| 0.0 |
n/a |
172.16.123.105 |
49159 |
94.242.198.167 |
1488 |
Misc activity |
ET INFO |
NetSupport Remote Admin Checkin |
3 |
| 0.0 |
n/a |
50.63.76.1 |
80 |
172.16.123.105 |
49173 |
Possible Social Engineering Attempted |
ET EXPLOIT_KIT |
EITest SocEng Inject Jan 15 2017 M1 |
2 |
| 3.0 |
18 |
172.16.123.105 |
49169 |
50.63.76.1 |
80 |
Generic Protocol Command Decode |
SURICATA HTTP |
Request abnormal Content-Encoding header |
3 |
| 5.0 |
161 |
172.16.123.105 |
49173 |
50.63.76.1 |
80 |
Generic Protocol Command Decode |
SURICATA HTTP |
Request abnormal Content-Encoding header |
3 |
| 5.0 |
293 |
172.16.123.105 |
49172 |
50.63.76.1 |
80 |
Generic Protocol Command Decode |
SURICATA HTTP |
Request abnormal Content-Encoding header |
3 |
| 11.0 |
820 |
212.1.208.53 |
80 |
172.16.123.105 |
49180 |
Potential Corporate Privacy Violation |
ET POLICY |
PE EXE or DLL Windows file download HTTP |
1 |
| 11.0 |
820 |
212.1.208.53 |
80 |
172.16.123.105 |
49180 |
Misc activity |
ET INFO |
EXE - Served Attached HTTP |
3 |
| 68.0 |
5883 |
172.16.123.105 |
49186 |
31.31.196.204 |
443 |
Generic Protocol Command Decode |
SURICATA STREAM |
bad window update |
3 |
| 86.0 |
6050 |
165.254.169.64 |
80 |
172.16.123.105 |
49179 |
Generic Protocol Command Decode |
SURICATA HTTP |
unable to match response to request |
3 |
| 332.0 |
6201 |
172.16.123.105 |
49159 |
94.242.198.167 |
1488 |
Misc activity |
ET INFO |
NetSupport Remote Admin Checkin |
3 |
| 332.0 |
6202 |
94.242.198.167 |
1488 |
172.16.123.105 |
49159 |
Misc activity |
ET INFO |
NetSupport Remote Admin Response |
3 |
| 332.0 |
6205 |
172.16.123.105 |
49159 |
94.242.198.167 |
1488 |
A Network Trojan was detected |
ET MALWARE |
NetSupport RAT with System Information |
1 |
| 332.0 |
6205 |
172.16.123.105 |
49159 |
94.242.198.167 |
1488 |
Misc activity |
ET INFO |
NetSupport Remote Admin Checkin |
3 |
| 332.0 |
6207 |
94.242.198.167 |
1488 |
172.16.123.105 |
49159 |
Misc activity |
ET INFO |
NetSupport Remote Admin Response |
3 |
| 392.0 |
6211 |
172.16.123.105 |
49159 |
94.242.198.167 |
1488 |
Misc activity |
ET INFO |
NetSupport Remote Admin Checkin |
3 |
| 452.0 |
6213 |
172.16.123.105 |
49159 |
94.242.198.167 |
1488 |
Misc activity |
ET INFO |
NetSupport Remote Admin Checkin |
3 |
CS Personal
//
cloudshark.org
