ET HUNTING Request for .bin with BITS/ User-Agent
ET MALWARE Generic .bin download from Dotted Quad
ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1
ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1
ET MALWARE Win32/NetDooka Framework RAT Sending System Information M2
ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2
ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2
ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)