C45-2020-02-22-6

Indicator of Compromise (IOC)	Date Published	IOC Type
3b2f4a185951364a131c6ece1b282f7442045063f0d00562bd1c462ddc45e8e5	22/02/2020	SHA-256
478d53130c7b549c54401d4d1c8501a310e99a350846e0515ef8d416822d4ada	22/02/2020	SHA-256
4544acce7aad2dc7f8ffc93815eaea59f714552a21863a70132a742e4938a852	22/02/2020	SHA-256
433b74fd6206dcc64cdc96141263cf1fc5720f087e15ddb581b2084ba0604c1c	22/02/2020	SHA-256
47267F943F060E36604D56C8895A6EECE063D9A1	22/02/2020	SHA-1
520f5cfd75870100df9da88875a9d6aef2dae064901acf35695c7ea0d8f36410	22/02/2020	SHA-256
4e0b6052c58992f28138a28c281c4bca93f3f90c6c14ef3b88ff697c821e3f34	22/02/2020	SHA-256
65e7b497cebcd23ceb769656cc011a3cadfdd618657a0d66e14a63f94a113fcd	22/02/2020	SHA-256
4872d9c8e75aa6ad18a1272b17c617811eff6c411f181cc450a52be747fc4d20	22/02/2020	SHA-256
1A141DBFA4083406630DD9A81AD35C416F604800	22/02/2020	SHA-1
56641ea2594a21e5aa25475b295b5130e49c94c78ec42d45b1aed9cf929ea300	22/02/2020	SHA-256
954D59EAEADC36CB19A224A5DDDFA1EDCFDC49CE	22/02/2020	SHA-1
48d8d3219b405e7a7ac7e53dac401be58e50cc582d4d5a2c96eb3edab10a8920	22/02/2020	SHA-256
A5B16A7D28D2BA79A9CCFC16ED480AD75A757166	22/02/2020	SHA-1
75c38fa29ebe45c102663815d76491a566e34e404dd99088fb4257744539ed6e	22/02/2020	SHA-256
7119a1ba9e8866f9aca5360c337aa099	22/02/2020	MD5
6b1821395bbba2f70b42f963dd63772d4dc97b9dcfeb13ea592ead01587c36d2	22/02/2020	SHA-256
75E0ABB6138512271C04F85FDDDE38E4B7242EFE	22/02/2020	SHA-1
AF210C8748D77C2FF93966299D4CD49A8C722EF6	22/02/2020	SHA-1
6f416a86789e81f95138751a71006189bf6e1215d8ea2063c370862738a996a3	22/02/2020	SHA-256
7dcd176143285b60a9dda1499593d0e2	22/02/2020	MD5
78f0240b6e9c1a74546845b3d0ddfc84aecc388f8ff7d794cf80e33ae0de4c31	22/02/2020	SHA-256
B066A9B35AE0BB605431AC8740DEA2A659EED4C4	22/02/2020	SHA-1
HKCU\SOFTWARE\MICROSOFT\OFAGAS Value Name	22/02/2020	Win_Registry
0119C23D88292A0E4FEC04D5CF8629005A44E37C	22/02/2020	SHA-1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name	22/02/2020	Win_Registry
B4BBD0F7883AF46401A8F944D11D8E1698B68E3C	22/02/2020	SHA-1
D34ED774F9FDCBA938A7807BD8FB1B398C51BC81	22/02/2020	SHA-1
A2C4E53F8E58DC61E337D4CFBBDFBF5BA2825852	22/02/2020	SHA-1
HKCU\SOFTWARE\MICROSOFT\OFAGAS 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	22/02/2020	Win_Registry
8d6ac636eb8758ef5c1820e457f6f4c3	22/02/2020	MD5
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\NEMTY 4 HKCU\SOFTWARE\NEMTY Value Name	22/02/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\UNBHGOUJ Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\GOCFK Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\SYSTEM Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\GOCFK 25 HKCU\SOFTWARE\MICROSOFT\KPQL 25 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD 25 HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\C8-B0-99-0A-48-DD 1 HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD	22/02/2020	Win_Registry
HKU\.DEFAULT\CONTROL PANEL\BUSES 18 HKLM\SYSTEM\CONTROLSET001\SERVICES\random	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\KPQL Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\CONTROL PANEL\BUSES 1 HKLM\SYSTEM\CONTROLSET001\SERVICES\UNBHGOUJ 1 HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name	22/02/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\DRIVES\VOLUME	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\COOKIES Value Name	22/02/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\MOUNTPOINTS2\CPC\VOLUME	22/02/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\CERTIFICATES\75E0ABB6138512271C04F85FDDDE38E4B7242EFE Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\REMCOS-ZUXZLQ 4 HKCU\SOFTWARE\REMCOS-ZUXZLQ Value Name	22/02/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\random	22/02/2020	Win_Registry
HKCU\SOFTWARE\REMCOS-6PU1BX Value Name	22/02/2020	Win_Registry

3b2f4a185951364a131c6ece1b282f7442045063f0d00562bd1c462ddc45e8e5

22/02/2020

SHA-256

478d53130c7b549c54401d4d1c8501a310e99a350846e0515ef8d416822d4ada

22/02/2020

SHA-256

4544acce7aad2dc7f8ffc93815eaea59f714552a21863a70132a742e4938a852

22/02/2020

SHA-256

433b74fd6206dcc64cdc96141263cf1fc5720f087e15ddb581b2084ba0604c1c

22/02/2020

SHA-256

47267F943F060E36604D56C8895A6EECE063D9A1

22/02/2020

SHA-1

520f5cfd75870100df9da88875a9d6aef2dae064901acf35695c7ea0d8f36410

22/02/2020

SHA-256

4e0b6052c58992f28138a28c281c4bca93f3f90c6c14ef3b88ff697c821e3f34

22/02/2020

SHA-256

65e7b497cebcd23ceb769656cc011a3cadfdd618657a0d66e14a63f94a113fcd

22/02/2020

SHA-256

4872d9c8e75aa6ad18a1272b17c617811eff6c411f181cc450a52be747fc4d20

22/02/2020

SHA-256

1A141DBFA4083406630DD9A81AD35C416F604800

22/02/2020

SHA-1

56641ea2594a21e5aa25475b295b5130e49c94c78ec42d45b1aed9cf929ea300

22/02/2020

SHA-256

954D59EAEADC36CB19A224A5DDDFA1EDCFDC49CE

22/02/2020

SHA-1

48d8d3219b405e7a7ac7e53dac401be58e50cc582d4d5a2c96eb3edab10a8920

22/02/2020

SHA-256

A5B16A7D28D2BA79A9CCFC16ED480AD75A757166

22/02/2020

SHA-1

75c38fa29ebe45c102663815d76491a566e34e404dd99088fb4257744539ed6e

22/02/2020

SHA-256

7119a1ba9e8866f9aca5360c337aa099

22/02/2020

MD5

6b1821395bbba2f70b42f963dd63772d4dc97b9dcfeb13ea592ead01587c36d2

22/02/2020

SHA-256

75E0ABB6138512271C04F85FDDDE38E4B7242EFE

22/02/2020

SHA-1

AF210C8748D77C2FF93966299D4CD49A8C722EF6

22/02/2020

SHA-1

6f416a86789e81f95138751a71006189bf6e1215d8ea2063c370862738a996a3

22/02/2020

SHA-256

7dcd176143285b60a9dda1499593d0e2

22/02/2020

MD5

78f0240b6e9c1a74546845b3d0ddfc84aecc388f8ff7d794cf80e33ae0de4c31

22/02/2020

SHA-256

B066A9B35AE0BB605431AC8740DEA2A659EED4C4

22/02/2020

SHA-1

HKCU\SOFTWARE\MICROSOFT\OFAGAS Value Name

22/02/2020

Win_Registry

0119C23D88292A0E4FEC04D5CF8629005A44E37C

22/02/2020

SHA-1

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name

22/02/2020

Win_Registry

B4BBD0F7883AF46401A8F944D11D8E1698B68E3C

22/02/2020

SHA-1

D34ED774F9FDCBA938A7807BD8FB1B398C51BC81

22/02/2020

SHA-1

A2C4E53F8E58DC61E337D4CFBBDFBF5BA2825852

22/02/2020

SHA-1

HKCU\SOFTWARE\MICROSOFT\OFAGAS 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

22/02/2020

Win_Registry

8d6ac636eb8758ef5c1820e457f6f4c3

22/02/2020

MD5

HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\NEMTY 4 HKCU\SOFTWARE\NEMTY Value Name

22/02/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\UNBHGOUJ Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\GOCFK Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\SYSTEM Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\GOCFK 25 HKCU\SOFTWARE\MICROSOFT\KPQL 25 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD 25 HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\C8-B0-99-0A-48-DD 1 HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD

22/02/2020

Win_Registry

HKU\.DEFAULT\CONTROL PANEL\BUSES 18 HKLM\SYSTEM\CONTROLSET001\SERVICES\random

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\KPQL Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\CONTROL PANEL\BUSES 1 HKLM\SYSTEM\CONTROLSET001\SERVICES\UNBHGOUJ 1 HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name

22/02/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\DRIVES\VOLUME

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\COOKIES Value Name

22/02/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\MOUNTPOINTS2\CPC\VOLUME

22/02/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\CERTIFICATES\75E0ABB6138512271C04F85FDDDE38E4B7242EFE Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\REMCOS-ZUXZLQ 4 HKCU\SOFTWARE\REMCOS-ZUXZLQ Value Name

22/02/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\random

22/02/2020

Win_Registry

HKCU\SOFTWARE\REMCOS-6PU1BX Value Name

22/02/2020

Win_Registry

CYBER45

Threat Roundup for February 14 to February 21

C45-2020-02-22-6

Indicators of Compromise (IOC) List