aEYnbsDbnQ.zip| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6402 | March 15, 2023, 1:16 p.m. | March 15, 2023, 1:19 p.m. |
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 115.178.55.22:80 -> 192.168.56.102:49193 | 2029340 | ET INFO TLS Handshake Failure | Potentially Bad Traffic |
| TCP 93.84.115.205:7080 -> 192.168.56.102:49191 | 2029340 | ET INFO TLS Handshake Failure | Potentially Bad Traffic |
| TCP 192.168.56.102:49194 -> 218.38.121.17:443 | 2404310 | ET CNC Feodo Tracker Reported CnC Server group 11 | A Network Trojan was detected |
| TCP 218.38.121.17:443 -> 192.168.56.102:49195 | 2029340 | ET INFO TLS Handshake Failure | Potentially Bad Traffic |
| TCP 192.168.56.102:49196 -> 186.250.48.5:443 | 2404307 | ET CNC Feodo Tracker Reported CnC Server group 8 | A Network Trojan was detected |
Suricata TLS
No Suricata TLS
| host | 115.178.55.22 | |||
| host | 138.197.14.67 | |||
| host | 186.250.48.5 | |||
| host | 193.194.92.175 | |||
| host | 218.38.121.17 | |||
| host | 93.84.115.205 | |||
| dead_host | 186.250.48.5:443 |
| dead_host | 193.194.92.175:443 |
| dead_host | 138.197.14.67:8080 |