SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile ET INFO AutoIt User-Agent Downloading ZIP
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET HUNTING Suspicious POST with Common Windows Process Names - Possible Process List Exfiltration