top of page
Threat Roundup for April 7 to April 14
C45-2023-04-15-7
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\HLNQWSCE | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN2HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\COMSYSAPP | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\CURRENTVERSION\EXPLORERN | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\MPSSVC | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\WHTNMNNO | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\WKCBLJHG | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\.NETFRAMEWORK\V2.0.50727\NGENSERVICE\STATE | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\ | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\YDRYS1HKCU\SOFTWARE\YDRYS | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\XTREMERAT8HKCU\SOFTWARE\XTREMERAT | 15/04/2023 | Win_Registry |
HKU\S-1-5-21-2580483871-590521980-3826313501-5001HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WINDEFEND | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION | 15/04/2023 | Win_Registry |
1.0.0.0 | 15/04/2023 | IPv4 |
HKCU\SOFTWARE\RPMOEQJV | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM1HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\CURRENTVERSION1HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\CURRENTVERSION\EXPLORERN1HKCU\SOFTWARE\XENOCODE1HKCU\SOFTWARE\XENOCODE\SANDBOXCACHE1HKCU\SOFTWARE\XENOCODE\SANDBOXCACHE\ | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\PFHJKKOK | 15/04/2023 | Win_Registry |
wextract@1.0.0.07 | 15/04/2023 | Email_ID |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WUAUSERV | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\LG3XWSUBC | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\FUNMLNOS | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\UHCQPKMX | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\MSISERVER | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SYSTEM | 15/04/2023 | Win_Registry |
2.0.1.1 | 15/04/2023 | IPv4 |
HKCU\SOFTWARE\YDRYS | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\LG3XWSUBC2HKCU\SOFTWARE\LG3XWSUBC | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\PAIBDTJC | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\JEMHQXXX | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\random | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\JTESAUDU | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\.NETFRAMEWORK\V2.0.50727\NGENSERVICE\STATE | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\GJTFROFQ | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\472JCD5PAHK2A11MutexesOccurrencesGlobal\random guid26XTREMEUPDATE6 | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\.NETFRAMEWORK\V2.0.50727\NGENSERVICE\LISTENEDSTATE | 15/04/2023 | Win_Registry |
HKCR\LOCAL SETTINGS\MUICACHE\82\52C64B7E | 15/04/2023 | Win_Registry |
HKCU\PRINTERS\DEFAULTS | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\COMMAND PROCESSOR | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\UVXHKNHM | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\MOZILLAMAINTENANCE | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN | 15/04/2023 | Win_Registry |
HKCU\PRINTERS\DEFAULTS72HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\WSCSVC | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\ | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER\SVC\S-1-5-21-2580483871-590521980-3826313501-50025HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER\SVC\S-1-5-21-2580483871-590521980-3826313501-500 | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE | 15/04/2023 | Win_Registry |
wextract@1.0.0.0 | 15/04/2023 | Email_ID |
2.0.1.17 | 15/04/2023 | IPv4 |
wextract@1.0.0.0.manifest7 | 15/04/2023 | Email_ID |
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE | 15/04/2023 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\IEETWCOLLECTORSERVICE | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT | 15/04/2023 | Win_Registry |
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\.NETFRAMEWORK\V2.0.50727\NGENSERVICE\LISTENEDSTATE | 15/04/2023 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\OSE | 15/04/2023 | Win_Registry |
1.0.0.07 | 15/04/2023 | IPv4 |
bottom of page