ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET DROP Spamhaus DROP Listed Traffic Inbound group 33
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (CoinMiner)
ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2
ET POLICY Observed DNS Query to Coin Mining Domain (nanopool .org)
ET INFO Executable Download from dotted-quad Host
ET INFO Packed Executable Download
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response