Suricata Alerts

Timestamp Source IP Source Port Destination IP Destination Port Protocol GID SID REV Signature Category Severity
2020-06-05 14:09:05.129 192.168.1.6 [VT] 49185 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:09:05.130 192.168.1.6 [VT] 49184 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:09:05.707 192.168.1.6 [VT] 49188 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:09:05.707 192.168.1.6 [VT] 49186 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:09:05.707 192.168.1.6 [VT] 49187 13.107.42.23 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:09:13.890 192.168.1.6 [VT] 49193 184.51.9.166 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:09:19.013 192.168.1.6 [VT] 49194 184.51.9.166 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:09:25.611 192.168.1.6 [VT] 52555 8.8.8.8 [VT] 53 UDP 1 2025105 3 ET INFO DNS Query for Suspicious .ga Domain Potentially Bad Traffic 2
2020-06-05 14:10:19.588 192.168.1.6 [VT] 49203 20.36.252.129 [VT] 443 TCP 1 2028388 2 ET JA3 Hash - Possible Malware - RigEK Unknown Traffic 3
2020-06-05 14:10:48.196 192.168.1.6 [VT] 49205 172.217.23.99 [VT] 443 TCP 1 2028395 2 ET JA3 Hash - Possible Malware - Various Eitest Unknown Traffic 3
2020-06-05 14:12:18.016 144.208.213.45 [VT] 80 192.168.1.6 [VT] 49207 TCP 1 2018959 4 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation 1
2020-06-05 14:12:18.016 144.208.213.45 [VT] 80 192.168.1.6 [VT] 49207 TCP 1 2014520 7 ET INFO EXE - Served Attached HTTP Misc activity 3