CE_Agent_Funding_Advice_pdf.js

Queries for the computername (5 events)

Time & API	Arguments	Status	Return	Repeated
GetComputerNameW July 1, 2021, 8:16 a.m.	computer_name: TEST22-PC	1	1	0
GetComputerNameW July 1, 2021, 8:16 a.m.	computer_name: TEST22-PC	1	1	0
GetComputerNameW July 1, 2021, 8:16 a.m.	computer_name: TEST22-PC	1	1	0
GetComputerNameW July 1, 2021, 8:16 a.m.	computer_name: TEST22-PC	1	1	0
GetComputerNameW July 1, 2021, 8:16 a.m.	computer_name: TEST22-PC	1	1	0

Connects to a Dynamic DNS Domain (1 event)

domain

dilideanter.zapto.org

Executes one or more WMI queries (3 events)

wmi	Select * From Win32_OperatingSystem
wmi	select * from win32_operatingsystem
wmi	select * from win32_logicaldisk

Executes one or more WMI queries which can be used to identify virtual machines (1 event)

wmi	select * from win32_logicaldisk

Communicates with host for which no DNS query was performed (1 event)

host	172.217.25.14

Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (9 events)

dead_host	192.168.56.102:49812
dead_host	192.168.56.102:49813
dead_host	192.168.56.102:49810
dead_host	192.168.56.102:49811
dead_host	192.168.56.102:49808
dead_host	185.19.85.169:7272
dead_host	192.168.56.102:49809
dead_host	192.168.56.102:49814
dead_host	192.168.56.102:49815