ET HUNTING Telegram API Domain in DNS Lookup ET INFO TLS Handshake Failure ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DROP Spamhaus DROP Listed Traffic Inbound group 13 ET MALWARE NanoCore RAT CnC 7 ET MALWARE NanoCore RAT Keep-Alive Beacon (Inbound) ET MALWARE NanoCore RAT Keepalive Response 3 ET MALWARE NanoCore RAT Keepalive Response 1