http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls

docsecure.top(8.208.102.117) - mailcious
117.18.232.200 - suspicious
164.124.101.2
8.208.102.117

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DNS Query to a *.top domain - Likely Hostile

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls
https://194.36.191.177/sim/sim.php?Rd=Nb&Rf=fb5f7e13&Rk=test22-PC@@TEST22-PC@@test22@@*192.168.56.101%3A%3A%5B00000007%5D%20Intel%28R%29%20PRO/1000%20MT%20Desktop%20Adapter@@Standalone%20Workstation@@@@no%20LDAP%3B%3ASUM%3A0%3A&1790317629

docsecure.top(8.208.102.117) - mailcious
117.18.232.200 - suspicious
164.124.101.2
194.36.191.177 - suspicious
8.208.102.117

ET DNS Query to a *.top domain - Likely Hostile
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)

164.124.101.2 clean

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls

docsecure.top(8.208.102.117) mailcious
117.18.232.200 suspicious
164.124.101.2 clean
8.208.102.117 clean

ET DNS Query to a *.top domain - Likely Hostile
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml clean
https://docsecure.top/xls/00999212.xls clean

docsecure.top(8.208.102.117) mailcious
117.18.232.200 suspicious
164.124.101.2 clean
8.208.102.117 clean

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DNS Query to a *.top domain - Likely Hostile

164.124.101.2 clean

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls clean

docsecure.top(8.208.102.117) mailcious
117.18.232.200 suspicious
164.124.101.2 clean
8.208.102.117 clean

ET DNS Query to a *.top domain - Likely Hostile
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

164.124.101.2 clean

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls clean

docsecure.top(8.208.102.117) mailcious
117.18.232.200 suspicious
164.124.101.2 clean
8.208.102.117 clean

ET DNS Query to a *.top domain - Likely Hostile
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls

docsecure.top(8.208.102.117)
117.18.232.200
164.124.101.2
8.208.102.117

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DNS Query to a *.top domain - Likely Hostile

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml

117.18.232.200
164.124.101.2

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex

164.124.101.2

164.124.101.2

164.124.101.2

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00999212.xls
https://194.36.191.177/sim/sim.php?Rd=Nb&Rf=fb5f7e13&Rk=test22-PC@@TEST22-PC@@test22@@*192.168.56.101%3A%3A%5B00000007%5D%20Intel%28R%29%20PRO/1000%20MT%20Desktop%20Adapter@@Standalone%20Workstation@@@@no%20LDAP%3B%3ASUM%3A0%3A&1951826145

docsecure.top(8.208.102.117)
117.18.232.200
164.124.101.2
194.36.191.177
8.208.102.117

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DNS Query to a *.top domain - Likely Hostile
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)