Alert Table for 2017-11-21-traffic-analysis-exercise-4-of-6.pcap

Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
37.0 98 10.4.1.102 49161 109.120.150.110 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
41.0 287 10.4.1.102 49162 143.95.251.21 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
41.0 299 10.4.1.102 49163 34.194.44.150 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
42.0 310 10.4.1.102 49165 83.137.194.27 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
42.0 320 10.4.1.102 49166 213.186.33.87 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
43.0 403 213.186.33.87 80 10.4.1.102 49166 Potential Corporate Privacy Violation ET POLICY PE EXE or DLL Windows file download HTTP 1
43.0 403 213.186.33.87 80 10.4.1.102 49166 A Network Trojan was detected ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 1
43.0 403 213.186.33.87 80 10.4.1.102 49166 A Network Trojan was detected ET MALWARE JS/WSF Downloader Dec 08 2016 M3 1
43.0 403 213.186.33.87 80 10.4.1.102 49166 A Network Trojan was detected ET MALWARE JS/WSF Downloader Dec 08 2016 M4 1
43.0 403 213.186.33.87 80 10.4.1.102 49166 Misc activity ET INFO EXE - Served Attached HTTP 3
141.0 12044 10.4.1.102 62501 10.4.1.1 53 Misc activity ET INFO DNS Query to .onion proxy Domain (onion.link) 3
144.0 12097 10.4.1.102 50089 10.4.1.1 53 Misc activity ET INFO DNS Query to .onion proxy Domain (onion.link) 3