Alert Table for 2017-12-15-traffic-analysis-exercise-1-of-2.pcap

Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
178.0 103 10.1.1.97 49160 34.233.12.25 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
283.0 720 10.1.1.97 49167 198.187.29.22 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
284.0 n/a 34.233.12.25 80 10.1.1.97 49160 Attempted Information Leak GPL WEB_SERVER 403 Forbidden 2
302.0 1261 69.164.223.38 80 10.1.1.97 49168 Attempted Information Leak GPL WEB_SERVER 403 Forbidden 2
304.0 1300 10.1.1.97 49169 69.164.223.38 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
326.0 1898 10.1.1.97 49171 81.169.145.159 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
344.0 2452 10.1.1.97 49173 162.255.119.15 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
365.0 3090 10.1.1.97 49175 91.216.107.226 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
387.0 3692 10.1.1.97 49177 175.103.55.71 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
388.0 n/a 10.1.1.97 49165 198.105.244.228 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
388.0 n/a 10.1.1.97 49163 209.15.20.221 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
446.0 4393 10.1.1.97 49183 103.224.212.222 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
466.0 n/a 10.1.1.97 49179 198.105.244.228 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
530.0 4992 10.1.1.97 49188 162.213.255.172 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
531.0 n/a 10.1.1.97 49181 50.63.202.43 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
531.0 n/a 10.1.1.97 49185 198.105.244.228 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
558.0 5628 10.1.1.97 49190 34.233.12.25 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
663.0 n/a 34.233.12.25 80 10.1.1.97 49190 Attempted Information Leak GPL WEB_SERVER 403 Forbidden 2
663.0 6234 10.1.1.97 49196 198.187.29.22 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
681.0 6773 69.164.223.38 80 10.1.1.97 49197 Attempted Information Leak GPL WEB_SERVER 403 Forbidden 2
684.0 6814 10.1.1.97 49198 69.164.223.38 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
705.0 7442 10.1.1.97 49200 81.169.145.159 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
725.0 7991 10.1.1.97 49202 162.255.119.15 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
744.0 8603 10.1.1.97 49204 91.216.107.226 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
765.0 9192 10.1.1.97 49206 175.103.55.71 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
824.0 n/a 10.1.1.97 49210 50.63.202.43 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
824.0 n/a 10.1.1.97 49192 209.15.20.221 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
824.0 n/a 10.1.1.97 49194 198.105.244.228 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
824.0 n/a 10.1.1.97 49214 198.105.244.228 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
824.0 n/a 10.1.1.97 49208 198.105.244.228 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
826.0 9897 10.1.1.97 49212 103.224.212.222 80 Malware Command and Control Activity Detected ET MALWARE Formbook 0.3 Checkin 1
Alerts provided by Emerging Threats 2022-04-08
Open in new window Done