C45-2020-01-18-4

Indicator of Compromise (IOC)	Date Published	IOC Type
HKCU\SOFTWARE\8B9C85CEA1B5BC95470D5B663265ABBA 1 HKCU\SOFTWARE\EE265A490F50F82D7DA78B5AFC5D4BF1 1 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN 11 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS	18/01/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\AUTOUPDATE Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name	18/01/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\E44B3D2D77E82BFAA8FBE232C3FAC08B 1 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\7E3975E4EF230D7D9195 4 HKCU\SOFTWARE\7E3975E4EF230D7D9195 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\SHORTCUTINFECTION 14 Mutexes Occurrences	18/01/2020	Win_Registry
HKCU\CONTROL PANEL\DESKTOP Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\BAC5BD34B5EC131B955ED0D6686691C0 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\FECBD0A484C99B705CF7099E6CE11887 2 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\FECBD0A484C99B705CF7099E6CE11887 Value Name	18/01/2020	Win_Registry
HKLM\BCD00000000\OBJECTS	18/01/2020	Win_Registry
HKCU\SOFTWARE\1BB40C47BEAE292B8957771D185E2963 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\3E80006ED1A558F4A4E8C67B4482A653 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\SHORTCUTINFECTION Value Name	18/01/2020	Win_Registry
HKCU\PRINTERS\DEFAULTS	18/01/2020	Win_Registry
HKCU\SOFTWARE\1BB40C47BEAE292B8957771D185E2963 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\PRINTERS\DEFAULTS 25 HKLM\BCD00000000\OBJECTS	18/01/2020	Win_Registry
HKU\S-1-5-21-2580483871-590521980-3826313501-500 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\COMMAND PROCESSOR Value Name	18/01/2020	Win_Registry
HKCU\ENVIRONMENT Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\3E80006ED1A558F4A4E8C67B4482A653 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\BAC5BD34B5EC131B955ED0D6686691C0 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\9B900E9E6A204AC0D795C328B297A541 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\EE265A490F50F82D7DA78B5AFC5D4BF1 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\8B9C85CEA1B5BC95470D5B663265ABBA Value Name	18/01/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\V1-TZEVE4 1 HKCU\SOFTWARE\V1-TZEVE4 Value Name	18/01/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\MPSSVC Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON Value Name	18/01/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\V1-TZEVE4 Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	18/01/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED Value Name	18/01/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS Value Name	18/01/2020	Win_Registry
E44B3D2D77E82BFAA8FBE232C3FAC08B	18/01/2020	MD5
HKLM\SYSTEM\CONTROLSET001\SERVICES\WUAUSERV Value Name	18/01/2020	Win_Registry
ee28203cdc477e7ad13344342ffe1e0b	18/01/2020	MD5
213668f5f21ad17f1b3d939134e17f24	18/01/2020	MD5
HKLM\SYSTEM\CONTROLSET001\SERVICES\WINDEFEND Value Name	18/01/2020	Win_Registry
2eed382eb0cd52422d5fda835a5d88b5	18/01/2020	MD5
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM Value Name	18/01/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSCSVC Value Name	18/01/2020	Win_Registry
FECBD0A484C99B705CF7099E6CE11887	18/01/2020	MD5
dbe70bc52631c4df155a4a1a865cf25d	18/01/2020	MD5
e44b3d2d77e82bfaa8fbe232c3fac08b	18/01/2020	MD5
fecbd0a484c99b705cf7099e6ce11887	18/01/2020	MD5

HKCU\SOFTWARE\8B9C85CEA1B5BC95470D5B663265ABBA 1 HKCU\SOFTWARE\EE265A490F50F82D7DA78B5AFC5D4BF1 1 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN 11 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS

18/01/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\AUTOUPDATE Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name

18/01/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\E44B3D2D77E82BFAA8FBE232C3FAC08B 1 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\7E3975E4EF230D7D9195 4 HKCU\SOFTWARE\7E3975E4EF230D7D9195 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\SHORTCUTINFECTION 14 Mutexes Occurrences

18/01/2020

Win_Registry

HKCU\CONTROL PANEL\DESKTOP Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\BAC5BD34B5EC131B955ED0D6686691C0 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\FECBD0A484C99B705CF7099E6CE11887 2 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\FECBD0A484C99B705CF7099E6CE11887 Value Name

18/01/2020

Win_Registry

HKLM\BCD00000000\OBJECTS

18/01/2020

Win_Registry

HKCU\SOFTWARE\1BB40C47BEAE292B8957771D185E2963 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\3E80006ED1A558F4A4E8C67B4482A653 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\SHORTCUTINFECTION Value Name

18/01/2020

Win_Registry

HKCU\PRINTERS\DEFAULTS

18/01/2020

Win_Registry

HKCU\SOFTWARE\1BB40C47BEAE292B8957771D185E2963 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\PRINTERS\DEFAULTS 25 HKLM\BCD00000000\OBJECTS

18/01/2020

Win_Registry

HKU\S-1-5-21-2580483871-590521980-3826313501-500 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\COMMAND PROCESSOR Value Name

18/01/2020

Win_Registry

HKCU\ENVIRONMENT Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\3E80006ED1A558F4A4E8C67B4482A653 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\BAC5BD34B5EC131B955ED0D6686691C0 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\9B900E9E6A204AC0D795C328B297A541 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\EE265A490F50F82D7DA78B5AFC5D4BF1 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\8B9C85CEA1B5BC95470D5B663265ABBA Value Name

18/01/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\V1-TZEVE4 1 HKCU\SOFTWARE\V1-TZEVE4 Value Name

18/01/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\MPSSVC Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON Value Name

18/01/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\V1-TZEVE4 Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

18/01/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED Value Name

18/01/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS Value Name

18/01/2020

Win_Registry

E44B3D2D77E82BFAA8FBE232C3FAC08B

18/01/2020

MD5

HKLM\SYSTEM\CONTROLSET001\SERVICES\WUAUSERV Value Name

18/01/2020

Win_Registry

ee28203cdc477e7ad13344342ffe1e0b

18/01/2020

MD5

213668f5f21ad17f1b3d939134e17f24

18/01/2020

MD5

HKLM\SYSTEM\CONTROLSET001\SERVICES\WINDEFEND Value Name

18/01/2020

Win_Registry

2eed382eb0cd52422d5fda835a5d88b5

18/01/2020

MD5

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM Value Name

18/01/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\WSCSVC Value Name

18/01/2020

Win_Registry

FECBD0A484C99B705CF7099E6CE11887

18/01/2020

MD5

dbe70bc52631c4df155a4a1a865cf25d

18/01/2020

MD5

e44b3d2d77e82bfaa8fbe232c3fac08b

18/01/2020

MD5

fecbd0a484c99b705cf7099e6ce11887

18/01/2020

MD5

CYBER45

Threat Roundup for January 10 to January 17

C45-2020-01-18-4

Indicators of Compromise (IOC) List