Suricata Alerts

Timestamp Source IP Source Port Destination IP Destination Port Protocol GID SID REV Signature Category Severity
2020-06-05 14:01:55.352 192.168.1.6 [VT] 49185 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:01:59.414 192.168.1.6 [VT] 49188 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:02:00.570 192.168.1.6 [VT] 49190 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:02:01.041 192.168.1.6 [VT] 49192 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:02:01.075 192.168.1.6 [VT] 49191 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:02:07.292 192.168.1.6 [VT] 49193 23.211.5.239 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:02:09.421 192.168.1.6 [VT] 49194 23.211.5.239 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:02:18.697 192.168.1.6 [VT] 49207 52.158.209.219 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:02:59.480 192.168.1.6 [VT] 49211 52.142.114.176 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:03:01.063 192.168.1.6 [VT] 49212 216.58.212.131 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:03:49.079 144.208.213.45 [VT] 80 192.168.1.6 [VT] 49214 TCP 1 2018959 4 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation 1
2020-06-05 14:03:49.079 144.208.213.45 [VT] 80 192.168.1.6 [VT] 49214 TCP 1 2014520 7 ET INFO EXE - Served Attached HTTP Misc activity 3
2020-06-05 14:04:08.279 144.208.213.45 [VT] 80 192.168.1.6 [VT] 49214 TCP 1 2015744 4 ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging) Misc activity 3
2020-06-05 14:04:31.485 192.168.1.6 [VT] 49219 216.58.212.131 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:04:33.038 192.168.1.6 [VT] 49220 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3