Alert Table for 2017-11-21-traffic-analysis-exercise-4-of-6.pcap

Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
37.0 98 10.4.1.102 49161 109.120.150.110 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
41.0 287 10.4.1.102 49162 143.95.251.21 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
41.0 299 10.4.1.102 49163 34.194.44.150 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
42.0 310 10.4.1.102 49165 83.137.194.27 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
42.0 320 10.4.1.102 49166 213.186.33.87 80 A Network Trojan was detected ET MALWARE WS/JS Downloader Mar 07 2017 M1 1
43.0 410 213.186.33.87 80 10.4.1.102 49166 Potential Corporate Privacy Violation ET POLICY PE EXE or DLL Windows file download HTTP 1
43.0 410 213.186.33.87 80 10.4.1.102 49166 A Network Trojan was detected ET CURRENT_EVENTS Likely Evil EXE download from MSXMLHTTP non-exe extension M2 1
43.0 410 213.186.33.87 80 10.4.1.102 49166 A Network Trojan was detected ET MALWARE JS/WSF Downloader Dec 08 2016 M3 1
43.0 410 213.186.33.87 80 10.4.1.102 49166 A Network Trojan was detected ET MALWARE JS/WSF Downloader Dec 08 2016 M4 1
43.0 410 213.186.33.87 80 10.4.1.102 49166 Misc activity ET INFO EXE - Served Attached HTTP 3
141.0 12044 10.4.1.102 62501 10.4.1.1 53 A Network Trojan was detected ET POLICY DNS Query to .onion proxy Domain (onion.link) 1
144.0 12097 10.4.1.102 50089 10.4.1.1 53 A Network Trojan was detected ET POLICY DNS Query to .onion proxy Domain (onion.link) 1
Alerts provided by Emerging Threats 2022-04-08
Open in new window Done