Alert Table for 2017-09-19-traffic-analysis-exercise.pcap

Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
330.0 3096 192.168.1.14 49230 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
330.0 3096 192.168.1.14 49230 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
330.0 3100 192.168.1.14 49230 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 1
330.0 3108 192.168.1.14 49231 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
330.0 3108 192.168.1.14 49231 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
331.0 3112 192.168.1.14 49231 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 1
331.0 3120 192.168.1.14 49232 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
331.0 3120 192.168.1.14 49232 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
331.0 3124 192.168.1.14 49232 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
331.0 3124 192.168.1.14 49232 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
392.0 3132 192.168.1.14 49233 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
392.0 3132 192.168.1.14 49233 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
392.0 3135 192.168.1.14 49233 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
392.0 3135 192.168.1.14 49233 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
452.0 8064 192.168.1.14 49375 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
452.0 8064 192.168.1.14 49375 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
452.0 8072 192.168.1.14 49375 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
452.0 8072 192.168.1.14 49375 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
513.0 9124 192.168.1.14 49392 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
513.0 9124 192.168.1.14 49392 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
513.0 9128 192.168.1.14 49392 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
513.0 9128 192.168.1.14 49392 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
574.0 9136 192.168.1.14 49393 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
574.0 9136 192.168.1.14 49393 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
574.0 9140 192.168.1.14 49393 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
574.0 9140 192.168.1.14 49393 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
634.0 9153 192.168.1.14 49394 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
634.0 9153 192.168.1.14 49394 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
634.0 9157 192.168.1.14 49394 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
634.0 9157 192.168.1.14 49394 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
695.0 9165 192.168.1.14 49395 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
695.0 9165 192.168.1.14 49395 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
695.0 9169 192.168.1.14 49395 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
695.0 9169 192.168.1.14 49395 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
755.0 9177 192.168.1.14 49396 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
755.0 9177 192.168.1.14 49396 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
756.0 9181 192.168.1.14 49396 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
756.0 9181 192.168.1.14 49396 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
816.0 9189 192.168.1.14 49397 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
816.0 9189 192.168.1.14 49397 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
816.0 9193 192.168.1.14 49397 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
816.0 9193 192.168.1.14 49397 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
877.0 9201 192.168.1.14 49398 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
877.0 9201 192.168.1.14 49398 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
877.0 9205 192.168.1.14 49398 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
877.0 9205 192.168.1.14 49398 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
937.0 9218 192.168.1.14 49399 31.31.196.236 80 A Network Trojan was detected ET MALWARE LokiBot User-Agent (Charon/Inferno) 1
937.0 9218 192.168.1.14 49399 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Checkin 1
938.0 9222 192.168.1.14 49399 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M1 1
938.0 9222 192.168.1.14 49399 31.31.196.236 80 Malware Command and Control Activity Detected ET MALWARE LokiBot Request for C2 Commands Detected M2 1
Open in new window Done