C45-2020-02-22-6 2/4

Indicator of Compromise (IOC)	Date Published	IOC Type
HKCU\SOFTWARE\OSRS18HD-UKGZDR 12 HKCU\SOFTWARE\OSRS18HD-UKGZDR Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name	22/02/2020	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\REMCOS-V1R5VH 2 HKCU\SOFTWARE\REMCOS-V1R5VH Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\DRIVES\VOLUME	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\NEMTY Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\REMCOS-V1R5VH Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\REMCOS-6PU1BX 1 HKCU\SOFTWARE\REMCOS-6PU1BX Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\REMCOS-ZUXZLQ Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\CONTENT Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\HISTORY Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\C8-B0-99-0A-48-DD Value Name	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\HOMEGROUP\UISTATUSCACHE Value Name	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD	22/02/2020	Win_Registry
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\CONNECTIONS Value Name	22/02/2020	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\SCHEDULE Value Name	22/02/2020	Win_Registry
3909a29ead2eb2248f107c1352e5259d244b3eda0c971b136fab7e671f63a7e2	22/02/2020	SHA-256
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS Value Name	22/02/2020	Win_Registry
17542707A3D9FA13C569450FD978272EF7070A77	22/02/2020	SHA-1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\STAGINGINFO\VOLUME	22/02/2020	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPLETS\SYSTRAY Value Name	22/02/2020	Win_Registry
32f9cec632967d84f191d9bb514409dcff9f4d8e59097e98fa72e74cbfd32ce9	22/02/2020	SHA-256
7f2e6da85f7ebb3dd066315504735c8dbcc4cdbc9c24d7d944cdeeb09df1c869	22/02/2020	SHA-256
0cfd5fcfbe7dcb0ca5d046e97815d68b7afec7562255c591efaf6e6ddff04dc3	22/02/2020	SHA-256
b1edb734e012c5b941e7e7190b23c472937b5332b9af826e5eb07a807c7f0e80	22/02/2020	SHA-256
30226cf05067f4906bec842742691778bfe2f277a3ee3ebf82ebc5a2d313806c	22/02/2020	SHA-256
e6d0a9641a275e95ed0835cc1c65f861f03e6643b99ef24bb1b1e6711fe6b31e	22/02/2020	SHA-256
2db7594e73018d54e9dca34869eed6fa7e523fd519e2cdc74a32a91d31c6a945	22/02/2020	SHA-256
25290bd54de5289d9ea3cbcbf59fefa0a7efa1743196043989029d3b1a3aa23f	22/02/2020	SHA-256
c0a687a74845e57c671768eac45588576a194f36165279f19edb22d45a595904	22/02/2020	SHA-256
2c52210a40af62a33415f9d5fc31cf4ed0c9d60d87dc97fa53db86c028b4a486	22/02/2020	SHA-256
cd9d9e7f425fbc41e1c6e12e7e9ffd0d9800aa703e690802a260f5f29837967a	22/02/2020	SHA-256
dda31fb5d2659b268d9f12541f26042e626d6162c442362b362f0eb80011c741	22/02/2020	SHA-256
188fb9f78f7b0ec6ef4ddac9d5c3e246563a9d5e4689b49c5b4be343be805be6	22/02/2020	SHA-256
1e401c8be910e4f07af2e40c1c20b25be23e896e3aef6c887bc505b4ffee805a	22/02/2020	SHA-256
ec8cc8dd06095a94275b3e3f7564dfddbcb20ce78b84da301768b0e8484482a5	22/02/2020	SHA-256
176e3815db0582a528559fcd4ac5d556d8b44354470ef7000246a7dd70e02042	22/02/2020	SHA-256
5d95754de0c3bda4841e7122b0b24bd5d949adc647735582d4e6af72274950d7	22/02/2020	SHA-256
2d5275f0deb740be06001aa53d8719db88d08426f2e5f1b44bc4626fcc9b0258	22/02/2020	SHA-256
f21bb31466c5f318f41c021fc459caf0e413f580ade991087bc499bb5fa2ffa7	22/02/2020	SHA-256
589b303963958d48a6d5aa9a506955ed04242994f1f7e36b8819463200970b21	22/02/2020	SHA-256
44033bd26650bac58f19414b2f937a3d0aebd819a145738d4d9e77a087d1b2e2	22/02/2020	SHA-256
778608ebdb66b22322989f6889668d11a5c243f540d094f834743651f847f6d3	22/02/2020	SHA-256
dc789666026dacfc446d3559c0aebeab538608668fac6645ba73591d9a4ced58	22/02/2020	SHA-256
3cfc8edcb512891aeb4241df6a800981d83c329883eaeeb265f5b555be7c85a4	22/02/2020	SHA-256
46835bd196f40e56dfeb8fbdbf1e328358e545649ce10aa580575874ffeba5b1	22/02/2020	SHA-256
2b0b69fcba2279c7c731adc17ce5e395739a4d957afe75b4dffe79a911d06834	22/02/2020	SHA-256

HKCU\SOFTWARE\OSRS18HD-UKGZDR 12 HKCU\SOFTWARE\OSRS18HD-UKGZDR Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name

22/02/2020

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\REMCOS-V1R5VH 2 HKCU\SOFTWARE\REMCOS-V1R5VH Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\DRIVES\VOLUME

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\NEMTY Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\REMCOS-V1R5VH Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\REMCOS-6PU1BX 1 HKCU\SOFTWARE\REMCOS-6PU1BX Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\REMCOS-ZUXZLQ Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\CONTENT Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\HISTORY Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\C8-B0-99-0A-48-DD Value Name

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\HOMEGROUP\UISTATUSCACHE Value Name

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD

22/02/2020

Win_Registry

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\CONNECTIONS Value Name

22/02/2020

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\SCHEDULE Value Name

22/02/2020

Win_Registry

3909a29ead2eb2248f107c1352e5259d244b3eda0c971b136fab7e671f63a7e2

22/02/2020

SHA-256

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS Value Name

22/02/2020

Win_Registry

17542707A3D9FA13C569450FD978272EF7070A77

22/02/2020

SHA-1

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\STAGINGINFO\VOLUME

22/02/2020

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPLETS\SYSTRAY Value Name

22/02/2020

Win_Registry

32f9cec632967d84f191d9bb514409dcff9f4d8e59097e98fa72e74cbfd32ce9

22/02/2020

SHA-256

7f2e6da85f7ebb3dd066315504735c8dbcc4cdbc9c24d7d944cdeeb09df1c869

22/02/2020

SHA-256

0cfd5fcfbe7dcb0ca5d046e97815d68b7afec7562255c591efaf6e6ddff04dc3

22/02/2020

SHA-256

b1edb734e012c5b941e7e7190b23c472937b5332b9af826e5eb07a807c7f0e80

22/02/2020

SHA-256

30226cf05067f4906bec842742691778bfe2f277a3ee3ebf82ebc5a2d313806c

22/02/2020

SHA-256

e6d0a9641a275e95ed0835cc1c65f861f03e6643b99ef24bb1b1e6711fe6b31e

22/02/2020

SHA-256

2db7594e73018d54e9dca34869eed6fa7e523fd519e2cdc74a32a91d31c6a945

22/02/2020

SHA-256

25290bd54de5289d9ea3cbcbf59fefa0a7efa1743196043989029d3b1a3aa23f

22/02/2020

SHA-256

c0a687a74845e57c671768eac45588576a194f36165279f19edb22d45a595904

22/02/2020

SHA-256

2c52210a40af62a33415f9d5fc31cf4ed0c9d60d87dc97fa53db86c028b4a486

22/02/2020

SHA-256

cd9d9e7f425fbc41e1c6e12e7e9ffd0d9800aa703e690802a260f5f29837967a

22/02/2020

SHA-256

dda31fb5d2659b268d9f12541f26042e626d6162c442362b362f0eb80011c741

22/02/2020

SHA-256

188fb9f78f7b0ec6ef4ddac9d5c3e246563a9d5e4689b49c5b4be343be805be6

22/02/2020

SHA-256

1e401c8be910e4f07af2e40c1c20b25be23e896e3aef6c887bc505b4ffee805a

22/02/2020

SHA-256

ec8cc8dd06095a94275b3e3f7564dfddbcb20ce78b84da301768b0e8484482a5

22/02/2020

SHA-256

176e3815db0582a528559fcd4ac5d556d8b44354470ef7000246a7dd70e02042

22/02/2020

SHA-256

5d95754de0c3bda4841e7122b0b24bd5d949adc647735582d4e6af72274950d7

22/02/2020

SHA-256

2d5275f0deb740be06001aa53d8719db88d08426f2e5f1b44bc4626fcc9b0258

22/02/2020

SHA-256

f21bb31466c5f318f41c021fc459caf0e413f580ade991087bc499bb5fa2ffa7

22/02/2020

SHA-256

589b303963958d48a6d5aa9a506955ed04242994f1f7e36b8819463200970b21

22/02/2020

SHA-256

44033bd26650bac58f19414b2f937a3d0aebd819a145738d4d9e77a087d1b2e2

22/02/2020

SHA-256

778608ebdb66b22322989f6889668d11a5c243f540d094f834743651f847f6d3

22/02/2020

SHA-256

dc789666026dacfc446d3559c0aebeab538608668fac6645ba73591d9a4ced58

22/02/2020

SHA-256

3cfc8edcb512891aeb4241df6a800981d83c329883eaeeb265f5b555be7c85a4

22/02/2020

SHA-256

46835bd196f40e56dfeb8fbdbf1e328358e545649ce10aa580575874ffeba5b1

22/02/2020

SHA-256

2b0b69fcba2279c7c731adc17ce5e395739a4d957afe75b4dffe79a911d06834

22/02/2020

SHA-256

CYBER45

Threat Roundup for February 14 to February 21

C45-2020-02-22-6

Indicators of Compromise (IOC) List