Analysis Dashboard
cap.pcap · Generated February 24, 2026 at 11:58 PM
Total Packets
243.6K
📦
Network Flows
179
🌐
Threats Detected
318156
⚠️
Credentials Found
0
🔑
YARA Rules
90
1 matches
🔎
TI Indicators
22470
23 hits
🕵️
Custom Sigs
18
159825 matches
✍️
Temporal Flows
49
0 periodic
⏱️
IRC Messages
0
💬
Threat Score
73
out of 100
🎯
📦 Packet Statistics
Total Packets
243.6K
Total Bytes
208.9 MB
Duration
8m17.326427s
🌐 Network Activity
Total Flows
179
Unique IPs
30
HTTP Requests
12
TLS Fingerprints
8
🔒 Security Analysis
Threats Detected
318156
Credentials Found
0
C2 Detections
14
Threat Score
73/100
🔬 Detection Engines
YARA Rules / Matches
90 / 1
TI Indicators / Hits
22470 / 23
Custom Sigs / Matches
18 / 159503
Periodic Flows
0
Security Threats
Detected security issues and anomalies
Threat Analysis
| Type | Severity | Details | Indicator of Compromise |
|---|---|---|---|
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.921) - possible encryption/packing (medium confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.957) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.972) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.922) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.976) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.986) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.962) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.947) - possible encryption/packing (medium confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.974) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.962) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.914) - possible encryption/packing (low confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.978) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.974) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.979) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.968) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.972) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.936) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.941) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 | 10.1.5.131 -> 64.190.113.206 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 | 10.1.5.131 -> 64.190.113.206 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.900) - possible encryption/packing (low confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.954) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.933) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.190.113.206->10.1.5.131 | 64.190.113.206 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.973) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.975) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.973) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.0.10:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.904) - possible encryption/packing (low confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 173.223.0.10 -> 10.1.5.131:55905 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.973) - possible encryption/packing (high confidence) | 173.223.0.10 -> 10.1.5.131:55905 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.0.10 | 10.1.5.131 -> 173.223.0.10 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.952) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 | 173.223.0.10 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 | 173.223.0.10 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.978) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.960) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.970) - possible encryption/packing (high confidence) | 10.1.5.131 -> 204.79.197.222:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.978) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.956) - possible encryption/packing (high confidence) | 10.1.5.131 -> 204.79.197.222:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.940) - possible encryption/packing (medium confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.947) - possible encryption/packing (medium confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.969) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.971) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:135 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63369 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:135 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63369 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.979) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.965) - possible encryption/packing (high confidence) | 10.1.5.131 -> 20.150.160.75:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.971) - possible encryption/packing (high confidence) | 10.1.5.131 -> 13.107.213.254:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.937) - possible encryption/packing (medium confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.958) - possible encryption/packing (high confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.931) - possible encryption/packing (medium confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.975) - possible encryption/packing (high confidence) | 10.1.5.131 -> 13.107.213.254:443 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.935) - possible encryption/packing (medium confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.968) - possible encryption/packing (high confidence) | 10.1.5.131 -> 13.107.213.254:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.948) - possible encryption/packing (medium confidence) | 10.1.5.131 -> 204.79.197.222:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 | 173.223.0.10 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 | 10.1.5.131 -> 104.208.203.88 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 | 10.1.5.131 -> 104.208.203.88 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.47.48.15->10.1.5.131 | 23.47.48.15 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 | 104.208.203.88 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 | 10.1.5.131 -> 104.208.203.88 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 149.154.164.13->10.1.5.131 | 149.154.164.13 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 | 104.208.203.88 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 103.27.157.146 -> 10.1.5.131:62981 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 | 10.1.5.131 -> 64.52.80.153 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 | 10.1.5.131 -> 45.61.136.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Suspicious Activity | ✓ LOW | URI contains potential base64 encoded data | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 | 10.1.5.131 -> 64.52.80.153 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 | 216.218.130.2 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 | 10.1.5.131 -> 74.82.42.42 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 | 10.1.5.131 -> 74.82.42.42 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 74.82.42.42->10.1.5.131 | 74.82.42.42 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 | 10.1.5.131 -> 1.1.1.1 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 | 10.1.5.131 -> 1.1.1.1 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 | 1.1.1.1 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 | 10.1.5.131 -> 8.8.8.8 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 | 10.1.5.131 -> 8.8.8.8 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 | 1.1.1.1 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 | 8.8.8.8 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 | 10.1.5.131 -> 208.67.222.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 | 10.1.5.131 -> 208.67.222.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 208.67.222.222->10.1.5.131 | 208.67.222.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 | 10.1.5.131 -> 76.76.2.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 | 10.1.5.131 -> 76.76.2.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 | 76.76.2.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 | 76.76.2.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 | 8.8.8.8 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 | 216.218.130.2 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.960) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.968) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 | 216.218.130.2 -> 10.1.5.131 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.905) - possible encryption/packing (low confidence) | 172.67.74.152 -> 10.1.5.131:60405 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 | 10.1.5.131 -> 172.67.74.152 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.924) - possible encryption/packing (medium confidence) | 10.1.5.131 -> 173.232.146.62:25658 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 | 10.1.5.131 -> 172.67.74.152 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 | 10.1.5.131 -> 172.67.74.152 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.987) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.986) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.986) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.956) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Suspicious Activity | ✓ LOW | URI contains potential base64 encoded data | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 | 10.1.5.131 -> 45.61.136.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| ... Truncated to 1000 entries. View CSV for full export ... | |||
C2 Detection
Command & Control framework detections
C2 Framework Analysis
| Timestamp | Framework | Confidence | Indicator | URL | Connection |
|---|---|---|---|---|---|
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.131 → 10.1.5.5 |
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.131 → 10.1.5.5 |
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.5 → 10.1.5.131 |
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.5 → 10.1.5.131 |
| 21:42:49 | Behavioral | LOW | Suspicious User-Agent: powershell | http://ey267te.top/1.php?s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:42:49 | Generic | LOW | UUID-like pattern in URI | http://ey267te.top/1.php?s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:42:50 | Behavioral | LOW | Suspicious User-Agent: powershell | http://bz1d0zvfi03yhn1.top/1.php?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9 | 10.1.5.131 → 45.61.136.222 |
| 21:42:50 | Generic | LOW | UUID-like pattern in URI | http://bz1d0zvfi03yhn1.top/1.php?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9 | 10.1.5.131 → 45.61.136.222 |
| 21:42:51 | Behavioral | LOW | Suspicious User-Agent: powershell | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:42:51 | Generic | LOW | Base64-encoded URI data | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:43:03 | Behavioral | LOW | Suspicious User-Agent: powershell | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 | 10.1.5.131 → 45.61.136.222 |
| 21:43:03 | Generic | LOW | Base64-encoded URI data | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 | 10.1.5.131 → 45.61.136.222 |
| 21:43:35 | Generic | LOW | Base64-encoded URI data | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 |
| 21:43:36 | Generic | LOW | Base64-encoded URI data | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 |
Beaconing Detection
Statistical analysis of C2 callback patterns
Beaconing Patterns
| Timestamp | Source IP | Destination IP | Port | Interval | Jitter | Confidence | Packets |
|---|
Tunneling Detection
SSH and ICMP tunneling analysis
SSH Tunnels
| Timestamp | Source IP | Destination IP | Port | Throughput | Packet Rate | Duration | Reason | Confidence |
|---|
ICMP Tunnels
| Timestamp | Source IP | Destination IP | Type | Payload Size | Entropy | Reason | Confidence |
|---|
Lateral Movement
Detected lateral movement patterns across the network
Lateral Movement Analysis
| Timestamp | Source IP | Target Count | Port | Technique | Targets | Confidence |
|---|
Data Exfiltration
Large data uploads and suspicious transfers
Exfiltration Analysis
| Timestamp | Source IP | Destination IP | Port | Bytes Out | Duration | Rate | Method | Confidence |
|---|---|---|---|---|---|---|---|---|
| 2026-01-08 21:42:50 | 45.61.136.222 | 10.1.5.131 | 60402 | 196.0 MB | 47s | 4295 KB/s | Unknown protocol exfiltration | low |
| 2026-01-08 21:42:51 | 64.52.80.153 | 10.1.5.131 | 60403 | 299.6 KB | 1s | 240 KB/s | Unknown protocol exfiltration | low |
| 2026-01-08 21:46:16 | 173.232.146.62 | 10.1.5.131 | 60411 | 11.5 MB | 13s | 938 KB/s | Unknown protocol exfiltration | low |
TLS Fingerprints (JA3 & JA4)
Full ClientHello parsing: JA3 MD5 + JA4 SHA-256 fingerprints for encrypted C2 detection
JA3 & JA4 Fingerprint Analysis
| Timestamp | Source IP | Destination IP | JA3 Hash | JA4 Hash | Server Name | TLS Version | Suspicious | Confidence |
|---|---|---|---|---|---|---|---|---|
| 2026-01-08 21:43:00 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:43:01 | 10.1.5.131 | 172.67.74.152 | 6a5d235ee78c6aed… | t12i180700_4b22cbed5bed_… | api.ipify.org | TLS 1.2 | No | - |
| 2026-01-08 21:45:27 | 10.1.5.131 | 20.42.65.90 | 6634ba84945fce7c… | t12i201300_2b729b4bf6f3_… | mobile.events.data.microsoft.com | TLS 1.2 | No | - |
| 2026-01-08 21:46:12 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:46:13 | 10.1.5.131 | 104.26.12.205 | 6a5d235ee78c6aed… | t12i180700_4b22cbed5bed_… | api.ipify.org | TLS 1.2 | No | - |
| 2026-01-08 21:46:15 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:46:16 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:46:28 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - |
Steganography Detection
Hidden data in images and files
Steganography Analysis
| Timestamp | Source IP | Destination IP | Protocol | Filename | File Type | Method | Indicator | Confidence |
|---|
HTTP URLs
All accessed URLs from HTTP traffic
URL Analysis
| Timestamp | Method | URL | User-Agent | Connection |
|---|---|---|---|---|
| 21:42:49 | GET | http://ey267te.top/1.php?s=63e95be1-92e0-45c1-a928-65d63b17cd1c | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 64.52.80.153 |
| 21:42:50 | GET | http://bz1d0zvfi03yhn1.top/1.php?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9 | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 45.61.136.222 |
| 21:42:51 | GET | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 64.52.80.153 |
| 21:43:03 | GET | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 45.61.136.222 |
| 21:43:04 | GET | http://bz1d0zvfi03yhn1.top/getarchive | 10.1.5.131 → 45.61.136.222 | |
| 21:43:35 | GET | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 | |
| 21:43:35 | GET | http://bz1d0zvfi03yhn1.top/archivehash | 10.1.5.131 → 45.61.136.222 | |
| 21:43:36 | GET | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 | |
| 21:46:21 | GET | http://checkip.dyndns.org/ | 10.1.5.131 → 132.226.247.73 | |
| 21:46:21 | GET | http://ipinfo.io/166.2.31.194/city | 10.1.5.131 → 34.117.59.81 | |
| 21:46:21 | GET | http://ipinfo.io/166.2.31.194/region | 10.1.5.131 → 34.117.59.81 | |
| 21:46:21 | GET | http://ipinfo.io/166.2.31.194/country | 10.1.5.131 → 34.117.59.81 |
Extracted Credentials
Credentials found in cleartext protocols
Credential Analysis
✅
No credentials found in cleartext
Protocol Analysis
Messages and communications from various protocols
IRC Chat Messages
💬
No IRC chat messages found
SNMP Messages
📡
No SNMP messages found
LDAP Messages
📂
No LDAP messages found
SIP Messages
📞
No SIP messages found
XMPP Messages
💬
No XMPP messages found
TFTP Transfers
📁
No TFTP transfers found
Syslog Messages
📋
No Syslog messages found
Network Flows
Top network connections and traffic patterns
Flow Analysis
| Source | Destination | Protocol | Packets | Bytes | Duration |
|---|---|---|---|---|---|
| 45.61.136.222:80 | 10.1.5.131:60402 | TCP | 149.4K | 196.0 MB | 46.739s |
| 173.232.146.62:25658 | 10.1.5.131:60411 | TCP | 12.7K | 11.5 MB | 12.52s |
| 173.232.146.62:25658 | 10.1.5.131:60408 | TCP | 982 | 871.4 KB | 28.769s |
| 64.52.80.153:80 | 10.1.5.131:60403 | TCP | 225 | 299.6 KB | 1.25s |
| 64.52.80.153:80 | 10.1.5.131:60401 | TCP | 41 | 52.1 KB | 390ms |
| 173.232.146.62:25658 | 10.1.5.131:60404 | TCP | 63 | 43.3 KB | 26.032s |
| 204.79.197.222:443 | 10.1.5.131:63368 | TCP | 38 | 24.7 KB | 30.966s |
| 10.1.5.131:55233 | 23.222.241.133:443 | UDP | 41 | 13.6 KB | 8.46s |
| 173.223.1.168:443 | 10.1.5.131:49672 | TCP | 13 | 11.4 KB | 34.374s |
| 23.222.241.133:443 | 10.1.5.131:55233 | UDP | 44 | 10.9 KB | 8.552s |
| 103.27.157.146:4444 | 10.1.5.131:62981 | TCP | 17 | 8.9 KB | 5m15.923s |
| 10.1.5.131:63370 | 10.1.5.5:49670 | TCP | 42 | 7.2 KB | 24.997s |
| 10.1.5.131:60410 | 173.232.146.62:25658 | TCP | 19 | 7.1 KB | 6.166s |
| 20.150.160.75:443 | 10.1.5.131:64535 | TCP | 11 | 6.9 KB | 250ms |
| 20.42.65.90:443 | 10.1.5.131:60407 | TCP | 9 | 6.8 KB | 177ms |
| 13.107.213.254:443 | 10.1.5.131:60400 | TCP | 11 | 6.1 KB | 23.355s |
| 10.1.5.131:60406 | 10.1.5.5:445 | TCP | 16 | 5.0 KB | 10.738s |
| 10.1.5.5:49670 | 10.1.5.131:63370 | TCP | 39 | 4.8 KB | 24.996s |
| 173.223.1.168:443 | 10.1.5.131:53209 | TCP | 14 | 4.8 KB | 34.39s |
| 10.1.5.131:53209 | 173.223.1.168:443 | TCP | 12 | 4.0 KB | 34.39s |
| 173.223.1.168:443 | 10.1.5.131:56241 | TCP | 6 | 4.0 KB | 34.371s |
| 10.1.5.131:49672 | 173.223.1.168:443 | TCP | 13 | 3.7 KB | 34.326s |
| 10.1.5.131:63368 | 204.79.197.222:443 | TCP | 25 | 3.6 KB | 31.005s |
| 10.1.5.131:60400 | 13.107.213.254:443 | TCP | 13 | 3.6 KB | 23.377s |
| 10.1.5.131:138 | 10.1.5.255:138 | UDP | 17 | 3.2 KB | 5m19.18s |
| 172.67.74.152:443 | 10.1.5.131:60405 | TCP | 7 | 3.2 KB | 233ms |
| 104.26.12.205:443 | 10.1.5.131:60409 | TCP | 7 | 3.2 KB | 176ms |
| 10.1.5.131:64535 | 20.150.160.75:443 | TCP | 11 | 2.4 KB | 321ms |
| 173.223.0.10:443 | 10.1.5.131:55905 | TCP | 4 | 2.4 KB | 33.723s |
| 10.1.5.5:445 | 10.1.5.131:60406 | TCP | 12 | 1.8 KB | 10.737s |
| 10.1.5.131:56241 | 173.223.1.168:443 | TCP | 7 | 1.8 KB | 34.37s |
| 10.1.5.131:60407 | 20.42.65.90:443 | TCP | 9 | 1.6 KB | 264ms |
| 10.1.5.131:60408 | 173.232.146.62:25658 | TCP | 341 | 1.6 KB | 28.795s |
| 10.1.5.131:60404 | 173.232.146.62:25658 | TCP | 33 | 1.5 KB | 39.905s |
| 10.1.5.131:62981 | 103.27.157.146:4444 | TCP | 13 | 1.5 KB | 5m15.902s |
| 34.117.59.81:80 | 10.1.5.131:60413 | TCP | 7 | 1.1 KB | 185ms |
| 10.1.5.131:55905 | 173.223.0.10:443 | TCP | 5 | 1017 B | 33.759s |
| 10.1.5.131:60402 | 45.61.136.222:80 | TCP | 74.5K | 800 B | 52.711s |
| 64.190.113.206:79 | 10.1.5.131:53210 | TCP | 6 | 732 B | 227ms |
| 10.1.5.131:60405 | 172.67.74.152:443 | TCP | 8 | 449 B | 39.048s |
| 10.1.5.131:60409 | 104.26.12.205:443 | TCP | 7 | 449 B | 255ms |
| 10.1.5.131:60411 | 173.232.146.62:25658 | TCP | 4.4K | 428 B | 12.551s |
| 10.1.5.5:135 | 10.1.5.131:63369 | TCP | 5 | 376 B | 9.99s |
| 10.1.5.5:53 | 10.1.5.131:50379 | UDP | 4 | 328 B | 6.333s |
| 10.1.5.131:63369 | 10.1.5.5:135 | TCP | 7 | 328 B | 9.991s |
| 10.1.5.5:53 | 10.1.5.131:63417 | UDP | 2 | 296 B | 39ms |
| 132.226.247.73:80 | 10.1.5.131:60412 | TCP | 3 | 273 B | 167ms |
| 10.1.5.131:60403 | 64.52.80.153:80 | TCP | 119 | 255 B | 49.032s |
| 10.1.5.5:53 | 10.1.5.131:51786 | UDP | 2 | 249 B | 33ms |
| 76.76.2.5:53 | 10.1.5.131:57804 | UDP | 2 | 214 B | 25ms |
Showing top 50 flows out of 179 total flows
Custom Signature Matches
Detections from user-defined JSON/NDJSON signatures (HTTP, TLS, DNS, raw payload)
159825 match(es) from 18 loaded rule(s)
| Rule Name | Severity | Source | Destination | Detail |
|---|---|---|---|---|
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.190.113.206 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.190.113.206 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 64.190.113.206 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.190.113.206->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.0.10 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.0.10 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.0.10 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.0.10 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.0.10 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 104.208.203.88 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 104.208.203.88 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 |
| Custom Signature Match (Payload) | CRITICAL | 23.47.48.15 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.47.48.15->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 104.208.203.88 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 104.208.203.88 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 |
| Custom Signature Match (Payload) | CRITICAL | 149.154.164.13 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 149.154.164.13->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 104.208.203.88 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.52.80.153 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 45.61.136.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.52.80.153 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 216.218.130.2 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 74.82.42.42 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 74.82.42.42 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 |
| Custom Signature Match (Payload) | CRITICAL | 74.82.42.42 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 74.82.42.42->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 1.1.1.1 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 1.1.1.1 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 |
| Custom Signature Match (Payload) | CRITICAL | 1.1.1.1 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 8.8.8.8 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 8.8.8.8 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 |
| Custom Signature Match (Payload) | CRITICAL | 1.1.1.1 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 8.8.8.8 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 208.67.222.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 208.67.222.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 |
| Custom Signature Match (Payload) | CRITICAL | 208.67.222.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 208.67.222.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 76.76.2.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 76.76.2.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 |
| Custom Signature Match (Payload) | CRITICAL | 76.76.2.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 76.76.2.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 8.8.8.8 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 216.218.130.2 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 216.218.130.2 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 172.67.74.152 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 172.67.74.152 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 172.67.74.152 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 45.61.136.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 45.61.136.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| ... Truncated to 1000 entries. View CSV for full export ... | ||||
YARA Rule Matches
Pure-Go YARA engine: text, hex (with ?? wildcards), regex patterns
1 match(es) from 90 loaded rule(s)
| Rule | Threat Name | Source | Destination | Context | Matched Strings |
|---|---|---|---|---|---|
| YARA Rule Match | YARA rule 'ZMap_Scanner' [default] matched in packet_payload (src=173.232.146.62 dst=10.1.5.131) - hex: | 173.232.146.62 | 10.1.5.131 (YARA: ZMap_Scanner) |
Threat Intelligence Matches
IP, domain, JA3/JA4, file hash lookups against loaded TI feeds
22470 indicators loaded — 23 match(es) found
| Indicator | Type | Threat Name | Confidence | Source Feed | Matched Flow |
|---|---|---|---|---|---|
IP: 149.154.164.13 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 3 active pulses |
IP: 20.52.64.200 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 13 active pulses |
IP: 172.67.74.152 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 13 active pulses |
IP: 64.52.80.153 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 40 active pulses |
IP: 23.192.223.232 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 2 active pulses |
IP: 20.42.65.90 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 8 active pulses |
IP: 104.26.12.205 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 17 active pulses |
IP: 132.226.247.73 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 27 active pulses |
IP: 173.232.146.62 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 24 active pulses |
IP: 103.27.157.146 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 41 active pulses |
IP: 204.79.197.222 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 12 active pulses |
IP: 34.117.59.81 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 50 active pulses |
IP: 216.218.130.2 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 4 active pulses |
IP: 64.190.113.206 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 50 active pulses |
IP: 173.232.146.62 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 13 malicious, 1 suspicious |
IP: 216.218.130.2 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 1 suspicious |
IP: 64.52.80.153 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 8 malicious, 2 suspicious |
IP: 103.27.157.146 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 9 malicious, 2 suspicious |
IP: 34.117.59.81 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 0 suspicious |
IP: 74.82.42.42 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 0 suspicious |
IP: 64.190.113.206 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 8 malicious, 2 suspicious |
IP: 45.61.136.222 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 4 malicious, 0 suspicious |
IP: 132.226.247.73 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 0 suspicious |
Network Flow Temporal Analysis
Inter-arrival time (IAT) stats, burst detection, periodicity scoring, diurnal patterns
49 flows analyzed — 0 periodic flow(s) detected
| Flow | Packets | Mean IAT | Std Dev IAT | Burst Count | Periodicity | Night Activity | Flags |
|---|---|---|---|---|---|---|---|
10.1.5.131:60404 → 173.232.146.62:25658/TCP | 33 | 1247.0ms | 3583.0ms | 4 | 2% | DAY | |
23.222.241.133:443 → 10.1.5.131:55233/UDP | 44 | 198.9ms | 875.1ms | 3 | 1% | DAY | |
45.61.136.222:80 → 10.1.5.131:60402/TCP | 1000 | 19.0ms | 414.7ms | 3 | 1% | DAY | |
10.1.5.131:60410 → 173.232.146.62:25658/TCP | 19 | 342.6ms | 743.9ms | 3 | 3% | DAY | |
10.1.5.131:63368 → 204.79.197.222:443/TCP | 25 | 1291.9ms | 4800.9ms | 3 | 0% | DAY | |
10.1.5.5:49670 → 10.1.5.131:63370/TCP | 39 | 657.8ms | 2816.0ms | 3 | 0% | DAY | |
10.1.5.131:138 → 10.1.5.255:138/UDP | 17 | 19948.8ms | 50713.3ms | 3 | 0% | DAY | |
10.1.5.131:55233 → 23.222.241.133:443/UDP | 41 | 213.8ms | 901.8ms | 3 | 1% | DAY | |
10.1.5.131:60402 → 45.61.136.222:80/TCP | 1000 | 20.3ms | 410.7ms | 3 | 1% | DAY | |
173.232.146.62:25658 → 10.1.5.131:60410/TCP | 17 | 382.5ms | 775.3ms | 3 | 3% | DAY | |
10.1.5.131:63370 → 10.1.5.5:49670/TCP | 42 | 609.7ms | 2706.1ms | 3 | 0% | DAY | |
173.232.146.62:25658 → 10.1.5.131:60404/TCP | 63 | 419.9ms | 2059.2ms | 3 | 0% | DAY | |
204.79.197.222:443 → 10.1.5.131:63368/TCP | 38 | 836.9ms | 3919.6ms | 3 | 0% | DAY |
Plugin Results
Click any plugin card to open its full analysis report
👽 alienvault_otx v1.0.0 14 threats
Queries AlienVault OTX to enrich extracted IPs. (Configure via plugin settings: 'api_key')
AlienVault OTX: Checked IPs, found 14 threats
🕸️ connection_graph v1.0.0
Builds a network connection graph for visualization
Connection Graph: 30 nodes, 57 edges
₿ crypto_wallet_detection v3.0.0 1 threats
Comprehensive crypto detection with detailed tracking: wallets, mining pools, Stratum sessions, browser mining, miner software
Crypto Detection: 5 wallets, 0 pools, 0 browser mining, 0 miner software, 0 Stratum sessions
🗺️ geo_intelligence v1.0.0 6 threats
Enriches IP addresses with geolocation data and detects anomalous geographic patterns
Analyzed 27 unique IPs | High-risk: 6 | VPN: 6 | Impossible travel: 0
👋 hello_world v1.0.0
A simple template plugin that counts packets
Hello World: Analyzed 243564 packets
🌐 http_content v1.0.0
Extracts and categorizes HTTP request/response content
HTTP Content: 0 credential forms, 0 unique API endpoints
🏭 iot_ot_detection v1.0.0
Detects IoT/OT protocol anomalies including Modbus, MQTT, BACnet, and CoAP attacks
IoT/OT Detection: 0 threats detected (Modbus: 0, MQTT: 0, BACnet: 0, CoAP: 0)
🛠️ lolbin_detection v2.0.0 455 threats
Advanced LOLBin detection with MITRE ATT&CK mapping, attack chains, and detailed reporting
LOLBin Detection: 455 threats (PS: 5, Certutil: 0, Bitsadmin: 0, WMI: 0, Mshta: 0, Regsvr32: 0, Rundll32: 0)
📱 messaging_c2_detection v1.0.0 1 threats
Detects Telegram Bot API and WhatsApp API used as covert C2 channels via IP, DNS, TLS SNI, payload, and beacon analysis
Messaging C2: 1 hits (1 Telegram, 0 WhatsApp) | 0 beacons | 0 exfiltration events
🧠 ml_c2_detection v1.0.0 1 threats
Random Forest (5 trees) + Isolation Forest over 20 flow features; DB grows with each scan
ML C2: 1 flows scored — 0 critical, 0 high, 0 medium, 1 low | DB: 10001 records
🚨 protocol_anomaly v1.0.0 19 threats
Detects violations of protocol specifications
Protocol Anomalies: 38 detected
🔧 protocol_decoders v1.0.0
Deep packet inspection for application-layer protocols (Modbus, MQTT, MySQL, SMTP, etc.)
Decoded 157 protocol messages | Violations: 0 | Tunneling: 0
🦠 ransomware_detection v2.0.0 5 threats
Advanced ransomware detection: SMB enumeration, encryption, C2 beaconing, family identification, shadow copy deletion
Ransomware Detection: 5 threats detected (2 SMB enumerations, 0 encryption patterns, 0 beacons)
🦠 virustotal v1.0.0 9 threats
Queries VirusTotal API v3 to enrich extracted IPs. (Configure via plugin settings: 'api_key')
VirusTotal Enrichment: Checked IPs, found 9 threats
v1.0.0 · by PCaptor
👽 alienvault_otx
Queries AlienVault OTX to enrich extracted IPs. (Configure via plugin settings: 'api_key')
AlienVault OTX: Checked IPs, found 14 threats
🔴 Critical: 0
🟠 High: 14
🟡 Medium: 0
⚪ Low: 0
| Type | Severity | Details | IOC |
|---|---|---|---|
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 3 active pulses | IP: 149.154.164.13 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 13 active pulses | IP: 20.52.64.200 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 13 active pulses | IP: 172.67.74.152 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 40 active pulses | IP: 64.52.80.153 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 2 active pulses | IP: 23.192.223.232 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 8 active pulses | IP: 20.42.65.90 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 17 active pulses | IP: 104.26.12.205 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 27 active pulses | IP: 132.226.247.73 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 24 active pulses | IP: 173.232.146.62 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 41 active pulses | IP: 103.27.157.146 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 12 active pulses | IP: 204.79.197.222 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 50 active pulses | IP: 34.117.59.81 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 4 active pulses | IP: 216.218.130.2 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 50 active pulses | IP: 64.190.113.206 |
v1.0.0 · by PCaptor
🕸️ connection_graph
Builds a network connection graph for visualization
Connection Graph: 30 nodes, 57 edges
Network Nodes
| IP Address | Packets | Bytes | Status |
|---|---|---|---|
45.61.136.222 | 149398 | 213618059 | Normal |
173.232.146.62 | 13737 | 13724045 | Normal |
10.1.5.131 | 79822 | 4886414 | Normal |
64.52.80.153 | 266 | 374604 | Normal |
204.79.197.222 | 38 | 27448 | Normal |
173.223.1.168 | 33 | 22561 | Normal |
10.1.5.5 | 104 | 17034 | Normal |
23.222.241.133 | 48 | 13298 | Normal |
103.27.157.146 | 17 | 10045 | Normal |
20.150.160.75 | 11 | 7715 | Normal |
20.42.65.90 | 9 | 7491 | Normal |
13.107.213.254 | 11 | 6851 | Normal |
172.67.74.152 | 7 | 3639 | Normal |
104.26.12.205 | 7 | 3638 | Normal |
173.223.0.10 | 4 | 2640 | Normal |
34.117.59.81 | 7 | 1540 | Normal |
64.190.113.206 | 6 | 1092 | Normal |
104.208.203.88 | 5 | 597 | Normal |
8.8.8.8 | 4 | 596 | Normal |
216.218.130.2 | 6 | 538 | Normal |
132.226.247.73 | 3 | 453 | Normal |
1.1.1.1 | 3 | 447 | Normal |
74.82.42.42 | 3 | 447 | Normal |
76.76.2.5 | 3 | 447 | Normal |
208.67.222.222 | 2 | 298 | Normal |
23.192.223.232 | 4 | 240 | Normal |
23.47.48.15 | 3 | 198 | Normal |
149.154.164.13 | 2 | 138 | Normal |
20.52.64.200 | 1 | 60 | Normal |
10.1.5.255 | 0 | 0 | Normal |
Connection Edges
| Source | Destination | Protocol | Packets | Bytes |
|---|---|---|---|---|
45.61.136.222 | 10.1.5.131 | TCP | 149398 | 213618059 |
10.1.5.131 | 45.61.136.222 | TCP | 74504 | 4499226 |
173.232.146.62 | 10.1.5.131 | TCP | 13737 | 13724045 |
10.1.5.131 | 173.232.146.62 | TCP | 4785 | 297868 |
64.52.80.153 | 10.1.5.131 | TCP | 266 | 374604 |
10.1.5.131 | 64.52.80.153 | TCP | 140 | 8933 |
10.1.5.131 | 10.1.5.5 | UDP | 140 | 22919 |
10.1.5.5 | 10.1.5.131 | UDP | 104 | 17034 |
23.222.241.133 | 10.1.5.131 | UDP | 48 | 13298 |
10.1.5.131 | 23.222.241.133 | UDP | 43 | 15777 |
204.79.197.222 | 10.1.5.131 | TCP | 38 | 27448 |
173.223.1.168 | 10.1.5.131 | TCP | 33 | 22561 |
10.1.5.131 | 173.223.1.168 | TCP | 32 | 11658 |
10.1.5.131 | 204.79.197.222 | TCP | 25 | 5105 |
10.1.5.131 | 10.1.5.255 | UDP | 19 | 4207 |
103.27.157.146 | 10.1.5.131 | TCP | 17 | 10045 |
10.1.5.131 | 103.27.157.146 | TCP | 13 | 2267 |
10.1.5.131 | 13.107.213.254 | TCP | 13 | 4397 |
20.150.160.75 | 10.1.5.131 | TCP | 11 | 7715 |
10.1.5.131 | 20.150.160.75 | TCP | 11 | 3108 |
13.107.213.254 | 10.1.5.131 | TCP | 11 | 6851 |
20.42.65.90 | 10.1.5.131 | TCP | 9 | 7491 |
10.1.5.131 | 20.42.65.90 | TCP | 9 | 2161 |
10.1.5.131 | 216.218.130.2 | UDP | 9 | 799 |
10.1.5.131 | 23.192.223.232 | TCP | 8 | 480 |
10.1.5.131 | 172.67.74.152 | TCP | 8 | 917 |
10.1.5.131 | 104.208.203.88 | TCP | 7 | 608 |
34.117.59.81 | 10.1.5.131 | TCP | 7 | 1540 |
172.67.74.152 | 10.1.5.131 | TCP | 7 | 3639 |
104.26.12.205 | 10.1.5.131 | TCP | 7 | 3638 |
10.1.5.131 | 104.26.12.205 | TCP | 7 | 857 |
64.190.113.206 | 10.1.5.131 | TCP | 6 | 1092 |
10.1.5.131 | 34.117.59.81 | TCP | 6 | 533 |
216.218.130.2 | 10.1.5.131 | UDP | 6 | 538 |
10.1.5.131 | 64.190.113.206 | TCP | 6 | 368 |
10.1.5.131 | 8.8.8.8 | UDP | 6 | 670 |
10.1.5.131 | 74.82.42.42 | UDP | 5 | 493 |
10.1.5.131 | 173.223.0.10 | TCP | 5 | 1311 |
104.208.203.88 | 10.1.5.131 | TCP | 5 | 597 |
10.1.5.131 | 208.67.222.222 | UDP | 4 | 316 |
8.8.8.8 | 10.1.5.131 | UDP | 4 | 596 |
10.1.5.131 | 76.76.2.5 | UDP | 4 | 414 |
173.223.0.10 | 10.1.5.131 | TCP | 4 | 2640 |
10.1.5.131 | 1.1.1.1 | UDP | 4 | 414 |
10.1.5.131 | 132.226.247.73 | TCP | 4 | 308 |
23.192.223.232 | 10.1.5.131 | TCP | 4 | 240 |
23.47.48.15 | 10.1.5.131 | TCP | 3 | 198 |
76.76.2.5 | 10.1.5.131 | UDP | 3 | 447 |
74.82.42.42 | 10.1.5.131 | UDP | 3 | 447 |
132.226.247.73 | 10.1.5.131 | TCP | 3 | 453 |
1.1.1.1 | 10.1.5.131 | UDP | 3 | 447 |
208.67.222.222 | 10.1.5.131 | UDP | 2 | 298 |
149.154.164.13 | 10.1.5.131 | TCP | 2 | 138 |
10.1.5.131 | 23.47.48.15 | TCP | 2 | 120 |
10.1.5.131 | 20.52.64.200 | TCP | 2 | 120 |
20.52.64.200 | 10.1.5.131 | TCP | 1 | 60 |
10.1.5.131 | 149.154.164.13 | TCP | 1 | 60 |
v3.0.0 · by PCaptor Pro Team
🔌 crypto_wallet_detection
Comprehensive crypto detection with detailed tracking: wallets, mining pools, Stratum sessions, browser mining, miner software
Crypto Detection: 5 wallets, 0 pools, 0 browser mining, 0 miner software, 0 Stratum sessions
🔴 Critical: 0
🟠 High: 0
🟡 Medium: 1
⚪ Low: 0
₿ Cryptocurrency Detection Summary
Wallet Addresses
5
Mining Pools
0
Stratum Sessions
0
Browser Mining
0
Miner Software
0
💰 Wallet Types Detected
Ripple
5
💰 Cryptocurrency Wallet Addresses
Detected wallet addresses in network traffic
| Type | Address | Packets | Source IPs | First Seen | Last Seen |
|---|---|---|---|---|---|
| Ripple | rYMKLxblnVF9fAYA6iD6VUWeLZrv4dj |
1 | 1 | 2026-01-08 21:42:49 | 2026-01-08 21:42:49 |
| Ripple | rr8f92982aqmpr8fisljtfm2son |
1 | 1 | 2026-01-08 21:42:50 | 2026-01-08 21:42:50 |
| Ripple | romPipelineByPropertyName |
1 | 1 | 2026-01-08 21:43:04 | 2026-01-08 21:43:04 |
| Ripple | rkaablampgoqrkaablejaeor4 |
1 | 1 | 2026-01-08 21:43:04 | 2026-01-08 21:43:04 |
| Ripple | rkanltp6m8fjeor5j882sgb55j84 |
2 | 1 | 2026-01-08 21:43:04 | 2026-01-08 21:43:04 |
🔍 Wallet Addresses by Source IP
Wallet addresses grouped by source IP address
| Source IP | Wallet Count | Wallet Types | Sample Addresses |
|---|---|---|---|
64.52.80.153 |
1 | Ripple: 1 | rYMKLxblnVF9fAY...6VUWeLZrv4dj |
45.61.136.222 |
4 | Ripple: 4 | rr8f92982aqmpr8fisljtfm2son |
📚 Supported Cryptocurrency Types
Bitcoin (BTC)
Addresses: 1... or 3...
Ethereum (ETH)
Addresses: 0x...
Monero (XMR)
Addresses: 4...
Litecoin (LTC)
Addresses: L... or M...
Dogecoin (DOGE)
Addresses: D...
Ripple (XRP)
Addresses: r...
Zcash (ZEC)
Addresses: t1...
Dash (DASH)
Addresses: X...
v1.0.0 · by PCaptor
🔌 geo_intelligence
Enriches IP addresses with geolocation data and detects anomalous geographic patterns
Analyzed 27 unique IPs | High-risk: 6 | VPN: 6 | Impossible travel: 0
🔴 Critical: 0
🟠 High: 0
🟡 Medium: 6
⚪ Low: 0
| Type | Severity | Details | IOC |
|---|---|---|---|
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 23.222.241.133 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 20.150.160.75 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 20.52.64.200 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 23.192.223.232 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 23.47.48.15 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 20.42.65.90 |
v1.0.0 · by Your Name
👋 hello_world
A simple template plugin that counts packets
Hello World: Analyzed 243564 packets
✅
No findings from this plugin.
v1.0.0 · by PCaptor
🌐 http_content
Extracts and categorizes HTTP request/response content
HTTP Content: 0 credential forms, 0 unique API endpoints
✅
No findings from this plugin.
v1.0.0 · by PCaptor Pro Team
🔌 iot_ot_detection
Detects IoT/OT protocol anomalies including Modbus, MQTT, BACnet, and CoAP attacks
IoT/OT Detection: 0 threats detected (Modbus: 0, MQTT: 0, BACnet: 0, CoAP: 0)
✅
No findings from this plugin.
v2.0.0 · by PCaptor Pro Team
🔌 lolbin_detection
Advanced LOLBin detection with MITRE ATT&CK mapping, attack chains, and detailed reporting
LOLBin Detection: 455 threats (PS: 5, Certutil: 0, Bitsadmin: 0, WMI: 0, Mshta: 0, Regsvr32: 0, Rundll32: 0)
🔴 Critical: 438
🟠 High: 17
🟡 Medium: 0
⚪ Low: 0
🛠️ LOLBin Tools Detected
PowerShell
5
📊 Attack Statistics
Total Threats
455
Attack Chains
6
Targeted Hosts
3
Download Attempts
0
Encoded Commands
0
🔗 Attack Chains Detected
Multi-stage attacks using multiple LOLBin tools
| Source IP | Target IP | Tools Used | Events | Severity | Timeline |
|---|---|---|---|---|---|
173.232.146.62 |
10.1.5.131 |
PowerShell | 18 | MEDIUM | 21:46:15: T1027 - Encoded (Short) 21:46:15: T1059.001 - Command (Alias) 21:46:15: T1059.001 - REST Method (Alias) ... and 15 more |
10.1.5.131 |
10.1.5.5 |
PowerShell | 2 | MEDIUM | 21:38:35: T1059.001 - Command (Alias) 21:38:35: T1059.001 - Command (Alias) |
10.1.5.5 |
10.1.5.131 |
PowerShell | 3 | MEDIUM | 21:38:35: T1059.001 - Command (Alias) 21:38:35: T1059.001 - Command (Alias) 21:40:19: T1059.001 - Command (Alias) |
10.1.5.131 |
20.150.160.75 |
PowerShell | 2 | MEDIUM | 21:38:35: T1059.001 - Command (Alias) 21:38:35: T1059.001 - Command (Alias) |
64.52.80.153 |
10.1.5.131 |
PowerShell | 7 | MEDIUM | 21:42:49: T1564.003 - Hidden Window Style 21:42:49: T1059.001 - Process Execution 21:42:49: T1059.001 - Dynamic Compilation ... and 4 more |
45.61.136.222 |
10.1.5.131 |
PowerShell | 423 | MEDIUM | 21:42:50: T1059.001 - Object Creation 21:42:50: T1027 - Encoding Conversion 21:42:50: T1059.001 - Object Creation ... and 420 more |
⚡ PowerShell Abuse Details
| Source IP | Techniques | Downloads | Executions | Encoded | Remote | Targets | Duration | Severity |
|---|---|---|---|---|---|---|---|---|
10.1.5.131 |
T1059.001 - Command (Alias) | 0 | 0 | 0 | 4 | 2 | 0s | CRITICAL |
10.1.5.5 |
T1059.001 - Command (Alias) | 0 | 0 | 0 | 3 | 1 | 1m44s | CRITICAL |
64.52.80.153 |
T1564.003 - Hidden Window Style T1059.001 - Process Execution T1059.001 - Dynamic Compilation ... +3 more |
0 | 0 | 0 | 0 | 1 | 0s | HIGH |
45.61.136.222 |
T1059.001 - Object Creation T1027 - Encoding Conversion T1055 - Reflective Loading ... +8 more |
0 | 99 | 0 | 90 | 1 | 46s | CRITICAL |
173.232.146.62 |
T1027 - Encoded (Short) T1059.001 - Command (Alias) T1059.001 - REST Method (Alias) ... +2 more |
0 | 6 | 0 | 6 | 1 | 10s | CRITICAL |
🎯 Targeted Hosts
| Target IP | Total Attacks | Attack Types | Attackers | First Attack | Last Attack |
|---|---|---|---|---|---|
10.1.5.5 |
2 | PowerShell: 2 |
1 | 21:38:35 | 21:38:35 |
10.1.5.131 |
451 | PowerShell: 451 |
4 | 21:38:35 | 21:46:25 |
20.150.160.75 |
2 | PowerShell: 2 |
1 | 21:38:35 | 21:38:35 |
🎯 MITRE ATT&CK Techniques Detected
Mapping of detected LOLBin abuse to MITRE ATT&CK framework
T1027 - Encoded Command
1 detections
T1059.001 - Command (Alias)
4 detections
T1564.003 - Hidden Window Style
1 detections
T1059.001 - Process Execution
1 detections
T1027 - Encoding Conversion
2 detections
T1059.001 - Object Creation
2 detections
T1059.001 - Web Request (Alias)
3 detections
T1055 - Reflective Loading
1 detections
T1059.001 - Execute (Alias)
2 detections
T1059.001 - Dynamic Compilation
2 detections
T1059.001 - Network Object
1 detections
T1059.001 - REST Method (Alias)
2 detections
T1027 - Encoded (Short)
2 detections
v1.0.0 · by Krishnendu Paul (@bidhata)
📱 messaging_c2_detection
Detects Telegram Bot API and WhatsApp API used as covert C2 channels via IP, DNS, TLS SNI, payload, and beacon analysis
Messaging C2: 1 hits (1 Telegram, 0 WhatsApp) | 0 beacons | 0 exfiltration events
🔴 Critical: 0
🟠 High: 0
🟡 Medium: 1
⚪ Low: 0
📱 Telegram: 1 events
💬 WhatsApp: 0 events
📡 Beacons: 0
🎯 Total: 1
🤖 Why Threatening?
Telegram Bot API and WhatsApp Business API are popular C2 channels because they:
• Use HTTPS on port 443 — blends with normal web traffic
• Servers are hosted on trusted CDN/Meta/Telegram IPs — bypasses IP blocklists
• Polling (getUpdates) creates a reliable command channel with no inbound connections
• sendDocument / sendPhoto enable stealthy data exfiltration
• Bot tokens provide out-of-band control — no attacker server needed
Telegram Bot API and WhatsApp Business API are popular C2 channels because they:
• Use HTTPS on port 443 — blends with normal web traffic
• Servers are hosted on trusted CDN/Meta/Telegram IPs — bypasses IP blocklists
• Polling (getUpdates) creates a reliable command channel with no inbound connections
• sendDocument / sendPhoto enable stealthy data exfiltration
• Bot tokens provide out-of-band control — no attacker server needed
🔬 Detection Methods
🌐 IP Range Match
1
| Service | Source IP | Destination | Severity | Method | API Call | Bot Token |
|---|---|---|---|---|---|---|
| 📱 Telegram | 10.1.5.131 |
149.154.164.13:443 |
MEDIUM | IP Range Match | - | - |
🛡️ MITRE ATT&CK Mappings
T1102 Web Service — using Telegram/WhatsApp as external C2 infrastructure
T1102.002 Bidirectional Communication —
T1041 Exfiltration Over C2 Channel —
T1132.001 Data Encoding: Standard Encoding — JSON-encoded commands
T1008 Fallback Channels — messaging APIs as backup C2
T1102 Web Service — using Telegram/WhatsApp as external C2 infrastructure
T1102.002 Bidirectional Communication —
getUpdates polling for commandsT1041 Exfiltration Over C2 Channel —
sendDocument/sendPhotoT1132.001 Data Encoding: Standard Encoding — JSON-encoded commands
T1008 Fallback Channels — messaging APIs as backup C2
v1.0.0 · by Krishnendu Paul (@bidhata)
🧠 ml_c2_detection
Random Forest (5 trees) + Isolation Forest over 20 flow features; DB grows with each scan
ML C2: 1 flows scored — 0 critical, 0 high, 0 medium, 1 low | DB: 10001 records
🔴 Critical: 0
🟠 High: 0
🟡 Medium: 0
⚪ Low: 1
🔴 Critical: 0
🟠 High: 0
🟡 Medium: 0
⚪ Low: 1
📊 Total: 1
🤖 Model:
Random Forest (5 trees) + Isolation Forest (64 projections) over 20 statistical flow features.
Score = 0.65 × RFscore + 0.35 × Isolationscore.
Critical ≥ 80% · High ≥ 65% · Medium ≥ 50% · Low ≥ 35%.
📊 Score Distribution (1 flows)
| Flow (src→dst) | Proto | Pkts | Duration | Final Score | RF | IsoF | Confidence |
|---|---|---|---|---|---|---|---|
173.223.0.10:443→10.1.5.131:55905 |
TCP | 4 | 33.7s | 0.40 | 0.00 | LOW |
💾 ML Database:
10001 historical records stored at
intel_db/ml_c2_db.json.gz (gzip-compressed JSON).
Appended after each scan — max 10000 records (FIFO). Use a populated DB to improve future baseline accuracy.
v1.0.0 · by PCaptor
🚨 protocol_anomaly
Detects violations of protocol specifications
Protocol Anomalies: 38 detected
🔴 Critical: 0
🟠 High: 14
🟡 Medium: 5
⚪ Low: 0
| Type | Severity | Details | IOC |
|---|---|---|---|
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 53209 (possible tunneling or C2): 173.223.1.168 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 63368 (possible tunneling or C2): 204.79.197.222 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 64535 (possible tunneling or C2): 20.150.160.75 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60400 (possible tunneling or C2): 13.107.213.254 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60401: 64.52.80.153 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60402: 45.61.136.222 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60403: 64.52.80.153 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 25658 (possible tunneling or C2): 10.1.5.131 -> 173.232.146.62 | 173.232.146.62 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60405 (possible tunneling or C2): 172.67.74.152 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60404 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60402 (possible tunneling or C2): 45.61.136.222 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60409 (possible tunneling or C2): 104.26.12.205 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60407 (possible tunneling or C2): 20.42.65.90 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60408 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60410 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60411 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60412: 132.226.247.73 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60413: 34.117.59.81 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60414 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
v1.0.0 · by PCaptor
🔌 protocol_decoders
Deep packet inspection for application-layer protocols (Modbus, MQTT, MySQL, SMTP, etc.)
Decoded 157 protocol messages | Violations: 0 | Tunneling: 0
Protocol Breakdown
157
DNS
Decoded Messages
| Protocol | Source | Destination | Command/Method | Status |
|---|---|---|---|---|
| DNS | 10.1.5.131:56052 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56052 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56052 | RESPONSE | - |
| DNS | 10.1.5.131:53714 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62530 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:53714 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62530 | RESPONSE | - |
| DNS | 10.1.5.131:64378 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50017 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:54906 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64378 | RESPONSE | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:63971 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:59770 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:63971 | RESPONSE | - |
| DNS | 10.1.5.131:53670 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56055 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56055 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:53670 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:59770 | RESPONSE | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50017 | RESPONSE | - |
| DNS | 10.1.5.131:60266 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:49705 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:54906 | RESPONSE | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50867 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50830 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:60266 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50867 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50830 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:49705 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56901 | RESPONSE | - |
| DNS | 10.1.5.131:57511 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:57511 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:57511 | RESPONSE | - |
| DNS | 10.1.5.131:60868 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:60868 | RESPONSE | - |
| DNS | 10.1.5.131:60868 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64039 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64039 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64039 | RESPONSE | - |
| DNS | 10.1.5.131:62327 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62327 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62327 | RESPONSE | - |
| DNS | 10.1.5.131:51977 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.131:51977 | 216.218.130.2:53 | QUERY | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:51977 | RESPONSE | - |
| DNS | 10.1.5.131:49808 | 74.82.42.42:53 | QUERY | - |
| DNS | 10.1.5.131:49808 | 74.82.42.42:53 | QUERY | - |
| DNS | 74.82.42.42:53 | 10.1.5.131:49808 | RESPONSE | - |
| DNS | 10.1.5.131:64980 | 1.1.1.1:53 | QUERY | - |
| DNS | 10.1.5.131:64980 | 1.1.1.1:53 | QUERY | - |
| DNS | 1.1.1.1:53 | 10.1.5.131:64980 | RESPONSE | - |
| DNS | 10.1.5.131:52181 | 8.8.8.8:53 | QUERY | - |
| DNS | 10.1.5.131:52181 | 8.8.8.8:53 | QUERY | - |
| DNS | 1.1.1.1:53 | 10.1.5.131:64980 | RESPONSE | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:52181 | RESPONSE | - |
| DNS | 10.1.5.131:61250 | 208.67.222.222:53 | QUERY | - |
| DNS | 10.1.5.131:61250 | 208.67.222.222:53 | QUERY | - |
| DNS | 208.67.222.222:53 | 10.1.5.131:61250 | RESPONSE | - |
| DNS | 10.1.5.131:57804 | 76.76.2.5:53 | QUERY | - |
| DNS | 10.1.5.131:57804 | 76.76.2.5:53 | QUERY | - |
| DNS | 76.76.2.5:53 | 10.1.5.131:57804 | RESPONSE | - |
| DNS | 10.1.5.131:64347 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64347 | 10.1.5.5:53 | QUERY | - |
| DNS | 76.76.2.5:53 | 10.1.5.131:57804 | RESPONSE | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:52181 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64347 | RESPONSE | - |
| DNS | 10.1.5.131:54363 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.131:54363 | 216.218.130.2:53 | QUERY | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:54363 | RESPONSE | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:54363 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:59985 | RESPONSE | - |
| DNS | 10.1.5.131:59985 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:59985 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:55831 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:55831 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:55831 | RESPONSE | - |
| DNS | 10.1.5.131:62608 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62608 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62608 | RESPONSE | - |
| DNS | 10.1.5.131:62162 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62162 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62162 | RESPONSE | - |
| DNS | 10.1.5.131:65434 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:65434 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:65434 | RESPONSE | - |
| DNS | 10.1.5.131:50763 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50763 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50763 | RESPONSE | - |
| DNS | 10.1.5.131:50313 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50313 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:49938 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50313 | RESPONSE | - |
| DNS | 10.1.5.131:49938 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:49938 | RESPONSE | - |
| DNS | 10.1.5.131:62592 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62592 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64726 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56819 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64726 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64726 | RESPONSE | - |
| DNS | 10.1.5.131:56819 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62592 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56819 | RESPONSE | - |
| DNS | 10.1.5.131:64187 | 216.218.130.2:53 | QUERY | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:64187 | RESPONSE | - |
| DNS | 10.1.5.131:58806 | 74.82.42.42:53 | QUERY | - |
| DNS | 10.1.5.131:58806 | 74.82.42.42:53 | QUERY | - |
| DNS | 74.82.42.42:53 | 10.1.5.131:58806 | RESPONSE | - |
| DNS | 10.1.5.131:62527 | 1.1.1.1:53 | QUERY | - |
| DNS | 10.1.5.131:53609 | 8.8.8.8:53 | QUERY | - |
| DNS | 74.82.42.42:53 | 10.1.5.131:58806 | RESPONSE | - |
| DNS | 1.1.1.1:53 | 10.1.5.131:62527 | RESPONSE | - |
| DNS | 10.1.5.131:53609 | 8.8.8.8:53 | QUERY | - |
| DNS | 10.1.5.131:58067 | 208.67.222.222:53 | QUERY | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:53609 | RESPONSE | - |
| DNS | 10.1.5.131:58067 | 208.67.222.222:53 | QUERY | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:53609 | RESPONSE | - |
| DNS | 10.1.5.131:61016 | 76.76.2.5:53 | QUERY | - |
| DNS | 208.67.222.222:53 | 10.1.5.131:58067 | RESPONSE | - |
| DNS | 10.1.5.131:51924 | 10.1.5.5:53 | QUERY | - |
| DNS | 76.76.2.5:53 | 10.1.5.131:61016 | RESPONSE | - |
| DNS | 10.1.5.131:64187 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.131:64187 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51924 | RESPONSE | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:64187 | RESPONSE | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:64187 | RESPONSE | - |
| DNS | 10.1.5.131:51924 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:51924 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51924 | RESPONSE | - |
| DNS | 10.1.5.131:63417 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:63417 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:63417 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:63417 | RESPONSE | - |
| DNS | 10.1.5.131:56922 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56922 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56922 | RESPONSE | - |
| DNS | 10.1.5.131:59898 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:51786 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51786 | RESPONSE | - |
| DNS | 10.1.5.131:51786 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:59898 | RESPONSE | - |
| DNS | 10.1.5.131:57599 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:57599 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51786 | RESPONSE | - |
v2.0.0 · by PCaptor Pro Team
🔌 ransomware_detection
Advanced ransomware detection: SMB enumeration, encryption, C2 beaconing, family identification, shadow copy deletion
Ransomware Detection: 5 threats detected (2 SMB enumerations, 0 encryption patterns, 0 beacons)
🔴 Critical: 5
🟠 High: 0
🟡 Medium: 0
⚪ Low: 0
| Type | Severity | Details | IOC |
|---|---|---|---|
| Ransomware Family Detected | CRITICAL | Conti ransomware family signature detected: 'conti' from 64.52.80.153 | Conti |
| Ransomware Family Detected | CRITICAL | STOP ransomware family signature detected: 'stop' from 45.61.136.222 | STOP |
| Ransomware Family Detected | CRITICAL | Conti ransomware family signature detected: 'conti' from 45.61.136.222 | Conti |
| Ransomware Family Detected | CRITICAL | Hive ransomware family signature detected: 'hive' from 10.1.5.131 | Hive |
| Ransomware Family Detected | CRITICAL | Hive ransomware family signature detected: 'hive' from 45.61.136.222 | Hive |
v1.0.0 · by PCaptor
🦠 virustotal
Queries VirusTotal API v3 to enrich extracted IPs. (Configure via plugin settings: 'api_key')
VirusTotal Enrichment: Checked IPs, found 9 threats
🔴 Critical: 0
🟠 High: 9
🟡 Medium: 0
⚪ Low: 0
| Type | Severity | Details | IOC |
|---|---|---|---|
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 13 malicious, 1 suspicious | IP: 173.232.146.62 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 1 suspicious | IP: 216.218.130.2 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 8 malicious, 2 suspicious | IP: 64.52.80.153 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 9 malicious, 2 suspicious | IP: 103.27.157.146 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 0 suspicious | IP: 34.117.59.81 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 0 suspicious | IP: 74.82.42.42 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 8 malicious, 2 suspicious | IP: 64.190.113.206 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 4 malicious, 0 suspicious | IP: 45.61.136.222 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 0 suspicious | IP: 132.226.247.73 |