URL:

https://hidrive.ionos.com/share/6jfe.gdsco

Full analysis: https://app.any.run/tasks/ac9de66a-5d19-4a21-9924-3966498e02fb
Verdict: Malicious activity
Analysis date: December 06, 2022, 02:43:41
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MD5:

64AF7FDA089158A9E45EB7926315C1BA

SHA1:

751C69341607283E84394E05043372051C7A3EE6

SHA256:

0249B216332E5B4A0238F50C53569F6E244B9903C344157BDCD527C1F866C16C

SSDEEP:

3:N8whMTAJyKmNCfALr:2whMTiyKmNIY

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.
  • MALICIOUS

    No malicious indicators.
  • SUSPICIOUS

    No suspicious indicators.
  • INFO

    • Application launched itself

      • iexplore.exe (PID: 2800)
      • firefox.exe (PID: 2136)
      • firefox.exe (PID: 3228)
      • firefox.exe (PID: 3272)
      • firefox.exe (PID: 3244)
    • Executable content was dropped or overwritten

      • firefox.exe (PID: 3228)
    • Drops the executable file immediately after the start

      • firefox.exe (PID: 3228)
    • Drops a file that was compiled in debug mode

      • firefox.exe (PID: 3228)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
53
Monitored processes
18
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start iexplore.exe iexplore.exe firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs opera.exe firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2800"C:\Program Files\Internet Explorer\iexplore.exe" "https://hidrive.ionos.com/share/6jfe.gdsco"C:\Program Files\Internet Explorer\iexplore.exe
Explorer.EXE
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
1
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\rpcrt4.dll
2972"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2800 CREDAT:267521 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
3272"C:\Program Files\Mozilla Firefox\firefox.exe" C:\Program Files\Mozilla Firefox\firefox.exeExplorer.EXE
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Exit code:
0
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
3244"C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe
firefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
2756"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3244.0.1022103905\112773986" -parentBuildID 20201112153044 -prefsHandle 1116 -prefMapHandle 908 -prefsLen 1 -prefMapSize 238726 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3244 "\\.\pipe\gecko-crash-server-pipe.3244" 1200 gpuC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
3424"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3244.6.904269341\1887590794" -childID 1 -isForBrowser -prefsHandle 4420 -prefMapHandle 4416 -prefsLen 245 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3244 "\\.\pipe\gecko-crash-server-pipe.3244" 4432 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\crypt32.dll
1760"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3244.13.893578151\408090212" -childID 2 -isForBrowser -prefsHandle 2772 -prefMapHandle 2768 -prefsLen 6644 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3244 "\\.\pipe\gecko-crash-server-pipe.3244" 2664 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
83.0
Modules
Images
c:\windows\system32\ntdll.dll
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
560"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3244.20.307675642\69405161" -childID 3 -isForBrowser -prefsHandle 1696 -prefMapHandle 2680 -prefsLen 7470 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3244 "\\.\pipe\gecko-crash-server-pipe.3244" 1948 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\kernelbase.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
556"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3244.21.636924495\1245508781" -childID 4 -isForBrowser -prefsHandle 1968 -prefMapHandle 1952 -prefsLen 7470 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3244 "\\.\pipe\gecko-crash-server-pipe.3244" 1852 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
3936"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3244.34.1915723525\2004123509" -childID 5 -isForBrowser -prefsHandle 3192 -prefMapHandle 3772 -prefsLen 8051 -prefMapSize 238726 -parentBuildID 20201112153044 -appdir "C:\Program Files\Mozilla Firefox\browser" - 3244 "\\.\pipe\gecko-crash-server-pipe.3244" 3720 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
83.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\crypt32.dll
Total events
28 870
Read events
28 600
Write events
267
Delete events
3

Modification events

(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
Operation:writeName:NTPDaysSinceLastAutoMigration
Value:
1
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
Operation:writeName:NTPLastLaunchLowDateTime
Value:
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
Operation:writeName:NTPLastLaunchHighDateTime
Value:
31000860
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
Operation:writeName:NextCheckForUpdateLowDateTime
Value:
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
Operation:writeName:NextCheckForUpdateHighDateTime
Value:
31000860
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Operation:writeName:CompatibilityFlags
Value:
0
(PID) Process:(2800) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
Executable files
2
Suspicious files
173
Text files
91
Unknown types
51

Dropped files

PID
Process
Filename
Type
2800iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PO2HN1X2\favicon[1].icoimage
MD5:DA597791BE3B6E732F0BC8B20E38EE62
SHA256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
2800iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icoimage
MD5:DA597791BE3B6E732F0BC8B20E38EE62
SHA256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
2800iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442der
MD5:503AD061073A29CEE4CB12D552F6A5B3
SHA256:D2A97423F8B71CA1DAAC39F8A037DCA022303C1ADFBD49995EFF3B36AFFF33F9
2800iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PO2HN1X2\favicon[2].icoimage
MD5:DA597791BE3B6E732F0BC8B20E38EE62
SHA256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
2972iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_9487BC0D4381A7CDEB9A8CC43F66D27Cder
MD5:3F9C67B7D7AE608452C63CD881F5DC2F
SHA256:7E16184543895B302D63326C26769A7F1964D960065271167C7D541EAC95A54B
2972iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\OpenSans-Regular-webfont[1].eoteot
MD5:C35AD7C76819575781C833319C13711B
SHA256:F9FCE0F46BC48827860C25AFA8F3E1A0B51663ADB79520E4FBDC65BDE0E8DB00
2972iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4344B8AF97AF3A423D9EE52899963CDE_43880EDEF15B5A20B88889CE602E76F4der
MD5:76CC2D9805A2E8721AA8FFC93B10ACBD
SHA256:BDFB8816E626D1E9031C21023510DA0CDD5484C20AE932360796D6A7C5F65252
2800iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442binary
MD5:1FF600DCA6075F42F1FBF1837A573117
SHA256:E85BB4987A830F9C2D95F36F536C45EFF41BF0D4D89A5EF245FFE21BC5593AD6
2972iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\hdshare.6244cf09593d1e111055[1].csstext
MD5:F6B5A47498C9089B5D3CEED04A564F02
SHA256:2A5953D15EAF9BD8652BC7508FE7C2A2CC86584E63DCE2C4A2465B8BD149F592
2972iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4344B8AF97AF3A423D9EE52899963CDE_43880EDEF15B5A20B88889CE602E76F4binary
MD5:AE2B627A94C0183DF23F904E82599F9C
SHA256:7F2FCD55758E58D23D7EDE628D0226A0A9BF5C6375E5FADE9BBDCBDC0EBC4EDF
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
37
TCP/UDP connections
107
DNS requests
123
Threats
11

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2800
iexplore.exe
GET
200
178.79.242.0:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?2d468724c325a5de
DE
compressed
4.70 Kb
whitelisted
2800
iexplore.exe
GET
200
93.184.220.29:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA%2BnRyLFPYjID1ie%2Bx%2BdSjo%3D
US
der
1.47 Kb
whitelisted
2800
iexplore.exe
GET
200
95.140.236.0:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?54d1ef69a06bc672
GB
compressed
4.70 Kb
whitelisted
2972
iexplore.exe
GET
304
8.248.117.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?1b946f80c2af1f78
US
whitelisted
2972
iexplore.exe
GET
200
93.184.220.29:80
http://status.geotrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR3enuod9bxDxzpICGW%2B2sabjf17QQUkFj%2FsJx1qFFUd7Ht8qNDFjiebMUCEAxWUwVuyJybTQKjYvP7E2M%3D
US
der
471 b
whitelisted
2972
iexplore.exe
GET
200
93.184.220.29:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D
US
der
471 b
whitelisted
2972
iexplore.exe
GET
200
8.248.117.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?9b926f665869bdff
US
compressed
4.70 Kb
whitelisted
3244
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt?ipv4
US
text
8 b
whitelisted
3244
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt
US
text
8 b
whitelisted
3244
firefox.exe
POST
200
93.184.220.29:80
http://ocsp.digicert.com/
US
der
471 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2800
iexplore.exe
93.184.220.29:80
ocsp.digicert.com
EDGECAST
GB
whitelisted
2800
iexplore.exe
178.79.242.0:80
ctldl.windowsupdate.com
LLNW
DE
malicious
2800
iexplore.exe
204.79.197.200:443
www.bing.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2972
iexplore.exe
85.214.3.95:443
hidrive.ionos.com
Strato AG
DE
suspicious
2800
iexplore.exe
85.214.3.95:443
hidrive.ionos.com
Strato AG
DE
suspicious
2800
iexplore.exe
152.199.19.161:443
iecvlist.microsoft.com
EDGECAST
US
whitelisted
2800
iexplore.exe
95.140.236.0:80
ctldl.windowsupdate.com
LLNW
US
whitelisted
3244
firefox.exe
34.107.221.82:80
detectportal.firefox.com
GOOGLE
US
whitelisted
152.199.19.161:443
iecvlist.microsoft.com
EDGECAST
US
whitelisted
2972
iexplore.exe
93.184.220.29:80
ocsp.digicert.com
EDGECAST
GB
whitelisted

DNS requests

Domain
IP
Reputation
api.bing.com
  • 13.107.5.80
whitelisted
www.bing.com
  • 204.79.197.200
  • 13.107.21.200
whitelisted
ctldl.windowsupdate.com
  • 178.79.242.0
  • 95.140.236.0
  • 8.248.117.254
  • 8.241.78.126
  • 8.248.113.254
  • 8.238.28.126
  • 8.241.121.126
whitelisted
ocsp.digicert.com
  • 93.184.220.29
whitelisted
status.geotrust.com
  • 93.184.220.29
whitelisted
iecvlist.microsoft.com
  • 152.199.19.161
whitelisted
r20swj13mr.microsoft.com
  • 152.199.19.161
whitelisted
detectportal.firefox.com
  • 34.107.221.82
whitelisted
prod.detectportal.prod.cloudops.mozgcp.net
  • 34.107.221.82
  • 2600:1901:0:38d7::
whitelisted
example.org
  • 93.184.216.34
whitelisted

Threats

PID
Process
Class
Message
3244
firefox.exe
Potentially Bad Traffic
ET INFO Terse Request for .txt - Likely Hostile
3244
firefox.exe
Potentially Bad Traffic
ET INFO Terse Request for .txt - Likely Hostile
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
2736
opera.exe
Potentially Bad Traffic
ET INFO TLS Handshake Failure
3228
firefox.exe
Potentially Bad Traffic
ET INFO Terse Request for .txt - Likely Hostile
No debug info