Scribd
Upload
125 views37 pages

Sysmon

Uploaded by

haiplvhe160760
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
125 views37 pages

Sysmon

Uploaded by

haiplvhe160760
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 37

eventID 7

ImageLoaded
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehcinj.dll

C:\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\IPS\EpMPApi.dll

C:\Program Files\Common Files\McAfee\SystemCore\mfehcinj.dll

C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\ATPAmsiGuard.dll


C:\Program Files\McAfee\Endpoint Security\Threat Prevention\IPS\EpMPApi.dll
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\IPS\HipHandlers64.dll

C:\Program Files\McAfee\Endpoint Security\Threat Prevention\LogLib.dll

C:\Program Files\McAfee\Endpoint Security\Threat Prevention\msvcp140.dll

C:\Program Files\McAfee\Endpoint Security\Threat Prevention\rcScanMenuHandler.dll

C:\Program Files\McAfee\Endpoint Security\Threat Prevention\vcruntime140_1.dll

C:\Program Files\McAfee\Endpoint Security\Threat Prevention\vcruntime140.dll

C:\Program Files\McAfee\MAR\mvcairo_x64.dll

C:\Program Files\McAfee\MAR\mvcairo_x86.dll
C:\Program Files\McAfee\MAR\mvcairo_x86.dll
C:\Program Files\McAfee\MAR\mvcairo_x86.dll
C:\Program Files\VMware\VMware Tools\vmStatsProvider\win64\vmStatsProvider.dll
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll
C:\Windows\Sysmon64.exe
C:\Windows\Sysmon64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee\Agent\x86\vcruntime140.dll
C:\Program Files\McAfee\Agent\x86\msvcp140.dll
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfehida.dll
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfemmsa.dll
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\McTrayInterfaceLib.dll
C:\Program Files\McAfee\Agent\x86\McAfeeWin32GUISupportDLL.dll
C:\Program Files\McAfee\Data_Exchange_Layer\bin\McTray\dx_tray.dll
C:\Windows\SysWOW64\msvcp110.dll
C:\Windows\SysWOW64\msvcr110.dll
C:\Program Files\McAfee\Agent\x86\McAfeeCommonUpdaterPlugin.dll
C:\Program Files\McAfee\Agent\x86\McTrayErrorLoggingPlugin.dll
C:\Program Files\McAfee\Agent\x86\McTrayLegacySupportPlugin32.dll
C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\McTrayUPC.dll
C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\LogLib.dll
C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\blframework.dll
C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\McVariantExport.dll
C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\MetroUtils.dll
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfevtpa.dll
C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\blframeworkrt.dll
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfevtpa.dll
C:\Program Files\McAfee\Agent\x86\vcruntime140.dll
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\trex.dll
C:\Program Files\McAfee\Agent\x86\sqlite.dll
C:\Program Files\McAfee\Agent\x86\mxml.dll
C:\Program Files\McAfee\Agent\x86\msvcp140.dll
C:\Program Files\McAfee\Agent\x86\mfecryptc.dll
C:\Program Files\McAfee\Agent\x86\ma_xml.dll
C:\Program Files\McAfee\Agent\x86\ma_variant.dll
C:\Program Files\McAfee\Agent\x86\ma_utils.dll
C:\Program Files\McAfee\Agent\x86\ma_serialization.dll
C:\Program Files\McAfee\Agent\x86\ma_proxy.dll
C:\Program Files\McAfee\Agent\x86\ma_msgbus.dll
C:\Program Files\McAfee\Agent\x86\ma_logger.dll
C:\Program Files\McAfee\Agent\x86\ma_datastore.dll
C:\Program Files\McAfee\Agent\x86\ma_database.dll
C:\Program Files\McAfee\Agent\x86\ma_crypto.dll
C:\Program Files\McAfee\Agent\x86\ma_client.dll
C:\Program Files\McAfee\Agent\x86\libuv.dll
C:\Program Files\McAfee\Agent\x86\libeay32.dll
C:\Program Files (x86)\Common Files\McAfee\SystemCore\mfemmsa.dll
C:\Windows\System32\msvcr100.dll
C:\Program Files\McAfee\Endpoint Security\Endpoint Security Platform\ENSWContent.dat
C:\Windows\System32\vcruntime140.dll
C:\Windows\System32\vcruntime140_1.dll
C:\Windows\System32\msvcp140.dll
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9247_none_08e394a
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtools.dll
C:\Program Files\VMware\VMware Tools\pcre.dll
C:\Program Files\VMware\VMware Tools\intl.dll
C:\Program Files\VMware\VMware Tools\iconv.dll
C:\Program Files\VMware\VMware Tools\gobject-2.0.dll
C:\Program Files\VMware\VMware Tools\gmodule-2.0.dll
C:\Program Files\VMware\VMware Tools\glib-2.0.dll
C:\Windows\Sysmon64.exe
Image
C:\Windows\SysWOW64\dllhost.exe
C:\Windows\SysWOW64\dllhost.exe
C:\Windows\SysWOW64\dllhost.exe
C:\Windows\SysWOW64\dllhost.exe
C:\Windows\SysWOW64\dllhost.exe
C:\Windows\SysWOW64\dllhost.exe
Image: C:\Windows\Sysmon64.exe
Image: C:\Windows\Sysmon64.exe
Image: C:\Windows\System32\backgroundTaskHost.exe
Image: C:\Windows\System32\backgroundTaskHost.exe
Image: C:\Windows\System32\consent.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\rundll32.exe
Image: C:\Windows\System32\RuntimeBroker.exe
Image: C:\Windows\System32\svchost.exe
Image: C:\Windows\System32\svchost.exe
Image: C:\Windows\System32\taskhostw.exe
Image: C:\Windows\System32\wbem\WmiApSrv.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\System32\wermgr.exe
Image: C:\Windows\System32\consent.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\notepad.exe
Image: C:\Windows\System32\notepad.exe
Image: C:\Windows\System32\rundll32.exe
Image: C:\Windows\System32\svchost.exe
Image: C:\Windows\System32\svchost.exe
Image: C:\Windows\System32\wbem\WmiApSrv.exe
Image: C:\Windows\System32\notepad.exe
Image: C:\Windows\System32\notepad.exe
Image: C:\Windows\System32\rundll32.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\explorer.exe
Image: C:\Windows\Sysmon64.exe
Image: C:\Windows\Sysmon64.exe
Image: C:\Windows\System32\backgroundTaskHost.exe
Image: C:\Windows\System32\backgroundTaskHost.exe
Image: C:\Windows\System32\consent.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\dllhost.exe
Image: C:\Windows\System32\rundll32.exe
Image: C:\Windows\System32\RuntimeBroker.exe
Image: C:\Windows\System32\svchost.exe
Image: C:\Windows\System32\svchost.exe
Image: C:\Windows\System32\taskhostw.exe
Image: C:\Windows\System32\wbem\WmiApSrv.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\System32\wermgr.exe
Image: C:\Windows\SysWOW64\dllhost.exe
Image: C:\Windows\SysWOW64\dllhost.exe
Image: C:\Windows\SysWOW64\dllhost.exe
Image: C:\Windows\System32\wbem\WmiApSrv.exe
Image: C:\Windows\System32\wbem\WmiPrvSE.exe
Image: C:\Windows\Sysmon64.exe
Image: C:\Windows\Sysmon64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mctray.exe
C:\Program Files\McAfee\Agent\x86\mfemactl.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Windows\Sysmon64.exe
ProcessGuid Signed Signature
771ee782-76a2-6644-ae33-000000002e00 1 MUSARUBRA US LLC
771ee782-76ac-6644-af33-000000002e00 1 MUSARUBRA US LLC
771ee782-76a2-6644-ac33-000000002e00 1 MUSARUBRA US LLC
771ee782-76a2-6644-ae33-000000002e00 1 McAfee, Inc.
771ee782-76ac-6644-af33-000000002e00 1 McAfee, Inc.
771ee782-76a2-6644-ac33-000000002e00 1 McAfee, Inc.
771ee782-76f1-6644-b333-000000002e00 1 MUSARUBRA US LLC
771ee782-7746-6644-b733-000000002e00 1 MUSARUBRA US LLC
771ee782-778d-6644-bd33-000000002e00 1 MUSARUBRA US LLC
771ee782-7699-6644-ad33-000000002e00 1 MUSARUBRA US LLC
771ee782-78e9-6644-c933-000000002e00 1 MUSARUBRA US LLC
771ee782-77a4-6644-bf33-000000002e00 1 MUSARUBRA US LLC
771ee782-77aa-6644-c033-000000002e00 1 MUSARUBRA US LLC
771ee782-77dd-6644-c333-000000002e00 1 MUSARUBRA US LLC
771ee782-78b1-6644-c633-000000002e00 1 MUSARUBRA US LLC
771ee782-78d7-6644-c733-000000002e00 1 MUSARUBRA US LLC
771ee782-78e2-6644-c833-000000002e00 1 MUSARUBRA US LLC
771ee782-78ea-6644-ca33-000000002e00 1 MUSARUBRA US LLC
771ee782-7702-6644-b533-000000002e00 1 MUSARUBRA US LLC
771ee782-7747-6644-b833-000000002e00 1 MUSARUBRA US LLC
771ee782-7764-6644-bb33-000000002e00 1 MUSARUBRA US LLC
771ee782-7704-6644-b633-000000002e00 1 MUSARUBRA US LLC
771ee782-778d-6644-bc33-000000002e00 1 MUSARUBRA US LLC
771ee782-77b6-6644-c133-000000002e00 1 MUSARUBRA US LLC
771ee782-76d4-6644-b033-000000002e00 1 MUSARUBRA US LLC
771ee782-76ff-6644-b433-000000002e00 1 MUSARUBRA US LLC
771ee782-76d5-6644-b133-000000002e00 1 MUSARUBRA US LLC
771ee782-77b9-6644-c233-000000002e00 1 MUSARUBRA US LLC
771ee782-76d6-6644-b233-000000002e00 1 MUSARUBRA US LLC
771ee782-7752-6644-ba33-000000002e00 1 MUSARUBRA US LLC
771ee782-7844-6644-c533-000000002e00 1 MUSARUBRA US LLC
771ee782-78e9-6644-c933-000000002e00 1 MUSARUBRA US LLC
771ee782-77a4-6644-bf33-000000002e00 1 McAfee, Inc.
771ee782-77aa-6644-c033-000000002e00 1 McAfee, Inc.
771ee782-77dd-6644-c333-000000002e00 1 McAfee, Inc.
771ee782-78b1-6644-c633-000000002e00 1 McAfee, Inc.
771ee782-78d7-6644-c733-000000002e00 1 McAfee, Inc.
771ee782-78e2-6644-c833-000000002e00 1 McAfee, Inc.
771ee782-78ea-6644-ca33-000000002e00 1 McAfee, Inc.
771ee782-7702-6644-b533-000000002e00 1 McAfee, Inc.
771ee782-7747-6644-b833-000000002e00 1 McAfee, Inc.
771ee782-7764-6644-bb33-000000002e00 1 McAfee, Inc.
771ee782-778e-6644-be33-000000002e00 1 McAfee, Inc.
771ee782-774e-6644-b933-000000002e00 1 McAfee, Inc.
771ee782-7704-6644-b633-000000002e00 1 McAfee, Inc.
771ee782-77b6-6644-c133-000000002e00 1 McAfee, Inc.
771ee782-76d4-6644-b033-000000002e00 1 McAfee, Inc.
771ee782-76d5-6644-b133-000000002e00 1 McAfee, Inc.
771ee782-778e-6644-be33-000000002e00 1 MUSARUBRA US LLC
771ee782-774e-6644-b933-000000002e00 1 MUSARUBRA US LLC
771ee782-7704-6644-b633-000000002e00 1 MUSARUBRA US LLC
771ee782-7300-6644-4233-000000002e00 1 MUSARUBRA US LLC
771ee782-7300-6644-4233-000000002e00 1 MUSARUBRA US LLC
771ee782-7300-6644-4233-000000002e00 1 Microsoft Corporation
771ee782-7300-6644-4233-000000002e00 1 Microsoft Corporation
771ee782-7300-6644-4233-000000002e00 1 MUSARUBRA US LLC
771ee782-7300-6644-4233-000000002e00 1 MUSARUBRA US LLC
771ee782-7300-6644-4233-000000002e00 1 Microsoft Corporation
771ee782-7300-6644-4233-000000002e00 1 Microsoft Corporation
771ee782-7300-6644-4233-000000002e00 1 Microsoft Corporation
771ee782-7300-6644-4233-000000002e00 1 Microsoft Corporation
771ee782-76f1-6644-b333-000000002e00 1 MUSARUBRA US LLC
771ee782-7746-6644-b733-000000002e00 1 MUSARUBRA US LLC
771ee782-778d-6644-bd33-000000002e00 1 MUSARUBRA US LLC
771ee782-7699-6644-ad33-000000002e00 1 MUSARUBRA US LLC
771ee782-78e9-6644-c933-000000002e00 1 MUSARUBRA US LLC
771ee782-77a4-6644-bf33-000000002e00 1 MUSARUBRA US LLC
771ee782-77aa-6644-c033-000000002e00 1 MUSARUBRA US LLC
771ee782-77dd-6644-c333-000000002e00 1 MUSARUBRA US LLC
771ee782-78b1-6644-c633-000000002e00 1 MUSARUBRA US LLC
771ee782-78d7-6644-c733-000000002e00 1 MUSARUBRA US LLC
771ee782-78e2-6644-c833-000000002e00 1 MUSARUBRA US LLC
771ee782-78ea-6644-ca33-000000002e00 1 MUSARUBRA US LLC
771ee782-7702-6644-b533-000000002e00 1 MUSARUBRA US LLC
771ee782-7747-6644-b833-000000002e00 1 MUSARUBRA US LLC
771ee782-7764-6644-bb33-000000002e00 1 MUSARUBRA US LLC
771ee782-7704-6644-b633-000000002e00 1 MUSARUBRA US LLC
771ee782-778d-6644-bc33-000000002e00 1 MUSARUBRA US LLC
771ee782-77b6-6644-c133-000000002e00 1 MUSARUBRA US LLC
771ee782-76d4-6644-b033-000000002e00 1 MUSARUBRA US LLC
771ee782-76ff-6644-b433-000000002e00 1 MUSARUBRA US LLC
771ee782-76d5-6644-b133-000000002e00 1 MUSARUBRA US LLC
771ee782-77b9-6644-c233-000000002e00 1 MUSARUBRA US LLC
771ee782-76d6-6644-b233-000000002e00 1 MUSARUBRA US LLC
771ee782-7752-6644-ba33-000000002e00 1 MUSARUBRA US LLC
771ee782-7844-6644-c533-000000002e00 1 MUSARUBRA US LLC
771ee782-7699-6644-ac33-000000002e00 1 MUSARUBRA US LLC
771ee782-76a2-6644-ae33-000000002e00 1 MUSARUBRA US LLC
771ee782-76ac-6644-af33-000000002e00 1 MUSARUBRA US LLC
771ee782-76d5-6644-b133-000000002e00 1 VMware, Inc.
771ee782-3405-6632-5f00-000000002e00 1 Microsoft Corporation
771ee782-76f1-6644-b333-000000002e00 1 Microsoft Corporation
771ee782-7746-6644-b733-000000002e00 1 Microsoft Corporation
5c63677a-7d54-6644-0310-000000004500 1 Oracle America, Inc.
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-7d56-6644-0810-000000004500 1 MUSARUBRA US LLC
5c63677a-a24c-6641-3e00-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-7d54-6644-0510-000000004500 1 MUSARUBRA US LLC
5c63677a-a246-6641-3500-000000004500 1 MUSARUBRA US LLC
5c63677a-a246-6641-3500-000000004500 1 MUSARUBRA US LLC
5c63677a-7d41-6644-e40f-000000004500 1 Microsoft Corporation
5c63677a-7d41-6644-e40f-000000004500 1 Microsoft Corporation
5c63677a-7d41-6644-e40f-000000004500 1 Microsoft Corporation
5c63677a-7d41-6644-e40f-000000004500 1 Microsoft Corporation
5c63677a-7d52-6644-0010-000000004500 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004500 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004501 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004502 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004503 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004504 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004505 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004506 1 VMware, Inc.
5c63677a-7d52-6644-0010-000000004507 1 VMware, Inc.
5c63677a-7d43-6644-ed0f-000000004500 1 Microsoft Corporation
SignatureStatus
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
Valid
SourceImage
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe


TargetImage
C:\Windows\System32\consent.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\consent.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\wscript.exe
image
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
TargetImage
C:\Program Files\McAfee\Agent\macmnsvc.exe

C:\Windows\Explorer.EXE
C:\Windows\system32\cmd.exe
C:\Windows\system32\mmc.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Windows\Sysmon64.exe
C:\Windows\Sysmon64.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wermgr.exe
C:\Windows\system32\wermgr.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\Sysmon64.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wermgr.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\Sysmon64.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wermgr.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\Sysmon64.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wermgr.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat P
C:\Program Files\McAfee\Endpoint Security\Threat Prevention
C:\Windows\Explorer.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\consent.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.e
C:\Windows\system32\WScript.EXE
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Endpoint Security\Endpoint Security
C:\Windows\Explorer.EXE
C:\Program Files\McAfee\Agent\x86\McTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusche
C:\Program Files (x86)\Google\Update\1.3.35.451\GoogleCras
C:\Program Files (x86)\Google\Update\1.3.35.451\GoogleCras
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft\Remote Desktop Connectio
C:\Program Files (x86)\NetSarang\Xmanager Enterprise 5\Xma
C:\Program Files (x86)\NetSarang\Xmanager Enterprise 5\Xshel
C:\Program Files (x86)\NetSarang\Xmanager Enterprise 5\Xshel
C:\Program Files (x86)\NetSarang\Xmanager Enterprise 5\Xsou
C:\Program Files (x86)\ossec-agent\ossec-agent.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.
C:\Program Files\IBM\WinCollect\bin\WinCollect.exe
C:\Program Files\IBM\WinCollect\bin\WinCollectSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\McAfee\Agent\macmnsvc.exe
C:\Program Files\McAfee\Agent\masvc.exe
C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
C:\Program Files\McAfee\Agent\x86\McTray.exe
C:\Program Files\McAfee\Agent\x86\mfemactl.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Endpoint Security\Endpoint Security
C:\Program Files\McAfee\Endpoint Security\Threat Prevention
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PuTTY\putty.exe
C:\Program Files\Quest Software\Toad for Oracle 12\Toad.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGA
C:\Windows\Explorer.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Sysmon64.exe
C:\Windows\system32\atbroker.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\dllhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DrvInst.exe
C:\Windows\System32\dsregcmd.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\fontdrvhost.exe
C:\Windows\System32\InstallAgent.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\mmc.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\msdtc.exe
C:\Windows\System32\rdpclip.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\scrnsave.scr
C:\Windows\system32\ServerManager.exe
C:\Windows\system32\ServerManagerLauncher.exe
C:\Windows\system32\sihost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\TSTheme.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.e
C:\Windows\system32\winlogon.exe
C:\Windows\system32\WScript.EXE
C:\Windows\System32\wuapihost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\XblGameSaveTask.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\runonce.exe
C:\Program Files\McAfee\Agent\x86\McTray.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\mmc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.e
C:\Windows\system32\WScript.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusche
C:\Program Files\McAfee\Agent\x86\McTray.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\Microsoft Office\Office16\msoia.exe
C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
C:\Windows\Explorer.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Sysmon64.exe
C:\Windows\system32\atbroker.exe
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DrvInst.exe
C:\Windows\System32\dsregcmd.exe
C:\Windows\system32\dwm.exe
C:\Windows\System32\InstallAgent.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\mmc.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\rdpclip.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\scrnsave.scr
C:\Windows\system32\ServerManager.exe
C:\Windows\system32\ServerManagerLauncher.exe
C:\Windows\system32\sihost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\TSTheme.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.e
C:\Windows\system32\winlogon.exe
C:\Windows\system32\WScript.EXE
C:\Windows\System32\wuapihost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\XblGameSaveTask.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\runonce.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstac
C:\Windows\Explorer.EXE
C:\Windows\winsxs\amd64_microsoft-windows-servicingstac
C:\Windows\Sysmon64.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.e
SourceImage
SourceImage: C:\Windows\system32\svchost.exe
SourceImage: C:\Windows\system32\svchost.exe
\\localhost\admin$\PSMWinAgent.exe
\\localhost\admin$\PSMWinAgent.exe
\\localhost\admin$\PSMWinAgent.exe
\\localhost\admin$\PSMWinAgent.exe
\\localhost\admin$\PSMWinAgent.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
C:\Program Files\McAfee\Agent\masvc.exe
C:\Program Files\McAfee\Agent\masvc.exe
C:\Program Files\McAfee\Agent\masvc.exe
C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\McAfee\MAR\mfemvedr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Sysmon64.exe
C:\Windows\Sysmon64.exe
GrantedAccess
GrantedAccess: Unknown code (0x3000)
GrantedAccess: Unknown code (0x3000)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
Unknown code (0x1FFFFF)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
Unknown code (0x1FFFFF)
Unknown code (0x1FFFFF)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
Unknown code (0x1FFFFF)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
Unknown code (0x1FFFFF)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: Unknown code (0x101410)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: Unknown code (0x1478)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

GrantedAccess: 0x1010 (PROCESS_QUERY_LIMITED_INFORMATION & PROCESS_VM_READ)


GrantedAccess: 0x1010 (PROCESS_QUERY_LIMITED_INFORMATION & PROCESS_VM_READ)
0x1410 (Possible lsass.exe exploitation)

GrantedAccess: 0x1410 (Possible lsass.exe exploitation)

GrantedAccess: 0x1410 (Possible lsass.exe exploitation)


GrantedAccess: 0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

0x1410 (Possible lsass.exe exploitation)


0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1410 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
GrantedAccess: 0x1438 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)
0x1410 (Possible lsass.exe exploitation)

You might also like