C45-2021-06-05-9

Indicator of Compromise (IOC)	Date Published	IOC Type
24f54e86fe02c42f220fc4409fd27f7f4dbcbda4647e058a106b6dead9402135	05/06/2021	SHA-256
0d8b29f2057a759e3eaa90c8e5707e9e18e77591ef8eb5ab7e53da7fc340b76b	05/06/2021	SHA-256
0ddc71164c0b3c76b39d39ac8dc2af71cc46b125c8ac96b428e881023fae50f8	05/06/2021	SHA-256
364a46b4978330382b93ca177bd890594072806c863d9424637a4b59ff1e99f6	05/06/2021	SHA-256
51b8e5b10da5e56bb55b6234e750230447ffdf598069f8fbd103250e2c70559f	05/06/2021	SHA-256
9d830f4614e8a466922321311feb420bdd68b9c2caeba68898c14b025e000ed7	05/06/2021	SHA-256
2193a6e1b9cddd381f5f6f9b416d9e91c2a0d63ea2c4b1aa8b74e6da57d96f56	05/06/2021	SHA-256
3f703fc11695619e389ba9485371213a5c2ad82951786c1455779bb263d4ea74	05/06/2021	SHA-256
a7fcd14c4c7e17ba61a8a6c1fd4d12e97e24690f213bcbfa91fac2ca96a853c1	05/06/2021	SHA-256
64.106.148.71	05/06/2021	IPv4
02b6213f28193d14250876375a628037afb3e34ea572cc554cd5aab708b785ab	05/06/2021	SHA-256
22924e0f0996e5704148f8863c6e8aeb6b72e6c6abb8de3d73abb65c1d718a22	05/06/2021	SHA-256
1.1.1.1	05/06/2021	IPv4
041e050527ab3b5ea399a653047c3f9e807150a906ae9bcf003708a47b428459	05/06/2021	SHA-256
HKU\.DEFAULT\CONTROL PANEL\BUSES 26 HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name	05/06/2021	Win_Registry
eed70b7b023212cea7b7a82809e13065944f2b3e2083f85331fde2c6241ca223	05/06/2021	SHA-256
14.210.98.141	05/06/2021	IPv4
5f486e965612eff4d5f9b61609be0ca2c4141f06d61c7cfc4e5eb28354c5c02e	05/06/2021	SHA-256
3060de24eee6cc6b787542449d3dbd9776b96f2eafaf49e49fb803f8618040cd	05/06/2021	SHA-256
1ae8c1dff0378414e010a6870e4e2a4b3eb75621f613b7a35ceefb50344ae688	05/06/2021	SHA-256
0791ce41b1b0fbe8b2d29d0c9777aebc004b22f6ea59249556638129246af14b	05/06/2021	SHA-256
4d0747c6197abf5ae0aa98e9e3441e158a02382f8c751720904c1967fadc3679	05/06/2021	SHA-256
2031dc1c77f2ccc437156494e8dd33146ded7b23d9b9f1cb33c97f458920e3cb	05/06/2021	SHA-256
2348f9496633876ace4fc2fbbac7121eb914c7516201f86c386af24acc1e7373	05/06/2021	SHA-256
9fe6a93cb5ebd2b73a5b03a944d120977b6948e31ef66472811304f19c882af1	05/06/2021	SHA-256
91.203.5.144	05/06/2021	IPv4
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RELIABILITY Value Name	05/06/2021	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST Value Name	05/06/2021	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\HP5SEKDI\PARAMETERS 5 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SVCHOST Value Name	05/06/2021	Win_Registry
HKCU\SOFTWARE\MICROSOFT\KPQL Value Name	05/06/2021	Win_Registry
05aaf5534e5755e9a1ccd33f98b501996e9c95e678aca9b08b10437fd02f742b	05/06/2021	SHA-256
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN 6 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN 4 HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST 4 HKLM\SYSTEM\CONTROLSET002\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST 4 HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON Value Name	05/06/2021	Win_Registry
CF1759C4F2A8F2DB557D60E88CEBC7BF65A0B433	05/06/2021	SHA-1
2be8beca5fd09d286c1b2e42510cf33a24defa865dcd723b16864ddf3fd052bf	05/06/2021	SHA-256
20e855c43cbf7c554dff9432aefd2e093331fdf1f892800f2ae35c5d22a901d2	05/06/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\BIGBE3HE\PARAMETERS Value Name	05/06/2021	Win_Registry
121323040f99ccf614075afeed2035d14b052f7df73f90499d11f0b78aeef7d9	05/06/2021	SHA-256
1d98184acc9c185e3d95774d5986a39b967ce6c86fa8ac92c2592bd406910741	05/06/2021	SHA-256
7d397c9648504c6a93e599503df9b918da31c6d4ad5d53a4319078418c9b7052	05/06/2021	SHA-256
27c55e598c8fd51fd55900fe32031d3a1067966337de9f55c68aa6dfefb5ab6b	05/06/2021	SHA-256
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS Value Name	05/06/2021	Win_Registry
1f3384e9df8a653593c662e5b293968c7271beef6daa49604eb3fd8b2a14d94b	05/06/2021	SHA-256
HKCU\SOFTWARE\MICROSOFT\OFFICE\16.0 14 HKLM\SOFTWARE\MICROSOFT\OFFICE\COMMON Value Name	05/06/2021	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name	05/06/2021	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS	05/06/2021	Win_Registry
c443cb8103e30dd20263a04864693e3e5b8c7bad43505a9a06cca3284fcf7a69	05/06/2021	SHA-256
11a312998a917f6f398cfae1c43c493fa43cc850f858fb5cf0c5510f82ced622	05/06/2021	SHA-256
fe21a1fa1a0e2eaddb2c0bf1eb324c9ba188387ceb75b81a6074258c7a789aee	05/06/2021	SHA-256
213f22d557d98f23b8573623ac42bb3ab0d9609bd2e90ddc2f66c8f8d712239e	05/06/2021	SHA-256
249d80e8dfbb29e545d50980ea31afad50f96ed8d94095e628cd90980a77089b	05/06/2021	SHA-256

24f54e86fe02c42f220fc4409fd27f7f4dbcbda4647e058a106b6dead9402135

05/06/2021

SHA-256

0d8b29f2057a759e3eaa90c8e5707e9e18e77591ef8eb5ab7e53da7fc340b76b

05/06/2021

SHA-256

0ddc71164c0b3c76b39d39ac8dc2af71cc46b125c8ac96b428e881023fae50f8

05/06/2021

SHA-256

364a46b4978330382b93ca177bd890594072806c863d9424637a4b59ff1e99f6

05/06/2021

SHA-256

51b8e5b10da5e56bb55b6234e750230447ffdf598069f8fbd103250e2c70559f

05/06/2021

SHA-256

9d830f4614e8a466922321311feb420bdd68b9c2caeba68898c14b025e000ed7

05/06/2021

SHA-256

2193a6e1b9cddd381f5f6f9b416d9e91c2a0d63ea2c4b1aa8b74e6da57d96f56

05/06/2021

SHA-256

3f703fc11695619e389ba9485371213a5c2ad82951786c1455779bb263d4ea74

05/06/2021

SHA-256

a7fcd14c4c7e17ba61a8a6c1fd4d12e97e24690f213bcbfa91fac2ca96a853c1

05/06/2021

SHA-256

64.106.148.71

05/06/2021

IPv4

02b6213f28193d14250876375a628037afb3e34ea572cc554cd5aab708b785ab

05/06/2021

SHA-256

22924e0f0996e5704148f8863c6e8aeb6b72e6c6abb8de3d73abb65c1d718a22

05/06/2021

SHA-256

1.1.1.1

05/06/2021

IPv4

041e050527ab3b5ea399a653047c3f9e807150a906ae9bcf003708a47b428459

05/06/2021

SHA-256

HKU\.DEFAULT\CONTROL PANEL\BUSES 26 HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name

05/06/2021

Win_Registry

eed70b7b023212cea7b7a82809e13065944f2b3e2083f85331fde2c6241ca223

05/06/2021

SHA-256

14.210.98.141

05/06/2021

IPv4

5f486e965612eff4d5f9b61609be0ca2c4141f06d61c7cfc4e5eb28354c5c02e

05/06/2021

SHA-256

3060de24eee6cc6b787542449d3dbd9776b96f2eafaf49e49fb803f8618040cd

05/06/2021

SHA-256

1ae8c1dff0378414e010a6870e4e2a4b3eb75621f613b7a35ceefb50344ae688

05/06/2021

SHA-256

0791ce41b1b0fbe8b2d29d0c9777aebc004b22f6ea59249556638129246af14b

05/06/2021

SHA-256

4d0747c6197abf5ae0aa98e9e3441e158a02382f8c751720904c1967fadc3679

05/06/2021

SHA-256

2031dc1c77f2ccc437156494e8dd33146ded7b23d9b9f1cb33c97f458920e3cb

05/06/2021

SHA-256

2348f9496633876ace4fc2fbbac7121eb914c7516201f86c386af24acc1e7373

05/06/2021

SHA-256

9fe6a93cb5ebd2b73a5b03a944d120977b6948e31ef66472811304f19c882af1

05/06/2021

SHA-256

91.203.5.144

05/06/2021

IPv4

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RELIABILITY Value Name

05/06/2021

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST Value Name

05/06/2021

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\HP5SEKDI\PARAMETERS 5 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SVCHOST Value Name

05/06/2021

Win_Registry

HKCU\SOFTWARE\MICROSOFT\KPQL Value Name

05/06/2021

Win_Registry

05aaf5534e5755e9a1ccd33f98b501996e9c95e678aca9b08b10437fd02f742b

05/06/2021

SHA-256

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN 6 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN 4 HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST 4 HKLM\SYSTEM\CONTROLSET002\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST 4 HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON Value Name

05/06/2021

Win_Registry

CF1759C4F2A8F2DB557D60E88CEBC7BF65A0B433

05/06/2021

SHA-1

2be8beca5fd09d286c1b2e42510cf33a24defa865dcd723b16864ddf3fd052bf

05/06/2021

SHA-256

20e855c43cbf7c554dff9432aefd2e093331fdf1f892800f2ae35c5d22a901d2

05/06/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\BIGBE3HE\PARAMETERS Value Name

05/06/2021

Win_Registry

121323040f99ccf614075afeed2035d14b052f7df73f90499d11f0b78aeef7d9

05/06/2021

SHA-256

1d98184acc9c185e3d95774d5986a39b967ce6c86fa8ac92c2592bd406910741

05/06/2021

SHA-256

7d397c9648504c6a93e599503df9b918da31c6d4ad5d53a4319078418c9b7052

05/06/2021

SHA-256

27c55e598c8fd51fd55900fe32031d3a1067966337de9f55c68aa6dfefb5ab6b

05/06/2021

SHA-256

HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS Value Name

05/06/2021

Win_Registry

1f3384e9df8a653593c662e5b293968c7271beef6daa49604eb3fd8b2a14d94b

05/06/2021

SHA-256

HKCU\SOFTWARE\MICROSOFT\OFFICE\16.0 14 HKLM\SOFTWARE\MICROSOFT\OFFICE\COMMON Value Name

05/06/2021

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE Value Name

05/06/2021

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS

05/06/2021

Win_Registry

c443cb8103e30dd20263a04864693e3e5b8c7bad43505a9a06cca3284fcf7a69

05/06/2021

SHA-256

11a312998a917f6f398cfae1c43c493fa43cc850f858fb5cf0c5510f82ced622

05/06/2021

SHA-256

fe21a1fa1a0e2eaddb2c0bf1eb324c9ba188387ceb75b81a6074258c7a789aee

05/06/2021

SHA-256

213f22d557d98f23b8573623ac42bb3ab0d9609bd2e90ddc2f66c8f8d712239e

05/06/2021

SHA-256

249d80e8dfbb29e545d50980ea31afad50f96ed8d94095e628cd90980a77089b

05/06/2021

SHA-256

CYBER45

Threat Roundup for May 28 to June 4

C45-2021-06-05-9

Indicators of Compromise (IOC) List