ET INFO Executable Download from dotted-quad Host
ET POLICY Unsupported/Fake Windows NT Version 5.0
ET MALWARE Single char EXE direct download likely trojan (multiple families)
ET POLICY Terse Named Filename EXE Download - Possibly Hostile
ET POLICY PE EXE or DLL Windows file download HTTP
ET EXPLOIT_KIT DRIVEBY Likely Evil EXE with no referer from HFS webserver (used by Unknown EK)
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET INFO EXE - Served Attached HTTP
ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
ET POLICY Executable and linking format (ELF) file download
ET INFO DYNAMIC_DNS Query to 3322.net Domain *.3322.net
ET POLICY Cryptocurrency Miner Checkin
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.3322.net
ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection