Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | June 29, 2021, 10:31 a.m. | June 29, 2021, 10:31 a.m. |
-
9804787b31e0025dd2ae9344ca1beae2e701cdf8fd77a60f424295dc9280dc89.exe "C:\Users\test22\AppData\Local\Temp\9804787b31e0025dd2ae9344ca1beae2e701cdf8fd77a60f424295dc9280dc89.exe"
112-
regini.exe "C:\Windows\System32\regini.exe" configure.xalm
2256
-
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 45.113.202.180:608 -> 192.168.56.101:49198 | 2018959 | ET POLICY PE EXE or DLL Windows file download HTTP | Potential Corporate Privacy Violation |
TCP 45.113.202.180:608 -> 192.168.56.101:49198 | 2021076 | ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response | Potentially Bad Traffic |
Suricata TLS
No Suricata TLS
section | .00cfg |
section | .voltbl |