C45-2022-05-21-6

Indicator of Compromise (IOC)	Date Published	IOC Type
a991e025d962160b815f69feb32e75d917ee45927924440c5161cce44965e699	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\SUPERPROSERVER Value Name	21/05/2022	Win_Registry
bbd91da105ea52d6251c733f6d1ed8ea2819f29091e5f50c6a1fc54d2d0fc4c5	21/05/2022	SHA-256
2c08d65f8d68f44346ec045c62374246c7eddcb1a1c5f3b3854b0ade90539aa9	21/05/2022	SHA-256
3b682518b8aebea0550ac3a6f7cd39425d0d44ad220e1ada46e79a40b0d848a6	21/05/2022	SHA-256
1fab85fafa3c6415b069f4221d771202da98755ae9f7a3b2f34c570d7b01b12b	21/05/2022	SHA-256
db24a3909701a11d90c3655edf5b4fffc2e73b4938f21ea705036b1446fe7440	21/05/2022	SHA-256
7131c68df5ded52136e0dd93456da13dd3cef68f5222157d20fd61b04a86f038	21/05/2022	SHA-256
25cf983f69aef35f1acf0b1555002c5877f925b03df7c312f8f904eadfbe39b8	21/05/2022	SHA-256
15576d21edf15e69d6615168d5d63b72b44142e0c0af7b5ad0fe4d04ae0a935e	21/05/2022	SHA-256
c92c7bf31bca7ff667a24e34911b94bcbe40e931b056740f010961c1bd4c6933	21/05/2022	SHA-256
901cdae9018e02b8e9fe37f6f96f6bd88d07b95f10fd6db5e506d9e1dbf3eb94	21/05/2022	SHA-256
c61c4c3ae816c6e9d9632e472bf58cf388569144390049651c438df9e8f6d792	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\random	21/05/2022	Win_Registry
a0f6abe5b1ccc020446ba72ce4b3fe4119c9967ba59f32a33251c0aa428647a8	21/05/2022	SHA-256
HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS 33 HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0 33 HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\RECENT FILE LIST 33 HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\SETTINGS 33 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS 14 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0 14 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\RECENT FILE LIST 14 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\SETTINGS 14 Mutexes Occurrences GLOBAL	21/05/2022	Win_Registry
0ec1a04906159d42df0e3c952329b732fa758a24c064ef248055bca3a9d75779	21/05/2022	SHA-256
500e5534d73659779300c88cf8d479dab0cb434037eec277ea6cefdabde44053	21/05/2022	SHA-256
4898229c51886c6a14330244e65f1f68780e971c1213a06590d649876e729dff	21/05/2022	SHA-256
13e37ac660c60a1c788db8e1f4b64175b598fdb82382263a3406af1ededb46ca	21/05/2022	SHA-256
154.16.220.209	21/05/2022	IPv4
180.215.255.141	21/05/2022	IPv4
23.62.6.161	21/05/2022	IPv4
HKLM\SYSTEM\CONTROLSET001\SERVICES\GDVNFVNF WOFWO 3 HKLM\SYSTEM\CONTROLSET001\SERVICES\GDVNFVNF WOFWO Value Name	21/05/2022	Win_Registry
785d71a9493e5e84cabaf43661912da7267a0ddd438cac6661538cf9d01cd276	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSIZJB RKWHKRGW Value Name	21/05/2022	Win_Registry
793e180a71f1a7744e655755ba0e3baac38875396421bec9469f904fbcab835e	21/05/2022	SHA-256
89d221b63d6790ebba1959667c4f47a9e563e35507b254dd6af703ee2a11f04c	21/05/2022	SHA-256
ca5b8a90bad279bcbbcbdf19403aafd6cc99fe9f19bc46cbae7f9b54295b41ff	21/05/2022	SHA-256
HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE 7 HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM 7 HKLM\SYSTEM\CONTROLSET001\SERVICES\GSKCSKB TLCTL 5 HKLM\SYSTEM\CONTROLSET001\SERVICES\GSKCSKB TLCTL Value Name	21/05/2022	Win_Registry
870cb7fd5ab94188bca9004a1a72028d5f227a11db0bea762c304c39dcf3a67a	21/05/2022	SHA-256
b74590a3e336341984fc38fea2ea801236796b6a610e5fa2f1d411f7159ec169	21/05/2022	SHA-256
8780788906312ede39dea623a3c9711d744bfacbb2410c66eae316daf150b361	21/05/2022	SHA-256
4cb0e3d4d7cf1a91f16370be66adee9084b2936d43826ba61a50789edd4021ac	21/05/2022	SHA-256
4d4ad9bd0b51be44878ad59d1d9e3fa110a629ea52305cfc2ba3e9106698ca71	21/05/2022	SHA-256
058f5c5fd0fb2cf3657e5d5911218a094c03e49c27ef55ffabbf5a4143b27d44	21/05/2022	SHA-256
a0faf0b9b2d332b765cc0e7d18e63e19b2465d4356a9c5008200c36f6d912474	21/05/2022	SHA-256
5e3c0eac1f74586b973f6f09b0e160312d51c2f8557f0f61718fd60d368edafd	21/05/2022	SHA-256
464bc95d917d9ec52420bf440a55f4099396d2af4af43d41694f30a70d00761b	21/05/2022	SHA-256
767fc2d320a39ac2a24fbc9f4deb13172776b4338561e820efea9865f33f8f8c	21/05/2022	SHA-256
2e99b07981ecf6945415b98085afdf88bd5e5a0ca74ed5021cd6ad5226cc2883	21/05/2022	SHA-256
60d81b8e4b16f86c121cc54d8a6e0303800266ae1e2abf9b2b70dce9cc6da8c8	21/05/2022	SHA-256
6f5284407cb0f4b7e2fe875294a4dbc27d7e9f7ac141285f5ab09a8102ff7dce	21/05/2022	SHA-256
4bdb55e73d8d688509059548da8fa1eb44a1719162fc8827695be6328b804121	21/05/2022	SHA-256
8a26a3adf738b1a2b3e84f323ca47928dfe93d1b635eb3a549a7d630c2871251	21/05/2022	SHA-256
bb598eedb28c42b011be6f27b0b3740cad173777c501e0fbe83306c37da6e87a	21/05/2022	SHA-256
HKU\.DEFAULT\CONTROL PANEL\BUSES 6 HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name	21/05/2022	Win_Registry
ad45540821a86dae47bf35d1cad6d78ac5bb12fb68cd0135e180a29346bce66b	21/05/2022	SHA-256
6ba48ecadd6daa7296e3d1aab5c6f9bad8d97996b6bcb2b5dfaac404bf9c8f47	21/05/2022	SHA-256
72cb744b57f3183e15da3780cbfd4411dc77b36411c1fcca65ec59e2d15713f0	21/05/2022	SHA-256
31.41.244.84	21/05/2022	IPv4
35.195.98.220	21/05/2022	IPv4
ef78da2e9386931b44c99e0136e0ae13ff3d158434dd1a0288e09119ab9d9274	21/05/2022	SHA-256
089b366e8793cbc83d91a234bd8f50fb8dfcd8e1c9d4ec12a557a5087654cb09	21/05/2022	SHA-256
2ad3eedfd800d2c4746d7f7d78cce4e25bd97e5c638e6501afe8eda66e0be654	21/05/2022	SHA-256
1632b7601eccb92cafe93b2ee1970f55c4305311165ef5088e55988aad2cf8a8	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSSQKG RCQYYDRO Value Name	21/05/2022	Win_Registry
9066a9ef24b43a9a7fc64b47315972b2048c6ec643717522e56632327775d800	21/05/2022	SHA-256
282e1666932d8debcc4ab86746e6791d49fd972582b2778062616d52a8866a96	21/05/2022	SHA-256
HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM Value Name	21/05/2022	Win_Registry
745dbcda3f3e84c1eed438ceafd129726864db1a39a33eddbc92f41bd7e5c5de	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\GDVNFVNF WOFWO Value Name	21/05/2022	Win_Registry
f395d12b196d3a6480d5056725cb834e9d2cb3aa07a15e77180225b67991709d	21/05/2022	SHA-256
64fac0ae2ed8c9e6c646a81ef171dcd078d1dbe43a55f66fa5676323b694ebe1	21/05/2022	SHA-256
83c10e8e26234eb9657cc1d3d498723dfc4ad1f26161a622acbaf008b0b794fc	21/05/2022	SHA-256
235e75a04e4622be8e18ab647a77a87a65a0b33dd0a9edf07e5ada784dc32bb5	21/05/2022	SHA-256
27b46b7de14445b26f4a8689caee861b824aeae7ea27e466a6292965043519f3	21/05/2022	SHA-256
704f3472d96b7a5ca6a31e7608ad29d5c0c331516367a6eca0ccd5ada61afdf6	21/05/2022	SHA-256
5.255.96.218	21/05/2022	IPv4
77f8d351f3f9b27c42ddd98965269e809e0b864571013240bc3f1e6c7cd51ddd	21/05/2022	SHA-256
ad80dffea369021f6234c5f95daf448972bbcfa28faeaba5ae7edb34e2e11486	21/05/2022	SHA-256
3f8ad607849adc67a227334dd99a31bd94a91d433b7266f0c816d8783a7e6c6d	21/05/2022	SHA-256
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID	21/05/2022	Win_Registry
2c0595bb1e93372bd6695f9a3b77b4166d3fa85bdb6acb427c1f327ce6c4f968	21/05/2022	SHA-256
47bef109565da06b2c0e833ca715e09dab49cc58f00e02c3e1142cab98460b3a	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSIZJB RKWHKRGW 2 HKLM\SYSTEM\CONTROLSET001\SERVICES\WSIZJB RKWHKRGW Value Name	21/05/2022	Win_Registry
7f95ea485ab69f136ebb6e7e4ae9d0522ce60cc525ee7cd634484d53ff31fdb4	21/05/2022	SHA-256
09142589a0d5714b93156097b04b4b9b0b4f3fdd562a9a936b82952e86bd7eac	21/05/2022	SHA-256
HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name	21/05/2022	Win_Registry
e48197d5206ffba045e0fbd77d64bb8fb6b3a515515ce4fa3f4ee89c9aa7faf5	21/05/2022	SHA-256
904df9175e7c173fa0d09bd57f4c038ecfa0bd438aa233807dfdc973f6f08679	21/05/2022	SHA-256
16ffb81083c9c988e526a1fd6fd8143dc21ea2f4876833ba43b64ead08ca9aee	21/05/2022	SHA-256
157.240.2.174	21/05/2022	IPv4
60.191.97.139	21/05/2022	IPv4
4afd06a5768b10729aebe3020c980c9775c30355aac961fd9da155a56f1022d5	21/05/2022	SHA-256
bf09b7d1aff22a5bc8e29bb7321a2cae0df270b109f216d1b63966ed0fc015a2	21/05/2022	SHA-256
77EC63BDA74BD0D0E0426DC8F8008506	21/05/2022	MD5
121.41.227.197	21/05/2022	IPv4
23.62.6.170	21/05/2022	IPv4
293b7655279232c282a3e7e14a6cf1b5ff1c84773df337d00dd2c140b32a4574	21/05/2022	SHA-256
668cb63fce74a7c9e705b8e7ad81c6b3d91d8325b92aee083f203a3f75e57610	21/05/2022	SHA-256
171.100.142.238	21/05/2022	IPv4
1434bdd62d628a25829701c54d20f7ba778b3c63d93f6e5764931d1091ef83e3	21/05/2022	SHA-256
3e8ea5324c39dbcb1b0ee0e2fb18f7d928e4998f53381a798955dc906e916da5	21/05/2022	SHA-256
593ecbd1773f20df0bc13d604006e0feb1a576cf3170c66807ae1f8459db1345	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\SUPERPROSERVER 3 HKLM\SYSTEM\CONTROLSET001\SERVICES\SUPERPROSERVER Value Name	21/05/2022	Win_Registry
9d1112135eee205ea776c78acd0c965d9ca00f904798f70451e6158fb14cbeac	21/05/2022	SHA-256
b57ca40eab68c52c47e979fae218dcb91cb833caeadd53538695b12f5f70c51c	21/05/2022	SHA-256
96d60053f8d2be82d6fee5348e6ceff040525c149ec6d7642edce54d0251e0a3	21/05/2022	SHA-256
956446e6fce0d16ad5ad2dfe21d6fcaa52fcda2baa7b96695d47d948bf07adcb	21/05/2022	SHA-256
148d77d752a0f883a10231c4b082a5faf76df3fae754e7d4d50f78194532b9b2	21/05/2022	SHA-256
950e59486286f7e526a33e5ee60151e09b9c6fc3091cbc354fdf9940371ee37b	21/05/2022	SHA-256
910b5935f42190d68f1a9462620f7a60eac839253267277000d61ec444766e59	21/05/2022	SHA-256
a8ef9cf1ff529a1ef9237cc04e4e12a602669e35e07a65878f073e9067236140	21/05/2022	SHA-256
860db4a765cb642a13888257692f65d600389c88d9573daffa5f0905f2bf018d	21/05/2022	SHA-256
5cb238a26bd971c6de9cb98e0132f3054ae23c2c760a3eb0ca7318f25d8d4780	21/05/2022	SHA-256
91.243.33.5	21/05/2022	IPv4
40.93.207.0	21/05/2022	IPv4
2caef31bc4acc28a419a2cc7658ea24461a442935bc63b9f90c217583a228c8c	21/05/2022	SHA-256
34.117.59.81	21/05/2022	IPv4
40ac8ee866c7c98fdb53a46358ea0f4593f22f3fffaf7dda5496d55988949913	21/05/2022	SHA-256
6004fc0133f36df0cabccdf5e17c6691514e94b57135cf626fdc9fb2ea845c8b	21/05/2022	SHA-256
a61894ebd208ba8c54e51912ec6405560931a9864aa3fd431f7df4a57eddd635	21/05/2022	SHA-256
c8b077322778bc87119ce0bce5f1db70bf6596260bc8c2f6ffd0f301fcaa2123	21/05/2022	SHA-256
HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS Value Name	21/05/2022	Win_Registry
b18fea368891dc8969a304c6b00bcd952f10295ef7cb69a3ac8981848415612c	21/05/2022	SHA-256
5.255.96.217	21/05/2022	IPv4
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	21/05/2022	Win_Registry
6994d069182e0e4e9a3336a7d0f8ccea5390938313f5585425803fd9b9f8636d	21/05/2022	SHA-256
200.127.121.99	21/05/2022	IPv4
69f5d0f6de8d57bd374bbb702ba0e1363fcf7282168eeb3a3705e420229f68de	21/05/2022	SHA-256
170.84.78.224	21/05/2022	IPv4
HKCR\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGS\159 11 HKLM\SYSTEM\SELECT Value Name	21/05/2022	Win_Registry
3aa1e8a0cd1c08cf7ef80494693362083b6fe90d51feab94fd14dd3f003cd035	21/05/2022	SHA-256
b89b656a2ce0c5f6f1a37f39b86096551eb04551bb352a651c03732d2b2b501f	21/05/2022	SHA-256
188e0c455ac511f976e8b8a86655fb2522c79f11a25372819edadecf52aa6720	21/05/2022	SHA-256
3f0e21c9807bcbe3081e0dfc1a28f15b483efe760afa382d891a97de6876f8aa	21/05/2022	SHA-256
6527e098cb2588b6ba84757886c0f740d46cf31db0c804072f7b7728f4ede080	21/05/2022	SHA-256
d5008f73d6e0a70f7e5b20848d3bcced444f8900041d9f85fda0194fa2e008c0	21/05/2022	SHA-256
127.0.0.2	21/05/2022	IPv4
0e8d746ad396f3858e609b2a0cbfd41676c01ff7283bfcb9fb5e644b0c393874	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\GSKCSKB TLCTL Value Name	21/05/2022	Win_Registry
156.240.107.214	21/05/2022	IPv4
314a9d45233b60c2a0c6e6043332cae53687b3cefbc4754db3a77e1e4bfccbb0	21/05/2022	SHA-256
5b0d9bc969fdc4d0530bbc7ce0f6dc1093e15702df5c44d1d9db982604362bef	21/05/2022	SHA-256
14b6e67caf8ff987486978a07e5e177c89a9afe87326d930438b5cc1194e7533	21/05/2022	SHA-256
dc8f108a2030ecbbf5be79df305d02839fc1192d262e20faec834a0ac9ac05f3	21/05/2022	SHA-256
156.240.106.129	21/05/2022	IPv4
36.89.85.103	21/05/2022	IPv4
185.17.123.90	21/05/2022	IPv4
259ba57d1ce1868c12144dc3fec87c8f882e201f3093048f7e933f53346b0afd	21/05/2022	SHA-256
1b97e3b2e8debc617bb89a002c5991cac51988c4864511b14832fb37b9c8f1bd	21/05/2022	SHA-256
754f5f353698ca45eceabc1a45de34de02c420155ffa7a0ccddbd04847c90882	21/05/2022	SHA-256
HKCU\SOFTWARE\ZSYS 15 HKCR\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGS\159 15 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS	21/05/2022	Win_Registry
9a69d4802add64156ce6a7fb089f106d34f5b559398caa12bc2fe223e4ea4411	21/05/2022	SHA-256
6463c1b28ff09bfd3895b958249ce7e3220ec35b5a49422219407ee5f51cd47d	21/05/2022	SHA-256
143.92.56.63	21/05/2022	IPv4
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSSQKG RCQYYDRO 7 HKLM\SYSTEM\CONTROLSET001\SERVICES\WSSQKG RCQYYDRO Value Name	21/05/2022	Win_Registry
121.100.19.18	21/05/2022	IPv4
8fb5f16416475bbcd2005098dd10d52662b870e0b3787544bb60fc2775d54f7e	21/05/2022	SHA-256
172.253.63.100	21/05/2022	IPv4
8408e4515b34e24cbfff7d9f52bae3abaee2d60c9c48d59dfeb85055cb8d02c9	21/05/2022	SHA-256
121.127.248.96	21/05/2022	IPv4
a20c4b8fdca84480e1217d4339528cbf5b25785a22f39934e49256d92e37249c	21/05/2022	SHA-256
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name	21/05/2022	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM Value Name	21/05/2022	Win_Registry
835ce5de87d80ab9a7be0449236dd1efa73a7f1dd770150224694c486257cd60	21/05/2022	SHA-256
194.5.250.175	21/05/2022	IPv4
b261d6b8833f07990a69c4f88cdd54f703f465d162a6b1c3acf95561a17890b2	21/05/2022	SHA-256
80e087b28afb0be8ec3a0f0b35aec8ef06e7d806aa7e576a4282e394244a2bc1	21/05/2022	SHA-256
291aab875adf6ae867713b06cd7e7456e395324d5de067a9e578441a39a7af3b	21/05/2022	SHA-256
2ff02aef8a9ac75bed7e7bed931dac733cd2f310d50f1596eb6eb7de0b3d5628	21/05/2022	SHA-256
ad32fffc0d98178964b5a55300f870125ad6f40dbdfe724e4f6043ae7d4945fc	21/05/2022	SHA-256
5c673d6ad74a8948bea00e8d2e5e81f22a85e2ba26a04ed94a48d68a7d263fd5	21/05/2022	SHA-256
88e3c9743f423655a60801b44e4d8783c1a444f27748a7f00e827421eb7fd6c0	21/05/2022	SHA-256
c8748a99549d45eff46cc2cd6687d257478ecad14a5a8a0436e96d48315267cf	21/05/2022	SHA-256
185.14.30.134	21/05/2022	IPv4
732a581bbd232a5eed7034c898cb0c834af01e5dbdd79cd7a241151c8d7debeb	21/05/2022	SHA-256
57f6bba7f29a365466af5dd3cd9a9f61e57543f4d83d76bef81640b3048e2cdd	21/05/2022	SHA-256
a795b3d767d5c8fa911a904d54a031f9a4d1eb4a21aa53de5b51e2a4bd101689	21/05/2022	SHA-256
HKCU\Software\random	21/05/2022	Win_Registry
183.26.161.58	21/05/2022	IPv4
8266bd94da8a881040beec0e10ee3a15a146fd8f4e0772a2fbe8903d9c8f07b5	21/05/2022	SHA-256
7e92f39c54eb42fdb0d5983d08f2bb1047e53dfc0a823f223a06cd5e3f9e51ff	21/05/2022	SHA-256
31.13.64.174	21/05/2022	IPv4
84c14436a6aa2dfd9b779c188d67d2b83d06e217f1f9756493367e1954cb4f91	21/05/2022	SHA-256
73da1601aa1fabd87a6fd5c945c4927dd68284ede0d343fed299fd2b484fbf65	21/05/2022	SHA-256
51.254.164.244	21/05/2022	IPv4
5.182.210.226	21/05/2022	IPv4
6e8229828586a2901269588bbc709cc09ad9a09342efdcac208ac636b01daf85	21/05/2022	SHA-256
fd43f3c4b33d5294c4f342fc63a0dd50449e436c3674e18ea6cfb3a3df766df3	21/05/2022	SHA-256
HKCU\SOFTWARE\ZSYS Value Name	21/05/2022	Win_Registry
4970c1befe8ed3cab71cd9d43317b9f311d10b49ffc18e1a71f6685cdce05c5c	21/05/2022	SHA-256
157.240.21.63	21/05/2022	IPv4
E0F5C59F9FA661F6F4C50B87FEF3A15A	21/05/2022	MD5
70019a9e401cb30d30e82a7c4da4464ea826fb5ad7a673008874557ea1932809	21/05/2022	SHA-256
172.245.156.138	21/05/2022	IPv4
181a39b9477057e050e6b88583ffb21bc4b94a8783030735ee8ee677a9986e2a	21/05/2022	SHA-256
caad99117625442cbea84fc9040033aecdf2981834634de7b2943adddc5ef4ea	21/05/2022	SHA-256
HKLM\SYSTEM\CONTROLSET001\SERVICES\GDTLDTL DUMDU 2 HKLM\SYSTEM\CONTROLSET001\SERVICES\GDTLDTL DUMDU Value Name	21/05/2022	Win_Registry
3bbc5d12b36fe4f9e14f10dabeaa4bd594f228d457100dbf503f9c84f7616ce1	21/05/2022	SHA-256
3c62ba077f17b25160bd01df9ce8ecdd730eacece2a7947a62981cec829fb894	21/05/2022	SHA-256
5a260230cafe0229937d77eea28779f134ae0fd2d2b17bde92942b5a11073ec4	21/05/2022	SHA-256
58d989e1903389b8fc0de808ead8343ac127a95daa4131776a518ad287526c30	21/05/2022	SHA-256
8fcafc56c480b5b6492aa5b4882f7b4351e0113b5c20fa69f73db0b2d9dbc82a	21/05/2022	SHA-256
09d2706b754c07905f8dcfc8497d2cbcbbf1e2b51166b239a8f9861a5eb5898f	21/05/2022	SHA-256
20.81.111.85	21/05/2022	IPv4
2db980f99457336e1f78bf6d7e78336756e0748f5acb1ca1fbaea0fc83c21d05	21/05/2022	SHA-256
181.112.157.42	21/05/2022	IPv4
3a2b6918caafba046e10f58340ea7dee490e0ac150fbf306dc2546a909593407	21/05/2022	SHA-256

a991e025d962160b815f69feb32e75d917ee45927924440c5161cce44965e699

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\SUPERPROSERVER Value Name

21/05/2022

Win_Registry

bbd91da105ea52d6251c733f6d1ed8ea2819f29091e5f50c6a1fc54d2d0fc4c5

21/05/2022

SHA-256

2c08d65f8d68f44346ec045c62374246c7eddcb1a1c5f3b3854b0ade90539aa9

21/05/2022

SHA-256

3b682518b8aebea0550ac3a6f7cd39425d0d44ad220e1ada46e79a40b0d848a6

21/05/2022

SHA-256

1fab85fafa3c6415b069f4221d771202da98755ae9f7a3b2f34c570d7b01b12b

21/05/2022

SHA-256

db24a3909701a11d90c3655edf5b4fffc2e73b4938f21ea705036b1446fe7440

21/05/2022

SHA-256

7131c68df5ded52136e0dd93456da13dd3cef68f5222157d20fd61b04a86f038

21/05/2022

SHA-256

25cf983f69aef35f1acf0b1555002c5877f925b03df7c312f8f904eadfbe39b8

21/05/2022

SHA-256

15576d21edf15e69d6615168d5d63b72b44142e0c0af7b5ad0fe4d04ae0a935e

21/05/2022

SHA-256

c92c7bf31bca7ff667a24e34911b94bcbe40e931b056740f010961c1bd4c6933

21/05/2022

SHA-256

901cdae9018e02b8e9fe37f6f96f6bd88d07b95f10fd6db5e506d9e1dbf3eb94

21/05/2022

SHA-256

c61c4c3ae816c6e9d9632e472bf58cf388569144390049651c438df9e8f6d792

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\random

21/05/2022

Win_Registry

a0f6abe5b1ccc020446ba72ce4b3fe4119c9967ba59f32a33251c0aa428647a8

21/05/2022

SHA-256

HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS 33 HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0 33 HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\RECENT FILE LIST 33 HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\SETTINGS 33 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS 14 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0 14 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\RECENT FILE LIST 14 HKU\.DEFAULT\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CODEWIZARD VERSION 1.0\SETTINGS 14 Mutexes Occurrences GLOBAL

21/05/2022

Win_Registry

0ec1a04906159d42df0e3c952329b732fa758a24c064ef248055bca3a9d75779

21/05/2022

SHA-256

500e5534d73659779300c88cf8d479dab0cb434037eec277ea6cefdabde44053

21/05/2022

SHA-256

4898229c51886c6a14330244e65f1f68780e971c1213a06590d649876e729dff

21/05/2022

SHA-256

13e37ac660c60a1c788db8e1f4b64175b598fdb82382263a3406af1ededb46ca

21/05/2022

SHA-256

154.16.220.209

21/05/2022

IPv4

180.215.255.141

21/05/2022

IPv4

23.62.6.161

21/05/2022

IPv4

HKLM\SYSTEM\CONTROLSET001\SERVICES\GDVNFVNF WOFWO 3 HKLM\SYSTEM\CONTROLSET001\SERVICES\GDVNFVNF WOFWO Value Name

21/05/2022

Win_Registry

785d71a9493e5e84cabaf43661912da7267a0ddd438cac6661538cf9d01cd276

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\WSIZJB RKWHKRGW Value Name

21/05/2022

Win_Registry

793e180a71f1a7744e655755ba0e3baac38875396421bec9469f904fbcab835e

21/05/2022

SHA-256

89d221b63d6790ebba1959667c4f47a9e563e35507b254dd6af703ee2a11f04c

21/05/2022

SHA-256

ca5b8a90bad279bcbbcbdf19403aafd6cc99fe9f19bc46cbae7f9b54295b41ff

21/05/2022

SHA-256

HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE 7 HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM 7 HKLM\SYSTEM\CONTROLSET001\SERVICES\GSKCSKB TLCTL 5 HKLM\SYSTEM\CONTROLSET001\SERVICES\GSKCSKB TLCTL Value Name

21/05/2022

Win_Registry

870cb7fd5ab94188bca9004a1a72028d5f227a11db0bea762c304c39dcf3a67a

21/05/2022

SHA-256

b74590a3e336341984fc38fea2ea801236796b6a610e5fa2f1d411f7159ec169

21/05/2022

SHA-256

8780788906312ede39dea623a3c9711d744bfacbb2410c66eae316daf150b361

21/05/2022

SHA-256

4cb0e3d4d7cf1a91f16370be66adee9084b2936d43826ba61a50789edd4021ac

21/05/2022

SHA-256

4d4ad9bd0b51be44878ad59d1d9e3fa110a629ea52305cfc2ba3e9106698ca71

21/05/2022

SHA-256

058f5c5fd0fb2cf3657e5d5911218a094c03e49c27ef55ffabbf5a4143b27d44

21/05/2022

SHA-256

a0faf0b9b2d332b765cc0e7d18e63e19b2465d4356a9c5008200c36f6d912474

21/05/2022

SHA-256

5e3c0eac1f74586b973f6f09b0e160312d51c2f8557f0f61718fd60d368edafd

21/05/2022

SHA-256

464bc95d917d9ec52420bf440a55f4099396d2af4af43d41694f30a70d00761b

21/05/2022

SHA-256

767fc2d320a39ac2a24fbc9f4deb13172776b4338561e820efea9865f33f8f8c

21/05/2022

SHA-256

2e99b07981ecf6945415b98085afdf88bd5e5a0ca74ed5021cd6ad5226cc2883

21/05/2022

SHA-256

60d81b8e4b16f86c121cc54d8a6e0303800266ae1e2abf9b2b70dce9cc6da8c8

21/05/2022

SHA-256

6f5284407cb0f4b7e2fe875294a4dbc27d7e9f7ac141285f5ab09a8102ff7dce

21/05/2022

SHA-256

4bdb55e73d8d688509059548da8fa1eb44a1719162fc8827695be6328b804121

21/05/2022

SHA-256

8a26a3adf738b1a2b3e84f323ca47928dfe93d1b635eb3a549a7d630c2871251

21/05/2022

SHA-256

bb598eedb28c42b011be6f27b0b3740cad173777c501e0fbe83306c37da6e87a

21/05/2022

SHA-256

HKU\.DEFAULT\CONTROL PANEL\BUSES 6 HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name

21/05/2022

Win_Registry

ad45540821a86dae47bf35d1cad6d78ac5bb12fb68cd0135e180a29346bce66b

21/05/2022

SHA-256

6ba48ecadd6daa7296e3d1aab5c6f9bad8d97996b6bcb2b5dfaac404bf9c8f47

21/05/2022

SHA-256

72cb744b57f3183e15da3780cbfd4411dc77b36411c1fcca65ec59e2d15713f0

21/05/2022

SHA-256

31.41.244.84

21/05/2022

IPv4

35.195.98.220

21/05/2022

IPv4

ef78da2e9386931b44c99e0136e0ae13ff3d158434dd1a0288e09119ab9d9274

21/05/2022

SHA-256

089b366e8793cbc83d91a234bd8f50fb8dfcd8e1c9d4ec12a557a5087654cb09

21/05/2022

SHA-256

2ad3eedfd800d2c4746d7f7d78cce4e25bd97e5c638e6501afe8eda66e0be654

21/05/2022

SHA-256

1632b7601eccb92cafe93b2ee1970f55c4305311165ef5088e55988aad2cf8a8

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\WSSQKG RCQYYDRO Value Name

21/05/2022

Win_Registry

9066a9ef24b43a9a7fc64b47315972b2048c6ec643717522e56632327775d800

21/05/2022

SHA-256

282e1666932d8debcc4ab86746e6791d49fd972582b2778062616d52a8866a96

21/05/2022

SHA-256

HKU\.DEFAULT\SOFTWARE\MICROSOFT\ACTIVEMOVIE\DEVENUM Value Name

21/05/2022

Win_Registry

745dbcda3f3e84c1eed438ceafd129726864db1a39a33eddbc92f41bd7e5c5de

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\GDVNFVNF WOFWO Value Name

21/05/2022

Win_Registry

f395d12b196d3a6480d5056725cb834e9d2cb3aa07a15e77180225b67991709d

21/05/2022

SHA-256

64fac0ae2ed8c9e6c646a81ef171dcd078d1dbe43a55f66fa5676323b694ebe1

21/05/2022

SHA-256

83c10e8e26234eb9657cc1d3d498723dfc4ad1f26161a622acbaf008b0b794fc

21/05/2022

SHA-256

235e75a04e4622be8e18ab647a77a87a65a0b33dd0a9edf07e5ada784dc32bb5

21/05/2022

SHA-256

27b46b7de14445b26f4a8689caee861b824aeae7ea27e466a6292965043519f3

21/05/2022

SHA-256

704f3472d96b7a5ca6a31e7608ad29d5c0c331516367a6eca0ccd5ada61afdf6

21/05/2022

SHA-256

5.255.96.218

21/05/2022

IPv4

77f8d351f3f9b27c42ddd98965269e809e0b864571013240bc3f1e6c7cd51ddd

21/05/2022

SHA-256

ad80dffea369021f6234c5f95daf448972bbcfa28faeaba5ae7edb34e2e11486

21/05/2022

SHA-256

3f8ad607849adc67a227334dd99a31bd94a91d433b7266f0c816d8783a7e6c6d

21/05/2022

SHA-256

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID

21/05/2022

Win_Registry

2c0595bb1e93372bd6695f9a3b77b4166d3fa85bdb6acb427c1f327ce6c4f968

21/05/2022

SHA-256

47bef109565da06b2c0e833ca715e09dab49cc58f00e02c3e1142cab98460b3a

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\WSIZJB RKWHKRGW 2 HKLM\SYSTEM\CONTROLSET001\SERVICES\WSIZJB RKWHKRGW Value Name

21/05/2022

Win_Registry

7f95ea485ab69f136ebb6e7e4ae9d0522ce60cc525ee7cd634484d53ff31fdb4

21/05/2022

SHA-256

09142589a0d5714b93156097b04b4b9b0b4f3fdd562a9a936b82952e86bd7eac

21/05/2022

SHA-256

HKU\.DEFAULT\CONTROL PANEL\BUSES Value Name

21/05/2022

Win_Registry

e48197d5206ffba045e0fbd77d64bb8fb6b3a515515ce4fa3f4ee89c9aa7faf5

21/05/2022

SHA-256

904df9175e7c173fa0d09bd57f4c038ecfa0bd438aa233807dfdc973f6f08679

21/05/2022

SHA-256

16ffb81083c9c988e526a1fd6fd8143dc21ea2f4876833ba43b64ead08ca9aee

21/05/2022

SHA-256

157.240.2.174

21/05/2022

IPv4

60.191.97.139

21/05/2022

IPv4

4afd06a5768b10729aebe3020c980c9775c30355aac961fd9da155a56f1022d5

21/05/2022

SHA-256

bf09b7d1aff22a5bc8e29bb7321a2cae0df270b109f216d1b63966ed0fc015a2

21/05/2022

SHA-256

77EC63BDA74BD0D0E0426DC8F8008506

21/05/2022

MD5

121.41.227.197

21/05/2022

IPv4

23.62.6.170

21/05/2022

IPv4

293b7655279232c282a3e7e14a6cf1b5ff1c84773df337d00dd2c140b32a4574

21/05/2022

SHA-256

668cb63fce74a7c9e705b8e7ad81c6b3d91d8325b92aee083f203a3f75e57610

21/05/2022

SHA-256

171.100.142.238

21/05/2022

IPv4

1434bdd62d628a25829701c54d20f7ba778b3c63d93f6e5764931d1091ef83e3

21/05/2022

SHA-256

3e8ea5324c39dbcb1b0ee0e2fb18f7d928e4998f53381a798955dc906e916da5

21/05/2022

SHA-256

593ecbd1773f20df0bc13d604006e0feb1a576cf3170c66807ae1f8459db1345

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\SUPERPROSERVER 3 HKLM\SYSTEM\CONTROLSET001\SERVICES\SUPERPROSERVER Value Name

21/05/2022

Win_Registry

9d1112135eee205ea776c78acd0c965d9ca00f904798f70451e6158fb14cbeac

21/05/2022

SHA-256

b57ca40eab68c52c47e979fae218dcb91cb833caeadd53538695b12f5f70c51c

21/05/2022

SHA-256

96d60053f8d2be82d6fee5348e6ceff040525c149ec6d7642edce54d0251e0a3

21/05/2022

SHA-256

956446e6fce0d16ad5ad2dfe21d6fcaa52fcda2baa7b96695d47d948bf07adcb

21/05/2022

SHA-256

148d77d752a0f883a10231c4b082a5faf76df3fae754e7d4d50f78194532b9b2

21/05/2022

SHA-256

950e59486286f7e526a33e5ee60151e09b9c6fc3091cbc354fdf9940371ee37b

21/05/2022

SHA-256

910b5935f42190d68f1a9462620f7a60eac839253267277000d61ec444766e59

21/05/2022

SHA-256

a8ef9cf1ff529a1ef9237cc04e4e12a602669e35e07a65878f073e9067236140

21/05/2022

SHA-256

860db4a765cb642a13888257692f65d600389c88d9573daffa5f0905f2bf018d

21/05/2022

SHA-256

5cb238a26bd971c6de9cb98e0132f3054ae23c2c760a3eb0ca7318f25d8d4780

21/05/2022

SHA-256

91.243.33.5

21/05/2022

IPv4

40.93.207.0

21/05/2022

IPv4

2caef31bc4acc28a419a2cc7658ea24461a442935bc63b9f90c217583a228c8c

21/05/2022

SHA-256

34.117.59.81

21/05/2022

IPv4

40ac8ee866c7c98fdb53a46358ea0f4593f22f3fffaf7dda5496d55988949913

21/05/2022

SHA-256

6004fc0133f36df0cabccdf5e17c6691514e94b57135cf626fdc9fb2ea845c8b

21/05/2022

SHA-256

a61894ebd208ba8c54e51912ec6405560931a9864aa3fd431f7df4a57eddd635

21/05/2022

SHA-256

c8b077322778bc87119ce0bce5f1db70bf6596260bc8c2f6ffd0f301fcaa2123

21/05/2022

SHA-256

HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS Value Name

21/05/2022

Win_Registry

b18fea368891dc8969a304c6b00bcd952f10295ef7cb69a3ac8981848415612c

21/05/2022

SHA-256

5.255.96.217

21/05/2022

IPv4

HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

21/05/2022

Win_Registry

6994d069182e0e4e9a3336a7d0f8ccea5390938313f5585425803fd9b9f8636d

21/05/2022

SHA-256

200.127.121.99

21/05/2022

IPv4

69f5d0f6de8d57bd374bbb702ba0e1363fcf7282168eeb3a3705e420229f68de

21/05/2022

SHA-256

170.84.78.224

21/05/2022

IPv4

HKCR\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGS\159 11 HKLM\SYSTEM\SELECT Value Name

21/05/2022

Win_Registry

3aa1e8a0cd1c08cf7ef80494693362083b6fe90d51feab94fd14dd3f003cd035

21/05/2022

SHA-256

b89b656a2ce0c5f6f1a37f39b86096551eb04551bb352a651c03732d2b2b501f

21/05/2022

SHA-256

188e0c455ac511f976e8b8a86655fb2522c79f11a25372819edadecf52aa6720

21/05/2022

SHA-256

3f0e21c9807bcbe3081e0dfc1a28f15b483efe760afa382d891a97de6876f8aa

21/05/2022

SHA-256

6527e098cb2588b6ba84757886c0f740d46cf31db0c804072f7b7728f4ede080

21/05/2022

SHA-256

d5008f73d6e0a70f7e5b20848d3bcced444f8900041d9f85fda0194fa2e008c0

21/05/2022

SHA-256

127.0.0.2

21/05/2022

IPv4

0e8d746ad396f3858e609b2a0cbfd41676c01ff7283bfcb9fb5e644b0c393874

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\GSKCSKB TLCTL Value Name

21/05/2022

Win_Registry

156.240.107.214

21/05/2022

IPv4

314a9d45233b60c2a0c6e6043332cae53687b3cefbc4754db3a77e1e4bfccbb0

21/05/2022

SHA-256

5b0d9bc969fdc4d0530bbc7ce0f6dc1093e15702df5c44d1d9db982604362bef

21/05/2022

SHA-256

14b6e67caf8ff987486978a07e5e177c89a9afe87326d930438b5cc1194e7533

21/05/2022

SHA-256

dc8f108a2030ecbbf5be79df305d02839fc1192d262e20faec834a0ac9ac05f3

21/05/2022

SHA-256

156.240.106.129

21/05/2022

IPv4

36.89.85.103

21/05/2022

IPv4

185.17.123.90

21/05/2022

IPv4

259ba57d1ce1868c12144dc3fec87c8f882e201f3093048f7e933f53346b0afd

21/05/2022

SHA-256

1b97e3b2e8debc617bb89a002c5991cac51988c4864511b14832fb37b9c8f1bd

21/05/2022

SHA-256

754f5f353698ca45eceabc1a45de34de02c420155ffa7a0ccddbd04847c90882

21/05/2022

SHA-256

HKCU\SOFTWARE\ZSYS 15 HKCR\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGS\159 15 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS

21/05/2022

Win_Registry

9a69d4802add64156ce6a7fb089f106d34f5b559398caa12bc2fe223e4ea4411

21/05/2022

SHA-256

6463c1b28ff09bfd3895b958249ce7e3220ec35b5a49422219407ee5f51cd47d

21/05/2022

SHA-256

143.92.56.63

21/05/2022

IPv4

HKLM\SYSTEM\CONTROLSET001\SERVICES\WSSQKG RCQYYDRO 7 HKLM\SYSTEM\CONTROLSET001\SERVICES\WSSQKG RCQYYDRO Value Name

21/05/2022

Win_Registry

121.100.19.18

21/05/2022

IPv4

8fb5f16416475bbcd2005098dd10d52662b870e0b3787544bb60fc2775d54f7e

21/05/2022

SHA-256

172.253.63.100

21/05/2022

IPv4

8408e4515b34e24cbfff7d9f52bae3abaee2d60c9c48d59dfeb85055cb8d02c9

21/05/2022

SHA-256

121.127.248.96

21/05/2022

IPv4

a20c4b8fdca84480e1217d4339528cbf5b25785a22f39934e49256d92e37249c

21/05/2022

SHA-256

HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Value Name

21/05/2022

Win_Registry

HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM Value Name

21/05/2022

Win_Registry

835ce5de87d80ab9a7be0449236dd1efa73a7f1dd770150224694c486257cd60

21/05/2022

SHA-256

194.5.250.175

21/05/2022

IPv4

b261d6b8833f07990a69c4f88cdd54f703f465d162a6b1c3acf95561a17890b2

21/05/2022

SHA-256

80e087b28afb0be8ec3a0f0b35aec8ef06e7d806aa7e576a4282e394244a2bc1

21/05/2022

SHA-256

291aab875adf6ae867713b06cd7e7456e395324d5de067a9e578441a39a7af3b

21/05/2022

SHA-256

2ff02aef8a9ac75bed7e7bed931dac733cd2f310d50f1596eb6eb7de0b3d5628

21/05/2022

SHA-256

ad32fffc0d98178964b5a55300f870125ad6f40dbdfe724e4f6043ae7d4945fc

21/05/2022

SHA-256

5c673d6ad74a8948bea00e8d2e5e81f22a85e2ba26a04ed94a48d68a7d263fd5

21/05/2022

SHA-256

88e3c9743f423655a60801b44e4d8783c1a444f27748a7f00e827421eb7fd6c0

21/05/2022

SHA-256

c8748a99549d45eff46cc2cd6687d257478ecad14a5a8a0436e96d48315267cf

21/05/2022

SHA-256

185.14.30.134

21/05/2022

IPv4

732a581bbd232a5eed7034c898cb0c834af01e5dbdd79cd7a241151c8d7debeb

21/05/2022

SHA-256

57f6bba7f29a365466af5dd3cd9a9f61e57543f4d83d76bef81640b3048e2cdd

21/05/2022

SHA-256

a795b3d767d5c8fa911a904d54a031f9a4d1eb4a21aa53de5b51e2a4bd101689

21/05/2022

SHA-256

HKCU\Software\random

21/05/2022

Win_Registry

183.26.161.58

21/05/2022

IPv4

8266bd94da8a881040beec0e10ee3a15a146fd8f4e0772a2fbe8903d9c8f07b5

21/05/2022

SHA-256

7e92f39c54eb42fdb0d5983d08f2bb1047e53dfc0a823f223a06cd5e3f9e51ff

21/05/2022

SHA-256

31.13.64.174

21/05/2022

IPv4

84c14436a6aa2dfd9b779c188d67d2b83d06e217f1f9756493367e1954cb4f91

21/05/2022

SHA-256

73da1601aa1fabd87a6fd5c945c4927dd68284ede0d343fed299fd2b484fbf65

21/05/2022

SHA-256

51.254.164.244

21/05/2022

IPv4

5.182.210.226

21/05/2022

IPv4

6e8229828586a2901269588bbc709cc09ad9a09342efdcac208ac636b01daf85

21/05/2022

SHA-256

fd43f3c4b33d5294c4f342fc63a0dd50449e436c3674e18ea6cfb3a3df766df3

21/05/2022

SHA-256

HKCU\SOFTWARE\ZSYS Value Name

21/05/2022

Win_Registry

4970c1befe8ed3cab71cd9d43317b9f311d10b49ffc18e1a71f6685cdce05c5c

21/05/2022

SHA-256

157.240.21.63

21/05/2022

IPv4

E0F5C59F9FA661F6F4C50B87FEF3A15A

21/05/2022

MD5

70019a9e401cb30d30e82a7c4da4464ea826fb5ad7a673008874557ea1932809

21/05/2022

SHA-256

172.245.156.138

21/05/2022

IPv4

181a39b9477057e050e6b88583ffb21bc4b94a8783030735ee8ee677a9986e2a

21/05/2022

SHA-256

caad99117625442cbea84fc9040033aecdf2981834634de7b2943adddc5ef4ea

21/05/2022

SHA-256

HKLM\SYSTEM\CONTROLSET001\SERVICES\GDTLDTL DUMDU 2 HKLM\SYSTEM\CONTROLSET001\SERVICES\GDTLDTL DUMDU Value Name

21/05/2022

Win_Registry

3bbc5d12b36fe4f9e14f10dabeaa4bd594f228d457100dbf503f9c84f7616ce1

21/05/2022

SHA-256

3c62ba077f17b25160bd01df9ce8ecdd730eacece2a7947a62981cec829fb894

21/05/2022

SHA-256

5a260230cafe0229937d77eea28779f134ae0fd2d2b17bde92942b5a11073ec4

21/05/2022

SHA-256

58d989e1903389b8fc0de808ead8343ac127a95daa4131776a518ad287526c30

21/05/2022

SHA-256

8fcafc56c480b5b6492aa5b4882f7b4351e0113b5c20fa69f73db0b2d9dbc82a

21/05/2022

SHA-256

09d2706b754c07905f8dcfc8497d2cbcbbf1e2b51166b239a8f9861a5eb5898f

21/05/2022

SHA-256

20.81.111.85

21/05/2022

IPv4

2db980f99457336e1f78bf6d7e78336756e0748f5acb1ca1fbaea0fc83c21d05

21/05/2022

SHA-256

181.112.157.42

21/05/2022

IPv4

3a2b6918caafba046e10f58340ea7dee490e0ac150fbf306dc2546a909593407

21/05/2022

SHA-256

CYBER45

Threat Roundup for May 13 to May 20

C45-2022-05-21-6

Indicators of Compromise (IOC) List