Malware Analysis
An in-depth look into alerts, triggers, and known false positive indicators to assist customers with better understanding events on their networks.
- MALWARE Observed Honeygain Domain (api .honeygain .com in TLS SNI)
- TROJAN Possible Malicious Invoice EXE
- MALWARE User-Agent (Firefox) - Possible Trojan Downloader
- MALWARE TakeMyFile User-Agent
- TROJAN Large DNS Query possible covert channel
- TROJAN MS Remote Desktop edc User Login Request
- MALWARE Suspicious Domain (flow .lavasoft .com) in TLS SNI
- TROJAN Likely Linux/Xorddos.F DDoS Attack Participation (aa.hostasa.org)
- MALWARE AndroidOS/Trojan.OJNF-2 Variant Sending Phone Information
- TROJAN W32/Rodecap.BA
- TROJAN Trojan Generic - POST To gate.php with no referer
- TROJAN Observed Suspicious SSL Cert (testexample)
- TROJAN Possible Win32/Gapz MSIE 9 on Windows NT 5
- TROJAN Unrecom Style External IP Check
- Lets Encrypt Free SSL Cert Paypal Phishing