C45-2021-07-17-9

Indicator of Compromise (IOC)	Date Published	IOC Type
24777db799ccab939742b405de8cd3a371090b609ff13617508cf8ca11605e3a	17/07/2021	SHA-256
5648521BBE38B9788AB349E9232C1AB654FD1102	17/07/2021	SHA-1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM 24 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\CURRENTVERSION\EXPLORERN 24 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	17/07/2021	Win_Registry
8AE738634DC65D6F98BC08191C57D05F5758B3FA	17/07/2021	SHA-1
524B500CCA29D0C6B2B9C487658AA84E4934B9F9	17/07/2021	SHA-1
HKCU\SOFTWARE\	17/07/2021	Win_Registry
d6100a3d983ed3af8c27aca8303b0d48b14f1db3729c3458051e1b4b7e5a85b5	17/07/2021	SHA-256
311a9e4018c274e4fee4f648f486c9d05c4e9f6de93f3df1addacc439b0abb85	17/07/2021	SHA-256
HKLM\SOFTWARE\CLASSES\CLSID	17/07/2021	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN Value Name	17/07/2021	Win_Registry
5c8d84a555aca0b585540277b95902121ec1b6ab08fbfb6171f8efafb2e0c134	17/07/2021	SHA-256
395163a9dff2e38a9e2fcc6993f652d500d8b4cc144e98901141fba92c9953c4	17/07/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\ZSGMLTZO 17 HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS Value Name	17/07/2021	Win_Registry
03db55bf7eb28942620d95b01a4d7581489d822544c0afdd24893a683b13d737	17/07/2021	SHA-256
4f6c2f4aa94bd6ce1311440e5ff3b70b1dd735269191cce1b6c646ecfc5c0847	17/07/2021	SHA-256
982d9137306728f245c523ad6ce4b2894491e3b9c71d82bfc012d243077adfed	17/07/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\FAX Value Name	17/07/2021	Win_Registry
44e3864b868e731b33e0f6c3258af0496e367a1c94730993a78439e7bba79c83	17/07/2021	SHA-256
ce1800dd927c7e95afd4a8443939c675bffdd6d7e542e32efcebe7fe83264321	17/07/2021	SHA-256
2B9A8C67DC1B4C75448E49FE312F9FA854FD1102	17/07/2021	SHA-1
201E8A97DDFB1D5AD324645228B94C3924F9E955	17/07/2021	SHA-1
9b91db40fdea8142abe8e3b4a434027e124f3220421e47804d2ec77ee2425dbb	17/07/2021	SHA-256
972507d6a5e780d3428e330fd1df06fc30d90a7a5079b5e22100a46ed4be5e99	17/07/2021	SHA-256
9752c1da9c05d90053fa554cde62f3068d25108243df093fe27c8682969c5821	17/07/2021	SHA-256
21bc5ae2c0c09d97b1b919b3515d3478f73d015d47039617c1a19c7e23e6593d	17/07/2021	SHA-256
ABCF10EB30ED5E962F5F28C6947B55F02F60953F	17/07/2021	SHA-1
185113932619e9540db60b288b329dca8be3d3141b3ca036e42a11d94e272f90	17/07/2021	SHA-256
C9E9340333EA7181CFEB4456FAFB69814606317A	17/07/2021	SHA-1
033d5ccd658339872910f9f05126c25370f15df7d7305890d0927f41ca2b7562	17/07/2021	SHA-256
ad758eb5837ecf5963931a0162b134918b137f53a6486cd1d2c1d8a915a61704	17/07/2021	SHA-256
062c68419f4f849f514a93bd32c0bf612b93789e1e8db5f45ceb710b63b0f16f	17/07/2021	SHA-256
3d3d9f11d98d0c484159bbb39935b67065940645a5be2a1c858d87e9a84eb254	17/07/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\WBENGINE Value Name	17/07/2021	Win_Registry
44b376ff80de6f475b14f2ffcf709daa50714197835bb504efb8e3b73220adbf	17/07/2021	SHA-256
00d14683fdfbad03ef22a93e8f873a4e3917fda01ea3cd6e23b8e4f93e0021a2	17/07/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\random	17/07/2021	Win_Registry
3b9ff2a7d3e13a599c77aa26b6e7671790f86dd5de1db796ac7113f7d25eeb31	17/07/2021	SHA-256
8db5854db9f3c732edc0d4ef3540b0635848abb70abdfc29049ca25dc4776f07	17/07/2021	SHA-256
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\S-1-5-21-2580483871-590521980-3826313501-500 15 HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SYSTEM Value Name	17/07/2021	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\ZSGMLTZO Value Name	17/07/2021	Win_Registry
122a04e621b147df461f23cdc10ff45d877c18a5eb97c64f3a33ff2d713c7139	17/07/2021	SHA-256
79b37f33abb6c24762b75c552ebe9e8e4a65f73d5abc87da06cf4e2a1e399bd0	17/07/2021	SHA-256
3f94634ec285d9c975b6d1ad7aae6c47c0d3f8347ae6be0a7734d3f8d67dfd87	17/07/2021	SHA-256
HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE 7 HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM 64-BIT 7 HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM 64-BIT Value Name	17/07/2021	Win_Registry
32968d9468aea7c5b3ac4c636c25320e3f29e01038ba36b062b54fb948a8c011	17/07/2021	SHA-256
1086feb2585661695e32f7bb4b4805c999e909c29c15a49fb7ada2076b66ff00	17/07/2021	SHA-256
cf593c851c53d297e846b034b5936c21f85a3baa30c15f19740addb42fed4ee5	17/07/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\WMIAPSRV Value Name	17/07/2021	Win_Registry
d18db2acffcf7dbd5d9ba8a3574b51b9d3d363dde772ab4232c4a59cf38116a5	17/07/2021	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE Value Name	17/07/2021	Win_Registry

24777db799ccab939742b405de8cd3a371090b609ff13617508cf8ca11605e3a

17/07/2021

SHA-256

5648521BBE38B9788AB349E9232C1AB654FD1102

17/07/2021

SHA-1

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM 24 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\CURRENTVERSION\EXPLORERN 24 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

17/07/2021

Win_Registry

8AE738634DC65D6F98BC08191C57D05F5758B3FA

17/07/2021

SHA-1

524B500CCA29D0C6B2B9C487658AA84E4934B9F9

17/07/2021

SHA-1

HKCU\SOFTWARE\

17/07/2021

Win_Registry

d6100a3d983ed3af8c27aca8303b0d48b14f1db3729c3458051e1b4b7e5a85b5

17/07/2021

SHA-256

311a9e4018c274e4fee4f648f486c9d05c4e9f6de93f3df1addacc439b0abb85

17/07/2021

SHA-256

HKLM\SOFTWARE\CLASSES\CLSID

17/07/2021

Win_Registry

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN Value Name

17/07/2021

Win_Registry

5c8d84a555aca0b585540277b95902121ec1b6ab08fbfb6171f8efafb2e0c134

17/07/2021

SHA-256

395163a9dff2e38a9e2fcc6993f652d500d8b4cc144e98901141fba92c9953c4

17/07/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\ZSGMLTZO 17 HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS Value Name

17/07/2021

Win_Registry

03db55bf7eb28942620d95b01a4d7581489d822544c0afdd24893a683b13d737

17/07/2021

SHA-256

4f6c2f4aa94bd6ce1311440e5ff3b70b1dd735269191cce1b6c646ecfc5c0847

17/07/2021

SHA-256

982d9137306728f245c523ad6ce4b2894491e3b9c71d82bfc012d243077adfed

17/07/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\FAX Value Name

17/07/2021

Win_Registry

44e3864b868e731b33e0f6c3258af0496e367a1c94730993a78439e7bba79c83

17/07/2021

SHA-256

ce1800dd927c7e95afd4a8443939c675bffdd6d7e542e32efcebe7fe83264321

17/07/2021

SHA-256

2B9A8C67DC1B4C75448E49FE312F9FA854FD1102

17/07/2021

SHA-1

201E8A97DDFB1D5AD324645228B94C3924F9E955

17/07/2021

SHA-1

9b91db40fdea8142abe8e3b4a434027e124f3220421e47804d2ec77ee2425dbb

17/07/2021

SHA-256

972507d6a5e780d3428e330fd1df06fc30d90a7a5079b5e22100a46ed4be5e99

17/07/2021

SHA-256

9752c1da9c05d90053fa554cde62f3068d25108243df093fe27c8682969c5821

17/07/2021

SHA-256

21bc5ae2c0c09d97b1b919b3515d3478f73d015d47039617c1a19c7e23e6593d

17/07/2021

SHA-256

ABCF10EB30ED5E962F5F28C6947B55F02F60953F

17/07/2021

SHA-1

185113932619e9540db60b288b329dca8be3d3141b3ca036e42a11d94e272f90

17/07/2021

SHA-256

C9E9340333EA7181CFEB4456FAFB69814606317A

17/07/2021

SHA-1

033d5ccd658339872910f9f05126c25370f15df7d7305890d0927f41ca2b7562

17/07/2021

SHA-256

ad758eb5837ecf5963931a0162b134918b137f53a6486cd1d2c1d8a915a61704

17/07/2021

SHA-256

062c68419f4f849f514a93bd32c0bf612b93789e1e8db5f45ceb710b63b0f16f

17/07/2021

SHA-256

3d3d9f11d98d0c484159bbb39935b67065940645a5be2a1c858d87e9a84eb254

17/07/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\WBENGINE Value Name

17/07/2021

Win_Registry

44b376ff80de6f475b14f2ffcf709daa50714197835bb504efb8e3b73220adbf

17/07/2021

SHA-256

00d14683fdfbad03ef22a93e8f873a4e3917fda01ea3cd6e23b8e4f93e0021a2

17/07/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\random

17/07/2021

Win_Registry

3b9ff2a7d3e13a599c77aa26b6e7671790f86dd5de1db796ac7113f7d25eeb31

17/07/2021

SHA-256

8db5854db9f3c732edc0d4ef3540b0635848abb70abdfc29049ca25dc4776f07

17/07/2021

SHA-256

HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\S-1-5-21-2580483871-590521980-3826313501-500 15 HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SYSTEM Value Name

17/07/2021

Win_Registry

HKLM\SYSTEM\CONTROLSET001\SERVICES\ZSGMLTZO Value Name

17/07/2021

Win_Registry

122a04e621b147df461f23cdc10ff45d877c18a5eb97c64f3a33ff2d713c7139

17/07/2021

SHA-256

79b37f33abb6c24762b75c552ebe9e8e4a65f73d5abc87da06cf4e2a1e399bd0

17/07/2021

SHA-256

3f94634ec285d9c975b6d1ad7aae6c47c0d3f8347ae6be0a7734d3f8d67dfd87

17/07/2021

SHA-256

HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE 7 HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM 64-BIT 7 HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM 64-BIT Value Name

17/07/2021

Win_Registry

32968d9468aea7c5b3ac4c636c25320e3f29e01038ba36b062b54fb948a8c011

17/07/2021

SHA-256

1086feb2585661695e32f7bb4b4805c999e909c29c15a49fb7ada2076b66ff00

17/07/2021

SHA-256

cf593c851c53d297e846b034b5936c21f85a3baa30c15f19740addb42fed4ee5

17/07/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\WMIAPSRV Value Name

17/07/2021

Win_Registry

d18db2acffcf7dbd5d9ba8a3574b51b9d3d363dde772ab4232c4a59cf38116a5

17/07/2021

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE Value Name

17/07/2021

Win_Registry

CYBER45

Threat Roundup for July 9 to July 16

C45-2021-07-17-9

Indicators of Compromise (IOC) List