.tmpl--- 23542300x800000000000000042794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.937{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.sles.tmpl--- 23542300x800000000000000042795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.939{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/chrony.conf.rhel.tmpl--- 23542300x800000000000000042796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.942{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/sources.list.ubuntu.tmpl--- 23542300x800000000000000042797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.944{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/hosts.redhat.tmpl--- 23542300x800000000000000042798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.946{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/ntp.conf.ubuntu.tmpl--- 23542300x800000000000000042799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.949{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/systemd.resolved.conf.tmpl--- 23542300x800000000000000042800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.952{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cloud/templates/sources.list.debian.tmpl--- 23542300x800000000000000042801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.954{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hosts--- 23542300x800000000000000042823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01unattended-upgrades--- 23542300x800000000000000042822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01apport--- 23542300x800000000000000042821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01rsyslog--- 23542300x800000000000000042820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01lxd--- 23542300x800000000000000042819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01grub-common--- 23542300x800000000000000042818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01lvm2-lvmetad--- 23542300x800000000000000042817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01open-vm-tools--- 23542300x800000000000000042816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01irqbalance--- 23542300x800000000000000042815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01atd--- 23542300x800000000000000042814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01dbus--- 23542300x800000000000000042813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01mdadm--- 23542300x800000000000000042812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01uuidd--- 23542300x800000000000000042811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01lxcfs--- 23542300x800000000000000042810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01cron--- 23542300x800000000000000042809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01acpid--- 23542300x800000000000000042808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01binfmt-support--- 23542300x800000000000000042807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01lvm2-lvmpolld--- 23542300x800000000000000042806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01ssh--- 23542300x800000000000000042805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01plymouth--- 23542300x800000000000000042804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01splunk--- 23542300x800000000000000042803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01console-setup.sh--- 23542300x800000000000000042802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc3.d/S01rsync--- 23542300x800000000000000042824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.958{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/protocols--- 23542300x800000000000000042825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.963{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/tools.conf--- 23542300x800000000000000042826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.966{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth.conf--- 23542300x800000000000000042827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.968{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/statechange.subr--- 23542300x800000000000000042828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.970{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/suspend-vm-default--- 23542300x800000000000000042829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.973{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/XMLSchema-hasFacetAndProperty.xsd--- 23542300x800000000000000042830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.976{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/XMLSchema.dtd--- 23542300x800000000000000042831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.978{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/XMLSchema-instance.xsd--- 23542300x800000000000000042832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.981{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/datatypes.dtd--- 23542300x800000000000000042833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.984{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/xml.xsd--- 23542300x800000000000000042834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.987{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/xmldsig-core-schema.xsd--- 23542300x800000000000000042835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.989{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/catalog.xml--- 23542300x800000000000000042836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.991{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/xenc-schema.xsd--- 23542300x800000000000000042837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.994{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/saml-schema-assertion-2.0.xsd--- 23542300x800000000000000042838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.996{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vgauth/schemas/XMLSchema.xsd--- 23542300x800000000000000042839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:04.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/resume-vm-default--- 23542300x800000000000000042840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.008{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/poweron-vm-default--- 23542300x800000000000000042841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.010{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/vm-support--- 23542300x800000000000000042842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.013{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/tools.conf.example--- 23542300x800000000000000042843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.016{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/scripts/vmware/network--- 23542300x800000000000000042844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.018{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vmware-tools/poweroff-vm-default--- 23542300x800000000000000042845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.021{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cryptsetup-initramfs/conf-hook--- 23542300x800000000000000042846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.024{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/python3.6/sitecustomize.py--- 23542300x800000000000000042847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/kernel-img.conf--- 23542300x800000000000000042848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/thin-performance.profile--- 23542300x800000000000000042849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.035{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/cache-smq.profile--- 23542300x800000000000000042850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.037{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/metadata_profile_template.profile--- 23542300x800000000000000042851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.040{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/cache-mq.profile--- 23542300x800000000000000042852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.043{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/thin-generic.profile--- 23542300x800000000000000042853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.045{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/lvmdbusd.profile--- 23542300x800000000000000042854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.048{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/profile/command_profile_template.profile--- 23542300x800000000000000042855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/lvm.conf--- 23542300x800000000000000042856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.054{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lvm/lvmlocal.conf--- 23542300x800000000000000042857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.057{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ubuntu-advantage/help_data.yaml--- 23542300x800000000000000042858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.059{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/ubuntu-advantage/uaclient.conf--- 23542300x800000000000000042859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.063{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/overlayroot.local.conf--- 23542300x800000000000000042860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logcheck/violations.d/mdadm--- 23542300x800000000000000042861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.071{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logcheck/ignore.d.server/libsasl2-modules--- 23542300x800000000000000042862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.073{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logcheck/ignore.d.server/rsyslog--- 23542300x800000000000000042863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logcheck/ignore.d.server/gpg-agent--- 23542300x800000000000000042864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.079{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/logcheck/ignore.d.server/mdadm--- 23542300x800000000000000042865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.082{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/services--- 23542300x800000000000000042866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.084{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor/subdomain.conf--- 23542300x800000000000000042867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.085{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor/init/network-interface-security/sbin.dhclient--- 23542300x800000000000000042868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.090{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apparmor/parser.conf--- 23542300x800000000000000042869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.092{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/hdparm.conf--- 23542300x800000000000000042870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.094{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/11-lcdfilter-legacy.conf--- 23542300x800000000000000042871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.096{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/25-unhint-nonlatin.conf--- 23542300x800000000000000042872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.124{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/53-monospace-lcd-filter.conf--- 23542300x800000000000000042873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.126{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/60-latin.conf--- 23542300x800000000000000042874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.129{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/64-language-selector-prefer.conf--- 23542300x800000000000000042875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.133{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/80-delicious.conf--- 23542300x800000000000000042876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.136{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-sub-pixel-vrgb.conf--- 23542300x800000000000000042877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.139{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/70-force-bitmaps.conf--- 23542300x800000000000000042878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.141{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/11-lcdfilter-default.conf--- 23542300x800000000000000042879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/57-dejavu-sans.conf--- 23542300x800000000000000042880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.146{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/65-nonlatin.conf--- 23542300x800000000000000042881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.149{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/99-language-selector-zh.conf--- 23542300x800000000000000042882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.151{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-dejavu-lgc-serif.conf--- 23542300x800000000000000042883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.154{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/57-dejavu-sans-mono.conf--- 23542300x800000000000000042884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.156{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-language-selector-ja.conf--- 23542300x800000000000000042885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.158{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/58-dejavu-lgc-sans-mono.conf--- 23542300x800000000000000042886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.160{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/11-lcdfilter-light.conf--- 23542300x800000000000000042887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.162{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-dejavu-lgc-sans-mono.conf--- 23542300x800000000000000042888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.165{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/50-user.conf--- 23542300x800000000000000042889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.167{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-dejavu-sans.conf--- 23542300x800000000000000042890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.170{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-dejavu-lgc-sans.conf--- 23542300x800000000000000042891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.172{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-unhinted.conf--- 23542300x800000000000000042892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.174{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/45-generic.conf--- 23542300x800000000000000042893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.176{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-hinting-full.conf--- 23542300x800000000000000042894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.178{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-hinting-slight.conf--- 23542300x800000000000000042895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.181{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-scale-bitmap-fonts.conf--- 23542300x800000000000000042896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.183{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-language-selector-zh-tw.conf--- 23542300x800000000000000042897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.185{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/30-cjk-aliases.conf--- 23542300x800000000000000042898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.187{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/90-synthetic.conf--- 23542300x800000000000000042899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.190{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-dejavu-sans-mono.conf--- 23542300x800000000000000042900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.193{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/57-dejavu-serif.conf--- 23542300x800000000000000042901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.195{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/30-metric-aliases.conf--- 23542300x800000000000000042902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/45-latin.conf--- 23542300x800000000000000042903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.252{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-sub-pixel-bgr.conf--- 23542300x800000000000000042904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.255{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-vera.conf--- 23542300x800000000000000042905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.257{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-unifont.conf--- 23542300x800000000000000042906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.260{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/49-sansserif.conf--- 23542300x800000000000000042907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.264{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/70-yes-bitmaps.conf--- 23542300x800000000000000042908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.266{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-antialias.conf--- 23542300x800000000000000042909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.270{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/20-unhint-small-dejavu-serif.conf--- 23542300x800000000000000042910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.273{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-language-selector-zh-sg.conf--- 23542300x800000000000000042911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.275{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-hinting-medium.conf--- 23542300x800000000000000042912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.278{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/60-generic.conf--- 23542300x800000000000000042913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.281{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/58-dejavu-lgc-serif.conf--- 23542300x800000000000000042914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.285{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-autohint.conf--- 23542300x800000000000000042915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.287{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-no-sub-pixel.conf--- 23542300x800000000000000042916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.290{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-language-selector-zh-hk.conf--- 23542300x800000000000000042917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.292{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/65-khmer.conf--- 23542300x800000000000000042918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.294{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/58-dejavu-lgc-sans.conf--- 23542300x800000000000000042919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.297{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/40-nonlatin.conf--- 23542300x800000000000000042920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.299{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-hinting-none.conf--- 23542300x800000000000000042921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.303{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/51-local.conf--- 23542300x800000000000000042922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.306{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-sub-pixel-rgb.conf--- 23542300x800000000000000042923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.308{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/65-fonts-persian.conf--- 23542300x800000000000000042924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.310{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/70-no-bitmaps.conf--- 23542300x800000000000000042925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.313{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-language-selector-zh-cn.conf--- 23542300x800000000000000042926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.315{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/10-sub-pixel-vbgr.conf--- 23542300x800000000000000042927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.318{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.avail/69-language-selector-zh-mo.conf--- 23542300x800000000000000042931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/80-delicious.conf--- 23542300x800000000000000042930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/64-language-selector-prefer.conf--- 23542300x800000000000000042929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/60-latin.conf--- 23542300x800000000000000042928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/fonts.conf--- 23542300x800000000000000042966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/51-local.conf--- 23542300x800000000000000042965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/40-nonlatin.conf--- 23542300x800000000000000042964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/58-dejavu-lgc-sans.conf--- 23542300x800000000000000042963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-language-selector-zh-hk.conf--- 23542300x800000000000000042962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/58-dejavu-lgc-serif.conf--- 23542300x800000000000000042961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/60-generic.conf--- 23542300x800000000000000042960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-language-selector-zh-sg.conf--- 23542300x800000000000000042959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-dejavu-serif.conf--- 23542300x800000000000000042958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/10-antialias.conf--- 23542300x800000000000000042957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/49-sansserif.conf--- 23542300x800000000000000042956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-unifont.conf--- 23542300x800000000000000042955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-vera.conf--- 23542300x800000000000000042954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/45-latin.conf--- 23542300x800000000000000042953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/30-metric-aliases.conf--- 23542300x800000000000000042952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/57-dejavu-serif.conf--- 23542300x800000000000000042951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-dejavu-sans-mono.conf--- 23542300x800000000000000042950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/90-synthetic.conf--- 23542300x800000000000000042949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/30-cjk-aliases.conf--- 23542300x800000000000000042948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-language-selector-zh-tw.conf--- 23542300x800000000000000042947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/10-scale-bitmap-fonts.conf--- 23542300x800000000000000042946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/10-hinting-slight.conf--- 23542300x800000000000000042945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/45-generic.conf--- 23542300x800000000000000042944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-dejavu-lgc-sans.conf--- 23542300x800000000000000042943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-dejavu-sans.conf--- 23542300x800000000000000042942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/50-user.conf--- 23542300x800000000000000042941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-dejavu-lgc-sans-mono.conf--- 23542300x800000000000000042940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/58-dejavu-lgc-sans-mono.conf--- 23542300x800000000000000042939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-language-selector-ja.conf--- 23542300x800000000000000042938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/57-dejavu-sans-mono.conf--- 23542300x800000000000000042937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/20-unhint-small-dejavu-lgc-serif.conf--- 23542300x800000000000000042936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/99-language-selector-zh.conf--- 23542300x800000000000000042935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/65-nonlatin.conf--- 23542300x800000000000000042934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/57-dejavu-sans.conf--- 23542300x800000000000000042933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/11-lcdfilter-default.conf--- 23542300x800000000000000042932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/README--- 23542300x800000000000000042970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-language-selector-zh-mo.conf--- 23542300x800000000000000042969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/69-language-selector-zh-cn.conf--- 23542300x800000000000000042968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/70-no-bitmaps.conf--- 23542300x800000000000000042967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/fonts/conf.d/65-fonts-persian.conf--- 23542300x800000000000000042971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.328{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/securetty--- 23542300x800000000000000042972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.330{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/bash_completion--- 23542300x800000000000000042973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.333{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libnl-3/classid--- 23542300x800000000000000042974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.335{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libnl-3/pktloc--- 23542300x800000000000000042975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.338{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/modules--- 23542300x800000000000000042976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.340{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.weekly/man-db--- 23542300x800000000000000042977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.343{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.weekly/.placeholder--- 23542300x800000000000000042978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.345{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/cron.weekly/update-notifier-common--- 23542300x800000000000000042979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.347{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/libaudit.conf--- 23542300x800000000000000042980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.350{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/30_uefi-firmware--- 23542300x800000000000000042981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.352{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/README--- 23542300x800000000000000042982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.379{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/20_linux_xen--- 23542300x800000000000000042983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.381{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/41_custom--- 23542300x800000000000000042984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.384{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/40_custom--- 23542300x800000000000000042985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.388{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/30_os-prober--- 23542300x800000000000000042986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.391{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/10_linux--- 23542300x800000000000000042987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.393{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/05_debian_theme--- 23542300x800000000000000042988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.396{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/grub.d/00_header--- 23542300x800000000000000042989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.451{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/adduser.conf--- 23542300x800000000000000042990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.454{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/grub--- 23542300x800000000000000042991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.457{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/ssh--- 23542300x800000000000000042992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.459{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/pollinate--- 23542300x800000000000000042993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.462{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/rsyslog--- 23542300x800000000000000042994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.464{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/irqbalance--- 23542300x800000000000000042995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.467{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/ufw--- 23542300x800000000000000042996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.470{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/useradd--- 23542300x800000000000000042997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.472{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/open-iscsi--- 23542300x800000000000000042998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.474{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/motd-news--- 23542300x800000000000000042999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.477{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/nss--- 23542300x800000000000000043000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.480{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/cron--- 23542300x800000000000000043001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.483{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/console-setup--- 23542300x800000000000000043002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.487{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/apport--- 23542300x800000000000000043003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.489{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/dbus--- 23542300x800000000000000043004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.493{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/cryptdisks--- 23542300x800000000000000043005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.495{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/bsdmainutils--- 23542300x800000000000000043006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.499{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/mdadm--- 23542300x800000000000000043007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.501{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/keyboard--- 23542300x800000000000000043008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.503{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/ebtables--- 23542300x800000000000000043009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.506{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/rsync--- 23542300x800000000000000043010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.508{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/networkd-dispatcher--- 23542300x800000000000000043011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.511{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/qemu-kvm--- 23542300x800000000000000043012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.513{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/locale--- 23542300x800000000000000043013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.515{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/grub.d/50-cloudimg-settings.cfg--- 23542300x800000000000000043014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.517{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/default/acpid--- 23542300x800000000000000043033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01lxcfs--- 23542300x800000000000000043032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01lvm2-lvmetad--- 23542300x800000000000000043031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01atd--- 23542300x800000000000000043030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01open-iscsi--- 23542300x800000000000000043029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01cryptdisks-early--- 23542300x800000000000000043028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01lvm2-lvmpolld--- 23542300x800000000000000043027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01lxd--- 23542300x800000000000000043026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01irqbalance--- 23542300x800000000000000043025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01ebtables--- 23542300x800000000000000043024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01uuidd--- 23542300x800000000000000043023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01mdadm--- 23542300x800000000000000043022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01rsyslog--- 23542300x800000000000000043021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01unattended-upgrades--- 23542300x800000000000000043020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01iscsid--- 23542300x800000000000000043019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01mdadm-waitidle--- 23542300x800000000000000043018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01cryptdisks--- 23542300x800000000000000043017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01open-vm-tools--- 23542300x800000000000000043016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01splunk--- 23542300x800000000000000043015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/rc0.d/K01plymouth--- 23542300x800000000000000043034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.521{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/sysctl.conf--- 23542300x800000000000000043035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.524{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/lsb-release--- 23542300x800000000000000043036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.526{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg--- 23542300x800000000000000043037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.529{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg--- 23542300x800000000000000043038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.531{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/trusted.gpg.d/microsoft-prod.gpg--- 23542300x800000000000000043039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.533{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg--- 23542300x800000000000000043040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.536{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/trusted.gpg.d/emdebian-archive-keyring.gpg--- 23542300x800000000000000043041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.539{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/sources.list--- 23542300x800000000000000043042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.542{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/sources.list.d/microsoft-prod.list--- 534500x800000000000000043044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.543{ec2a2542-2b04-6254-0000-000000000000}11278-root 23542300x800000000000000043043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.543{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000043045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.546{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/20apt-esm-hook.conf--- 23542300x800000000000000043046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.548{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/50command-not-found--- 23542300x800000000000000043047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.551{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/20archive--- 23542300x800000000000000043048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.609{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/01autoremove-kernels--- 23542300x800000000000000043049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.611{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/01autoremove--- 23542300x800000000000000043050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/20snapd.conf--- 23542300x800000000000000043051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.616{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/20auto-upgrades--- 23542300x800000000000000043052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.618{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/10periodic--- 23542300x800000000000000043053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/15update-stamp--- 23542300x800000000000000043054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.623{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/50unattended-upgrades--- 23542300x800000000000000043055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.626{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/99update-notifier--- 23542300x800000000000000043056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.628{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/70debconf--- 23542300x800000000000000043057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.630{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/apt/apt.conf.d/01-vendor-ubuntu--- 23542300x800000000000000043058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.634{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/pam_env.conf--- 23542300x800000000000000043059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.636{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/sepermit.conf--- 23542300x800000000000000043060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.638{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/faillock.conf--- 23542300x800000000000000043061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.641{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/group.conf--- 23542300x800000000000000043062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/namespace.init--- 23542300x800000000000000043063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.646{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/namespace.conf--- 23542300x800000000000000043064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.648{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/opasswd--- 23542300x800000000000000043065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.650{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/capability.conf--- 23542300x800000000000000043066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.653{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/access.conf--- 23542300x800000000000000043067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.655{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/limits.conf--- 23542300x800000000000000043068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.658{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/security/time.conf--- 23542300x800000000000000043069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.661{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/shells--- 23542300x800000000000000043070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.664{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/X11/Xsession.d/20dbus_xdg-runtime--- 23542300x800000000000000043071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/X11/Xsession.d/90gpg-agent--- 23542300x800000000000000043072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.667{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/etc/vtrgb--- 23542300x800000000000000043073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/backups/apt.extended_states.0--- 23542300x800000000000000043074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.675{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/grub/ucf/grub.previous--- 23542300x800000000000000043075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.679{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/private/systemd/timesync/clock--- 23542300x800000000000000043076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.683{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/polkit-1/localauthority/10-vendor.d/systemd-networkd.pkla--- 534500x800000000000000043078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.685{ec2a2542-2b05-6254-0000-000000000000}11279-root 23542300x800000000000000043077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.685{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000043079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.686{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.0--- 23542300x800000000000000043080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.689{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.4--- 23542300x800000000000000043081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.694{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.1--- 23542300x800000000000000043082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.696{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.2--- 23542300x800000000000000043083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.698{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.0--- 23542300x800000000000000043084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.700{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.2--- 23542300x800000000000000043085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.703{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile--- 23542300x800000000000000043086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.706{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:ufw:after6.rules--- 23542300x800000000000000043087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.708{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:ufw:after.rules--- 23542300x800000000000000043088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.711{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:default:grub--- 23542300x800000000000000043089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.713{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:ssh:sshd_config--- 23542300x800000000000000043090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.715{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:rsyslog.d:50-default.conf--- 23542300x800000000000000043091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.717{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:ufw:before6.rules--- 23542300x800000000000000043092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.719{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:apt:apt.conf.d:20auto-upgrades--- 23542300x800000000000000043093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.722{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:apt:apt.conf.d:50unattended-upgrades--- 23542300x800000000000000043094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.725{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:etc:ufw:before.rules--- 23542300x800000000000000043095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.727{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/cache/:run:grub:menu.lst--- 23542300x800000000000000043096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.6--- 23542300x800000000000000043097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.732{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.5--- 23542300x800000000000000043098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.735{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry--- 23542300x800000000000000043099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.7--- 23542300x800000000000000043100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.1--- 23542300x800000000000000043101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.742{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.5--- 23542300x800000000000000043102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.744{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/registry.3--- 23542300x800000000000000043103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.747{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.3--- 23542300x800000000000000043104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.750{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.6--- 23542300x800000000000000043105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.753{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ucf/hashfile.4--- 23542300x800000000000000043106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.757{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/ubuntu-release-upgrader/release-upgrade-available--- 23542300x800000000000000043107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.761{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/python/python3.6_installed--- 534500x800000000000000043109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.763{ec2a2542-2b05-6254-0000-000000000000}11280-root 23542300x800000000000000043108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.763{ec2a2542-0ff8-6254-f8ad-704b96550000}485root/lib/systemd/systemd-udevd/run/udev/queue--- 23542300x800000000000000043110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.764{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/cxxcompile--- 23542300x800000000000000043111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.767{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/fcompile--- 23542300x800000000000000043112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.769{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-armeb--- 23542300x800000000000000043113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.771{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/gcjcompile--- 23542300x800000000000000043114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.775{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-aarch64--- 23542300x800000000000000043115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-s390x--- 23542300x800000000000000043116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-sparc32plus--- 23542300x800000000000000043117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.784{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-ppc64--- 23542300x800000000000000043118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.787{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-cris--- 23542300x800000000000000043119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.789{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-mips64el--- 23542300x800000000000000043120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.791{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-alpha--- 23542300x800000000000000043121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.793{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-mips64--- 23542300x800000000000000043122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-mipsel--- 23542300x800000000000000043123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.797{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-ppc64le--- 23542300x800000000000000043124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.801{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-mips--- 23542300x800000000000000043125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.803{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-ppc64abi32--- 23542300x800000000000000043126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.805{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-m68k--- 23542300x800000000000000043127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.807{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-arm--- 23542300x800000000000000043128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.810{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-ppc--- 23542300x800000000000000043129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.812{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-microblaze--- 23542300x800000000000000043130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.815{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/f95compile--- 23542300x800000000000000043131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.818{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-sh4--- 23542300x800000000000000043132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.821{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/python3.6--- 23542300x800000000000000043133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.824{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-sh4eb--- 23542300x800000000000000043134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.826{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/asmassembly--- 23542300x800000000000000043135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.828{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/ccompile--- 23542300x800000000000000043136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.831{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-sparc--- 23542300x800000000000000043137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.833{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/binfmts/qemu-sparc64--- 23542300x800000000000000043138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.837{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librtmp1:amd64.symbols--- 23542300x800000000000000043139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.839{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libacl1:amd64.shlibs--- 23542300x800000000000000043140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.842{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpcap0.8:amd64.symbols--- 23542300x800000000000000043141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.844{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.config--- 23542300x800000000000000043142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.848{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-26-heimdal:amd64.symbols--- 23542300x800000000000000043143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.851{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jsonpatch.postrm--- 23542300x800000000000000043144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.853{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/udev.list--- 23542300x800000000000000043145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.855{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-openssl.postinst--- 23542300x800000000000000043146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dosfstools.list--- 23542300x800000000000000043147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.860{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debconf.md5sums--- 23542300x800000000000000043148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.863{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-requests-unixsocket.postinst--- 23542300x800000000000000043149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.865{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gsettings-desktop-schemas.list--- 23542300x800000000000000043150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.868{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xauth.list--- 23542300x800000000000000043151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.871{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules:amd64.md5sums--- 23542300x800000000000000043152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.873{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ltrace.md5sums--- 23542300x800000000000000043153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.878{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nano.list--- 23542300x800000000000000043154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.880{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-click.postinst--- 23542300x800000000000000043155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.883{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sed.md5sums--- 23542300x800000000000000043156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.886{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libproxy1v5:amd64.list--- 23542300x800000000000000043157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.889{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dash.postinst--- 23542300x800000000000000043158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.892{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjbig0:amd64.symbols--- 23542300x800000000000000043159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.894{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ntfs-3g.postrm--- 23542300x800000000000000043160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.897{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libopus0:amd64.shlibs--- 23542300x800000000000000043161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.899{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ucf.preinst--- 23542300x800000000000000043162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.902{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.0.0:amd64.list--- 23542300x800000000000000043163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.905{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-attr.postinst--- 23542300x800000000000000043164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.937{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-backend-1-0:amd64.shlibs--- 23542300x800000000000000043165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.940{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-base.postinst--- 23542300x800000000000000043166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.942{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgnutls30:amd64.list--- 23542300x800000000000000043167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.946{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-0:amd64.list--- 23542300x800000000000000043168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.948{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.preinst--- 23542300x800000000000000043169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.952{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libthai-data.list--- 23542300x800000000000000043170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf-i18n.list--- 23542300x800000000000000043171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.957{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liborc-0.4-0:amd64.triggers--- 23542300x800000000000000043172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.961{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn11:amd64.symbols--- 23542300x800000000000000043173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.964{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1-mipsel-cross.shlibs--- 23542300x800000000000000043174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.967{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/e2fsprogs.postinst--- 23542300x800000000000000043175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.970{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libss2:amd64.triggers--- 23542300x800000000000000043176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.974{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mdadm.md5sums--- 23542300x800000000000000043177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.977{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth.postrm--- 23542300x800000000000000043178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.979{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpng16-16:amd64.md5sums--- 23542300x800000000000000043179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.982{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtsan0:amd64.md5sums--- 23542300x800000000000000043180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.984{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/msr-tools.list--- 23542300x800000000000000043181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.986{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.preinst--- 23542300x800000000000000043182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.988{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.triggers--- 23542300x800000000000000043183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.990{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-gfxpayload-lists.prerm--- 23542300x800000000000000043184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.993{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dpkg.postrm--- 23542300x800000000000000043185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.995{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dns-root-data.md5sums--- 23542300x800000000000000043186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.997{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgirepository-1.0-1:amd64.list--- 23542300x800000000000000043187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:05.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtheora0:amd64.shlibs--- 23542300x800000000000000043188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.001{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb1:amd64.list--- 23542300x800000000000000043189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.003{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dpkg.list--- 23542300x800000000000000043190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.006{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-x86.conffiles--- 23542300x800000000000000043191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.008{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-common.md5sums--- 23542300x800000000000000043192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.010{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/e2fsprogs.list--- 23542300x800000000000000043193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.013{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunistring2:amd64.md5sums--- 23542300x800000000000000043194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.017{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam0g:amd64.shlibs--- 23542300x800000000000000043195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.020{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl3-gnutls:amd64.list--- 23542300x800000000000000043196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.023{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/krb5-locales.list--- 23542300x800000000000000043197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.025{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libshout3:amd64.list--- 23542300x800000000000000043198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.028{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/perl.preinst--- 23542300x800000000000000043199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xz-utils.md5sums--- 23542300x800000000000000043200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.034{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd.shlibs--- 23542300x800000000000000043201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/locales.conffiles--- 23542300x800000000000000043202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.039{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/util-linux.postrm--- 23542300x800000000000000043203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.041{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcilkrts5:amd64.shlibs--- 23542300x800000000000000043204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.044{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpipeline1:amd64.list--- 23542300x800000000000000043205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.047{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-block-extra:amd64.md5sums--- 23542300x800000000000000043206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.049{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/accountsservice.prerm--- 23542300x800000000000000043207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhx509-5-heimdal:amd64.md5sums--- 23542300x800000000000000043208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.053{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpipeline1:amd64.triggers--- 23542300x800000000000000043209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.056{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsigsegv2:amd64.list--- 23542300x800000000000000043210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.059{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libflac8:amd64.shlibs--- 23542300x800000000000000043211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.062{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdw1:amd64.symbols--- 23542300x800000000000000043212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.064{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic1:amd64.symbols--- 23542300x800000000000000043213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xfsprogs.postinst--- 23542300x800000000000000043214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.069{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/findutils.md5sums--- 23542300x800000000000000043215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.071{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcaca0:amd64.triggers--- 23542300x800000000000000043216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tcpdump.postrm--- 23542300x800000000000000043217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.080{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1-mips-cross.md5sums--- 23542300x800000000000000043218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.082{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/g++.postinst--- 23542300x800000000000000043219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.084{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf.postinst--- 23542300x800000000000000043220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.087{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-service-identity.list--- 23542300x800000000000000043221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.089{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libklibc.list--- 23542300x800000000000000043222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.091{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl3-gnutls:amd64.symbols--- 23542300x800000000000000043223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.093{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libexpat1:amd64.md5sums--- 23542300x800000000000000043224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.096{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdns1100:amd64.md5sums--- 23542300x800000000000000043225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.099{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc169:amd64.md5sums--- 23542300x800000000000000043226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.101{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-systemd.list--- 23542300x800000000000000043227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.103{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyaml-0-2:amd64.shlibs--- 23542300x800000000000000043228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.106{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pexpect.list--- 23542300x800000000000000043229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.108{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmnl0:amd64.triggers--- 23542300x800000000000000043230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.111{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.templates--- 23542300x800000000000000043231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.113{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-pkg5.0:amd64.list--- 23542300x800000000000000043232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.115{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/git-man.md5sums--- 23542300x800000000000000043233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.118{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-headers-5.4.0-1068-aws.postinst--- 23542300x800000000000000043234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.120{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcc1-0:amd64.md5sums--- 23542300x800000000000000043235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.123{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-base.list--- 23542300x800000000000000043236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.125{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaccountsservice0:amd64.shlibs--- 23542300x800000000000000043237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.128{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sharutils.md5sums--- 23542300x800000000000000043238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.133{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-yaml.md5sums--- 23542300x800000000000000043239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.136{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/popularity-contest.conffiles--- 23542300x800000000000000043240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.139{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.prerm--- 23542300x800000000000000043241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.142{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaudit1:amd64.triggers--- 23542300x800000000000000043242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt.prerm--- 23542300x800000000000000043243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.146{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash-completion.list--- 23542300x800000000000000043244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.150{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6.postinst--- 23542300x800000000000000043245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.152{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/init-system-helpers.md5sums--- 23542300x800000000000000043246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.154{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/isc-dhcp-common.md5sums--- 23542300x800000000000000043247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.157{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/busybox-static.md5sums--- 23542300x800000000000000043248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.159{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-stdlib:amd64.md5sums--- 23542300x800000000000000043249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.162{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/logrotate.conffiles--- 23542300x800000000000000043250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.165{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo-gobject2:amd64.shlibs--- 23542300x800000000000000043251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.169{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/parted.list--- 23542300x800000000000000043252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.172{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pexpect.md5sums--- 23542300x800000000000000043253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.174{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-requests-unixsocket.prerm--- 23542300x800000000000000043254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.176{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-hyperlink.md5sums--- 23542300x800000000000000043255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.179{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl3-gnutls:amd64.shlibs--- 23542300x800000000000000043256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.181{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc-7-dev-mips-cross.list--- 23542300x800000000000000043257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.183{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ca-certificates.triggers--- 23542300x800000000000000043258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.186{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1:amd64.symbols--- 23542300x800000000000000043259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.188{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dnsmasq-base.postinst--- 23542300x800000000000000043260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.190{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-attr.prerm--- 23542300x800000000000000043261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.192{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpgsm.list--- 23542300x800000000000000043262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.195{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwind0-heimdal:amd64.list--- 23542300x800000000000000043263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.197{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsepol1:amd64.symbols--- 23542300x800000000000000043264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.201{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsqlite3-0:amd64.shlibs--- 23542300x800000000000000043265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.203{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librdmacm1:amd64.symbols--- 23542300x800000000000000043266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.206{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.0.0:amd64.postinst--- 23542300x800000000000000043267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.208{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gettext-base.md5sums--- 23542300x800000000000000043268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.211{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg-wks-server.md5sums--- 23542300x800000000000000043269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.214{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpc3:amd64.list--- 23542300x800000000000000043270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.216{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash.prerm--- 23542300x800000000000000043271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.218{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsamplerate0:amd64.triggers--- 23542300x800000000000000043272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.220{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.md5sums--- 23542300x800000000000000043273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.223{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo2:amd64.list--- 23542300x800000000000000043274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.226{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-minimal:amd64.postrm--- 23542300x800000000000000043275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.229{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-26-heimdal:amd64.triggers--- 23542300x800000000000000043276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.231{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-route-3-200:amd64.symbols--- 23542300x800000000000000043277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.234{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtheora0:amd64.triggers--- 23542300x800000000000000043278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.237{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpg-error0:amd64.symbols--- 23542300x800000000000000043279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.240{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-configobj.prerm--- 23542300x800000000000000043280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.243{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsystemd0:amd64.symbols--- 23542300x800000000000000043281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.245{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-good1.0-0:amd64.list--- 23542300x800000000000000043282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.248{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdatrie1:amd64.triggers--- 23542300x800000000000000043283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.250{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/uuid-runtime.conffiles--- 23542300x800000000000000043284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.253{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi-krb5-2:amd64.postrm--- 23542300x800000000000000043285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaio1:amd64.list--- 23542300x800000000000000043286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/time.md5sums--- 23542300x800000000000000043287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.261{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp.prerm--- 23542300x800000000000000043288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.264{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwavpack1:amd64.triggers--- 23542300x800000000000000043289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.266{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunistring2:amd64.triggers--- 23542300x800000000000000043290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.268{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-data.md5sums--- 23542300x800000000000000043291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.271{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvorbis0a:amd64.list--- 23542300x800000000000000043292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.273{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnewt0.52:amd64.prerm--- 23542300x800000000000000043293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.276{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-image-aws.list--- 23542300x800000000000000043294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.279{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn2-0:amd64.triggers--- 23542300x800000000000000043295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.282{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.templates--- 23542300x800000000000000043296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.285{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librados2.shlibs--- 23542300x800000000000000043297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.288{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.postinst--- 23542300x800000000000000043298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.291{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/btrfs-progs.triggers--- 23542300x800000000000000043299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.293{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth-theme-ubuntu-text.list--- 23542300x800000000000000043300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.296{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-cffi-backend.list--- 23542300x800000000000000043301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.298{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jwt.prerm--- 23542300x800000000000000043302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.301{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libblkid1:amd64.list--- 23542300x800000000000000043303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.303{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtext-wrapi18n-perl.list--- 23542300x800000000000000043304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.306{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/login.list--- 23542300x800000000000000043305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.309{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage1:amd64.list--- 23542300x800000000000000043306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.311{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunwind8:amd64.triggers--- 23542300x800000000000000043307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.314{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb-render0:amd64.symbols--- 23542300x800000000000000043308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.316{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/acpid.prerm--- 23542300x800000000000000043309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.319{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdbm5:amd64.md5sums--- 23542300x800000000000000043310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.postinst--- 23542300x800000000000000043311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fuse.postrm--- 23542300x800000000000000043312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.328{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-configobj.postinst--- 23542300x800000000000000043313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.330{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libzstd1:amd64.symbols--- 23542300x800000000000000043314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.333{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus-user-session.conffiles--- 23542300x800000000000000043315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.335{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-data.list--- 23542300x800000000000000043316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.338{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1:amd64.md5sums--- 23542300x800000000000000043317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.340{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/glib-networking:amd64.md5sums--- 23542300x800000000000000043318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.343{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-common.list--- 23542300x800000000000000043319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.345{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libthai0:amd64.triggers--- 23542300x800000000000000043320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.348{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmnl0:amd64.shlibs--- 23542300x800000000000000043321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.350{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libargon2-0:amd64.md5sums--- 23542300x800000000000000043322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.352{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcrypt20:amd64.md5sums--- 23542300x800000000000000043323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.354{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-urllib3.postinst--- 23542300x800000000000000043324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.357{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sensible-utils.md5sums--- 23542300x800000000000000043325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.359{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth.postinst--- 23542300x800000000000000043326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.361{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpulse0:amd64.conffiles--- 23542300x800000000000000043327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.363{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmount1:amd64.shlibs--- 23542300x800000000000000043328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.366{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sysmonforlinux.list--- 23542300x800000000000000043329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.369{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libstdc++6:amd64.postinst--- 23542300x800000000000000043330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.373{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libncurses5:amd64.triggers--- 23542300x800000000000000043331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.375{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg-wks-client.list--- 23542300x800000000000000043332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.378{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-runtime.md5sums--- 23542300x800000000000000043333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.380{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxext6:amd64.postinst--- 23542300x800000000000000043334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.383{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/overlayroot.postinst--- 23542300x800000000000000043335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.385{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nplan.list--- 23542300x800000000000000043336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.387{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ucf.list--- 23542300x800000000000000043337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.390{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mipsel-linux-gnu-base:amd64.md5sums--- 23542300x800000000000000043338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.392{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaio1:amd64.shlibs--- 23542300x800000000000000043339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.394{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libevent-2.1-6:amd64.triggers--- 23542300x800000000000000043340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.397{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/friendly-recovery.postinst--- 23542300x800000000000000043341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.400{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpango-1.0-0:amd64.triggers--- 23542300x800000000000000043342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.402{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash.conffiles--- 23542300x800000000000000043343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.405{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmidecode.list--- 23542300x800000000000000043344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.407{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.list--- 23542300x800000000000000043345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.410{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd-client.md5sums--- 23542300x800000000000000043346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.412{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ucf.postrm--- 23542300x800000000000000043347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.414{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.prerm--- 23542300x800000000000000043348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.417{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bcache-tools.postinst--- 23542300x800000000000000043349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.419{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/adduser.postrm--- 23542300x800000000000000043350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.421{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/irqbalance.md5sums--- 23542300x800000000000000043351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.424{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/landscape-common.config--- 23542300x800000000000000043352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.426{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lshw.md5sums--- 23542300x800000000000000043353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.428{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ftp.postinst--- 23542300x800000000000000043354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.431{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpio.postinst--- 23542300x800000000000000043355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.433{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/procps.postrm--- 23542300x800000000000000043356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.436{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.list--- 23542300x800000000000000043357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.439{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb1:amd64.shlibs--- 23542300x800000000000000043358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.442{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-8-base:amd64.list--- 23542300x800000000000000043359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.445{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcom-err2:amd64.symbols--- 23542300x800000000000000043360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.448{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcilkrts5:amd64.triggers--- 23542300x800000000000000043361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.450{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-8-cross-base-ports.list--- 23542300x800000000000000043362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.452{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.postrm--- 23542300x800000000000000043363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libroken18-heimdal:amd64.shlibs--- 23542300x800000000000000043364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.459{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xfsprogs.md5sums--- 23542300x800000000000000043365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.462{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4lconvert0:amd64.list--- 23542300x800000000000000043366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.465{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bc.postinst--- 23542300x800000000000000043367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.468{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librbd1.shlibs--- 23542300x800000000000000043368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.471{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcrypt20:amd64.triggers--- 23542300x800000000000000043369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.474{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libparted2:amd64.shlibs--- 23542300x800000000000000043370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.476{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/snapd.prerm--- 23542300x800000000000000043371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.478{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnih1:amd64.symbols--- 23542300x800000000000000043372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.481{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ipxe-qemu.md5sums--- 23542300x800000000000000043373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.483{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.conffiles--- 23542300x800000000000000043374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.485{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-cryptography.md5sums--- 23542300x800000000000000043375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.487{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mipsel-cross.md5sums--- 23542300x800000000000000043376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.490{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfontconfig1:amd64.triggers--- 23542300x800000000000000043377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.493{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/distro-info-data.list--- 23542300x800000000000000043378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.496{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgudev-1.0-0:amd64.list--- 23542300x800000000000000043379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.498{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-automat.postinst--- 23542300x800000000000000043380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.501{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lshw.list--- 23542300x800000000000000043381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.504{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-block-extra:amd64.prerm--- 23542300x800000000000000043382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.506{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetplan0:amd64.list--- 23542300x800000000000000043383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.509{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cryptsetup.templates--- 23542300x800000000000000043384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.511{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjpeg-turbo8:amd64.triggers--- 23542300x800000000000000043385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.515{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.preinst--- 23542300x800000000000000043386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.517{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1-mips-cross.list--- 23542300x800000000000000043387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.520{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tmux.postrm--- 23542300x800000000000000043388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.522{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils-x86-64-linux-gnu.md5sums--- 23542300x800000000000000043389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.525{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mawk.list--- 23542300x800000000000000043390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.527{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpsl5:amd64.symbols--- 23542300x800000000000000043391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.530{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/snapd.postinst--- 23542300x800000000000000043392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.533{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1:amd64.shlibs--- 23542300x800000000000000043393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.536{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dirmngr.postinst--- 23542300x800000000000000043394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.538{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaa1:amd64.symbols--- 23542300x800000000000000043395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.541{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgmp10:amd64.md5sums--- 23542300x800000000000000043396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.543{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.md5sums--- 23542300x800000000000000043397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.545{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils-common:amd64.md5sums--- 23542300x800000000000000043398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.548{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsepol1:amd64.md5sums--- 23542300x800000000000000043399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.550{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-base1.0-0:amd64.triggers--- 23542300x800000000000000043400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.553{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fontconfig.md5sums--- 23542300x800000000000000043401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.557{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/perl-modules-5.26.md5sums--- 23542300x800000000000000043402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.560{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaa1:amd64.md5sums--- 23542300x800000000000000043403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.567{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbrlapi0.6:amd64.list--- 23542300x800000000000000043404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.569{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaccountsservice0:amd64.triggers--- 23542300x800000000000000043405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.572{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libp11-kit0:amd64.triggers--- 23542300x800000000000000043406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgudev-1.0-0:amd64.shlibs--- 23542300x800000000000000043407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.578{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mawk.postinst--- 23542300x800000000000000043408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.581{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mount.md5sums--- 23542300x800000000000000043409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.584{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libedit2:amd64.md5sums--- 23542300x800000000000000043410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.586{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libudev1:amd64.md5sums--- 23542300x800000000000000043411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.588{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librdmacm1:amd64.list--- 23542300x800000000000000043412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.591{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-release-upgrader-core.postinst--- 23542300x800000000000000043413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.593{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.postrm--- 23542300x800000000000000043414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.596{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libutempter0:amd64.triggers--- 23542300x800000000000000043415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.598{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/uuid-runtime.md5sums--- 23542300x800000000000000043416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.600{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libncurses5:amd64.md5sums--- 23542300x800000000000000043417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.603{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjbig0:amd64.triggers--- 23542300x800000000000000043418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.605{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-3-200:amd64.triggers--- 23542300x800000000000000043419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.608{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-mips-cross.md5sums--- 23542300x800000000000000043420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.611{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt.preinst--- 23542300x800000000000000043421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ncurses-bin.list--- 23542300x800000000000000043422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.616{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mime-support.list--- 23542300x800000000000000043423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.619{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth.list--- 23542300x800000000000000043424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxml2:amd64.list--- 23542300x800000000000000043425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.623{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/netplan.io.list--- 23542300x800000000000000043426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.626{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pinentry-curses.md5sums--- 23542300x800000000000000043427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.629{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-notifier-common.conffiles--- 23542300x800000000000000043428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.631{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpdec2:amd64.shlibs--- 23542300x800000000000000043429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.634{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-tiny.postinst--- 23542300x800000000000000043430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.637{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libogg0:amd64.postrm--- 23542300x800000000000000043431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.640{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python-apt-common.md5sums--- 23542300x800000000000000043432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfdt1:amd64.shlibs--- 23542300x800000000000000043433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.647{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcaca0:amd64.list--- 23542300x800000000000000043434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.649{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-minimal.md5sums--- 23542300x800000000000000043435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.653{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/groff-base.md5sums--- 23542300x800000000000000043436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.657{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdbserver.list--- 23542300x800000000000000043437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.663{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-markupsafe.postinst--- 23542300x800000000000000043438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-markupsafe.list--- 23542300x800000000000000043439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.669{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librados2.triggers--- 23542300x800000000000000043440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam0g:amd64.postinst--- 23542300x800000000000000043441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.673{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kbd.list--- 23542300x800000000000000043442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.676{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb-shm0:amd64.symbols--- 23542300x800000000000000043443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.679{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-chardet.prerm--- 23542300x800000000000000043444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.681{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-minimal:amd64.md5sums--- 23542300x800000000000000043445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.684{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxfixes3:amd64.list--- 23542300x800000000000000043446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.688{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/distro-info.md5sums--- 23542300x800000000000000043447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.692{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fdisk.list--- 23542300x800000000000000043448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.694{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc-export169:amd64.shlibs--- 23542300x800000000000000043449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.697{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/eatmydata.list--- 23542300x800000000000000043450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.700{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb-shm0:amd64.shlibs--- 23542300x800000000000000043451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.703{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnuma1:amd64.list--- 23542300x800000000000000043452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.706{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librtmp1:amd64.shlibs--- 23542300x800000000000000043453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.708{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.list--- 23542300x800000000000000043454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.711{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/command-not-found.postinst--- 23542300x800000000000000043455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.714{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpgv.md5sums--- 23542300x800000000000000043456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.716{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd-sysv.postinst--- 23542300x800000000000000043457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.719{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mime-support.postinst--- 23542300x800000000000000043458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.722{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnpth0:amd64.md5sums--- 23542300x800000000000000043459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.725{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaudit1:amd64.list--- 23542300x800000000000000043460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.727{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libslang2:amd64.triggers--- 23542300x800000000000000043461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libelf1:amd64.md5sums--- 23542300x800000000000000043462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.732{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules:amd64.templates--- 23542300x800000000000000043463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.734{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sudo.conffiles--- 23542300x800000000000000043464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mdadm.preinst--- 23542300x800000000000000043465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libedit2:amd64.list--- 23542300x800000000000000043466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.741{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuuid1:amd64.symbols--- 23542300x800000000000000043467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.744{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/install-info.postinst--- 23542300x800000000000000043468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.746{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-certifi.postinst--- 23542300x800000000000000043469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.749{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-asn1crypto.prerm--- 23542300x800000000000000043470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.751{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash.postrm--- 23542300x800000000000000043471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.753{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-ptyprocess.md5sums--- 23542300x800000000000000043472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.755{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-user.list--- 23542300x800000000000000043473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.758{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunwind8:amd64.list--- 23542300x800000000000000043474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.762{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpg123-0:amd64.md5sums--- 23542300x800000000000000043475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.764{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcom-err2:amd64.md5sums--- 23542300x800000000000000043476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.769{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn11:amd64.md5sums--- 23542300x800000000000000043477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.771{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-minimal:amd64.conffiles--- 23542300x800000000000000043478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.774{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-slof.md5sums--- 23542300x800000000000000043479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-2:amd64.list--- 23542300x800000000000000043480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.780{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpangoft2-1.0-0:amd64.symbols--- 23542300x800000000000000043481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.782{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.templates--- 23542300x800000000000000043482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.784{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debianutils.md5sums--- 23542300x800000000000000043483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.787{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/screen.list--- 23542300x800000000000000043484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.790{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-libc-dev:amd64.list--- 23542300x800000000000000043485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.793{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-standard.list--- 23542300x800000000000000043486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.795{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatm1:amd64.md5sums--- 23542300x800000000000000043487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.798{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage1:amd64.triggers--- 23542300x800000000000000043488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.800{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.0.0:amd64.triggers--- 23542300x800000000000000043489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.802{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libk5crypto3:amd64.symbols--- 23542300x800000000000000043490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.805{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libshout3:amd64.md5sums--- 23542300x800000000000000043491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.808{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnpth0:amd64.symbols--- 23542300x800000000000000043492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.810{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-initramfs-copymods.list--- 23542300x800000000000000043493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.813{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/acpid.preinst--- 23542300x800000000000000043494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.816{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.list--- 23542300x800000000000000043495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.818{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpangoft2-1.0-0:amd64.triggers--- 23542300x800000000000000043496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.822{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-notifier-common.postinst--- 23542300x800000000000000043497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.825{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libproxy1v5:amd64.md5sums--- 23542300x800000000000000043498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.828{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.conffiles--- 23542300x800000000000000043499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.835{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libntfs-3g88.shlibs--- 23542300x800000000000000043500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.837{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libestr0:amd64.list--- 23542300x800000000000000043501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.839{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpipeline1:amd64.shlibs--- 23542300x800000000000000043502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.842{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libss2:amd64.md5sums--- 23542300x800000000000000043503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.845{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzo2-2:amd64.postrm--- 23542300x800000000000000043504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.847{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxv1:amd64.triggers--- 23542300x800000000000000043505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.849{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/netcat-openbsd.prerm--- 23542300x800000000000000043506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.852{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdconf1:amd64.shlibs--- 23542300x800000000000000043507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.854{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xdg-user-dirs.preinst--- 23542300x800000000000000043508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.856{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fontconfig.postinst--- 23542300x800000000000000043509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.859{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbluetooth3:amd64.symbols--- 23542300x800000000000000043510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.861{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus.postrm--- 23542300x800000000000000043511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.863{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpcap0.8:amd64.md5sums--- 23542300x800000000000000043512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.866{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-ppc.md5sums--- 23542300x800000000000000043513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.868{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iputils-tracepath.md5sums--- 23542300x800000000000000043514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.871{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libirs160:amd64.md5sums--- 23542300x800000000000000043515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.873{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mawk.md5sums--- 23542300x800000000000000043516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.876{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/psmisc.postrm--- 23542300x800000000000000043517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.879{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusb-1.0-0:amd64.list--- 23542300x800000000000000043518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.881{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdv4:amd64.list--- 23542300x800000000000000043519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.884{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.preinst--- 23542300x800000000000000043520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.886{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmeventd.list--- 23542300x800000000000000043521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.889{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmt-support.postinst--- 23542300x800000000000000043522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.892{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/procps.md5sums--- 23542300x800000000000000043523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-modules-db:amd64.list--- 23542300x800000000000000043524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.905{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsmartcols1:amd64.shlibs--- 23542300x800000000000000043525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.908{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iproute2.list--- 23542300x800000000000000043526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.911{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.list--- 23542300x800000000000000043527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.915{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tmux.md5sums--- 23542300x800000000000000043528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.918{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mlocate.postinst--- 23542300x800000000000000043529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.921{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsdl1.2debian:amd64.triggers--- 23542300x800000000000000043530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbrlapi0.6:amd64.md5sums--- 23542300x800000000000000043531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.926{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgmp10:amd64.shlibs--- 23542300x800000000000000043532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.929{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-dbg:amd64.list--- 23542300x800000000000000043533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.931{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-notifier-common.md5sums--- 23542300x800000000000000043534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.934{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/friendly-recovery.postrm--- 23542300x800000000000000043535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.936{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtasn1-6:amd64.triggers--- 23542300x800000000000000043536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.939{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.postrm--- 23542300x800000000000000043537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.942{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/screen.postinst--- 23542300x800000000000000043538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.944{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdrm2:amd64.triggers--- 23542300x800000000000000043539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.947{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/language-selector-common.preinst--- 23542300x800000000000000043540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.949{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/glib-networking-services.list--- 23542300x800000000000000043541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.951{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl3-gnutls:amd64.triggers--- 23542300x800000000000000043542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.953{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgmp10:amd64.triggers--- 23542300x800000000000000043543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.956{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-gdbm:amd64.md5sums--- 23542300x800000000000000043544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.959{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/packages-microsoft-prod.conffiles--- 23542300x800000000000000043545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.961{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils-common:amd64.list--- 23542300x800000000000000043546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.964{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam0g:amd64.triggers--- 23542300x800000000000000043547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.966{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/zerofree.md5sums--- 23542300x800000000000000043548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.968{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc.list--- 23542300x800000000000000043549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.970{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd.postinst--- 23542300x800000000000000043550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.973{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim.postrm--- 23542300x800000000000000043551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.976{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.list--- 23542300x800000000000000043552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.979{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-inst2.0:amd64.symbols--- 23542300x800000000000000043553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.981{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xdelta3.md5sums--- 23542300x800000000000000043554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.985{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblsan0:amd64.shlibs--- 23542300x800000000000000043555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.991{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtext-iconv-perl.md5sums--- 23542300x800000000000000043556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.994{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash.md5sums--- 23542300x800000000000000043557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.996{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiscsi7:amd64.symbols--- 23542300x800000000000000043558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:06.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-colorama.md5sums--- 23542300x800000000000000043559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.001{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdatrie1:amd64.md5sums--- 23542300x800000000000000043560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.003{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-backend-1-0:amd64.md5sums--- 23542300x800000000000000043561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.005{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpm2:amd64.list--- 23542300x800000000000000043562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.008{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apport.list--- 23542300x800000000000000043563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.012{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libss2:amd64.list--- 23542300x800000000000000043564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.014{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tzdata.postrm--- 23542300x800000000000000043565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.017{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/accountsservice.md5sums--- 23542300x800000000000000043566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.020{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-0:amd64.shlibs--- 23542300x800000000000000043567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.024{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-common.conffiles--- 23542300x800000000000000043568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libquadmath0:amd64.md5sums--- 23542300x800000000000000043569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.030{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-newt:amd64.prerm--- 23542300x800000000000000043570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.033{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ftp.prerm--- 23542300x800000000000000043571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.035{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage1:amd64.symbols--- 23542300x800000000000000043572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.038{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiscsi7:amd64.triggers--- 23542300x800000000000000043573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.041{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-release.md5sums--- 23542300x800000000000000043574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.048{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ipxe-qemu-256k-compat-efi-roms.list--- 23542300x800000000000000043575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.053{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/landscape-common.postinst--- 23542300x800000000000000043576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.057{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-files.prerm--- 23542300x800000000000000043577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.059{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils.md5sums--- 23542300x800000000000000043578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.061{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.md5sums--- 23542300x800000000000000043579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.064{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmount1:amd64.md5sums--- 23542300x800000000000000043580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/locales.prerm--- 23542300x800000000000000043581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.072{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/at.postrm--- 23542300x800000000000000043582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.075{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdbm5:amd64.list--- 23542300x800000000000000043583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.077{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetfilter-conntrack3:amd64.md5sums--- 23542300x800000000000000043584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.080{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libproxy1v5:amd64.shlibs--- 23542300x800000000000000043585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.083{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pyasn1.postinst--- 23542300x800000000000000043586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.087{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkeyutils1:amd64.md5sums--- 23542300x800000000000000043587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.091{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libntfs-3g88.list--- 23542300x800000000000000043588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.094{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kbd.md5sums--- 23542300x800000000000000043589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.097{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gstreamer1.0-x:amd64.md5sums--- 23542300x800000000000000043590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.100{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsndfile1:amd64.symbols--- 23542300x800000000000000043591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.103{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libheimbase1-heimdal:amd64.shlibs--- 23542300x800000000000000043592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.108{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/landscape-common.postrm--- 23542300x800000000000000043593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.112{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxau6:amd64.md5sums--- 23542300x800000000000000043594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.114{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nano.prerm--- 23542300x800000000000000043595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.117{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ebtables.prerm--- 23542300x800000000000000043596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.121{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgirepository-1.0-1:amd64.symbols--- 23542300x800000000000000043597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.123{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn11:amd64.triggers--- 23542300x800000000000000043598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.126{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsystemd0:amd64.md5sums--- 23542300x800000000000000043599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.128{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpx2:amd64.symbols--- 23542300x800000000000000043600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.133{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxdmcp6:amd64.triggers--- 23542300x800000000000000043601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.135{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.md5sums--- 23542300x800000000000000043602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.137{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiec61883-0:amd64.list--- 23542300x800000000000000043603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.140{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libp11-kit0:amd64.md5sums--- 23542300x800000000000000043604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bsdmainutils.md5sums--- 23542300x800000000000000043605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.147{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/coreutils.postinst--- 23542300x800000000000000043606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.149{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sosreport.md5sums--- 23542300x800000000000000043607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.152{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules-bin.list--- 23542300x800000000000000043608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.155{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic1:amd64.list--- 23542300x800000000000000043609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.158{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-modules-db:amd64.md5sums--- 23542300x800000000000000043610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.161{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kmod.conffiles--- 23542300x800000000000000043611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.165{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libitm1:amd64.triggers--- 23542300x800000000000000043612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.169{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-base:amd64.md5sums--- 23542300x800000000000000043613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.172{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-service-identity.md5sums--- 23542300x800000000000000043614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.176{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmt-support.prerm--- 23542300x800000000000000043615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.180{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzo2-2:amd64.md5sums--- 23542300x800000000000000043616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.185{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdebconfclient0:amd64.triggers--- 23542300x800000000000000043617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.188{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpdec2:amd64.md5sums--- 23542300x800000000000000043618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.192{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-mips-linux-gnu.md5sums--- 23542300x800000000000000043619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.197{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.prerm--- 23542300x800000000000000043620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.200{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ureadahead.md5sums--- 23542300x800000000000000043621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.204{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-idna.postinst--- 23542300x800000000000000043622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.208{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi3-heimdal:amd64.shlibs--- 23542300x800000000000000043623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.211{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdns1100:amd64.triggers--- 23542300x800000000000000043624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.214{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libitm1:amd64.md5sums--- 23542300x800000000000000043625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.219{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo2:amd64.shlibs--- 23542300x800000000000000043626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.223{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-0:amd64.triggers--- 23542300x800000000000000043627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.227{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpg-error0:amd64.triggers--- 23542300x800000000000000043628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.231{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/popularity-contest.templates--- 23542300x800000000000000043629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.235{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-initramfs-dyn-netconf.list--- 23542300x800000000000000043630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.239{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jwt.list--- 23542300x800000000000000043631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.242{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jinja2.postinst--- 23542300x800000000000000043632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.245{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblxc-common.postrm--- 23542300x800000000000000043633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.247{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ebtables.list--- 23542300x800000000000000043634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.251{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libzstd1:amd64.list--- 23542300x800000000000000043635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.255{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.list--- 23542300x800000000000000043636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtsan0:amd64.symbols--- 23542300x800000000000000043637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.262{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pkg-resources.prerm--- 23542300x800000000000000043638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.264{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/snapd.md5sums--- 23542300x800000000000000043639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.269{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/btrfs-progs.md5sums--- 23542300x800000000000000043640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.271{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libseccomp2:amd64.triggers--- 23542300x800000000000000043641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.276{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-good1.0-0:amd64.shlibs--- 23542300x800000000000000043642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.280{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatm1:amd64.triggers--- 23542300x800000000000000043643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.325{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdw1:amd64.shlibs--- 23542300x800000000000000043644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.327{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap-ng0:amd64.triggers--- 23542300x800000000000000043645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.330{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-base:amd64.list--- 23542300x800000000000000043646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.335{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtwolame0:amd64.triggers--- 23542300x800000000000000043647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.339{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjpeg8:amd64.md5sums--- 23542300x800000000000000043648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.342{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/zerofree.list--- 23542300x800000000000000043649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.346{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmeventd.prerm--- 23542300x800000000000000043650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.350{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-misc.md5sums--- 23542300x800000000000000043651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.354{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/findutils.list--- 23542300x800000000000000043652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.358{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.preinst--- 23542300x800000000000000043653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.364{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/unattended-upgrades.prerm--- 23542300x800000000000000043654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.368{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.config--- 23542300x800000000000000043655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.372{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fuse.md5sums--- 23542300x800000000000000043656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.376{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.preinst--- 23542300x800000000000000043657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.380{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-zope.interface.md5sums--- 23542300x800000000000000043658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.385{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpsl5:amd64.shlibs--- 23542300x800000000000000043659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.389{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmsetup.list--- 23542300x800000000000000043660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.392{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-mips-cross.list--- 23542300x800000000000000043661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.395{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools-bin.list--- 23542300x800000000000000043662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.398{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ec2-hibinit-agent.postrm--- 23542300x800000000000000043663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.401{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/perl.md5sums--- 23542300x800000000000000043664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.404{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasyncns0:amd64.list--- 23542300x800000000000000043665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.407{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.preinst--- 23542300x800000000000000043666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.409{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iputils-tracepath.list--- 23542300x800000000000000043667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.412{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjpeg8:amd64.list--- 23542300x800000000000000043668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.415{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/btrfs-tools.md5sums--- 23542300x800000000000000043669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.418{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.preinst--- 23542300x800000000000000043670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.421{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libthai-data.md5sums--- 23542300x800000000000000043671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xxd.md5sums--- 23542300x800000000000000043672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.426{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libldap-2.4-2:amd64.list--- 23542300x800000000000000043673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.428{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip4tc0:amd64.list--- 23542300x800000000000000043674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.432{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer1.0-0:amd64.shlibs--- 23542300x800000000000000043675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.434{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kbd.preinst--- 23542300x800000000000000043676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.437{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ncurses-base.md5sums--- 23542300x800000000000000043677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.440{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/language-selector-common.list--- 23542300x800000000000000043678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.443{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libspice-server1:amd64.shlibs--- 23542300x800000000000000043679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.446{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-dbus.md5sums--- 23542300x800000000000000043680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.448{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxrender1:amd64.triggers--- 23542300x800000000000000043681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.452{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.prerm--- 23542300x800000000000000043682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.454{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/isc-dhcp-client.conffiles--- 23542300x800000000000000043683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.458{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ureadahead.list--- 23542300x800000000000000043684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.460{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/powermgmt-base.list--- 23542300x800000000000000043685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.463{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ec2-hibinit-agent.conffiles--- 23542300x800000000000000043686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libperl5.26:amd64.list--- 23542300x800000000000000043687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.470{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblwres160:amd64.shlibs--- 23542300x800000000000000043688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.473{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiptc0:amd64.md5sums--- 23542300x800000000000000043689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.475{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-serial.list--- 23542300x800000000000000043690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.477{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdb5.3:amd64.shlibs--- 23542300x800000000000000043691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.480{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mips-linux-gnu.list--- 23542300x800000000000000043692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.483{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmt-support.md5sums--- 23542300x800000000000000043693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.486{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1:amd64.list--- 23542300x800000000000000043694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.488{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libavc1394-0:amd64.triggers--- 23542300x800000000000000043695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.491{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc169:amd64.triggers--- 23542300x800000000000000043696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.493{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmsetup.md5sums--- 23542300x800000000000000043697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.498{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdbm5:amd64.triggers--- 23542300x800000000000000043698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.500{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpfr6:amd64.shlibs--- 23542300x800000000000000043699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.502{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisl19:amd64.triggers--- 23542300x800000000000000043700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.505{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/whiptail.preinst--- 23542300x800000000000000043701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.509{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pciutils.list--- 23542300x800000000000000043702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.512{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/busybox-static.triggers--- 23542300x800000000000000043703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.515{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline5:amd64.shlibs--- 23542300x800000000000000043704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.517{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liborc-0.4-0:amd64.md5sums--- 23542300x800000000000000043705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.519{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/accountsservice.postrm--- 23542300x800000000000000043706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.521{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwavpack1:amd64.md5sums--- 23542300x800000000000000043707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.524{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gsettings-desktop-schemas.md5sums--- 23542300x800000000000000043708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.526{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.templates--- 23542300x800000000000000043709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.528{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.templates--- 23542300x800000000000000043710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.531{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.postinst--- 23542300x800000000000000043711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.533{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libffi6:amd64.symbols--- 23542300x800000000000000043712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.537{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvpx5:amd64.shlibs--- 23542300x800000000000000043713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.539{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/splunkforwarder.md5sums--- 23542300x800000000000000043714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.542{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg.list--- 23542300x800000000000000043715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.544{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libexpat1:amd64.list--- 23542300x800000000000000043716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.546{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxenstore3.0:amd64.list--- 23542300x800000000000000043717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.549{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xdelta3.list--- 23542300x800000000000000043718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.552{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus.conffiles--- 23542300x800000000000000043719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.554{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfribidi0:amd64.shlibs--- 23542300x800000000000000043720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.558{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/unattended-upgrades.templates--- 23542300x800000000000000043721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.560{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.symbols--- 23542300x800000000000000043722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.563{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libeatmydata1:amd64.symbols--- 23542300x800000000000000043723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.566{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6.list--- 23542300x800000000000000043724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.569{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-files.postinst--- 23542300x800000000000000043725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.572{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/wget.conffiles--- 23542300x800000000000000043726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.574{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cron.preinst--- 23542300x800000000000000043727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpixman-1-0:amd64.triggers--- 23542300x800000000000000043728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.581{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfribidi0:amd64.symbols--- 23542300x800000000000000043729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.585{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kbd.postrm--- 23542300x800000000000000043730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.588{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-incremental.md5sums--- 23542300x800000000000000043731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.623{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.conffiles--- 23542300x800000000000000043732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.626{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lvm2.postinst--- 23542300x800000000000000043733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.628{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-cap:amd64.postinst--- 23542300x800000000000000043734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.632{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-vm-tools.md5sums--- 23542300x800000000000000043735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.635{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-idna.md5sums--- 23542300x800000000000000043736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.638{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.templates--- 23542300x800000000000000043737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.641{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnpth0:amd64.shlibs--- 23542300x800000000000000043738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-0:amd64.symbols--- 23542300x800000000000000043739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.646{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/landscape-common.md5sums--- 23542300x800000000000000043740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.649{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libudev1:amd64.triggers--- 23542300x800000000000000043741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.651{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-sftp-server.list--- 23542300x800000000000000043742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.654{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-release.postrm--- 23542300x800000000000000043743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.657{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gstreamer1.0-plugins-base:amd64.list--- 23542300x800000000000000043744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.660{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-3-200:amd64.symbols--- 23542300x800000000000000043745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.662{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcc1-0:amd64.shlibs--- 23542300x800000000000000043746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.664{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg-wks-server.list--- 23542300x800000000000000043747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.md5sums--- 23542300x800000000000000043748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.668{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.templates--- 23542300x800000000000000043749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/command-not-found-data.md5sums--- 23542300x800000000000000043750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.674{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libeatmydata1:amd64.md5sums--- 23542300x800000000000000043751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.676{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxext6:amd64.symbols--- 23542300x800000000000000043752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.679{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth-theme-ubuntu-text.postinst--- 23542300x800000000000000043753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.682{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpfr6:amd64.triggers--- 23542300x800000000000000043754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.685{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tar.md5sums--- 23542300x800000000000000043755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.687{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl4:amd64.md5sums--- 23542300x800000000000000043756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.690{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libassuan0:amd64.list--- 23542300x800000000000000043757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.692{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc169:amd64.shlibs--- 23542300x800000000000000043758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.695{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ed.postinst--- 23542300x800000000000000043759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.698{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.list--- 23542300x800000000000000043760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.700{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnih1:amd64.shlibs--- 23542300x800000000000000043761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.703{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ucf.postinst--- 23542300x800000000000000043762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.705{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/eatmydata.md5sums--- 23542300x800000000000000043763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.707{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sharutils.list--- 23542300x800000000000000043764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.710{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fuse.conffiles--- 23542300x800000000000000043765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.713{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libblkid1:amd64.symbols--- 23542300x800000000000000043766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.717{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/overlayroot.md5sums--- 23542300x800000000000000043767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.719{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ltrace.conffiles--- 23542300x800000000000000043768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.722{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfdt1:amd64.list--- 23542300x800000000000000043769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.724{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ureadahead.prerm--- 23542300x800000000000000043770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.726{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-newt:amd64.list--- 23542300x800000000000000043771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.729{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtasn1-6:amd64.symbols--- 23542300x800000000000000043772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.731{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.list--- 23542300x800000000000000043773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.734{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhcrypto4-heimdal:amd64.list--- 23542300x800000000000000043774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.conffiles--- 23542300x800000000000000043775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.740{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/uuid-runtime.list--- 23542300x800000000000000043776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.742{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libslang2:amd64.symbols--- 23542300x800000000000000043777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.745{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pollinate.postrm--- 23542300x800000000000000043778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.747{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/snapd.conffiles--- 23542300x800000000000000043779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.751{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-automat.prerm--- 23542300x800000000000000043780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.754{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn2-0:amd64.shlibs--- 23542300x800000000000000043781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.757{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libicu60:amd64.list--- 23542300x800000000000000043782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.759{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgraphite2-3:amd64.triggers--- 23542300x800000000000000043783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.763{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.prerm--- 23542300x800000000000000043784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.767{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-problem-report.prerm--- 23542300x800000000000000043785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.770{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sysinternalsebpf.list--- 23542300x800000000000000043786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.773{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/udev.prerm--- 23542300x800000000000000043787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apport-symptoms.list--- 23542300x800000000000000043788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libparted2:amd64.list--- 23542300x800000000000000043789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.781{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libncurses5:amd64.list--- 23542300x800000000000000043790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.783{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb-render0:amd64.triggers--- 23542300x800000000000000043791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.786{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/logrotate.postrm--- 23542300x800000000000000043792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.789{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libargon2-0:amd64.list--- 23542300x800000000000000043793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.791{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd.list--- 23542300x800000000000000043794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.793{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpio.md5sums--- 23542300x800000000000000043795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.797{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnewt0.52:amd64.conffiles--- 23542300x800000000000000043796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.800{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt.list--- 23542300x800000000000000043797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.802{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ssh-import-id.conffiles--- 23542300x800000000000000043798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.805{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mlocate.md5sums--- 23542300x800000000000000043799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.808{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libstdc++-7-dev:amd64.list--- 23542300x800000000000000043800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.812{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxenstore3.0:amd64.symbols--- 23542300x800000000000000043801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.815{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd.postrm--- 23542300x800000000000000043802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.819{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/at.prerm--- 23542300x800000000000000043803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.822{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debian.prerm--- 23542300x800000000000000043804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.826{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cron.md5sums--- 23542300x800000000000000043805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.830{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdns1100:amd64.shlibs--- 23542300x800000000000000043806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.834{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvisual-0.4-0:amd64.list--- 23542300x800000000000000043807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.838{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted.prerm--- 23542300x800000000000000043808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.841{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbsd0:amd64.triggers--- 23542300x800000000000000043809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.846{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libperl5.26:amd64.triggers--- 23542300x800000000000000043810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.848{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtinfo5:amd64.md5sums--- 23542300x800000000000000043811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.854{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mime-support.conffiles--- 23542300x800000000000000043812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.856{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-inst2.0:amd64.shlibs--- 23542300x800000000000000043813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.859{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-sparc.md5sums--- 23542300x800000000000000043814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.861{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd.postinst--- 23542300x800000000000000043815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.864{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-cross-base-ports.md5sums--- 23542300x800000000000000043816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.868{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuv1:amd64.triggers--- 23542300x800000000000000043817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.870{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi-krb5-2:amd64.list--- 23542300x800000000000000043818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.872{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-26-heimdal:amd64.list--- 23542300x800000000000000043819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.875{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules-bin.md5sums--- 23542300x800000000000000043820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcacard0:amd64.list--- 23542300x800000000000000043821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.880{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkmod2:amd64.symbols--- 23542300x800000000000000043822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.882{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.md5sums--- 23542300x800000000000000043823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.885{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-aws.md5sums--- 23542300x800000000000000043824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.890{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/networkd-dispatcher.prerm--- 23542300x800000000000000043825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-gi.prerm--- 23542300x800000000000000043826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.897{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgnutls30:amd64.symbols--- 23542300x800000000000000043827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.900{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cron.postinst--- 23542300x800000000000000043828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.903{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1:amd64.md5sums--- 23542300x800000000000000043829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.905{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline7:amd64.shlibs--- 23542300x800000000000000043830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.908{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ca-certificates.templates--- 23542300x800000000000000043831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.910{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg-agent.md5sums--- 23542300x800000000000000043832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.913{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils-mipsel-linux-gnu.triggers--- 23542300x800000000000000043833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.916{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libselinux1:amd64.triggers--- 23542300x800000000000000043834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.919{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libplymouth4:amd64.symbols--- 23542300x800000000000000043835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.921{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-release-upgrader-core.preinst--- 23542300x800000000000000043836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzo2-2:amd64.list--- 23542300x800000000000000043837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.926{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-user-static.list--- 23542300x800000000000000043838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.928{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim.list--- 23542300x800000000000000043839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.930{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo2:amd64.triggers--- 23542300x800000000000000043840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.933{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libquadmath0:amd64.list--- 23542300x800000000000000043841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.935{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libraw1394-11:amd64.md5sums--- 23542300x800000000000000043842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.937{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.list--- 23542300x800000000000000043843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.940{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdbm-compat4:amd64.list--- 23542300x800000000000000043844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.943{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccc160:amd64.triggers--- 23542300x800000000000000043845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.945{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc-7-dev:amd64.md5sums--- 23542300x800000000000000043846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.947{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdebconfclient0:amd64.symbols--- 23542300x800000000000000043847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.950{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-certifi.list--- 23542300x800000000000000043848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.953{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnuma1:amd64.md5sums--- 23542300x800000000000000043849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.955{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhogweed4:amd64.symbols--- 23542300x800000000000000043850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.957{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdw1:amd64.md5sums--- 23542300x800000000000000043851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.960{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd.preinst--- 23542300x800000000000000043852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.963{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash-completion.preinst--- 23542300x800000000000000043853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.965{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc-bin.md5sums--- 23542300x800000000000000043854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.968{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-idna.prerm--- 23542300x800000000000000043855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.970{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-3:amd64.md5sums--- 23542300x800000000000000043856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.973{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxrender1:amd64.shlibs--- 23542300x800000000000000043857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.975{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmnl0:amd64.md5sums--- 23542300x800000000000000043858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.978{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mipsel-linux-gnu.md5sums--- 23542300x800000000000000043859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.980{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-systemd:amd64.list--- 23542300x800000000000000043860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.982{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasan4:amd64.symbols--- 23542300x800000000000000043861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.984{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-standard.md5sums--- 23542300x800000000000000043862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.987{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpg123-0:amd64.triggers--- 23542300x800000000000000043863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.989{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnettle6:amd64.md5sums--- 23542300x800000000000000043864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.993{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnuma1:amd64.shlibs--- 23542300x800000000000000043865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.996{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn2-0:amd64.symbols--- 23542300x800000000000000043866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:07.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libexpat1:amd64.shlibs--- 23542300x800000000000000043867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.001{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasound2-data.md5sums--- 23542300x800000000000000043868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.004{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpgv.list--- 23542300x800000000000000043869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.006{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-apport.postinst--- 23542300x800000000000000043870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.008{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmtc.postinst--- 23542300x800000000000000043871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.011{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc-bin.list--- 23542300x800000000000000043872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.013{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcdparanoia0:amd64.list--- 23542300x800000000000000043873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.015{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pciutils.preinst--- 23542300x800000000000000043874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.018{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-keyring.postinst--- 23542300x800000000000000043875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.020{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam0g:amd64.md5sums--- 23542300x800000000000000043876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.022{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/adduser.list--- 23542300x800000000000000043877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.024{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dconf-gsettings-backend:amd64.md5sums--- 23542300x800000000000000043878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ssh-import-id.md5sums--- 23542300x800000000000000043879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.029{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.prerm--- 23542300x800000000000000043880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.032{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-x86.postrm--- 23542300x800000000000000043881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.034{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsoup2.4-1:amd64.shlibs--- 23542300x800000000000000043882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/friendly-recovery.prerm--- 23542300x800000000000000043883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.039{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbabeltrace1:amd64.list--- 23542300x800000000000000043884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.041{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-yaml.postinst--- 23542300x800000000000000043885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.043{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-update-manager.postinst--- 23542300x800000000000000043886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.047{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnfnetlink0:amd64.postinst--- 23542300x800000000000000043887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.052{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dirmngr.md5sums--- 23542300x800000000000000043888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.054{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim.postinst--- 23542300x800000000000000043889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.056{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-update-manager.prerm--- 23542300x800000000000000043890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.060{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp.md5sums--- 23542300x800000000000000043891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.062{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo-gobject2:amd64.md5sums--- 23542300x800000000000000043892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.065{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gstreamer1.0-plugins-good:amd64.md5sums--- 23542300x800000000000000043893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.070{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ec2-hibinit-agent.list--- 23542300x800000000000000043894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.072{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xauth.md5sums--- 23542300x800000000000000043895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.077{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libquadmath0:amd64.triggers--- 23542300x800000000000000043896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.079{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-glib-1.0-common.list--- 23542300x800000000000000043897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.081{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-runtime.templates--- 23542300x800000000000000043898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.083{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.postinst--- 23542300x800000000000000043899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.086{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libblkid1:amd64.triggers--- 23542300x800000000000000043900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.088{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/adduser.postinst--- 23542300x800000000000000043901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.092{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gnupg-l10n.list--- 23542300x800000000000000043902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.094{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-requests.prerm--- 23542300x800000000000000043903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.098{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/whiptail.list--- 23542300x800000000000000043904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.100{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwavpack1:amd64.shlibs--- 23542300x800000000000000043905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.103{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kmod.prerm--- 23542300x800000000000000043906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.105{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc-dev-bin.md5sums--- 23542300x800000000000000043907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.108{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgnutls30:amd64.md5sums--- 23542300x800000000000000043908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.111{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-openssl.prerm--- 23542300x800000000000000043909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.113{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/procps.list--- 23542300x800000000000000043910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/uidmap.md5sums--- 23542300x800000000000000043911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.119{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmt-support.postrm--- 23542300x800000000000000043912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.123{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1:amd64.shlibs--- 23542300x800000000000000043913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.126{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libopus0:amd64.list--- 23542300x800000000000000043914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.128{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/acpid.md5sums--- 23542300x800000000000000043915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.131{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpcre3:amd64.symbols--- 23542300x800000000000000043916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.133{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmspack0:amd64.md5sums--- 23542300x800000000000000043917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.136{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-image-5.4.0-1068-aws.postinst--- 23542300x800000000000000043918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.138{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/manpages.md5sums--- 23542300x800000000000000043919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.140{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasn1-8-heimdal:amd64.symbols--- 23542300x800000000000000043920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.142{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/psmisc.postinst--- 23542300x800000000000000043921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/multiarch-support.list--- 23542300x800000000000000043922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.147{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-headers-aws.list--- 23542300x800000000000000043923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.149{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jsonschema.list--- 23542300x800000000000000043924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.151{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libibverbs1:amd64.triggers--- 23542300x800000000000000043925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.154{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-user-static.prerm--- 23542300x800000000000000043926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.156{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-7.list--- 23542300x800000000000000043927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.158{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblvm2app2.2:amd64.triggers--- 23542300x800000000000000043928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.160{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-chardet.list--- 23542300x800000000000000043929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.163{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bsdmainutils.prerm--- 23542300x800000000000000043930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.165{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules:amd64.preinst--- 23542300x800000000000000043931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.168{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhcrypto4-heimdal:amd64.shlibs--- 23542300x800000000000000043932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.170{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tmux.prerm--- 23542300x800000000000000043933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.173{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mips-linux-gnu.md5sums--- 23542300x800000000000000043934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.175{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-c3:amd64.shlibs--- 23542300x800000000000000043935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.177{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.preinst--- 23542300x800000000000000043936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.180{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/networkd-dispatcher.md5sums--- 23542300x800000000000000043937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.182{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jsonpatch.preinst--- 23542300x800000000000000043938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.184{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapparmor1:amd64.symbols--- 23542300x800000000000000043939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.186{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcilkrts5:amd64.list--- 23542300x800000000000000043940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.189{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.postrm--- 23542300x800000000000000043941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.191{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.postinst--- 23542300x800000000000000043942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.193{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgeoip1:amd64.md5sums--- 23542300x800000000000000043943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.196{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/util-linux.prerm--- 23542300x800000000000000043944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jsonpatch.postinst--- 23542300x800000000000000043945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.200{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.conffiles--- 23542300x800000000000000043946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.203{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xfsprogs.triggers--- 23542300x800000000000000043947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.205{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1-openssl:amd64.list--- 23542300x800000000000000043948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.207{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtsan0:amd64.triggers--- 23542300x800000000000000043949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.210{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnghttp2-14:amd64.symbols--- 23542300x800000000000000043950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.212{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu.list--- 23542300x800000000000000043951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.213{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/e2fsprogs.conffiles--- 23542300x800000000000000043952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.216{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/psmisc.list--- 23542300x800000000000000043953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.218{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pyasn1-modules.prerm--- 23542300x800000000000000043954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.222{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbinutils:amd64.md5sums--- 23542300x800000000000000043955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.224{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi-krb5-2:amd64.symbols--- 23542300x800000000000000043956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.226{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-constantly.postinst--- 23542300x800000000000000043957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.229{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/irqbalance.templates--- 23542300x800000000000000043958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.231{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-incremental.prerm--- 23542300x800000000000000043959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.233{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ltrace.list--- 23542300x800000000000000043960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.236{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/command-not-found-data.list--- 23542300x800000000000000043961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.238{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblwres160:amd64.symbols--- 23542300x800000000000000043962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.240{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pastebinit.list--- 23542300x800000000000000043963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.242{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils.list--- 23542300x800000000000000043964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.246{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyajl2:amd64.list--- 23542300x800000000000000043965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.248{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf.prerm--- 23542300x800000000000000043966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.251{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgirepository-1.0-1:amd64.triggers--- 23542300x800000000000000043967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.253{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libestr0:amd64.symbols--- 23542300x800000000000000043968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.255{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmspack0:amd64.list--- 23542300x800000000000000043969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.258{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfuse2:amd64.md5sums--- 23542300x800000000000000043970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.261{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-26-heimdal:amd64.shlibs--- 23542300x800000000000000043971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.264{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apport.preinst--- 23542300x800000000000000043972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted.postinst--- 23542300x800000000000000043973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.269{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus-user-session.list--- 23542300x800000000000000043974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.271{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtinfo5:amd64.list--- 23542300x800000000000000043975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.276{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-server.md5sums--- 23542300x800000000000000043976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.278{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper-event1.02.1:amd64.md5sums--- 23542300x800000000000000043977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.281{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasan4:amd64.md5sums--- 23542300x800000000000000043978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.283{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpcre3:amd64.triggers--- 23542300x800000000000000043979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.286{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kbd.prerm--- 23542300x800000000000000043980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.288{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nano.postinst--- 23542300x800000000000000043981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.290{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkeyutils1:amd64.list--- 23542300x800000000000000043982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.293{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl4:amd64.symbols--- 23542300x800000000000000043983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.295{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-blinker.postinst--- 23542300x800000000000000043984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.299{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libncursesw5:amd64.md5sums--- 23542300x800000000000000043985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.302{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jwt.postinst--- 23542300x800000000000000043986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.304{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.templates--- 23542300x800000000000000043987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.307{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-x86.postinst--- 23542300x800000000000000043988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.311{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-8-cross-base-ports.md5sums--- 23542300x800000000000000043989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.314{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuv1:amd64.shlibs--- 23542300x800000000000000043990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.316{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunistring2:amd64.list--- 23542300x800000000000000043991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.319{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblwres160:amd64.triggers--- 23542300x800000000000000043992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ncurses-term.md5sums--- 23542300x800000000000000043993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccfg160:amd64.symbols--- 23542300x800000000000000043994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.326{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binutils-mipsel-linux-gnu.md5sums--- 23542300x800000000000000043995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.328{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.prerm--- 23542300x800000000000000043996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.331{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libspice-server1:amd64.triggers--- 23542300x800000000000000043997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.334{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/readline-common.postinst--- 23542300x800000000000000043998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.337{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.config--- 23542300x800000000000000043999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.341{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxen-4.9:amd64.shlibs--- 23542300x800000000000000044000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.343{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xfsprogs.list--- 23542300x800000000000000044001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.346{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdumbnet1:amd64.triggers--- 23542300x800000000000000044002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.349{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libthai0:amd64.shlibs--- 23542300x800000000000000044003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.398{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.conffiles--- 23542300x800000000000000044004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.400{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/udev.triggers--- 23542300x800000000000000044005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.402{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libflac8:amd64.symbols--- 23542300x800000000000000044006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.405{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.md5sums--- 23542300x800000000000000044007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.408{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdatrie1:amd64.shlibs--- 23542300x800000000000000044008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.410{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iputils-ping.md5sums--- 23542300x800000000000000044009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.412{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mips-cross.shlibs--- 23542300x800000000000000044010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.415{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/powershell.list--- 23542300x800000000000000044011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.417{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmp3lame0:amd64.symbols--- 23542300x800000000000000044012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.419{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuv1:amd64.symbols--- 23542300x800000000000000044013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.421{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnghttp2-14:amd64.shlibs--- 23542300x800000000000000044014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjack-jackd2-0:amd64.list--- 23542300x800000000000000044015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.426{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusb-1.0-0:amd64.shlibs--- 23542300x800000000000000044016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.428{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/networkd-dispatcher.postrm--- 23542300x800000000000000044017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.430{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusbredirparser1:amd64.shlibs--- 23542300x800000000000000044018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.433{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.md5sums--- 23542300x800000000000000044019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.436{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsamplerate0:amd64.list--- 23542300x800000000000000044020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.438{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasn1-8-heimdal:amd64.triggers--- 23542300x800000000000000044021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.442{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libitm1:amd64.list--- 23542300x800000000000000044022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.445{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfastjson4:amd64.list--- 23542300x800000000000000044023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.447{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-certifi.md5sums--- 23542300x800000000000000044024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.450{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libldap-common.conffiles--- 23542300x800000000000000044025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.452{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/publicsuffix.list--- 23542300x800000000000000044026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.454{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgomp1-mips-cross.shlibs--- 23542300x800000000000000044027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.457{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gawk.postinst--- 23542300x800000000000000044028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.461{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaio1:amd64.md5sums--- 23542300x800000000000000044029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.464{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libubsan0:amd64.triggers--- 23542300x800000000000000044030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-cap:amd64.conffiles--- 23542300x800000000000000044031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.469{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-ptyprocess.list--- 23542300x800000000000000044032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.472{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssl.list--- 23542300x800000000000000044033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.474{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-runtime.postrm--- 23542300x800000000000000044034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.476{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.prerm--- 23542300x800000000000000044035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.479{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper-event1.02.1:amd64.symbols--- 23542300x800000000000000044036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.481{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6-minimal.postrm--- 23542300x800000000000000044037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.484{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-route-3-200:amd64.md5sums--- 23542300x800000000000000044038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.486{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdv4:amd64.symbols--- 23542300x800000000000000044039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.489{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetplan0:amd64.md5sums--- 23542300x800000000000000044040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.491{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/install-info.md5sums--- 23542300x800000000000000044041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.494{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1:amd64.symbols--- 23542300x800000000000000044042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.496{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhcrypto4-heimdal:amd64.md5sums--- 23542300x800000000000000044043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.544{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc-bin.md5sums--- 23542300x800000000000000044044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.546{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgeoip1:amd64.list--- 23542300x800000000000000044045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.548{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-six.list--- 23542300x800000000000000044046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.551{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liberror-perl.list--- 23542300x800000000000000044047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.553{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpangoft2-1.0-0:amd64.shlibs--- 23542300x800000000000000044048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.555{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/g++.prerm--- 23542300x800000000000000044049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.557{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap2:amd64.triggers--- 23542300x800000000000000044050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.559{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblz4-1:amd64.md5sums--- 23542300x800000000000000044051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.561{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage1:amd64.md5sums--- 23542300x800000000000000044052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.565{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pciutils.postrm--- 23542300x800000000000000044053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.567{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc-7-dev:amd64.list--- 23542300x800000000000000044054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.571{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libseccomp2:amd64.symbols--- 23542300x800000000000000044055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.573{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pyasn1-modules.list--- 23542300x800000000000000044056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/overlayroot.conffiles--- 23542300x800000000000000044057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.580{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.config--- 23542300x800000000000000044058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.584{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-attr.list--- 23542300x800000000000000044059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.586{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxrender1:amd64.list--- 23542300x800000000000000044060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.590{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/file.md5sums--- 23542300x800000000000000044061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.593{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hibagent.md5sums--- 23542300x800000000000000044062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.633{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.postinst--- 23542300x800000000000000044063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.635{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mipsel-linux-gnu-base:amd64.list--- 23542300x800000000000000044064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.639{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bsdmainutils.list--- 23542300x800000000000000044065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.641{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-markupsafe.prerm--- 23542300x800000000000000044066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/logrotate.md5sums--- 23542300x800000000000000044067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.645{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.shlibs--- 23542300x800000000000000044068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.647{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debian.md5sums--- 23542300x800000000000000044069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.649{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsqlite3-0:amd64.symbols--- 23542300x800000000000000044070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.652{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/patch.md5sums--- 23542300x800000000000000044071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.654{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiptc0:amd64.list--- 23542300x800000000000000044072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.656{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuuid1:amd64.shlibs--- 23542300x800000000000000044073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.659{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxdamage1:amd64.triggers--- 23542300x800000000000000044074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.661{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-mips-linux-gnu.list--- 23542300x800000000000000044075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.664{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-client.md5sums--- 23542300x800000000000000044076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.667{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnss3:amd64.triggers--- 23542300x800000000000000044077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.669{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mipsel-linux-gnu.list--- 23542300x800000000000000044078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/less.list--- 23542300x800000000000000044079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.675{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap2:amd64.shlibs--- 23542300x800000000000000044080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.677{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.list--- 23542300x800000000000000044081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.679{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjpeg-turbo8:amd64.list--- 23542300x800000000000000044082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.681{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdrm2:amd64.list--- 23542300x800000000000000044083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.683{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.templates--- 23542300x800000000000000044084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.685{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt.shlibs--- 23542300x800000000000000044085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.688{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fonts-ubuntu-console.md5sums--- 23542300x800000000000000044086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.690{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/at.md5sums--- 23542300x800000000000000044087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.693{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash.postinst--- 23542300x800000000000000044088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.694{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvorbisenc2:amd64.symbols--- 23542300x800000000000000044089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.698{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjbig0:amd64.list--- 23542300x800000000000000044090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.701{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/irqbalance.prerm--- 23542300x800000000000000044091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.704{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-gobject-1-0:amd64.md5sums--- 23542300x800000000000000044092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.707{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxenstore3.0:amd64.triggers--- 23542300x800000000000000044093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.709{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnghttp2-14:amd64.triggers--- 23542300x800000000000000044094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.712{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libubsan0:amd64.md5sums--- 23542300x800000000000000044095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.714{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libselinux1:amd64.md5sums--- 23542300x800000000000000044096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.716{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-base.postrm--- 23542300x800000000000000044097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.718{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libirs160:amd64.triggers--- 23542300x800000000000000044098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.721{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4lconvert0:amd64.md5sums--- 23542300x800000000000000044099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.723{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcryptsetup12:amd64.shlibs--- 23542300x800000000000000044100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.725{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-six.postinst--- 23542300x800000000000000044101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.728{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccfg160:amd64.list--- 23542300x800000000000000044102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.731{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-x86.preinst--- 23542300x800000000000000044103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.733{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb-render0:amd64.list--- 23542300x800000000000000044104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.735{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ftp.list--- 23542300x800000000000000044105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdv4:amd64.shlibs--- 23542300x800000000000000044106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.739{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-incremental.list--- 23542300x800000000000000044107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.742{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-guest-utils.md5sums--- 23542300x800000000000000044108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.745{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-user-static.md5sums--- 23542300x800000000000000044109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.747{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1:amd64.shlibs--- 23542300x800000000000000044110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.749{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ec2-hibinit-agent.prerm--- 23542300x800000000000000044111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.752{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libx11-6:amd64.shlibs--- 23542300x800000000000000044112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.755{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/software-properties-common.md5sums--- 23542300x800000000000000044113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.757{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted.md5sums--- 23542300x800000000000000044114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.759{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libroken18-heimdal:amd64.md5sums--- 23542300x800000000000000044115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.763{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline7:amd64.triggers--- 23542300x800000000000000044116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.766{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcc1-0:amd64.symbols--- 23542300x800000000000000044117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.768{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.postinst--- 23542300x800000000000000044118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.771{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsoup2.4-1:amd64.triggers--- 23542300x800000000000000044119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.773{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-distro-info.md5sums--- 23542300x800000000000000044120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.778{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfdisk1:amd64.list--- 23542300x800000000000000044121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.780{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-distupgrade.prerm--- 23542300x800000000000000044122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.782{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-utils.md5sums--- 23542300x800000000000000044123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.785{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdisk.list--- 23542300x800000000000000044124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.787{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/splunkforwarder.preinst--- 23542300x800000000000000044125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.790{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/login.md5sums--- 23542300x800000000000000044126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip6tc0:amd64.shlibs--- 23542300x800000000000000044127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunwind8:amd64.md5sums--- 23542300x800000000000000044128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdrm2:amd64.md5sums--- 23542300x800000000000000044129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.799{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/powershell.postrm--- 23542300x800000000000000044130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.801{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.postrm--- 23542300x800000000000000044131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.804{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnfnetlink0:amd64.postrm--- 23542300x800000000000000044132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.809{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/publicsuffix.md5sums--- 23542300x800000000000000044133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.811{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/language-selector-common.conffiles--- 23542300x800000000000000044134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.813{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-common.list--- 23542300x800000000000000044135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.815{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ibverbs-providers:amd64.symbols--- 23542300x800000000000000044136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.817{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvisual-0.4-0:amd64.symbols--- 23542300x800000000000000044137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.820{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxcfs.postrm--- 23542300x800000000000000044138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.823{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mipsel-cross.shlibs--- 23542300x800000000000000044139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.826{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dash.preinst--- 23542300x800000000000000044140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.829{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nano.md5sums--- 23542300x800000000000000044141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.831{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgmp10:amd64.symbols--- 23542300x800000000000000044142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.833{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ftp.md5sums--- 23542300x800000000000000044143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.836{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaccountsservice0:amd64.list--- 23542300x800000000000000044144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.838{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/screen.preinst--- 23542300x800000000000000044145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.842{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmeventd.triggers--- 23542300x800000000000000044146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.844{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn11:amd64.shlibs--- 23542300x800000000000000044147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.846{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgnutls30:amd64.shlibs--- 23542300x800000000000000044148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.849{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-gobject-1-0:amd64.shlibs--- 23542300x800000000000000044149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.851{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb.conffiles--- 23542300x800000000000000044150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.854{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmspack0:amd64.symbols--- 23542300x800000000000000044151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.856{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-base1.0-0:amd64.shlibs--- 23542300x800000000000000044152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.861{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd.triggers--- 23542300x800000000000000044153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.863{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4lconvert0:amd64.triggers--- 23542300x800000000000000044154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.865{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mdadm.postinst--- 23542300x800000000000000044155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.867{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjpeg-turbo8:amd64.symbols--- 23542300x800000000000000044156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.870{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgudev-1.0-0:amd64.symbols--- 23542300x800000000000000044157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.872{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jinja2.md5sums--- 23542300x800000000000000044158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.875{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth.md5sums--- 23542300x800000000000000044159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsigsegv2:amd64.symbols--- 23542300x800000000000000044160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.880{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc.postinst--- 23542300x800000000000000044161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.883{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer1.0-0:amd64.postinst--- 23542300x800000000000000044162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.885{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblvm2app2.2:amd64.shlibs--- 23542300x800000000000000044163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.888{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libedit2:amd64.triggers--- 23542300x800000000000000044164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.891{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpsl5:amd64.md5sums--- 23542300x800000000000000044165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.893{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/git.postrm--- 23542300x800000000000000044166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.897{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfreetype6:amd64.shlibs--- 23542300x800000000000000044167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.899{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdbus-1-3:amd64.shlibs--- 23542300x800000000000000044168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.901{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasound2:amd64.symbols--- 23542300x800000000000000044169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.904{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-base1.0-0:amd64.list--- 23542300x800000000000000044170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.907{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libldap-2.4-2:amd64.md5sums--- 23542300x800000000000000044171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.909{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnettle6:amd64.symbols--- 23542300x800000000000000044172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.912{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/git.conffiles--- 23542300x800000000000000044173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.914{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pexpect.postinst--- 23542300x800000000000000044174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.918{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-image-aws.md5sums--- 23542300x800000000000000044175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.922{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpcre3:amd64.list--- 23542300x800000000000000044176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dnsutils.list--- 23542300x800000000000000044177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.927{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lvm2.preinst--- 23542300x800000000000000044178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.929{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libthai0:amd64.symbols--- 23542300x800000000000000044179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.932{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debconf.list--- 23542300x800000000000000044180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.934{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetplan0:amd64.triggers--- 23542300x800000000000000044181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.937{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xdg-user-dirs.prerm--- 23542300x800000000000000044182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.940{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dirmngr.prerm--- 23542300x800000000000000044183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.942{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsamplerate0:amd64.shlibs--- 23542300x800000000000000044184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.944{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsof.list--- 23542300x800000000000000044185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.947{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc-dev-bin.list--- 23542300x800000000000000044186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.949{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libglib2.0-0:amd64.postrm--- 23542300x800000000000000044187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.951{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.postrm--- 23542300x800000000000000044188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.954{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libseccomp2:amd64.list--- 23542300x800000000000000044189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.956{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-distupgrade.md5sums--- 23542300x800000000000000044190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.958{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssl.conffiles--- 23542300x800000000000000044191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.961{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-mipsel-cross.md5sums--- 23542300x800000000000000044192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.963{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lvm2.prerm--- 23542300x800000000000000044193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.965{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dnsmasq-base.md5sums--- 23542300x800000000000000044194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.968{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccfg160:amd64.md5sums--- 23542300x800000000000000044195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.970{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmuu1:amd64.list--- 23542300x800000000000000044196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.972{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bsdutils.list--- 23542300x800000000000000044197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.976{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.triggers--- 23542300x800000000000000044198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.978{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnfnetlink0:amd64.list--- 23542300x800000000000000044199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.980{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdns-export1100.md5sums--- 23542300x800000000000000044200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.982{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/netbase.postrm--- 23542300x800000000000000044201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.985{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnspr4:amd64.symbols--- 23542300x800000000000000044202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.988{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/adduser.templates--- 23542300x800000000000000044203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.991{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpsl5:amd64.triggers--- 23542300x800000000000000044204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.993{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-gi.list--- 23542300x800000000000000044205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.995{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiscsi7:amd64.md5sums--- 23542300x800000000000000044206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.997{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtinfo5:amd64.shlibs--- 23542300x800000000000000044207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:08.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nplan.md5sums--- 23542300x800000000000000044208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.002{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdw1:amd64.triggers--- 23542300x800000000000000044209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.004{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash-completion.conffiles--- 23542300x800000000000000044210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.007{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcilkrts5:amd64.md5sums--- 23542300x800000000000000044211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.010{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap-ng0:amd64.shlibs--- 23542300x800000000000000044212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.012{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iptables.md5sums--- 23542300x800000000000000044213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.015{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblxc1.list--- 23542300x800000000000000044214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.018{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.preinst--- 23542300x800000000000000044215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.020{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaccountsservice0:amd64.symbols--- 23542300x800000000000000044216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.022{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-chardet.md5sums--- 23542300x800000000000000044217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.025{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-inst2.0:amd64.list--- 23542300x800000000000000044218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb.md5sums--- 23542300x800000000000000044219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.029{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhogweed4:amd64.triggers--- 23542300x800000000000000044220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.032{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.postinst--- 23542300x800000000000000044221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.034{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-bin.md5sums--- 23542300x800000000000000044222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iproute2.conffiles--- 23542300x800000000000000044223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.039{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo-gobject2:amd64.triggers--- 23542300x800000000000000044224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.043{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mipsel-linux-gnu.preinst--- 23542300x800000000000000044225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.045{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libeatmydata1:amd64.list--- 23542300x800000000000000044226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.047{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libp11-kit0:amd64.symbols--- 23542300x800000000000000044227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.049{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.config--- 23542300x800000000000000044228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apport.md5sums--- 23542300x800000000000000044229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.054{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfreetype6:amd64.triggers--- 23542300x800000000000000044230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.056{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatm1:amd64.shlibs--- 23542300x800000000000000044231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.058{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper1.02.1:amd64.symbols--- 23542300x800000000000000044232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.061{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-tiny.md5sums--- 23542300x800000000000000044233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.063{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-8-base:amd64.md5sums--- 23542300x800000000000000044234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdv4:amd64.md5sums--- 23542300x800000000000000044235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.069{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-distupgrade.list--- 23542300x800000000000000044236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.071{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pollinate.prerm--- 23542300x800000000000000044237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.073{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-files.conffiles--- 23542300x800000000000000044238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libraw1394-11:amd64.triggers--- 23542300x800000000000000044239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.078{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusb-1.0-0:amd64.md5sums--- 23542300x800000000000000044240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.080{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt-utils.list--- 23542300x800000000000000044241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.082{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcacard0:amd64.shlibs--- 23542300x800000000000000044242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.084{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/friendly-recovery.preinst--- 23542300x800000000000000044243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.087{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librdmacm1:amd64.md5sums--- 23542300x800000000000000044244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.089{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc.prerm--- 23542300x800000000000000044245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.092{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-base.prerm--- 23542300x800000000000000044246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.095{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-software-properties.postinst--- 23542300x800000000000000044247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.097{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzma5:amd64.md5sums--- 23542300x800000000000000044248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.100{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-dev:amd64.md5sums--- 23542300x800000000000000044249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.102{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup-linux.md5sums--- 23542300x800000000000000044250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.105{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup-linux.postinst--- 23542300x800000000000000044251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.107{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.postinst--- 23542300x800000000000000044252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.109{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.prerm--- 23542300x800000000000000044253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.112{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.md5sums--- 23542300x800000000000000044254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.114{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-image-5.4.0-1068-aws.triggers--- 23542300x800000000000000044255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.118{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-apport.md5sums--- 23542300x800000000000000044256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.120{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi3-heimdal:amd64.md5sums--- 23542300x800000000000000044257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.122{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-distro-info.postinst--- 23542300x800000000000000044258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.125{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxtables12:amd64.triggers--- 23542300x800000000000000044259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.127{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgomp1-mips-cross.md5sums--- 23542300x800000000000000044260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.130{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-runtime.postinst--- 23542300x800000000000000044261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.132{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsndfile1:amd64.triggers--- 23542300x800000000000000044262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.135{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-route-3-200:amd64.triggers--- 23542300x800000000000000044263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.137{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb-multiarch.md5sums--- 23542300x800000000000000044264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.139{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-headers-5.4.0-1068-aws.list--- 23542300x800000000000000044265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.142{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsdl1.2debian:amd64.shlibs--- 23542300x800000000000000044266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-release-upgrader-core.md5sums--- 23542300x800000000000000044267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.147{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debian-archive-keyring.postrm--- 23542300x800000000000000044268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.150{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-gfxpayload-lists.md5sums--- 23542300x800000000000000044269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.152{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc-bin.list--- 23542300x800000000000000044270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.155{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaccountsservice0:amd64.md5sums--- 23542300x800000000000000044271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.157{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/install-info.triggers--- 23542300x800000000000000044272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.160{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/isc-dhcp-client.postrm--- 23542300x800000000000000044273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.162{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.conffiles--- 23542300x800000000000000044274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.165{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbz2-1.0:amd64.md5sums--- 23542300x800000000000000044275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.167{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer1.0-0:amd64.list--- 23542300x800000000000000044276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.170{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gnupg-utils.md5sums--- 23542300x800000000000000044277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.172{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcurl4:amd64.triggers--- 23542300x800000000000000044278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.174{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline5:amd64.md5sums--- 23542300x800000000000000044279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.177{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline5:amd64.list--- 23542300x800000000000000044280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.179{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-gi.md5sums--- 23542300x800000000000000044281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.181{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libelf1:amd64.shlibs--- 23542300x800000000000000044282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.184{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libksba8:amd64.md5sums--- 23542300x800000000000000044283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.187{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbsd0:amd64.list--- 23542300x800000000000000044284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.189{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pkg-resources.list--- 23542300x800000000000000044285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.193{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip6tc0:amd64.md5sums--- 23542300x800000000000000044286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.196{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/unattended-upgrades.conffiles--- 23542300x800000000000000044287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-2:amd64.shlibs--- 23542300x800000000000000044288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.201{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-problem-report.list--- 23542300x800000000000000044289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.203{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted-bin:amd64.md5sums--- 23542300x800000000000000044290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.205{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dash.list--- 23542300x800000000000000044291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.207{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtiff5:amd64.symbols--- 23542300x800000000000000044292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.209{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvorbis0a:amd64.symbols--- 23542300x800000000000000044293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.211{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-six.prerm--- 23542300x800000000000000044294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.214{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cron.conffiles--- 23542300x800000000000000044295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.216{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwind0-heimdal:amd64.triggers--- 23542300x800000000000000044296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.218{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted.list--- 23542300x800000000000000044297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.220{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/telnet.md5sums--- 23542300x800000000000000044298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.222{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mips-linux-gnu-base:amd64.md5sums--- 23542300x800000000000000044299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.224{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxau6:amd64.triggers--- 23542300x800000000000000044300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.226{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbind9-160:amd64.md5sums--- 23542300x800000000000000044301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.228{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmount1:amd64.triggers--- 23542300x800000000000000044302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.231{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libext2fs2:amd64.symbols--- 23542300x800000000000000044303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.233{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu.md5sums--- 23542300x800000000000000044304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.236{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccc160:amd64.list--- 23542300x800000000000000044305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.239{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblz4-1:amd64.triggers--- 23542300x800000000000000044306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.241{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic1:amd64.triggers--- 23542300x800000000000000044307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.244{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libubsan0:amd64.symbols--- 23542300x800000000000000044308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.246{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/manpages-dev.list--- 23542300x800000000000000044309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.249{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer1.0-0:amd64.triggers--- 23542300x800000000000000044310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.251{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gnupg.md5sums--- 23542300x800000000000000044311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.254{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-cryptography.prerm--- 23542300x800000000000000044312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.257{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiscsi7:amd64.shlibs--- 23542300x800000000000000044313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ssh-import-id.list--- 23542300x800000000000000044314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.262{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kbd.postinst--- 23542300x800000000000000044315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.264{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7.md5sums--- 23542300x800000000000000044316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-client.postinst--- 23542300x800000000000000044317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.269{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libutempter0:amd64.md5sums--- 23542300x800000000000000044318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.272{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libshout3:amd64.triggers--- 23542300x800000000000000044319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.274{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-apt.postinst--- 23542300x800000000000000044320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.277{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/udev.postrm--- 23542300x800000000000000044321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.279{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf-i18n.md5sums--- 23542300x800000000000000044322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.281{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.postrm--- 23542300x800000000000000044323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.284{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam0g:amd64.templates--- 23542300x800000000000000044324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.287{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapparmor1:amd64.shlibs--- 23542300x800000000000000044325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.290{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgomp1-mips-cross.list--- 23542300x800000000000000044326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.293{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-service-identity.postinst--- 23542300x800000000000000044327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.296{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-runtime.postinst--- 23542300x800000000000000044328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.300{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyaml-0-2:amd64.triggers--- 23542300x800000000000000044329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.305{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/packages-microsoft-prod.preinst--- 23542300x800000000000000044330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.307{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmeventd.postrm--- 23542300x800000000000000044331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.310{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liberror-perl.md5sums--- 23542300x800000000000000044332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.312{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-files.preinst--- 23542300x800000000000000044333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.314{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-common.list--- 23542300x800000000000000044334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.317{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-dev:amd64.list--- 23542300x800000000000000044335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.320{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmp3lame0:amd64.triggers--- 23542300x800000000000000044336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.322{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-manager-core.list--- 23542300x800000000000000044337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/wget.md5sums--- 23542300x800000000000000044338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.327{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libk5crypto3:amd64.triggers--- 23542300x800000000000000044339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.330{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-dev-mips-cross.md5sums--- 23542300x800000000000000044340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.332{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pastebinit.md5sums--- 23542300x800000000000000044341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.334{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/geoip-database.list--- 23542300x800000000000000044342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.337{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xkb-data.md5sums--- 23542300x800000000000000044343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.339{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libldap-2.4-2:amd64.triggers--- 23542300x800000000000000044344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.341{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xfsprogs.shlibs--- 23542300x800000000000000044345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.343{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmeventd.postinst--- 23542300x800000000000000044346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.345{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-libc-dev-mipsel-cross.list--- 23542300x800000000000000044347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.347{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ureadahead.preinst--- 23542300x800000000000000044348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.350{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6-minimal.prerm--- 23542300x800000000000000044349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.353{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4l-0:amd64.triggers--- 23542300x800000000000000044350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.355{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6:amd64.symbols--- 23542300x800000000000000044351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.358{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxcfs.postinst--- 23542300x800000000000000044352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.362{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd.preinst--- 23542300x800000000000000044353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.365{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.postinst--- 23542300x800000000000000044354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.368{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfastjson4:amd64.triggers--- 23542300x800000000000000044355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.371{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasan4:amd64.triggers--- 23542300x800000000000000044356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.373{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfuse2:amd64.symbols--- 23542300x800000000000000044357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.376{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup-linux.postrm--- 23542300x800000000000000044358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.379{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip6tc0:amd64.triggers--- 23542300x800000000000000044359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.384{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.conffiles--- 23542300x800000000000000044360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.386{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/manpages-dev.md5sums--- 23542300x800000000000000044361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.388{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libspeex1:amd64.md5sums--- 23542300x800000000000000044362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.391{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-base.md5sums--- 23542300x800000000000000044363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.393{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxslt1.1:amd64.triggers--- 23542300x800000000000000044364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.395{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cryptsetup.list--- 23542300x800000000000000044365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.398{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6-minimal.list--- 23542300x800000000000000044366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.400{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-incremental.postinst--- 23542300x800000000000000044367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.403{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-pkg5.0:amd64.shlibs--- 23542300x800000000000000044368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.406{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fonts-dejavu-core.md5sums--- 23542300x800000000000000044369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.408{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcc1-0:amd64.list--- 23542300x800000000000000044370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.411{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fontconfig.triggers--- 23542300x800000000000000044371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.413{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-7-mipsel-linux-gnu.md5sums--- 23542300x800000000000000044372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.415{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fdisk.md5sums--- 23542300x800000000000000044373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.418{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-base1.0-0:amd64.symbols--- 23542300x800000000000000044374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.420{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/os-prober.list--- 23542300x800000000000000044375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/glib-networking-common.md5sums--- 23542300x800000000000000044376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.425{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted.triggers--- 23542300x800000000000000044377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.428{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/acpid.conffiles--- 23542300x800000000000000044378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.431{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-netifaces.list--- 23542300x800000000000000044379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.434{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libroken18-heimdal:amd64.list--- 23542300x800000000000000044380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.437{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-files.list--- 23542300x800000000000000044381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.440{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtext-charwidth-perl.md5sums--- 23542300x800000000000000044382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.443{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnss-systemd:amd64.postinst--- 23542300x800000000000000044383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.445{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgstreamer-plugins-good1.0-0:amd64.triggers--- 23542300x800000000000000044384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.448{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasound2:amd64.triggers--- 23542300x800000000000000044385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.452{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.triggers--- 23542300x800000000000000044386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4l-0:amd64.symbols--- 23542300x800000000000000044387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.460{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmp3lame0:amd64.shlibs--- 23542300x800000000000000044388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.462{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5support0:amd64.triggers--- 23542300x800000000000000044389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.464{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/util-linux.md5sums--- 23542300x800000000000000044390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.467{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzo2-2:amd64.shlibs--- 23542300x800000000000000044391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.470{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus.triggers--- 23542300x800000000000000044392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.472{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc-export169:amd64.md5sums--- 23542300x800000000000000044393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.475{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/snapd.preinst--- 23542300x800000000000000044394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.478{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grep.md5sums--- 23542300x800000000000000044395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.481{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libshout3:amd64.shlibs--- 23542300x800000000000000044396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.484{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/powermgmt-base.md5sums--- 23542300x800000000000000044397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.486{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-vm-tools.prerm--- 23542300x800000000000000044398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.489{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mount.list--- 23542300x800000000000000044399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.492{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/landscape-common.templates--- 23542300x800000000000000044400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.495{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgraphite2-3:amd64.list--- 23542300x800000000000000044401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.497{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-systemd:amd64.postinst--- 23542300x800000000000000044402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.501{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iputils-tracepath.postinst--- 23542300x800000000000000044403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.505{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libitm1:amd64.symbols--- 23542300x800000000000000044404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.508{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.prerm--- 23542300x800000000000000044405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.511{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libassuan0:amd64.triggers--- 23542300x800000000000000044406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.513{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ipxe-qemu.list--- 23542300x800000000000000044407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.516{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxenstore3.0:amd64.shlibs--- 23542300x800000000000000044408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfontconfig1:amd64.md5sums--- 23542300x800000000000000044409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.521{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libevent-2.1-6:amd64.symbols--- 23542300x800000000000000044410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.523{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/klibc-utils.postinst--- 23542300x800000000000000044411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.525{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/shared-mime-info.list--- 23542300x800000000000000044412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.528{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libestr0:amd64.md5sums--- 23542300x800000000000000044413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.530{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.list--- 23542300x800000000000000044414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.533{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/time.list--- 23542300x800000000000000044415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.535{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sysmonforlinux.md5sums--- 23542300x800000000000000044416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.537{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libzstd1:amd64.triggers--- 23542300x800000000000000044417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.540{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mips-cross.list--- 23542300x800000000000000044418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.543{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmtc.md5sums--- 23542300x800000000000000044419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.546{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libeatmydata1:amd64.shlibs--- 23542300x800000000000000044420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.548{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6.md5sums--- 23542300x800000000000000044421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.551{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-gobject-1-0:amd64.list--- 23542300x800000000000000044422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.554{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssl.md5sums--- 23542300x800000000000000044423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.559{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-agent-1-0:amd64.triggers--- 23542300x800000000000000044424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.561{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ec2-hibinit-agent.md5sums--- 23542300x800000000000000044425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.571{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sudo.preinst--- 23542300x800000000000000044426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.573{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debianutils.postinst--- 23542300x800000000000000044427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.576{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/usbutils.md5sums--- 23542300x800000000000000044428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.579{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/popularity-contest.postinst--- 23542300x800000000000000044429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.584{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/netbase.conffiles--- 23542300x800000000000000044430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.586{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.md5sums--- 23542300x800000000000000044431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.589{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd.conffiles--- 23542300x800000000000000044432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.592{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunistring2:amd64.shlibs--- 23542300x800000000000000044433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.595{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6-minimal.md5sums--- 23542300x800000000000000044434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.598{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhcrypto4-heimdal:amd64.symbols--- 23542300x800000000000000044435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.600{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.shlibs--- 23542300x800000000000000044436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.603{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasyncns0:amd64.shlibs--- 23542300x800000000000000044437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.606{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap-ng0:amd64.list--- 23542300x800000000000000044438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.610{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/emdebian-archive-keyring.list--- 23542300x800000000000000044439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools-core.postinst--- 23542300x800000000000000044440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.616{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libp11-kit0:amd64.shlibs--- 23542300x800000000000000044441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.619{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/coreutils.md5sums--- 23542300x800000000000000044442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.622{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsoup2.4-1:amd64.symbols--- 23542300x800000000000000044443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.624{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdv4:amd64.triggers--- 23542300x800000000000000044444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.629{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.postrm--- 23542300x800000000000000044445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.632{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/isc-dhcp-client.postinst--- 23542300x800000000000000044446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.637{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc-export169:amd64.triggers--- 23542300x800000000000000044447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.640{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtag1v5:amd64.list--- 23542300x800000000000000044448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapparmor1:amd64.list--- 23542300x800000000000000044449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.646{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1-openssl:amd64.md5sums--- 23542300x800000000000000044450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.651{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dnsmasq-base.conffiles--- 23542300x800000000000000044451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.654{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bsdutils.md5sums--- 23542300x800000000000000044452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.657{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libstdc++6:amd64.triggers--- 23542300x800000000000000044453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.660{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdconf1:amd64.symbols--- 23542300x800000000000000044454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.663{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.conffiles--- 23542300x800000000000000044455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libprocps6:amd64.shlibs--- 23542300x800000000000000044456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi-krb5-2:amd64.shlibs--- 23542300x800000000000000044457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.674{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgssapi3-heimdal:amd64.list--- 23542300x800000000000000044458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.677{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/perl.list--- 23542300x800000000000000044459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.681{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkmod2:amd64.list--- 23542300x800000000000000044460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.684{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-libc-dev-mips-cross.list--- 23542300x800000000000000044461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.686{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/init.md5sums--- 23542300x800000000000000044462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.688{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmidecode.md5sums--- 23542300x800000000000000044463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.693{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcryptsetup12:amd64.list--- 23542300x800000000000000044464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.695{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libselinux1:amd64.shlibs--- 23542300x800000000000000044465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.698{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-7-mips-linux-gnu.list--- 23542300x800000000000000044466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.701{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/procps.conffiles--- 23542300x800000000000000044467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.706{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sosreport.postinst--- 23542300x800000000000000044468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.715{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libx11-6:amd64.triggers--- 23542300x800000000000000044469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.718{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-distupgrade.postinst--- 23542300x800000000000000044470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.721{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtwolame0:amd64.md5sums--- 23542300x800000000000000044471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.724{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjbig0:amd64.shlibs--- 23542300x800000000000000044472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.727{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ntfs-3g.postinst--- 23542300x800000000000000044473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.729{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debian.list--- 23542300x800000000000000044474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.732{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.0.0:amd64.md5sums--- 23542300x800000000000000044475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.735{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/parted.md5sums--- 23542300x800000000000000044476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.738{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1:amd64.list--- 23542300x800000000000000044478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.740{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.list--- 354300x800000000000000044477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.740{ec2a2542-1087-6254-d9ff-4d0400000000}1853/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-54928-false10.0.1.12-8000- 23542300x800000000000000044479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.745{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libblkid1:amd64.md5sums--- 23542300x800000000000000044480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap2:amd64.symbols--- 23542300x800000000000000044481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.752{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdrm-common.md5sums--- 23542300x800000000000000044482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.755{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwind0-heimdal:amd64.md5sums--- 23542300x800000000000000044483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.757{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-colorama.list--- 23542300x800000000000000044484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.760{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libirs160:amd64.symbols--- 23542300x800000000000000044485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.762{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/splunkforwarder.postinst--- 23542300x800000000000000044486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.764{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/less.postrm--- 23542300x800000000000000044487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.766{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libharfbuzz0b:amd64.shlibs--- 23542300x800000000000000044488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.770{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libzstd1:amd64.md5sums--- 23542300x800000000000000044489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.773{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusb-1.0-0:amd64.symbols--- 23542300x800000000000000044490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-colorama.prerm--- 23542300x800000000000000044491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip6tc0:amd64.symbols--- 23542300x800000000000000044492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.782{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.prerm--- 23542300x800000000000000044493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.784{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-notifier-common.triggers--- 23542300x800000000000000044494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.787{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tzdata.list--- 23542300x800000000000000044495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.789{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/powershell.md5sums--- 23542300x800000000000000044496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.791{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxdamage1:amd64.shlibs--- 23542300x800000000000000044497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgomp1:amd64.list--- 23542300x800000000000000044498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-stdlib:amd64.list--- 23542300x800000000000000044499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.799{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdbus-1-3:amd64.md5sums--- 23542300x800000000000000044500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.801{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgraphite2-3:amd64.shlibs--- 23542300x800000000000000044501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.803{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libacl1:amd64.list--- 23542300x800000000000000044502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.805{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-release.postinst--- 23542300x800000000000000044503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.808{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg-wks-client.md5sums--- 23542300x800000000000000044504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.810{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmt-support.conffiles--- 23542300x800000000000000044505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.812{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb.list--- 23542300x800000000000000044506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.814{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-yaml.list--- 23542300x800000000000000044507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.816{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbluetooth3:amd64.md5sums--- 23542300x800000000000000044508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.819{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libspeex1:amd64.shlibs--- 23542300x800000000000000044509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.821{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-arm.md5sums--- 23542300x800000000000000044510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.824{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tcpdump.md5sums--- 23542300x800000000000000044511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.826{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libheimbase1-heimdal:amd64.triggers--- 23542300x800000000000000044512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.828{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyajl2:amd64.triggers--- 23542300x800000000000000044513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.831{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-twisted-bin:amd64.list--- 23542300x800000000000000044514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.833{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jsonpatch.md5sums--- 23542300x800000000000000044515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.836{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmspack0:amd64.triggers--- 23542300x800000000000000044516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.838{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfribidi0:amd64.list--- 23542300x800000000000000044517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.841{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.postrm--- 23542300x800000000000000044518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.843{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfribidi0:amd64.triggers--- 23542300x800000000000000044519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.845{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgnutls30:amd64.triggers--- 23542300x800000000000000044520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.847{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libp11-kit0:amd64.list--- 23542300x800000000000000044521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.850{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/busybox-static.list--- 23542300x800000000000000044522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.852{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hostname.list--- 23542300x800000000000000044523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.854{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/net-tools.list--- 23542300x800000000000000044524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-user-static.postinst--- 23542300x800000000000000044525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.861{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debconf.postinst--- 23542300x800000000000000044526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.863{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tcpdump.postinst--- 23542300x800000000000000044527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.866{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pciutils.postinst--- 23542300x800000000000000044528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.868{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libibverbs1:amd64.symbols--- 23542300x800000000000000044529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.871{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdrm2:amd64.symbols--- 23542300x800000000000000044530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.873{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdns1100:amd64.symbols--- 23542300x800000000000000044531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.875{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-gfxpayload-lists.list--- 23542300x800000000000000044532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.878{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mips-linux-gnu.preinst--- 23542300x800000000000000044533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.881{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1-openssl:amd64.shlibs--- 23542300x800000000000000044534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.883{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-arm.list--- 23542300x800000000000000044535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.885{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-tiny.list--- 23542300x800000000000000044536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.888{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmspack0:amd64.shlibs--- 23542300x800000000000000044537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.890{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfontconfig1:amd64.shlibs--- 23542300x800000000000000044538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.892{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-hyperlink.prerm--- 23542300x800000000000000044539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.899{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb.postinst--- 23542300x800000000000000044540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.901{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-vm-tools.shlibs--- 23542300x800000000000000044541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.903{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-click.prerm--- 23542300x800000000000000044542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.905{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libavc1394-0:amd64.list--- 23542300x800000000000000044543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.907{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jsonschema.prerm--- 23542300x800000000000000044544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.910{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcrypt20:amd64.symbols--- 23542300x800000000000000044545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.912{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbz2-1.0:amd64.triggers--- 23542300x800000000000000044546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.916{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpm2:amd64.md5sums--- 23542300x800000000000000044547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.919{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/irqbalance.postrm--- 23542300x800000000000000044548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.922{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mlocate.postrm--- 23542300x800000000000000044549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.924{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-files.postrm--- 23542300x800000000000000044550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.927{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.conffiles--- 23542300x800000000000000044551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.929{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo-gobject2:amd64.symbols--- 23542300x800000000000000044552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.932{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-openssl.md5sums--- 23542300x800000000000000044553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.935{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-constantly.prerm--- 23542300x800000000000000044554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.938{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcom-err2:amd64.shlibs--- 23542300x800000000000000044555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.941{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip4tc0:amd64.symbols--- 23542300x800000000000000044556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.944{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblocale-gettext-perl.list--- 23542300x800000000000000044557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.946{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/run-one.md5sums--- 23542300x800000000000000044558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.949{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-passwd.postinst--- 23542300x800000000000000044559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.951{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xxd.list--- 23542300x800000000000000044560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.954{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sudo.postrm--- 23542300x800000000000000044561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.957{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sysvinit-utils.md5sums--- 23542300x800000000000000044562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.959{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-3:amd64.triggers--- 23542300x800000000000000044563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.961{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf.templates--- 23542300x800000000000000044564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.963{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-constantly.list--- 23542300x800000000000000044565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.966{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libogg0:amd64.shlibs--- 23542300x800000000000000044566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.968{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libopus0:amd64.triggers--- 23542300x800000000000000044567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.971{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/coreutils.list--- 23542300x800000000000000044568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.973{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.triggers--- 23542300x800000000000000044569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.977{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.conffiles--- 23542300x800000000000000044570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.979{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-software-properties.md5sums--- 23542300x800000000000000044571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.981{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-attr.md5sums--- 23542300x800000000000000044572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.983{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-urllib3.prerm--- 23542300x800000000000000044573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.986{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system.list--- 23542300x800000000000000044574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.988{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsb-base.preinst--- 23542300x800000000000000044575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.990{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ca-certificates.postrm--- 23542300x800000000000000044576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.994{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.triggers--- 23542300x800000000000000044577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.996{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxd.postrm--- 23542300x800000000000000044578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:09.999{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libargon2-0:amd64.symbols--- 23542300x800000000000000044579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.001{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.postrm--- 23542300x800000000000000044580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.004{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grep.list--- 23542300x800000000000000044581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.006{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libibverbs1:amd64.postinst--- 23542300x800000000000000044582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.009{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnewt0.52:amd64.postinst--- 23542300x800000000000000044583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.011{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-misc.list--- 23542300x800000000000000044584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.013{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyajl2:amd64.symbols--- 23542300x800000000000000044585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.016{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkmod2:amd64.md5sums--- 23542300x800000000000000044586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.019{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/passwd.postrm--- 23542300x800000000000000044587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.021{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.postrm--- 23542300x800000000000000044588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.023{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libstdc++6:amd64.list--- 23542300x800000000000000044589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxtables12:amd64.md5sums--- 23542300x800000000000000044590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.030{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-client.prerm--- 23542300x800000000000000044591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.032{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libperl5.26:amd64.shlibs--- 23542300x800000000000000044592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/software-properties-common.postinst--- 23542300x800000000000000044593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.039{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpdec2:amd64.triggers--- 23542300x800000000000000044594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.043{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnss3:amd64.symbols--- 23542300x800000000000000044595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.046{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/seabios.md5sums--- 23542300x800000000000000044596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.049{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxext6:amd64.shlibs--- 23542300x800000000000000044597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cryptsetup.postrm--- 23542300x800000000000000044598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.054{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.config--- 23542300x800000000000000044599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.057{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisc169:amd64.symbols--- 23542300x800000000000000044600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.059{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-passwd.postrm--- 23542300x800000000000000044601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.062{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/squashfs-tools.list--- 23542300x800000000000000044602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.065{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/login.postinst--- 23542300x800000000000000044603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.068{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ibverbs-providers:amd64.list--- 23542300x800000000000000044604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.070{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.config--- 23542300x800000000000000044605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.072{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-requests-unixsocket.list--- 23542300x800000000000000044606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.074{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libzstd1:amd64.shlibs--- 23542300x800000000000000044607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-runtime.list--- 23542300x800000000000000044608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.079{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.postrm--- 23542300x800000000000000044609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.081{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mtr-tiny.postinst--- 23542300x800000000000000044610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.084{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyajl2:amd64.shlibs--- 23542300x800000000000000044611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.086{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sosreport.prerm--- 23542300x800000000000000044612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.089{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-mipsel-linux-gnu.md5sums--- 23542300x800000000000000044613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.091{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-c3:amd64.list--- 23542300x800000000000000044614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.093{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyaml-0-2:amd64.symbols--- 23542300x800000000000000044615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.096{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-newt:amd64.md5sums--- 23542300x800000000000000044616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.099{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf.conffiles--- 23542300x800000000000000044617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.102{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth.conffiles--- 23542300x800000000000000044618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.105{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ethtool.conffiles--- 23542300x800000000000000044619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.107{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.md5sums--- 23542300x800000000000000044620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.109{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/distro-info.list--- 23542300x800000000000000044621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.112{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup-linux.preinst--- 23542300x800000000000000044622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.114{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnfnetlink0:amd64.shlibs--- 23542300x800000000000000044623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.116{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libattr1:amd64.shlibs--- 23542300x800000000000000044624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.118{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libirs160:amd64.shlibs--- 23542300x800000000000000044625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.120{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/klibc-utils.preinst--- 23542300x800000000000000044626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.123{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc-7-dev-mipsel-cross.list--- 23542300x800000000000000044627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.125{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccfg160:amd64.triggers--- 23542300x800000000000000044628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.128{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/zlib1g:amd64.symbols--- 23542300x800000000000000044629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.131{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.postrm--- 23542300x800000000000000044630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.134{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiptc0:amd64.symbols--- 23542300x800000000000000044631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.136{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmnl0:amd64.list--- 23542300x800000000000000044632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.139{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpgsm.md5sums--- 23542300x800000000000000044633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.142{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-ptyprocess.prerm--- 23542300x800000000000000044634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.144{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdns-export1100.triggers--- 23542300x800000000000000044635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.146{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dash.templates--- 23542300x800000000000000044636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.149{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhcrypto4-heimdal:amd64.triggers--- 23542300x800000000000000044637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.151{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuv1:amd64.list--- 23542300x800000000000000044638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.153{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libslang2:amd64.list--- 23542300x800000000000000044639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.155{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgudev-1.0-0:amd64.triggers--- 23542300x800000000000000044640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.157{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpixman-1-0:amd64.md5sums--- 23542300x800000000000000044641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.159{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-serial.postinst--- 23542300x800000000000000044642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.161{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules:amd64.list--- 23542300x800000000000000044643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.164{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetplan0:amd64.shlibs--- 23542300x800000000000000044644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.167{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-cffi-backend.md5sums--- 23542300x800000000000000044645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.169{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-apport.prerm--- 23542300x800000000000000044646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.171{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbsd0:amd64.md5sums--- 23542300x800000000000000044647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.174{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-glib-1.0-0:amd64.triggers--- 23542300x800000000000000044648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.176{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libavc1394-0:amd64.symbols--- 23542300x800000000000000044649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.179{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwavpack1:amd64.symbols--- 23542300x800000000000000044650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.181{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-oauthlib.md5sums--- 23542300x800000000000000044651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.183{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pam.md5sums--- 23542300x800000000000000044652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.185{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxv1:amd64.md5sums--- 23542300x800000000000000044653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.187{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xkb-data.list--- 23542300x800000000000000044654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.190{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapparmor1:amd64.triggers--- 23542300x800000000000000044655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.192{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/unattended-upgrades.config--- 23542300x800000000000000044656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.195{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools.postinst--- 23542300x800000000000000044657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.197{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblsan0:amd64.md5sums--- 23542300x800000000000000044658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.199{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/zlib1g:amd64.list--- 23542300x800000000000000044659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.201{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic1:amd64.shlibs--- 23542300x800000000000000044660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.205{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpg123-0:amd64.shlibs--- 23542300x800000000000000044661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.207{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/nano.conffiles--- 23542300x800000000000000044662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.210{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/isc-dhcp-client.list--- 23542300x800000000000000044663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.215{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxau6:amd64.list--- 23542300x800000000000000044664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.218{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus.prerm--- 23542300x800000000000000044665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.221{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/seabios.list--- 23542300x800000000000000044666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.224{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dnsmasq-base.list--- 23542300x800000000000000044667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.227{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/snapd.list--- 23542300x800000000000000044668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.230{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblsan0:amd64.symbols--- 23542300x800000000000000044669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.232{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debian-archive-keyring.preinst--- 23542300x800000000000000044670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.234{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libklibc.md5sums--- 23542300x800000000000000044671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.236{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.templates--- 23542300x800000000000000044672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.239{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1:amd64.list--- 23542300x800000000000000044673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.241{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnuma1:amd64.triggers--- 23542300x800000000000000044674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.243{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libheimntlm0-heimdal:amd64.symbols--- 23542300x800000000000000044675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.246{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapparmor1:amd64.md5sums--- 23542300x800000000000000044676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.248{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libext2fs2:amd64.shlibs--- 23542300x800000000000000044677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.250{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-block-extra:amd64.postrm--- 23542300x800000000000000044678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.254{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libacl1:amd64.md5sums--- 23542300x800000000000000044679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdbus-1-3:amd64.symbols--- 23542300x800000000000000044680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librtmp1:amd64.md5sums--- 23542300x800000000000000044681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.262{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/readline-common.md5sums--- 23542300x800000000000000044682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.265{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsqlite3-0:amd64.triggers--- 23542300x800000000000000044683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.267{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.postrm--- 23542300x800000000000000044684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.271{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcom-err2:amd64.triggers--- 23542300x800000000000000044685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.273{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libk5crypto3:amd64.md5sums--- 23542300x800000000000000044686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.275{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxtables12:amd64.list--- 23542300x800000000000000044687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.280{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jinja2.list--- 23542300x800000000000000044688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.282{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-httplib2.md5sums--- 23542300x800000000000000044689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.284{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpgconf.md5sums--- 23542300x800000000000000044690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.287{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/strace.md5sums--- 23542300x800000000000000044691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.289{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbind9-160:amd64.symbols--- 23542300x800000000000000044692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.292{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfreetype6:amd64.symbols--- 23542300x800000000000000044693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.294{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-notifier-common.list--- 23542300x800000000000000044694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.297{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuuid1:amd64.md5sums--- 23542300x800000000000000044695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.299{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-block-extra:amd64.list--- 23542300x800000000000000044696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.302{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbabeltrace1:amd64.symbols--- 23542300x800000000000000044697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.305{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiptc0:amd64.shlibs--- 23542300x800000000000000044698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.308{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/procps.prerm--- 23542300x800000000000000044699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.311{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/kmod.md5sums--- 23542300x800000000000000044700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.314{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccfg160:amd64.shlibs--- 23542300x800000000000000044701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.317{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/networkd-dispatcher.list--- 23542300x800000000000000044702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.319{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ethtool.list--- 23542300x800000000000000044703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.321{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/groff-base.conffiles--- 23542300x800000000000000044704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsystemd0:amd64.list--- 23542300x800000000000000044705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.328{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.postinst--- 23542300x800000000000000044706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.330{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnss3:amd64.list--- 23542300x800000000000000044707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.334{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.postrm--- 23542300x800000000000000044708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.337{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ca-certificates.md5sums--- 23542300x800000000000000044709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.339{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/whiptail.md5sums--- 23542300x800000000000000044710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.341{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-automat.md5sums--- 23542300x800000000000000044711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.344{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-requests.list--- 23542300x800000000000000044712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.346{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lsof.md5sums--- 23542300x800000000000000044713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.348{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5support0:amd64.symbols--- 23542300x800000000000000044714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.351{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-3:amd64.list--- 23542300x800000000000000044715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.354{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpangocairo-1.0-0:amd64.symbols--- 23542300x800000000000000044716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.356{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsqlite3-0:amd64.list--- 23542300x800000000000000044717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.359{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools-core.list--- 23542300x800000000000000044718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.361{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/login.conffiles--- 23542300x800000000000000044719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.364{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpci3:amd64.md5sums--- 23542300x800000000000000044720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.367{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1-mips-cross.shlibs--- 23542300x800000000000000044721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.370{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/udev.postinst--- 23542300x800000000000000044722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.373{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpipeline1:amd64.md5sums--- 23542300x800000000000000044723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.375{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-pkg5.0:amd64.md5sums--- 23542300x800000000000000044724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.378{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvorbis0a:amd64.shlibs--- 23542300x800000000000000044725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.380{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjpeg-turbo8:amd64.md5sums--- 23542300x800000000000000044726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.382{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-client.list--- 23542300x800000000000000044727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.385{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libutempter0:amd64.list--- 23542300x800000000000000044728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.387{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdconf1:amd64.md5sums--- 23542300x800000000000000044729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.390{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gstreamer1.0-plugins-base:amd64.md5sums--- 23542300x800000000000000044730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.393{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcaca0:amd64.shlibs--- 23542300x800000000000000044731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.395{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus.md5sums--- 23542300x800000000000000044732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.397{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-modules:amd64.list--- 23542300x800000000000000044733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.400{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/net-tools.md5sums--- 23542300x800000000000000044734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.403{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/acl.list--- 23542300x800000000000000044735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.405{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pyasn1.list--- 23542300x800000000000000044736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.407{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdrm-common.list--- 23542300x800000000000000044737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.411{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gzip.md5sums--- 23542300x800000000000000044738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.413{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-cross-base-ports.list--- 23542300x800000000000000044739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.416{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpm2:amd64.triggers--- 23542300x800000000000000044740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.418{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pyasn1-modules.postinst--- 23542300x800000000000000044741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.420{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libavc1394-0:amd64.md5sums--- 23542300x800000000000000044742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.423{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetfilter-conntrack3:amd64.list--- 23542300x800000000000000044743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.426{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/msr-tools.md5sums--- 23542300x800000000000000044744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.429{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.md5sums--- 23542300x800000000000000044745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.431{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libevent-2.1-6:amd64.md5sums--- 23542300x800000000000000044746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.434{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblvm2app2.2:amd64.md5sums--- 23542300x800000000000000044747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.436{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-c3:amd64.triggers--- 23542300x800000000000000044748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.439{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/unattended-upgrades.postinst--- 23542300x800000000000000044749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.442{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn11:amd64.list--- 23542300x800000000000000044750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.445{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-backend-1-0:amd64.list--- 23542300x800000000000000044751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.447{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblwres160:amd64.md5sums--- 23542300x800000000000000044752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.450{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc-7-dev-mipsel-cross.md5sums--- 23542300x800000000000000044753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.452{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzma5:amd64.symbols--- 23542300x800000000000000044754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cryptsetup.md5sums--- 23542300x800000000000000044755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.457{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxext6:amd64.list--- 23542300x800000000000000044756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.460{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gir1.2-glib-2.0:amd64.md5sums--- 23542300x800000000000000044757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.463{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-gdbm:amd64.list--- 23542300x800000000000000044758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xdg-user-dirs.list--- 23542300x800000000000000044759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.469{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpg-error0:amd64.md5sums--- 23542300x800000000000000044760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.472{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/overlayroot.list--- 23542300x800000000000000044761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.474{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-client.postrm--- 23542300x800000000000000044762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.476{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/zlib1g:amd64.triggers--- 23542300x800000000000000044763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.479{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libheimbase1-heimdal:amd64.symbols--- 23542300x800000000000000044764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.481{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpulse0:amd64.list--- 23542300x800000000000000044765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.484{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.list--- 23542300x800000000000000044766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.486{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ibverbs-providers:amd64.md5sums--- 23542300x800000000000000044767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.489{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-click.list--- 23542300x800000000000000044768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.491{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/btrfs-progs.list--- 23542300x800000000000000044769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.493{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xz-utils.prerm--- 23542300x800000000000000044770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.496{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.md5sums--- 23542300x800000000000000044771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.499{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxcfs.md5sums--- 23542300x800000000000000044772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.502{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim.md5sums--- 23542300x800000000000000044773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.505{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/locales.list--- 23542300x800000000000000044774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.507{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libidn2-0:amd64.list--- 23542300x800000000000000044775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.510{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb.postrm--- 23542300x800000000000000044776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.512{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgomp1:amd64.md5sums--- 23542300x800000000000000044777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.516{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.prerm--- 23542300x800000000000000044778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.518{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-json-pointer.postrm--- 23542300x800000000000000044779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.521{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/command-not-found.list--- 23542300x800000000000000044780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.523{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-cryptography.postinst--- 23542300x800000000000000044781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.526{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-initramfs-copymods.md5sums--- 23542300x800000000000000044782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.529{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfribidi0:amd64.md5sums--- 23542300x800000000000000044783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.531{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpng16-16:amd64.triggers--- 23542300x800000000000000044784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.534{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzma5:amd64.shlibs--- 23542300x800000000000000044785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.537{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbsd0:amd64.symbols--- 23542300x800000000000000044786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.540{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic-mgc.list--- 23542300x800000000000000044787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.543{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-common.preinst--- 23542300x800000000000000044788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.546{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1-openssl:amd64.triggers--- 23542300x800000000000000044789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.549{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/at.postinst--- 23542300x800000000000000044790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.552{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system.md5sums--- 23542300x800000000000000044791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.555{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-x86.list--- 23542300x800000000000000044792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.557{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gawk.prerm--- 23542300x800000000000000044793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.561{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcryptsetup12:amd64.symbols--- 23542300x800000000000000044794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.564{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc-bin.postinst--- 23542300x800000000000000044795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.567{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/info.postinst--- 23542300x800000000000000044796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.569{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libplymouth4:amd64.md5sums--- 23542300x800000000000000044797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.572{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/shared-mime-info.triggers--- 23542300x800000000000000044798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaudit1:amd64.shlibs--- 23542300x800000000000000044799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.577{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libelf1:amd64.triggers--- 23542300x800000000000000044800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.581{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libargon2-0:amd64.triggers--- 23542300x800000000000000044801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.584{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.list--- 23542300x800000000000000044802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.589{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libopus0:amd64.symbols--- 23542300x800000000000000044803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.592{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ucf.templates--- 23542300x800000000000000044804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.595{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1:amd64.md5sums--- 23542300x800000000000000044805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.600{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper-event1.02.1:amd64.list--- 23542300x800000000000000044806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.602{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtheora0:amd64.symbols--- 23542300x800000000000000044807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.607{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/e2fsprogs.md5sums--- 23542300x800000000000000044808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.611{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtext-wrapi18n-perl.md5sums--- 23542300x800000000000000044809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.prerm--- 23542300x800000000000000044810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.616{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.triggers--- 23542300x800000000000000044811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.620{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/perl.conffiles--- 23542300x800000000000000044812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.623{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librdmacm1:amd64.shlibs--- 23542300x800000000000000044813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.625{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-glib-1.0-0:amd64.md5sums--- 23542300x800000000000000044814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.629{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.prerm--- 23542300x800000000000000044815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.633{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-glib-1.0-common.md5sums--- 23542300x800000000000000044816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.635{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/coreutils.postrm--- 23542300x800000000000000044817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.638{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/shared-mime-info.postrm--- 23542300x800000000000000044818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.640{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaudit1:amd64.md5sums--- 23542300x800000000000000044819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.conffiles--- 23542300x800000000000000044820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.645{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.config--- 23542300x800000000000000044821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.647{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-keyring.list--- 23542300x800000000000000044822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.650{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librbd1.symbols--- 23542300x800000000000000044823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.653{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-gfxpayload-lists.postinst--- 23542300x800000000000000044824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.655{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-backend-1-0:amd64.symbols--- 23542300x800000000000000044825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.658{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhx509-5-heimdal:amd64.symbols--- 23542300x800000000000000044826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.660{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-inst2.0:amd64.triggers--- 23542300x800000000000000044827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.663{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-httplib2.postinst--- 23542300x800000000000000044828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.665{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1:amd64.triggers--- 23542300x800000000000000044829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.667{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdb-multiarch.list--- 23542300x800000000000000044830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.670{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/networkd-dispatcher.conffiles--- 23542300x800000000000000044831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.673{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcacard0:amd64.triggers--- 23542300x800000000000000044832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.678{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liborc-0.4-0:amd64.shlibs--- 23542300x800000000000000044833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.680{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libprocps6:amd64.md5sums--- 23542300x800000000000000044834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.683{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.symbols--- 23542300x800000000000000044835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.685{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ca-certificates.config--- 23542300x800000000000000044836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.687{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxext6:amd64.postrm--- 23542300x800000000000000044837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.689{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb-shm0:amd64.triggers--- 23542300x800000000000000044838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.692{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libitm1:amd64.shlibs--- 23542300x800000000000000044839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.695{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaa1:amd64.list--- 23542300x800000000000000044840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.697{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage-common.conffiles--- 23542300x800000000000000044841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.699{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-glib-1.0-0:amd64.symbols--- 23542300x800000000000000044842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.701{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/telnet.postinst--- 23542300x800000000000000044843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.703{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.prerm--- 23542300x800000000000000044844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.706{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.list--- 23542300x800000000000000044845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.709{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-update-manager.list--- 23542300x800000000000000044846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.711{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsepol1:amd64.shlibs--- 23542300x800000000000000044847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.714{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-server.md5sums--- 23542300x800000000000000044848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.716{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtag1v5:amd64.md5sums--- 23542300x800000000000000044849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.719{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline-dev:amd64.md5sums--- 23542300x800000000000000044850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.721{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libstdc++6:amd64.symbols--- 23542300x800000000000000044851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.723{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xkb-data.postinst--- 23542300x800000000000000044852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.726{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libksba8:amd64.shlibs--- 23542300x800000000000000044853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.728{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/adduser.conffiles--- 23542300x800000000000000044854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtiff5:amd64.md5sums--- 23542300x800000000000000044855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.733{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bind9-host.list--- 23542300x800000000000000044856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.735{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpx2:amd64.shlibs--- 23542300x800000000000000044857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.738{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnss-systemd:amd64.shlibs--- 23542300x800000000000000044858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.740{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-image-5.4.0-1068-aws.list--- 23542300x800000000000000044859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.742{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbluetooth3:amd64.shlibs--- 23542300x800000000000000044860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.744{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdw1:amd64.list--- 23542300x800000000000000044861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.746{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpopt0:amd64.shlibs--- 23542300x800000000000000044862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.749{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusbredirparser1:amd64.triggers--- 23542300x800000000000000044863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.751{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap2-bin.md5sums--- 23542300x800000000000000044864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.754{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjack-jackd2-0:amd64.md5sums--- 23542300x800000000000000044865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.756{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libuuid1:amd64.triggers--- 23542300x800000000000000044866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.758{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblzma5:amd64.triggers--- 23542300x800000000000000044867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.760{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apport.postinst--- 23542300x800000000000000044868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.762{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetfilter-conntrack3:amd64.triggers--- 23542300x800000000000000044869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.765{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python-apt-common.list--- 23542300x800000000000000044870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.767{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/git.prerm--- 23542300x800000000000000044871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.769{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.preinst--- 23542300x800000000000000044872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.772{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnfnetlink0:amd64.md5sums--- 23542300x800000000000000044873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.774{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtsan0:amd64.list--- 23542300x800000000000000044874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libplymouth4:amd64.shlibs--- 23542300x800000000000000044875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libharfbuzz0b:amd64.triggers--- 23542300x800000000000000044876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.781{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libspice-server1:amd64.symbols--- 23542300x800000000000000044877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.783{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-serial.md5sums--- 23542300x800000000000000044878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.785{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsync.prerm--- 23542300x800000000000000044879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.788{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/zlib1g:amd64.shlibs--- 23542300x800000000000000044880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.789{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfreetype6:amd64.md5sums--- 23542300x800000000000000044881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.791{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fontconfig.postrm--- 23542300x800000000000000044882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.794{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.0.0:amd64.shlibs--- 23542300x800000000000000044883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.796{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-software-properties.prerm--- 23542300x800000000000000044884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.800{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc-bin.conffiles--- 23542300x800000000000000044885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.803{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libstdc++-7-dev:amd64.md5sums--- 23542300x800000000000000044886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.805{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mipsel-cross.symbols--- 23542300x800000000000000044887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.809{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasound2:amd64.list--- 23542300x800000000000000044888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.811{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.preinst--- 23542300x800000000000000044889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.814{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fuse.postinst--- 23542300x800000000000000044890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.816{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbz2-1.0:amd64.list--- 23542300x800000000000000044891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.818{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/keyboard-configuration.list--- 23542300x800000000000000044892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.821{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgmp10:amd64.list--- 23542300x800000000000000044893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.823{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxenstore3.0:amd64.md5sums--- 23542300x800000000000000044894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.825{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ebtables.conffiles--- 23542300x800000000000000044895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.828{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxslt1.1:amd64.list--- 23542300x800000000000000044896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.830{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.config--- 23542300x800000000000000044897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.833{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/lxcfs.list--- 23542300x800000000000000044898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.836{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.md5sums--- 23542300x800000000000000044899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.839{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-utils.list--- 23542300x800000000000000044900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.841{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsigsegv2:amd64.shlibs--- 23542300x800000000000000044901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.843{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apport.prerm--- 23542300x800000000000000044902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.845{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/psmisc.md5sums--- 23542300x800000000000000044903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.849{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.list--- 23542300x800000000000000044904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.851{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgeoip1:amd64.triggers--- 23542300x800000000000000044905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.854{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdk-pixbuf2.0-0:amd64.postrm--- 23542300x800000000000000044906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.856{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-cryptography.list--- 23542300x800000000000000044907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-headers-5.4.0-1068-aws.md5sums--- 23542300x800000000000000044908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.861{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4l-0:amd64.md5sums--- 23542300x800000000000000044909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.864{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ucf.conffiles--- 23542300x800000000000000044910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.867{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpcre3:amd64.shlibs--- 23542300x800000000000000044911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.869{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-runtime.postrm--- 23542300x800000000000000044912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.872{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjack-jackd2-0:amd64.triggers--- 23542300x800000000000000044913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.874{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dnsmasq-base.postrm--- 23542300x800000000000000044914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gdisk.md5sums--- 23542300x800000000000000044915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.879{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-systemd:amd64.md5sums--- 23542300x800000000000000044916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.882{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-blinker.list--- 23542300x800000000000000044917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.884{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pyasn1.md5sums--- 23542300x800000000000000044918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.886{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsystemd0:amd64.shlibs--- 23542300x800000000000000044919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.888{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libassuan0:amd64.md5sums--- 23542300x800000000000000044920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.891{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgraphite2-3:amd64.md5sums--- 23542300x800000000000000044921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.894{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-slof.list--- 23542300x800000000000000044922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.896{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-mips-cross.shlibs--- 23542300x800000000000000044923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.898{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-libc-dev:amd64.md5sums--- 23542300x800000000000000044924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.900{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbabeltrace1:amd64.md5sums--- 23542300x800000000000000044925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.902{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libudev1:amd64.list--- 23542300x800000000000000044926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.904{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpm2:amd64.shlibs--- 23542300x800000000000000044927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.909{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyaml-0-2:amd64.list--- 23542300x800000000000000044928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.911{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6.prerm--- 23542300x800000000000000044929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.913{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fontconfig-config.list--- 23542300x800000000000000044930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.917{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/accountsservice.conffiles--- 23542300x800000000000000044931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.922{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-sftp-server.md5sums--- 23542300x800000000000000044932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.928{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasyncns0:amd64.symbols--- 23542300x800000000000000044933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.930{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth-theme-ubuntu-text.postrm--- 23542300x800000000000000044934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.934{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libx11-data.md5sums--- 23542300x800000000000000044935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.936{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libip6tc0:amd64.list--- 23542300x800000000000000044936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.938{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmlsec1:amd64.triggers--- 23542300x800000000000000044937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.941{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/glib-networking:amd64.list--- 23542300x800000000000000044938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.944{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-asn1crypto.postinst--- 23542300x800000000000000044939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.946{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tmux.list--- 23542300x800000000000000044940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.949{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-zope.interface.postinst--- 23542300x800000000000000044941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.951{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-modules:amd64.md5sums--- 23542300x800000000000000044942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.953{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-tiny.prerm--- 23542300x800000000000000044943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.956{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-common.postrm--- 23542300x800000000000000044944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.958{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libexpat1:amd64.triggers--- 23542300x800000000000000044945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.960{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libassuan0:amd64.symbols--- 23542300x800000000000000044946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.963{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/packages-microsoft-prod.prerm--- 23542300x800000000000000044947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.966{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-netifaces.md5sums--- 23542300x800000000000000044948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.969{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.postinst--- 23542300x800000000000000044949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.972{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-inst2.0:amd64.md5sums--- 23542300x800000000000000044950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.974{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-stdlib:amd64.prerm--- 23542300x800000000000000044951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.977{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/format--- 23542300x800000000000000044952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.980{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd-sysv.md5sums--- 23542300x800000000000000044953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.982{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/curl.md5sums--- 23542300x800000000000000044954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.984{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tzdata.postinst--- 23542300x800000000000000044955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.986{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcap-ng0:amd64.md5sums--- 23542300x800000000000000044956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.990{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fonts-ubuntu-console.list--- 23542300x800000000000000044957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.992{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp.list--- 23542300x800000000000000044958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.995{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisns0:amd64.list--- 23542300x800000000000000044959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:10.998{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxfixes3:amd64.symbols--- 23542300x800000000000000044960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.000{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/diffutils.md5sums--- 23542300x800000000000000044961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.002{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf.postrm--- 23542300x800000000000000044962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.004{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxdmcp6:amd64.shlibs--- 23542300x800000000000000044963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.007{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/locales.config--- 23542300x800000000000000044964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.010{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/command-not-found.md5sums--- 23542300x800000000000000044965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.012{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-apt.md5sums--- 23542300x800000000000000044966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.014{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-mipsel-cross.list--- 23542300x800000000000000044967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.017{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt.postrm--- 23542300x800000000000000044968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.019{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apparmor.list--- 23542300x800000000000000044969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.022{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mips-cross.md5sums--- 23542300x800000000000000044970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.025{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.postrm--- 23542300x800000000000000044971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.027{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.symbols--- 23542300x800000000000000044972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.029{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mime-support.md5sums--- 23542300x800000000000000044973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.031{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-7-mips-linux-gnu.preinst--- 23542300x800000000000000044974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.034{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtiff5:amd64.triggers--- 23542300x800000000000000044975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.036{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/git.postinst--- 23542300x800000000000000044976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.038{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tmux.postinst--- 23542300x800000000000000044977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.040{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-minimal.prerm--- 23542300x800000000000000044978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.043{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpci3:amd64.shlibs--- 23542300x800000000000000044979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.046{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-minimal.md5sums--- 23542300x800000000000000044980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.048{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunwind8:amd64.shlibs--- 23542300x800000000000000044981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.051{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.preinst--- 23542300x800000000000000044982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.053{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsamplerate0:amd64.md5sums--- 23542300x800000000000000044983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.055{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsmartcols1:amd64.triggers--- 23542300x800000000000000044984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.058{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ec2-hibinit-agent.postinst--- 23542300x800000000000000044985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.061{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ethtool.md5sums--- 23542300x800000000000000044986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.063{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/locales.templates--- 23542300x800000000000000044987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.067{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpulse0:amd64.md5sums--- 23542300x800000000000000044988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.070{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librados2.list--- 23542300x800000000000000044989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.074{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/update-notifier-common.preinst--- 23542300x800000000000000044990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.076{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpx2:amd64.triggers--- 23542300x800000000000000044991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.079{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libspice-server1:amd64.list--- 23542300x800000000000000044992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.081{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.conffiles--- 23542300x800000000000000044993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.084{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdbus-1-3:amd64.list--- 23542300x800000000000000044994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.086{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-mips-linux-gnu.list--- 23542300x800000000000000044995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.088{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-service-identity.prerm--- 23542300x800000000000000044996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.091{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdbm-compat4:amd64.md5sums--- 23542300x800000000000000044997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.093{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/patch.list--- 23542300x800000000000000044998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.097{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libunistring2:amd64.symbols--- 23542300x800000000000000044999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.100{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/irqbalance.preinst--- 23542300x800000000000000045000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.102{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash-completion.postrm--- 23542300x800000000000000045001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.105{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-httplib2.prerm--- 23542300x800000000000000045002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.108{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtasn1-6:amd64.shlibs--- 23542300x800000000000000045003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.111{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.postinst--- 23542300x800000000000000045004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.114{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtiff5:amd64.list--- 23542300x800000000000000045005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.117{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sudo.list--- 23542300x800000000000000045006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.121{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage-common.list--- 23542300x800000000000000045007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.123{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfdisk1:amd64.symbols--- 23542300x800000000000000045008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.125{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmnl0:amd64.symbols--- 23542300x800000000000000045009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.128{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgirepository-1.0-1:amd64.md5sums--- 23542300x800000000000000045010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.130{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libseccomp2:amd64.shlibs--- 23542300x800000000000000045011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.132{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxen-4.9:amd64.triggers--- 23542300x800000000000000045012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.134{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-route-3-200:amd64.shlibs--- 23542300x800000000000000045013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.137{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-configobj.md5sums--- 23542300x800000000000000045014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.140{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-image-5.4.0-1068-aws.md5sums--- 23542300x800000000000000045015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.143{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-systemd.postinst--- 23542300x800000000000000045016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.145{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiec61883-0:amd64.shlibs--- 23542300x800000000000000045017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.148{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpgconf.list--- 23542300x800000000000000045018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.150{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/friendly-recovery.md5sums--- 23542300x800000000000000045019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.152{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvorbisenc2:amd64.triggers--- 23542300x800000000000000045020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.154{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiptc0:amd64.triggers--- 23542300x800000000000000045021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.156{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.shlibs--- 23542300x800000000000000045022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.158{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-pc.list--- 23542300x800000000000000045023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.161{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyajl2:amd64.md5sums--- 23542300x800000000000000045024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.164{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dirmngr.postrm--- 23542300x800000000000000045025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.166{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.triggers--- 23542300x800000000000000045026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.169{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcrypt20:amd64.shlibs--- 23542300x800000000000000045027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.171{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-passwd.preinst--- 23542300x800000000000000045028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.173{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sysmonforlinux.postrm--- 23542300x800000000000000045029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.175{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-colorama.postinst--- 23542300x800000000000000045030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.177{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-minimal.postinst--- 23542300x800000000000000045031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.180{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/git.list--- 23542300x800000000000000045032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.181{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5-3:amd64.symbols--- 23542300x800000000000000045033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.183{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsndfile1:amd64.shlibs--- 23542300x800000000000000045034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.186{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libncursesw5:amd64.list--- 23542300x800000000000000045035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.188{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-zope.interface.prerm--- 23542300x800000000000000045036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.190{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfreetype6:amd64.list--- 23542300x800000000000000045037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.193{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgpm2:amd64.symbols--- 23542300x800000000000000045038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.195{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcacard0:amd64.symbols--- 23542300x800000000000000045039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.198{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvisual-0.4-0:amd64.triggers--- 23542300x800000000000000045040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.200{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/htop.md5sums--- 23542300x800000000000000045041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.202{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ibverbs-providers:amd64.conffiles--- 23542300x800000000000000045042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.204{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpulse0:amd64.symbols--- 23542300x800000000000000045043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.207{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libk5crypto3:amd64.shlibs--- 23542300x800000000000000045044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.210{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ureadahead.postrm--- 23542300x800000000000000045045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.212{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-2:amd64.triggers--- 23542300x800000000000000045046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.214{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hibagent.prerm--- 23542300x800000000000000045047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.216{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-initramfs-dyn-netconf.postinst--- 23542300x800000000000000045048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.219{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cron.list--- 23542300x800000000000000045049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.221{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpc3:amd64.shlibs--- 23542300x800000000000000045050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.224{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bzip2.md5sums--- 23542300x800000000000000045051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.226{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libx11-6:amd64.symbols--- 23542300x800000000000000045052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.228{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/packages-microsoft-prod.md5sums--- 23542300x800000000000000045053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.230{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-minimal:amd64.prerm--- 23542300x800000000000000045054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.233{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdumbnet1:amd64.list--- 23542300x800000000000000045055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.235{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsdl1.2debian:amd64.list--- 23542300x800000000000000045056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.238{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tar.prerm--- 23542300x800000000000000045057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.240{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/language-selector-common.postrm--- 23542300x800000000000000045058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.243{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libshout3:amd64.symbols--- 23542300x800000000000000045059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.245{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/g++-7.list--- 23542300x800000000000000045060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.249{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libheimntlm0-heimdal:amd64.md5sums--- 23542300x800000000000000045061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.251{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-ppc.list--- 23542300x800000000000000045062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.254{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/logrotate.list--- 23542300x800000000000000045063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.256{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libharfbuzz0b:amd64.md5sums--- 23542300x800000000000000045064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.259{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-click.md5sums--- 23542300x800000000000000045065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.261{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-hyperlink.postinst--- 23542300x800000000000000045066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.263{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sosreport.conffiles--- 23542300x800000000000000045067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.266{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/util-linux.preinst--- 23542300x800000000000000045068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.268{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fonts-dejavu-core.conffiles--- 23542300x800000000000000045069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.270{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/netbase.postinst--- 23542300x800000000000000045070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.272{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.templates--- 23542300x800000000000000045071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.275{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/policykit-1.prerm--- 23542300x800000000000000045072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.277{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnspr4:amd64.list--- 23542300x800000000000000045073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.279{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblxc-common.postinst--- 23542300x800000000000000045074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.281{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/shared-mime-info.md5sums--- 23542300x800000000000000045075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.283{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tar.conffiles--- 23542300x800000000000000045076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.285{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/g++.list--- 23542300x800000000000000045077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.289{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxv1:amd64.shlibs--- 23542300x800000000000000045078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.291{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/sysinternalsebpf.postinst--- 23542300x800000000000000045079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.293{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-user.md5sums--- 23542300x800000000000000045080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.295{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pinentry-curses.list--- 23542300x800000000000000045081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.298{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/procps.preinst--- 23542300x800000000000000045082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.300{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-yaml.prerm--- 23542300x800000000000000045083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.303{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.postinst--- 23542300x800000000000000045084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.305{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/accountsservice.postinst--- 23542300x800000000000000045085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.308{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatomic1-mipsel-cross.md5sums--- 23542300x800000000000000045086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.310{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup-linux.conffiles--- 23542300x800000000000000045087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.312{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpixman-1-0:amd64.symbols--- 23542300x800000000000000045088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.315{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisns0:amd64.triggers--- 23542300x800000000000000045089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.318{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam0g:amd64.postrm--- 23542300x800000000000000045090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.320{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dbus.list--- 23542300x800000000000000045091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.322{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-route-3-200:amd64.list--- 23542300x800000000000000045092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.324{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/run-one.list--- 23542300x800000000000000045093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.327{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bc.list--- 23542300x800000000000000045094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.329{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libogg0:amd64.list--- 23542300x800000000000000045095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.331{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/openssh-client.conffiles--- 23542300x800000000000000045096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.333{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libapt-pkg5.0:amd64.triggers--- 23542300x800000000000000045097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.335{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4l-0:amd64.list--- 23542300x800000000000000045098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.337{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libibverbs1:amd64.list--- 23542300x800000000000000045099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.340{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkeyutils1:amd64.shlibs--- 23542300x800000000000000045100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.342{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjbig0:amd64.md5sums--- 23542300x800000000000000045101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.344{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-3-200:amd64.md5sums--- 23542300x800000000000000045102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.348{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libncursesw5:amd64.symbols--- 23542300x800000000000000045103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.351{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libext2fs2:amd64.list--- 23542300x800000000000000045104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.353{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpulse0:amd64.shlibs--- 23542300x800000000000000045105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.355{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-iscsi.preinst--- 23542300x800000000000000045106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.357{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc-7-mips-linux-gnu-base:amd64.list--- 23542300x800000000000000045107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.360{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libss2:amd64.shlibs--- 23542300x800000000000000045108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.361{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpg123-0:amd64.list--- 23542300x800000000000000045109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.364{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgomp1:amd64.symbols--- 23542300x800000000000000045110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.367{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaa1:amd64.triggers--- 23542300x800000000000000045111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.370{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/klibc-utils.md5sums--- 23542300x800000000000000045112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.372{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/plymouth-theme-ubuntu-text.md5sums--- 23542300x800000000000000045113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.374{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/udev.md5sums--- 23542300x800000000000000045114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.377{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.postrm--- 23542300x800000000000000045115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.379{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ufw.md5sums--- 23542300x800000000000000045116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.381{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgcc1-mips-cross.symbols--- 23542300x800000000000000045117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.383{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-base.list--- 23542300x800000000000000045118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.385{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsasl2-modules:amd64.conffiles--- 23542300x800000000000000045119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.387{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gpg.md5sums--- 23542300x800000000000000045120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.389{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/squashfs-tools.md5sums--- 23542300x800000000000000045121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.392{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libestr0:amd64.triggers--- 23542300x800000000000000045122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.394{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tcpdump.conffiles--- 23542300x800000000000000045123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.396{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/open-vm-tools.postrm--- 23542300x800000000000000045124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.398{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvpx5:amd64.triggers--- 23542300x800000000000000045125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.400{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/klibc-utils.list--- 23542300x800000000000000045126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.402{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-base.postinst--- 23542300x800000000000000045127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.404{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ntfs-3g.triggers--- 23542300x800000000000000045128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.406{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblvm2cmd2.02:amd64.shlibs--- 23542300x800000000000000045129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.408{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcairo2:amd64.md5sums--- 23542300x800000000000000045130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.411{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtinfo5:amd64.triggers--- 23542300x800000000000000045131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.413{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper1.02.1:amd64.shlibs--- 23542300x800000000000000045132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.415{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libperl5.26:amd64.md5sums--- 23542300x800000000000000045133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.417{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libogg0:amd64.md5sums--- 23542300x800000000000000045134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.419{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhogweed4:amd64.shlibs--- 23542300x800000000000000045135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.422{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dpkg.md5sums--- 23542300x800000000000000045136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.424{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper1.02.1:amd64.triggers--- 23542300x800000000000000045137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.427{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libffi6:amd64.triggers--- 23542300x800000000000000045138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.429{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libksba8:amd64.triggers--- 23542300x800000000000000045139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.431{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-glib-1.0-0:amd64.shlibs--- 23542300x800000000000000045140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.433{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/tzdata.md5sums--- 23542300x800000000000000045141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.435{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic-mgc.md5sums--- 23542300x800000000000000045142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.438{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/acl.md5sums--- 23542300x800000000000000045143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.440{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/at.conffiles--- 23542300x800000000000000045144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.442{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/irqbalance.conffiles--- 23542300x800000000000000045145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.445{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-debian.postinst--- 23542300x800000000000000045146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.449{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mtr-tiny.list--- 23542300x800000000000000045147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.451{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libntfs-3g88.triggers--- 23542300x800000000000000045148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.453{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsyslog.postrm--- 23542300x800000000000000045149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.455{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libutempter0:amd64.shlibs--- 23542300x800000000000000045150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.457{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ureadahead.postinst--- 23542300x800000000000000045151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.459{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-openssl.list--- 23542300x800000000000000045152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.462{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtag1v5-vanilla:amd64.shlibs--- 23542300x800000000000000045153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.464{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtag1v5-vanilla:amd64.symbols--- 23542300x800000000000000045154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.466{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsemanage1:amd64.shlibs--- 23542300x800000000000000045155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.469{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-dbus.list--- 23542300x800000000000000045156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.471{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ca-certificates.postinst--- 23542300x800000000000000045157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.473{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpopt0:amd64.list--- 23542300x800000000000000045158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.475{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cloud-init.preinst--- 23542300x800000000000000045159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.477{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libraw1394-11:amd64.list--- 23542300x800000000000000045160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.480{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpu-checker.md5sums--- 23542300x800000000000000045161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.481{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dirmngr.preinst--- 23542300x800000000000000045162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.484{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.md5sums--- 23542300x800000000000000045163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.486{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisccc160:amd64.shlibs--- 23542300x800000000000000045164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.488{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6:amd64.md5sums--- 23542300x800000000000000045165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.492{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librbd1.triggers--- 23542300x800000000000000045166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.495{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ncurses-term.list--- 23542300x800000000000000045167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.498{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-commandnotfound.md5sums--- 23542300x800000000000000045168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.500{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-ptyprocess.postinst--- 23542300x800000000000000045169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.502{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwavpack1:amd64.list--- 23542300x800000000000000045170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.504{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libasan4:amd64.shlibs--- 23542300x800000000000000045171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.507{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librdmacm1:amd64.triggers--- 23542300x800000000000000045172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.509{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libtwolame0:amd64.list--- 23542300x800000000000000045173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.511{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkeyutils1:amd64.triggers--- 23542300x800000000000000045174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.514{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnewt0.52:amd64.triggers--- 23542300x800000000000000045175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.516{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhx509-5-heimdal:amd64.triggers--- 23542300x800000000000000045176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.519{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libhx509-5-heimdal:amd64.list--- 23542300x800000000000000045177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.522{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dpkg.conffiles--- 23542300x800000000000000045178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.525{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnetplan0:amd64.symbols--- 23542300x800000000000000045179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.527{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/motd-news-config.md5sums--- 23542300x800000000000000045180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.529{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblz4-1:amd64.shlibs--- 23542300x800000000000000045181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.532{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4lconvert0:amd64.shlibs--- 23542300x800000000000000045182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.535{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxslt1.1:amd64.shlibs--- 23542300x800000000000000045183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.537{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/screen.prerm--- 23542300x800000000000000045184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.540{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/accountsservice.list--- 23542300x800000000000000045185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.543{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-blinker.prerm--- 23542300x800000000000000045186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.545{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/hdparm.postinst--- 23542300x800000000000000045187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.549{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libplymouth4:amd64.list--- 23542300x800000000000000045188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.551{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-minimal.list--- 23542300x800000000000000045189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.553{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsndfile1:amd64.list--- 23542300x800000000000000045190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.557{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libc6-dev-mipsel-cross.md5sums--- 23542300x800000000000000045191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.559{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsystemd0:amd64.triggers--- 23542300x800000000000000045192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.561{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pciutils.md5sums--- 23542300x800000000000000045193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.564{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxmuu1:amd64.triggers--- 23542300x800000000000000045194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.566{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/init-system-helpers.list--- 23542300x800000000000000045195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.569{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisns0:amd64.md5sums--- 23542300x800000000000000045196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.571{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgudev-1.0-0:amd64.md5sums--- 23542300x800000000000000045197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.573{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dirmngr.list--- 23542300x800000000000000045198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.575{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdatrie1:amd64.list--- 23542300x800000000000000045199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.578{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libwrap0:amd64.md5sums--- 23542300x800000000000000045200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.580{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmagic1:amd64.conffiles--- 23542300x800000000000000045201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.582{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/eject.list--- 23542300x800000000000000045202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.585{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-runtime.preinst--- 23542300x800000000000000045203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.588{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/eject.md5sums--- 23542300x800000000000000045204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.590{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libflac8:amd64.triggers--- 23542300x800000000000000045205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.594{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblocale-gettext-perl.md5sums--- 23542300x800000000000000045206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.596{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/fuse.list--- 23542300x800000000000000045207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.598{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.preinst--- 23542300x800000000000000045208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.601{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dash.md5sums--- 23542300x800000000000000045209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.603{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd-sysv.list--- 23542300x800000000000000045210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.605{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-sparc.list--- 23542300x800000000000000045211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.608{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-7.md5sums--- 23542300x800000000000000045212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.610{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-agent-1-0:amd64.list--- 23542300x800000000000000045213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.613{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpolkit-gobject-1-0:amd64.triggers--- 23542300x800000000000000045214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.615{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pinentry-curses.prerm--- 23542300x800000000000000045215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.617{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline5:amd64.triggers--- 23542300x800000000000000045216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.619{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libprocps6:amd64.triggers--- 23542300x800000000000000045217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.621{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/overlayroot.postrm--- 23542300x800000000000000045218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.624{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpio.prerm--- 23542300x800000000000000045219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.626{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/shared-mime-info.postinst--- 23542300x800000000000000045220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.628{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash.list--- 23542300x800000000000000045221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.631{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ssh-import-id.prerm--- 23542300x800000000000000045222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.633{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdbus-1-3:amd64.triggers--- 23542300x800000000000000045223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.635{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/grub-common.postinst--- 23542300x800000000000000045224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.639{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/btrfs-tools.list--- 23542300x800000000000000045225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.641{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/cpp-mipsel-linux-gnu.list--- 23542300x800000000000000045226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.643{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/util-linux.conffiles--- 23542300x800000000000000045227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.645{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsync.list--- 23542300x800000000000000045228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.647{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/binfmt-support.preinst--- 23542300x800000000000000045229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.650{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/base-passwd.list--- 23542300x800000000000000045230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.652{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libvorbis0a:amd64.triggers--- 23542300x800000000000000045231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.655{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/uuid-runtime.postinst--- 23542300x800000000000000045232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.657{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libv4l-0:amd64.shlibs--- 23542300x800000000000000045233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.659{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libyaml-0-2:amd64.md5sums--- 23542300x800000000000000045234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.661{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gir1.2-glib-2.0:amd64.list--- 23542300x800000000000000045235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.664{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/byobu.list--- 23542300x800000000000000045236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.666{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxdamage1:amd64.md5sums--- 23542300x800000000000000045237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.668{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/rsync.md5sums--- 23542300x800000000000000045238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.671{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pexpect.prerm--- 23542300x800000000000000045239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.673{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.md5sums--- 23542300x800000000000000045240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.675{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3-stdlib:amd64.md5sums--- 23542300x800000000000000045241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.678{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libffi6:amd64.list--- 23542300x800000000000000045242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.682{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libatm1:amd64.symbols--- 23542300x800000000000000045243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.685{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpci3:amd64.triggers--- 23542300x800000000000000045244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.688{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpam-modules:amd64.postrm--- 23542300x800000000000000045245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.690{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpangocairo-1.0-0:amd64.list--- 23542300x800000000000000045246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.695{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/librtmp1:amd64.triggers--- 23542300x800000000000000045247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.698{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcaca0:amd64.md5sums--- 23542300x800000000000000045248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.700{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/console-setup.postinst--- 23542300x800000000000000045249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.703{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline7:amd64.list--- 23542300x800000000000000045250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.705{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpixman-1-0:amd64.list--- 23542300x800000000000000045251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.708{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-minimal.list--- 23542300x800000000000000045252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.711{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/command-not-found.conffiles--- 23542300x800000000000000045253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.713{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dmsetup.postinst--- 23542300x800000000000000045254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.716{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ubuntu-advantage-tools.postrm--- 23542300x800000000000000045255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.720{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/g++.md5sums--- 23542300x800000000000000045256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.723{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/pollinate.conffiles--- 23542300x800000000000000045257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.725{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdevmapper1.02.1:amd64.list--- 23542300x800000000000000045258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.728{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debian-archive-keyring.md5sums--- 23542300x800000000000000045259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.730{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libk5crypto3:amd64.list--- 23542300x800000000000000045260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.732{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libldap-2.4-2:amd64.symbols--- 23542300x800000000000000045261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.735{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxcb1:amd64.triggers--- 23542300x800000000000000045262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.737{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libfastjson4:amd64.symbols--- 23542300x800000000000000045263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.740{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libgdbm-compat4:amd64.triggers--- 23542300x800000000000000045264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.743{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpython3.6-minimal:amd64.postinst--- 23542300x800000000000000045265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.745{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsmartcols1:amd64.list--- 23542300x800000000000000045266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.748{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.1:amd64.triggers--- 23542300x800000000000000045267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.750{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-json-pointer.prerm--- 23542300x800000000000000045268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.753{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mdadm.templates--- 23542300x800000000000000045269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.755{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/bash-completion.postinst--- 23542300x800000000000000045270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.757{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/debconf.config--- 23542300x800000000000000045271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.759{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libxau6:amd64.shlibs--- 23542300x800000000000000045272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.762{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/initramfs-tools-core.conffiles--- 23542300x800000000000000045273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.764{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusb-1.0-0:amd64.triggers--- 23542300x800000000000000045274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.766{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libsepol1:amd64.list--- 23542300x800000000000000045275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.769{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gettext-base.list--- 23542300x800000000000000045276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.771{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libiec61883-0:amd64.triggers--- 23542300x800000000000000045277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.774{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnghttp2-14:amd64.md5sums--- 23542300x800000000000000045278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.777{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/busybox-initramfs.md5sums--- 23542300x800000000000000045279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.779{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-blinker.md5sums--- 23542300x800000000000000045280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.781{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/gcc.md5sums--- 23542300x800000000000000045281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.783{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3.6-minimal.postinst--- 23542300x800000000000000045282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.786{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpx2:amd64.list--- 23542300x800000000000000045283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.788{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libpangocairo-1.0-0:amd64.triggers--- 23542300x800000000000000045284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.790{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnettle6:amd64.shlibs--- 23542300x800000000000000045285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.792{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/diffutils.list--- 23542300x800000000000000045286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.795{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-pkg-resources.md5sums--- 23542300x800000000000000045287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.798{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/systemd.conffiles--- 23542300x800000000000000045288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.800{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/glib-networking-services.md5sums--- 23542300x800000000000000045289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.804{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkrb5support0:amd64.list--- 23542300x800000000000000045290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.806{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbinutils:amd64.list--- 23542300x800000000000000045291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.809{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libslang2:amd64.md5sums--- 23542300x800000000000000045292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.811{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libjson-c3:amd64.symbols--- 23542300x800000000000000045293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.814{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libkmod2:amd64.shlibs--- 23542300x800000000000000045294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.816{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-apport.list--- 23542300x800000000000000045295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.819{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libattr1:amd64.md5sums--- 23542300x800000000000000045296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.822{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libcacard0:amd64.md5sums--- 23542300x800000000000000045297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.824{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/mlocate.prerm--- 23542300x800000000000000045298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.827{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusbredirparser1:amd64.list--- 23542300x800000000000000045299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.829{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libexpat1:amd64.symbols--- 23542300x800000000000000045300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.831{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libaudit-common.conffiles--- 23542300x800000000000000045301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.834{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/readline-common.postrm--- 23542300x800000000000000045302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.836{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/apt.conffiles--- 23542300x800000000000000045303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.840{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnss-systemd:amd64.list--- 23542300x800000000000000045304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.843{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/vim-runtime.list--- 23542300x800000000000000045305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.845{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdebconfclient0:amd64.list--- 23542300x800000000000000045306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.848{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/qemu-system-x86.md5sums--- 23542300x800000000000000045307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.853{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libdebconfclient0:amd64.md5sums--- 23542300x800000000000000045308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.856{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libmpfr6:amd64.md5sums--- 23542300x800000000000000045309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.858{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/liblxc-common.list--- 23542300x800000000000000045310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.860{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/xdg-user-dirs.postrm--- 23542300x800000000000000045311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.862{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/readline-common.list--- 23542300x800000000000000045312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.865{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.config--- 23542300x800000000000000045313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.867{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libusbredirparser1:amd64.md5sums--- 23542300x800000000000000045314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.871{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libreadline7:amd64.md5sums--- 23542300x800000000000000045315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.874{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/linux-modules-5.4.0-1068-aws.postinst--- 23542300x800000000000000045316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.877{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/iso-codes.list--- 23542300x800000000000000045317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.879{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libssl1.0.0:amd64.symbols--- 23542300x800000000000000045318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.881{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libbz2-1.0:amd64.shlibs--- 23542300x800000000000000045319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.885{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libisns0:amd64.shlibs--- 23542300x800000000000000045320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.887{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-jwt.md5sums--- 23542300x800000000000000045321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.890{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/uidmap.list--- 23542300x800000000000000045322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.893{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/python3-systemd.md5sums--- 23542300x800000000000000045323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.895{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/dosfstools.md5sums--- 23542300x800000000000000045324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.899{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/libnl-3-200:amd64.shlibs--- 23542300x800000000000000045325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.901{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/ntfs-3g.list--- 23542300x800000000000000045326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-7283-2022-04-11 13:20:11.903{ec2a2542-2afb-6254-12f7-2e6000000000}11255root/usr/bin/qemu-mips-static/var/lib/dpkg/info/man-db.postinst---