Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | July 23, 2024, 1:30 p.m. | July 23, 2024, 1:32 p.m. |
-
wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Update.js
632
Name | Response | Post-Analysis Lookup |
---|---|---|
usve.loyalty.hienphucuanhanloai.org | 45.88.186.194 |
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.103:49161 -> 45.88.186.194:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
TCP 45.88.186.194:443 -> 192.168.56.103:49164 | 2029340 | ET INFO TLS Handshake Failure | Potentially Bad Traffic |
TCP 192.168.56.103:49163 -> 45.88.186.194:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
No Suricata TLS