ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET MALWARE Possible Metasploit Payload Common Construct Bind_API (from server)
ET MALWARE Possible Windows executable sent when remote host claims to send a Text File
ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2
ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)