NetWork | ZeroBOX

Flow	SID	Signature	Category
UDP 192.168.56.102:63709 -> 164.124.101.2:53	2028675	ET POLICY DNS Query to DynDNS Domain *.ddns .net	Potentially Bad Traffic
TCP 192.168.56.102:49178 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49175 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49170 -> 66.228.37.7:80	2032162	ET INFO PS1 Powershell File Request	Potentially Bad Traffic
TCP 192.168.56.102:49170 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49165 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49171 -> 66.228.37.7:80	2032162	ET INFO PS1 Powershell File Request	Potentially Bad Traffic
TCP 192.168.56.102:49171 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49179 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 66.228.37.7:80 -> 192.168.56.102:49171	2032172	ET HUNTING Generic Powershell Launching Hidden Window	Potentially Bad Traffic
TCP 192.168.56.102:49166 -> 66.228.37.7:80	2016696	ET HUNTING Suspicious svchost.exe in URI - Possible Process Dump/Trojan Download	Potentially Bad Traffic
TCP 192.168.56.102:49166 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 66.228.37.7:80 -> 192.168.56.102:49175	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
TCP 66.228.37.7:80 -> 192.168.56.102:49166	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
TCP 66.228.37.7:80 -> 192.168.56.102:49179	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
TCP 192.168.56.102:49174 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49189 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49190 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 66.228.37.7:80 -> 192.168.56.102:49190	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
TCP 192.168.56.102:49183 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 192.168.56.102:49184 -> 66.228.37.7:80	2042806	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain	Potentially Bad Traffic
TCP 66.228.37.7:80 -> 192.168.56.102:49184	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts