ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Possible Windows executable sent when remote host claims to send a Text File ET CURRENT_EVENTS Likely Evil EXE download from MSXMLHTTP non-exe extension M2
ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Possible Windows executable sent when remote host claims to send a Text File ET CURRENT_EVENTS Likely Evil EXE download from MSXMLHTTP non-exe extension M2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex