| description | ioc | process |
|---|
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\chrome_pwa_launcher.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Windows Defender\MSASCui.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroTextExtractor.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VPREVIEW.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\onenoteshare.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\HxTsr.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\native2ascii.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PDFREFLOW.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_1.0.45.0_x64__8wekyb3d8bbwe\PurchaseApp.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe\PilotshubApp.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javaw.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Maps.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\keytool.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WORDICON.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\3DViewer.ResourceResolver.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.101.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe\XboxIdp.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Windows Defender\NisSrv.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeHost.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PPTICO.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ShowHelp.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\VideoLAN\VLC\vlc.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jconsole.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SELFCERT.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppSharingHookController.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Windows Mail\WinMail.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jarsigner.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Wordconv.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\wsimport.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\XboxApp.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\setup.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\extcheck.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jhat.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\Integrator.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\AcroLayoutRecognizer.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msotd.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\Video.UI.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Wallet_1.0.16328.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\89.0.4389.114\89.0.4389.114_chrome_installer.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files (x86)\Windows Mail\wab.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DWTRIG20.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-container.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Windows Defender\MsMpEng.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\java-rmi.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOHTMED.EXE | vpnTKB.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\WindowsCamera.exe | vpnTKB.exe |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\ktab.exe | vpnTKB.exe |
