ET DROP Spamhaus DROP Listed Traffic Inbound group 13
ET DNS Query to a *.top domain - Likely Hostile
ET INFO HTTP Request to a *.top domain
ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
ET POLICY Cryptocurrency Miner Checkin
ET MALWARE Amadey Bot Activity (POST) M1
ET INFO Packed Executable Download
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET HUNTING Possible EXE Download From Suspicious TLD
ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)
ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2