Threat Roundup for March 17 to March 24

C45-2023-03-25-8

Indicators of Compromise (IOC) List

Indicator of Compromise (IOC)	Date Published	IOC Type
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON	25/03/2023	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\SYSTEM\DFMIRAGE	25/03/2023	Win_Registry
HKCU\SOFTWARE\HACKED1HKCU\SOFTWARE\HACKED	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\WINDEFEND	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU45HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS54HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS54HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS\SETUP54HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS\SETUP\30002	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONS16HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONS	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\SYSTEM\DFMIRAGE2HKLM\SYSTEM\CONTROLSET001\SERVICES\DFMIRAGE\DEVICE02HKLM\SYSTEM\CONTROLSET001\CONTROL\VIDEO	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONS45HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER\NOTIFICATIONS	25/03/2023	Win_Registry
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON	25/03/2023	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE	25/03/2023	Win_Registry
HKCU\SOFTWARE\SERVER	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER45HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER\REAL-TIME PROTECTION45HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE45HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS DEFENDER\FEATURES45HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS DEFENDER\FEATURES	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER45HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU	25/03/2023	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\INVIDEOINSTALL2HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SETUP\PNPLOCKDOWNFILES	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\TASKBAND	25/03/2023	Win_Registry
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS\SETUP\30002	25/03/2023	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\VSS\DIAG\VSSAPIPUBLISHER1HKCU\SOFTWARE\SERVER1HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS	25/03/2023	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS\SETUP\1000234HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN	25/03/2023	Win_Registry
HKCU\SOFTWARE\HIDDENVICTIM2HKCU\SOFTWARE\HIDDENVICTIM	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSCSVC	25/03/2023	Win_Registry
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE	25/03/2023	Win_Registry
HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS15HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CDB15HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CDB\RECENT FILE LIST15HKCU\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\CDB\SETTINGS15HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE	25/03/2023	Win_Registry
HKCU\SOFTWARE\HIDDENVICTIM	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\DFMIRAGE	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.054HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS\SETUP\3000254HKCU\SOFTWARE\MICROSOFT\OUTLOOK EXPRESS\5.0\SHARED SETTINGS\SETUP\30002	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON	25/03/2023	Win_Registry
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER	25/03/2023	Win_Registry
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN8HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN8HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER\REAL-TIME PROTECTION	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\WUAUSERV	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DISCARDABLE\POSTSETUP\COMPONENT CATEGORIES	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS DEFENDER SECURITY CENTER16HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU	25/03/2023	Win_Registry
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\SERVICES\MPSSVC	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\CONTROL\GROUPORDERLIST	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE\AU	25/03/2023	Win_Registry
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN	25/03/2023	Win_Registry
HKLM\SYSTEM\CONTROLSET001\CONTROL\VIDEO	25/03/2023	Win_Registry
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\WINDOWSUPDATE	25/03/2023	Win_Registry

Download as CSV

View Report >>