top of page
Threat Roundup (Feb. 24 - March 3)
C45-2023-03-04-2
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM5HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKSValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MOZILLA\MOZILLA THUNDERBIRD6HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DISCARDABLE\POSTSETUP\COMPONENT CATEGORIES | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\ACTION CENTER\CHECKS | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONS2HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONSValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU2HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AUValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM12HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNValue Name | 04/03/2023 | Win_Registry |
cff82abf5bc773973dc5dc12949a5957f0dd72b7e8120ead9dc3ef9c53221f43 | 04/03/2023 | SHA-256 |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU3HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AUValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\UBVIY1HKCU\SOFTWARE\MICROSOFT\UBVIYValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSIONValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKSValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\A1890984Value Name | 04/03/2023 | Win_Registry |
HKU\.DEFAULT\CONTROL PANEL\BUSES5HKU\.DEFAULT\CONTROL PANEL\BUSESValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER2HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER\REAL-TIME PROTECTION2HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE2HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS DEFENDER\FEATURES2HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS DEFENDER\FEATURESValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER3HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNValue Name | 04/03/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WUAUSERVValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DISCARDABLE\POSTSETUP\COMPONENT CATEGORIES | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONS3HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONSValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPESValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER3HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AUValue Name | 04/03/2023 | Win_Registry |
HKCR\LOCAL SETTINGS\MUICACHE\82\52C64B7EValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER3HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER\REAL-TIME PROTECTION3HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE3HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS DEFENDER\FEATURES3HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS DEFENDER\FEATURESValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\PRIVACYValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER2HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AUValue Name | 04/03/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WINDEFENDValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AUValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\RMC-SDW3HE1HKCU\SOFTWARE\RMC-SDW3HEValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATEValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDERValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER\REAL-TIME PROTECTIONValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN7HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTELLIFORMS\STORAGE26HKLM\SOFTWARE\WOW6432NODE\MOZILLA\MOZILLA FIREFOX6HKLM\SOFTWARE\WOW6432NODE\MOZILLA\MOZILLA FIREFOX\20.0.1 | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEValue Name | 04/03/2023 | Win_Registry |
6585b2ca812353618b651b010fba7b6e509c0a2ecbe835b139b47a7cefbbe022 | 04/03/2023 | SHA-256 |
HKCU\SOFTWARE\RMC-SDW3HEValue Name | 04/03/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEMValue Name | 04/03/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNValue Name | 04/03/2023 | Win_Registry |
fd8920c28fd2160ecd246fcf526acf3a23229001957d583b51301eb555830cc2 | 04/03/2023 | SHA-256 |
942597777531fe8e56d8384e93e2255b60b4dc4794d0f05155f495f287b7984c | 04/03/2023 | SHA-256 |
HKLM\SYSTEM\CONTROLSET001\SERVICES\random | 04/03/2023 | Win_Registry |
19ff84f10af4e7f4960207a56a1f75eeb71cdcf3fd66339f72d28db735818571 | 04/03/2023 | SHA-256 |
b02b72bc93bf09f7986a98b461c33d7a55fc742b98997fd21688162f8d6d86be | 04/03/2023 | SHA-256 |
ec09c5b928cb50415355ff8fe2e3bc9600c7f5b88576e5f8c567df13790a7ab0 | 04/03/2023 | SHA-256 |
bottom of page