popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

j-10

Malicious Library Downloader PE32 DLL PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Nov. 5, 2023, 12:29 p.m. Nov. 5, 2023, 12:43 p.m.
Size 70.5KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 c9e0712a084fa3eb3742eb3d690217dd
SHA256 00c4e5966089d9150bd36b0d55ac45011721d7b8d5b1a2207d3a0935eae1dc51
CRC32 1D9945BF
ssdeep 768:G407txg6CVX762AORxFGPRDEEOsx3n+79Namb3GluLrXCS329a1NzBoFsxHv5rMx:Gd7TGAgFqoQn+mmTCuL7HNzBl55rw3
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Network_Downloader - File Downloader
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch
27.124.46.157 Active Moloch

Suricata Alerts

Flow SID Signature Category
TCP 192.168.56.103:49179 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49173 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49170 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49174 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49165 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49176 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49177 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49171 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49180 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49178 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49172 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49184 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49190 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49181 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49187 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49166 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49189 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49168 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49194 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49169 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49197 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49196 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49175 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49198 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49183 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49193 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49191 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49186 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49199 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49209 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49195 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49200 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49206 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49210 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49212 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49208 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49225 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49202 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49214 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49207 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49204 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49224 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49211 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49231 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49216 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49218 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49221 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49239 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49243 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49228 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49250 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49246 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49255 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49234 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49268 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49258 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49241 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49269 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49266 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49262 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49271 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49265 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49274 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49280 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49267 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49275 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49272 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49276 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49284 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49290 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49281 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49288 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49295 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49294 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49297 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49299 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49303 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49301 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49302 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49306 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49304 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49307 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49310 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49343 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49313 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49344 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49311 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49323 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49345 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49314 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49324 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49347 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49320 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49220 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49321 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49235 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49229 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49341 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49238 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49203 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49242 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49252 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49256 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49245 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49257 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49247 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49263 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49222 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49251 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49270 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49254 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49355 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49285 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49226 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49286 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49326 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49357 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49368 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49277 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49278 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49359 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49289 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49330 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49370 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49279 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49236 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49293 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49376 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49316 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49352 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49379 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49318 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49381 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49331 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49287 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49248 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49406 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49334 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49413 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49249 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49292 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49422 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49337 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49259 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49296 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49424 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49340 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49264 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49298 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49433 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49346 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49283 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49442 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49308 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49360 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49361 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49447 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49332 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49365 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49338 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49451 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49348 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49300 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49349 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49385 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49452 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49356 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49367 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49397 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49371 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49372 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49305 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49466 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49363 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49395 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49375 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49398 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49470 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49373 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49309 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49402 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49377 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49472 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49312 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49382 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49431 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49435 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49390 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49482 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49319 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49380 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49440 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49386 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49485 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49444 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49391 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49322 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49490 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49387 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49450 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49404 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49500 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49327 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49461 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49393 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49412 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49407 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49506 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49465 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49410 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49416 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49417 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49423 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49328 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49419 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49428 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49434 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49439 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49474 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49454 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49443 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49478 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49468 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49394 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49449 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49481 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49460 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49512 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49487 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49480 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49401 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49335 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49463 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49494 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49477 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49521 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49496 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49488 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49408 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49497 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49483 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49351 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49499 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49491 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49535 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49486 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49411 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49353 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49540 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49493 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49425 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49504 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49498 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49364 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49427 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49507 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49369 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49501 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49511 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49383 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49430 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49502 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49513 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49389 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49432 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49505 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49403 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49437 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49517 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49531 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49418 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49438 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49527 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49529 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49420 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49536 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49510 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49445 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49534 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49551 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49542 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49553 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49538 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49514 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49560 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49565 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49453 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49562 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49544 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49589 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49550 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49456 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49446 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49592 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49556 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49458 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49457 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49516 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49462 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49473 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49523 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49573 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49464 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49476 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49532 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49574 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49539 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49584 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49471 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49484 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49555 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49599 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49479 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49503 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49609 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49558 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49509 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49593 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49577 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49613 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49519 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49578 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49616 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49566 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49585 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49492 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49622 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49572 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49530 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49588 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49625 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49576 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49590 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49537 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49628 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49580 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49595 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49541 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49587 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49638 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49615 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49543 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49591 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49639 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49545 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49602 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49651 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49610 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49546 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49518 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49656 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49619 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49547 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49522 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49657 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49624 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49549 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49524 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49668 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49626 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49525 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49552 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49633 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49670 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49528 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49641 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49671 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49650 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49640 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49561 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49682 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49659 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49647 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49563 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49660 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49652 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49719 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49564 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49661 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49653 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49727 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49568 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49681 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49658 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49735 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49569 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49665 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49745 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49686 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49570 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49675 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49746 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49679 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49575 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49696 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49749 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49685 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49581 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49699 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49688 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49582 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49700 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49764 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49691 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49583 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49702 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49693 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49594 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49533 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49586 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49779 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49598 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49548 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49596 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49782 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49600 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49607 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49784 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49601 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49620 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49805 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49603 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49579 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49818 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49629 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49604 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49819 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49606 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49605 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49631 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49821 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49698 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49608 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49634 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49822 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49704 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49612 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49642 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49847 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49707 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49617 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49645 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49712 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49854 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49621 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49646 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49611 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49623 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49664 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49614 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49630 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49669 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49618 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49635 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49690 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49627 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49643 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49632 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49644 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49718 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49708 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49636 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49648 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49722 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49637 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49649 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49730 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49724 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49654 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49726 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49751 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49666 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49762 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49747 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49733 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49765 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49777 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49743 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49758 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49750 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49785 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49655 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49761 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49789 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49662 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49763 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49663 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49796 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49770 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49667 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49803 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49773 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49672 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49781 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49804 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49674 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49783 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49811 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49786 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49820 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49683 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49793 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49826 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49799 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49692 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49808 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49705 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49815 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49835 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49817 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49714 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49827 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49673 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49720 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49676 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49721 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49677 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49760 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49723 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49829 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49678 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49725 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49694 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49728 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49734 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49737 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49772 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49831 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49739 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49741 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49710 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49755 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49774 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49716 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49839 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49759 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49717 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49769 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49729 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49775 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49771 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49732 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49776 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49738 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49778 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49842 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49748 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49787 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49753 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49792 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49757 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49798 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49853 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49767 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49797 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49801 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49790 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49802 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49855 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49795 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49806 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49851 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49800 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49807 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49812 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49809 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49813 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49814 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49816 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49823 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49828 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49825 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49850 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49833 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49837 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49840 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2022050 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 A Network Trojan was detected
TCP 192.168.56.103:49846 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49848 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 192.168.56.103:49849 -> 27.124.46.157:8000 2221033 SURICATA HTTP Request abnormal Content-Encoding header Generic Protocol Command Decode
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49188 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49703 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49713 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49405 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49333 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49752 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49315 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49711 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49436 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49201 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49838 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49339 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49754 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49421 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49467 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49384 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49810 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49358 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49557 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49185 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49742 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49559 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49852 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49756 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49834 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49744 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49832 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49794 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49567 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49223 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49329 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49469 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49409 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49687 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49459 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49515 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49392 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49414 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49167 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49342 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49217 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49455 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49520 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49736 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49697 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49706 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49475 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49508 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49182 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49597 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49788 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49192 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49336 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49291 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49780 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49399 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49163 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49695 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49689 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49766 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49205 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49571 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49164 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49709 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49366 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49448 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49715 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49426 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49768 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49731 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49261 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49841 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49489 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49526 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49350 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49362 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49282 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49684 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49740 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49396 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49495 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49830 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49213 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49215 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49836 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49791 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49325 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49253 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49554 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49388 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49429 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49824 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49441 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49680 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49701 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49273 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49354 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49374 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49317 2014520 ET INFO EXE - Served Attached HTTP Misc activity
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2019103 ET MALWARE OneLouder EXE download possibly installing Zeus P2P A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2022051 ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2022053 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2023679 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 A Network Trojan was detected
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 27.124.46.157:8000 -> 192.168.56.103:49219 2014520 ET INFO EXE - Served Attached HTTP Misc activity

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0
suspicious_features Connection to IP address suspicious_request GET http://27.124.46.157:8000/1
request GET http://27.124.46.157:8000/1
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x744ed000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x752e1000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x76e01000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x75931000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x74470000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x74501000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x74101000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 1820
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x740f1000
process_handle: 0xffffffff
1 0 0
Time & API Arguments Status Return Repeated

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934270464
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933910016
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934262272
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934381056
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934237696
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934434304
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934532608
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934532608
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934073856
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934516224
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934544896
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934503936
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934532608
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934491648
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934520320
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934479360
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934508032
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934467072
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933971456
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933918208
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933955072
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933910016
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933942784
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933897728
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933930496
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933885440
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933918208
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933873152
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933905920
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933860864
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933975552
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934065664
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933578240
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934049280
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934049280
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934036992
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934036992
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934024704
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933557760
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934008320
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934057472
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934049280
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934057472
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934057472
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933574144
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934041088
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9933565952
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934024704
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934036992
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9934012416
root_path: C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
total_number_of_bytes: 0
1 1 0
file C:\Users\test22\AppData\Roaming\5Q3F4ZYWu4.exe
file C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\1[1]
file C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\1[1]
Time & API Arguments Status Return Repeated

Process32NextW

 snapshot_handle: 0x000000fc
process_name: mobsync.exe
process_identifier: 1664
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: pw.exe
process_identifier: 1700
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: taskhost.exe
process_identifier: 1680
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: cmd.exe
process_identifier: 776
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: SearchProtocolHost.exe
process_identifier: 1440
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: conhost.exe
process_identifier: 524
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: SearchFilterHost.exe
process_identifier: 1492
1 1 0

Process32NextW

 snapshot_handle: 0x000000fc
process_name: pw.exe
process_identifier: 1072
1 1 0
Time & API Arguments Status Return Repeated

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:46 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 752
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:40:47 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 804
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:40:49 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 808
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:50 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 812
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:40:50 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 824
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:51 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 832
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:52 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 836
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:40:53 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 828
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:55 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 776
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:55 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:40:55 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 836
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:40:56 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 828
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:40:56 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 828
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:01 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 828
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:05 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-type: application/octet-stream content-disposition: attachment; filename="1" accept-ranges: bytes date: Sun, 05 Nov 2023 03:41:06 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:08 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:12 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:41:12 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:14 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 848
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:15 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 820
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:16 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 820
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:17 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 848
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:18 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-type: application/octet-stream content-disposition: attachment; filename="1" accept-ranges: bytes date: Sun, 05 Nov 2023 03:41:19 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:20 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 864
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-type: application/octet-stream content-disposition: attachment; filename="1" accept-ranges: bytes date: Sun, 05 Nov 2023 03:41:20 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 820
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:21 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 844
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:22 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:41:24 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:41:25 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:26 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 864
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:28 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 820
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:31 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:33 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 792
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-type: application/octet-stream content-disposition: attachment; filename="1" accept-ranges: bytes date: Sun, 05 Nov 2023 03:41:34 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:41:35 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 820
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:36 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 848
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:38 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 820
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:38 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:42 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:41:43 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:45 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:46 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:53 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 864
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-disposition: attachment; filename="1" content-type: application/octet-stream date: Sun, 05 Nov 2023 03:41:54 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 840
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" accept-ranges: bytes content-disposition: attachment; filename="1" content-type: application/octet-stream last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:54 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 856
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" date: Sun, 05 Nov 2023 03:41:56 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 792
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 accept-ranges: bytes etag: "0:771f0:64e89e68:39f2e340" content-type: application/octet-stream content-disposition: attachment; filename="1" last-modified: Fri, 25 Aug 2023 12:28:24 GMT date: Sun, 05 Nov 2023 03:41:56 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 844
1 1024 0

recv

 buffer: HTTP/1.1 200 OK content-length: 487920 etag: "0:771f0:64e89e68:39f2e340" last-modified: Fri, 25 Aug 2023 12:28:24 GMT content-type: application/octet-stream content-disposition: attachment; filename="1" accept-ranges: bytes date: Sun, 05 Nov 2023 03:42:01 GMT MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $aõ%s¦%s¦%s¦s`¦s¦¦}¦s¦q=C¦?s¦Ú>y¦(s¦%r¦xs¦G`¦<s¦8y¦÷s¦8x¦s¦%s¦¤s¦âu¦$s¦Rich%s¦PEL¸õTà à€€ _ p@ð‘¯håÄphuPð!UPX0€ €àUPX1à Ò@à.rsrc€pzÖ@À
received: 1024
socket: 860
1 1024 0
host 27.124.46.157