Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 20, 2024, 8:25 p.m. | July 20, 2024, 8:28 p.m. |
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.102:49169 -> 213.5.130.58:443 | 2036594 | ET JA3 Hash - Remcos 3.x/4.x TLS Connection | Malware Command and Control Activity Detected |
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLS 1.3 192.168.56.102:49169 213.5.130.58:443 |
None | None | None |
NANO-Antivirus | Virus.Win32.Gen.ccmw |
DrWeb | Program.Unwanted.5405 |
Gridinsoft | Trojan.U.Remcos.tr |
Microsoft | Trojan:Script/Wacatac.H!ml |
Yandex | Trojan.Penguish!TSEJtDi4xGw |
MaxSecure | Trojan.Malware.300983.susgen |
host | 213.5.130.58 | |||
host | 211.195.221.11 |