Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | June 29, 2021, 10:42 a.m. | June 29, 2021, 10:42 a.m. |
-
-
regini.exe "C:\Windows\System32\regini.exe" c.xalm
596
-
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 45.113.202.180:608 -> 192.168.56.101:49198 | 2018959 | ET POLICY PE EXE or DLL Windows file download HTTP | Potential Corporate Privacy Violation |
TCP 45.113.202.180:608 -> 192.168.56.101:49198 | 2021076 | ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response | Potentially Bad Traffic |
Suricata TLS
No Suricata TLS