ET ATTACK_RESPONSE RedLine Stealer - CheckConnect Response
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET ATTACK_RESPONSE Win32/LeftHook Stealer Browser Extension Config Inbound
ET POLICY External IP Lookup Domain (myip .opendns .com in DNS lookup)
SURICATA HTTP unable to match response to request
ET INFO Executable Download from dotted-quad Host
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response