top of page
Threat Roundup for June 5 to June 12
C45-2020-06-13-3
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\REMOTE
Value Name | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSCSVC
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION
Value Name | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A696
Value Name | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\RKYEDLRG
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM
Value Name | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WINDEFEND
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A455
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A696
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A687
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126AA3F
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A33C
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126ABF3
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A2B0
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A31D
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A7BF
1
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A455
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126AA00
Value Name | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WUAUSERV
Value Name | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\MPSSVC
Value Name | 13/06/2020 | Win_Registry |
HKU\.DEFAULT\CONTROL PANEL\BUSES
8
HKLM\SYSTEM\CONTROLSET001\SERVICES\random | 13/06/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\BITS
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A7BF
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A2B0
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126AA3F
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A31D
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A33C
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\CERTIFICATES\75E0ABB6138512271C04F85FDDDE38E4B7242EFE
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE
Value Name | 13/06/2020 | Win_Registry |
HKCU\Software\Remcos-random | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\OFFICE\14.0\WORD\RESILIENCY\DOCUMENTRECOVERY\126A262
Value Name | 13/06/2020 | Win_Registry |
HKCU\ENVIRONMENT
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\GDNCOUXE
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\FVPCRRGX
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\-7AIIYS
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\PVISGDLT
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\-7AIIYS
1
HKCU\SOFTWARE\-7AIIYS
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\-CUQLRE
1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\random | 13/06/2020 | Win_Registry |
HKCR\LOCAL SETTINGS\MUICACHE\\52C64B7E
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\UFDWSBVK
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SYSTEMRESTORE
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\RISPOMLI
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\-CUQLRE
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER
Value Name | 13/06/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\CERTIFICATES\DAC9024F54D8F6DF94935FB1732638CA6AD77C13
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\XKWWBDOL
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\JGWEGPDF
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\HPVHGWUN
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\VIRQTXUO
Value Name | 13/06/2020 | Win_Registry |
HKCU\SOFTWARE\VSLNLGMM
Value Name | 13/06/2020 | Win_Registry |
99b6a34cb8ad06ca530f7bde87b957c97c1526bb70f0540eba8da58a77b7f319 | 13/06/2020 | SHA-256 |
bottom of page