Analysis Dashboard
cap.pcap · Generated February 24, 2026 at 11:58 PM
📦 Packet Statistics
🌐 Network Activity
🔒 Security Analysis
🔬 Detection Engines
Security Threats
Detected security issues and anomalies
| Type | Severity | Details | Indicator of Compromise |
|---|---|---|---|
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.921) - possible encryption/packing (medium confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.957) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.972) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.922) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.976) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.986) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.962) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.947) - possible encryption/packing (medium confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.974) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.962) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.914) - possible encryption/packing (low confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.978) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.974) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.979) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.968) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:56241 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.972) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.936) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.941) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 | 10.1.5.131 -> 64.190.113.206 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 | 10.1.5.131 -> 64.190.113.206 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.900) - possible encryption/packing (low confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.954) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.933) - possible encryption/packing (medium confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.190.113.206->10.1.5.131 | 64.190.113.206 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.973) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.975) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.1.168:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.973) - possible encryption/packing (high confidence) | 10.1.5.131 -> 173.223.0.10:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.904) - possible encryption/packing (low confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 173.223.0.10 -> 10.1.5.131:55905 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:49672 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.973) - possible encryption/packing (high confidence) | 173.223.0.10 -> 10.1.5.131:55905 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.223.1.168 -> 10.1.5.131:53209 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 | 10.1.5.131 -> 173.223.1.168 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.0.10 | 10.1.5.131 -> 173.223.0.10 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.952) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 23.222.241.133 -> 10.1.5.131:55233 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 | 173.223.0.10 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 | 173.223.0.10 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.978) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.960) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.970) - possible encryption/packing (high confidence) | 10.1.5.131 -> 204.79.197.222:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.978) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.956) - possible encryption/packing (high confidence) | 10.1.5.131 -> 204.79.197.222:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.940) - possible encryption/packing (medium confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.947) - possible encryption/packing (medium confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.969) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.971) - possible encryption/packing (high confidence) | 204.79.197.222 -> 10.1.5.131:63368 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:135 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63369 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:135 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63369 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.979) - possible encryption/packing (high confidence) | 10.1.5.131 -> 23.222.241.133:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 | 23.222.241.133 -> 10.1.5.131 |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| DNS Tunneling | ⚠ HIGH | Possible DNS tunneling detected: high entropy subdomain | crisis-geographic-atm.trafficmanager.net |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.965) - possible encryption/packing (high confidence) | 10.1.5.131 -> 20.150.160.75:443 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.980) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.981) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.971) - possible encryption/packing (high confidence) | 10.1.5.131 -> 13.107.213.254:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.937) - possible encryption/packing (medium confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 20.150.160.75 -> 10.1.5.131:64535 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.958) - possible encryption/packing (high confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.931) - possible encryption/packing (medium confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.975) - possible encryption/packing (high confidence) | 10.1.5.131 -> 13.107.213.254:443 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.935) - possible encryption/packing (medium confidence) | 13.107.213.254 -> 10.1.5.131:60400 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.968) - possible encryption/packing (high confidence) | 10.1.5.131 -> 13.107.213.254:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.948) - possible encryption/packing (medium confidence) | 10.1.5.131 -> 204.79.197.222:443 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 | 204.79.197.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 | 10.1.5.131 -> 204.79.197.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 | 10.1.5.131 -> 23.222.241.133 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 | 10.1.5.131 -> 20.150.160.75 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 | 13.107.213.254 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 | 10.1.5.131 -> 13.107.213.254 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.131 -> 10.1.5.5:49670 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 | 20.150.160.75 -> 10.1.5.131 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 10.1.5.5 -> 10.1.5.131:63370 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 | 173.223.0.10 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 | 173.223.1.168 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 | 10.1.5.131 -> 104.208.203.88 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 | 10.1.5.131 -> 104.208.203.88 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.47.48.15->10.1.5.131 | 23.47.48.15 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 | 104.208.203.88 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 | 10.1.5.131 -> 104.208.203.88 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 149.154.164.13->10.1.5.131 | 149.154.164.13 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 | 104.208.203.88 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 | 10.1.5.131 -> 103.27.157.146 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 | 10.1.5.131 -> 10.1.5.255 |
| Proxy Connection | ⚡ MEDIUM | SOCKS5 proxy connection detected | 103.27.157.146 -> 10.1.5.131:62981 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 | 10.1.5.131 -> 64.52.80.153 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 | 10.1.5.131 -> 45.61.136.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Suspicious Activity | ✓ LOW | URI contains potential base64 encoded data | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 | 10.1.5.131 -> 64.52.80.153 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 | 103.27.157.146 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 | 64.52.80.153 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 | 216.218.130.2 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 | 10.1.5.131 -> 74.82.42.42 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 | 10.1.5.131 -> 74.82.42.42 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 74.82.42.42->10.1.5.131 | 74.82.42.42 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 | 10.1.5.131 -> 1.1.1.1 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 | 10.1.5.131 -> 1.1.1.1 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 | 1.1.1.1 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 | 10.1.5.131 -> 8.8.8.8 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 | 10.1.5.131 -> 8.8.8.8 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 | 1.1.1.1 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 | 8.8.8.8 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 | 10.1.5.131 -> 208.67.222.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 | 10.1.5.131 -> 208.67.222.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 208.67.222.222->10.1.5.131 | 208.67.222.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 | 10.1.5.131 -> 76.76.2.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 | 10.1.5.131 -> 76.76.2.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 | 76.76.2.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 | 76.76.2.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 | 8.8.8.8 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 | 10.1.5.131 -> 216.218.130.2 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 | 216.218.130.2 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.960) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.968) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 | 216.218.130.2 -> 10.1.5.131 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.905) - possible encryption/packing (low confidence) | 172.67.74.152 -> 10.1.5.131:60405 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 | 10.1.5.5 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 | 10.1.5.131 -> 172.67.74.152 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 | 10.1.5.131 -> 10.1.5.5 |
| Encrypted Payload | ✓ LOW | High entropy payload detected (0.924) - possible encryption/packing (medium confidence) | 10.1.5.131 -> 173.232.146.62:25658 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 | 10.1.5.131 -> 172.67.74.152 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 | 10.1.5.131 -> 172.67.74.152 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 | 10.1.5.131 -> 173.232.146.62 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.987) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.985) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.986) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 | 172.67.74.152 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.984) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.982) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.986) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.983) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Encrypted Payload | ⚡ MEDIUM | High entropy payload detected (0.956) - possible encryption/packing (high confidence) | 173.232.146.62 -> 10.1.5.131:60404 |
| Suspicious Activity | ✓ LOW | URI contains potential base64 encoded data | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 | 10.1.5.131 -> 45.61.136.222 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 | 173.232.146.62 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| Custom Signature Match (Payload) | ⚠ CRITICAL | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 | 45.61.136.222 -> 10.1.5.131 |
| ... Truncated to 1000 entries. View CSV for full export ... | |||
C2 Detection
Command & Control framework detections
| Timestamp | Framework | Confidence | Indicator | URL | Connection |
|---|---|---|---|---|---|
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.131 → 10.1.5.5 |
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.131 → 10.1.5.5 |
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.5 → 10.1.5.131 |
| 21:38:35 | DNS Tunneling | MEDIUM | High entropy subdomain | crisis-geographic-atm.trafficmanager.net | 10.1.5.5 → 10.1.5.131 |
| 21:42:49 | Behavioral | LOW | Suspicious User-Agent: powershell | http://ey267te.top/1.php?s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:42:49 | Generic | LOW | UUID-like pattern in URI | http://ey267te.top/1.php?s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:42:50 | Behavioral | LOW | Suspicious User-Agent: powershell | http://bz1d0zvfi03yhn1.top/1.php?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9 | 10.1.5.131 → 45.61.136.222 |
| 21:42:50 | Generic | LOW | UUID-like pattern in URI | http://bz1d0zvfi03yhn1.top/1.php?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9 | 10.1.5.131 → 45.61.136.222 |
| 21:42:51 | Behavioral | LOW | Suspicious User-Agent: powershell | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:42:51 | Generic | LOW | Base64-encoded URI data | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c | 10.1.5.131 → 64.52.80.153 |
| 21:43:03 | Behavioral | LOW | Suspicious User-Agent: powershell | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 | 10.1.5.131 → 45.61.136.222 |
| 21:43:03 | Generic | LOW | Base64-encoded URI data | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 | 10.1.5.131 → 45.61.136.222 |
| 21:43:35 | Generic | LOW | Base64-encoded URI data | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 |
| 21:43:36 | Generic | LOW | Base64-encoded URI data | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 |
Beaconing Detection
Statistical analysis of C2 callback patterns
| Timestamp | Source IP | Destination IP | Port | Interval | Jitter | Confidence | Packets |
|---|
Tunneling Detection
SSH and ICMP tunneling analysis
| Timestamp | Source IP | Destination IP | Port | Throughput | Packet Rate | Duration | Reason | Confidence |
|---|
| Timestamp | Source IP | Destination IP | Type | Payload Size | Entropy | Reason | Confidence |
|---|
Lateral Movement
Detected lateral movement patterns across the network
| Timestamp | Source IP | Target Count | Port | Technique | Targets | Confidence |
|---|
Data Exfiltration
Large data uploads and suspicious transfers
| Timestamp | Source IP | Destination IP | Port | Bytes Out | Duration | Rate | Method | Confidence |
|---|---|---|---|---|---|---|---|---|
| 2026-01-08 21:42:50 | 45.61.136.222 | 10.1.5.131 | 60402 | 196.0 MB | 47s | 4295 KB/s | Unknown protocol exfiltration | low |
| 2026-01-08 21:42:51 | 64.52.80.153 | 10.1.5.131 | 60403 | 299.6 KB | 1s | 240 KB/s | Unknown protocol exfiltration | low |
| 2026-01-08 21:46:16 | 173.232.146.62 | 10.1.5.131 | 60411 | 11.5 MB | 13s | 938 KB/s | Unknown protocol exfiltration | low |
TLS Fingerprints (JA3 & JA4)
Full ClientHello parsing: JA3 MD5 + JA4 SHA-256 fingerprints for encrypted C2 detection
| Timestamp | Source IP | Destination IP | JA3 Hash | JA4 Hash | Server Name | TLS Version | Suspicious | Confidence |
|---|---|---|---|---|---|---|---|---|
| 2026-01-08 21:43:00 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:43:01 | 10.1.5.131 | 172.67.74.152 | 6a5d235ee78c6aed… | t12i180700_4b22cbed5bed_… | api.ipify.org | TLS 1.2 | No | - |
| 2026-01-08 21:45:27 | 10.1.5.131 | 20.42.65.90 | 6634ba84945fce7c… | t12i201300_2b729b4bf6f3_… | mobile.events.data.microsoft.com | TLS 1.2 | No | - |
| 2026-01-08 21:46:12 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:46:13 | 10.1.5.131 | 104.26.12.205 | 6a5d235ee78c6aed… | t12i180700_4b22cbed5bed_… | api.ipify.org | TLS 1.2 | No | - |
| 2026-01-08 21:46:15 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:46:16 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - | |
| 2026-01-08 21:46:28 | 10.1.5.131 | 173.232.146.62 | 07af4aa9e4d215a5… | t10d060500_4dc025c38c38_… | TLS 1.0 | No | - |
Steganography Detection
Hidden data in images and files
| Timestamp | Source IP | Destination IP | Protocol | Filename | File Type | Method | Indicator | Confidence |
|---|
HTTP URLs
All accessed URLs from HTTP traffic
| Timestamp | Method | URL | User-Agent | Connection |
|---|---|---|---|---|
| 21:42:49 | GET | http://ey267te.top/1.php?s=63e95be1-92e0-45c1-a928-65d63b17cd1c | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 64.52.80.153 |
| 21:42:50 | GET | http://bz1d0zvfi03yhn1.top/1.php?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9 | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 45.61.136.222 |
| 21:42:51 | GET | http://fnjnbehjangelkd.top/txoidka8bfhtr.php?id=DESKTOP-G71S4PF&key=43333495587&s=63e95be1-92e0-45c1-a928-65d63b17cd1c | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 64.52.80.153 |
| 21:43:03 | GET | http://bz1d0zvfi03yhn1.top/st2?s=04e1ab2b-3f93-46fa-9aed-c3a2a3f126c9&id=DESKTOP-G71S4PF&key=43880887987 | Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.26100.7462 | 10.1.5.131 → 45.61.136.222 |
| 21:43:04 | GET | http://bz1d0zvfi03yhn1.top/getarchive | 10.1.5.131 → 45.61.136.222 | |
| 21:43:35 | GET | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 | |
| 21:43:35 | GET | http://bz1d0zvfi03yhn1.top/archivehash | 10.1.5.131 → 45.61.136.222 | |
| 21:43:36 | GET | http://bz1d0zvfi03yhn1.top/installreport?r=0&hash=1DD91BA2F56CED5AF731E67121619D6A9EF2CBB8F1524989FC542EF904605908 | 10.1.5.131 → 45.61.136.222 | |
| 21:46:21 | GET | http://checkip.dyndns.org/ | 10.1.5.131 → 132.226.247.73 | |
| 21:46:21 | GET | http://ipinfo.io/166.2.31.194/city | 10.1.5.131 → 34.117.59.81 | |
| 21:46:21 | GET | http://ipinfo.io/166.2.31.194/region | 10.1.5.131 → 34.117.59.81 | |
| 21:46:21 | GET | http://ipinfo.io/166.2.31.194/country | 10.1.5.131 → 34.117.59.81 |
Extracted Credentials
Credentials found in cleartext protocols
Protocol Analysis
Messages and communications from various protocols
Network Flows
Top network connections and traffic patterns
| Source | Destination | Protocol | Packets | Bytes | Duration |
|---|---|---|---|---|---|
| 45.61.136.222:80 | 10.1.5.131:60402 | TCP | 149.4K | 196.0 MB | 46.739s |
| 173.232.146.62:25658 | 10.1.5.131:60411 | TCP | 12.7K | 11.5 MB | 12.52s |
| 173.232.146.62:25658 | 10.1.5.131:60408 | TCP | 982 | 871.4 KB | 28.769s |
| 64.52.80.153:80 | 10.1.5.131:60403 | TCP | 225 | 299.6 KB | 1.25s |
| 64.52.80.153:80 | 10.1.5.131:60401 | TCP | 41 | 52.1 KB | 390ms |
| 173.232.146.62:25658 | 10.1.5.131:60404 | TCP | 63 | 43.3 KB | 26.032s |
| 204.79.197.222:443 | 10.1.5.131:63368 | TCP | 38 | 24.7 KB | 30.966s |
| 10.1.5.131:55233 | 23.222.241.133:443 | UDP | 41 | 13.6 KB | 8.46s |
| 173.223.1.168:443 | 10.1.5.131:49672 | TCP | 13 | 11.4 KB | 34.374s |
| 23.222.241.133:443 | 10.1.5.131:55233 | UDP | 44 | 10.9 KB | 8.552s |
| 103.27.157.146:4444 | 10.1.5.131:62981 | TCP | 17 | 8.9 KB | 5m15.923s |
| 10.1.5.131:63370 | 10.1.5.5:49670 | TCP | 42 | 7.2 KB | 24.997s |
| 10.1.5.131:60410 | 173.232.146.62:25658 | TCP | 19 | 7.1 KB | 6.166s |
| 20.150.160.75:443 | 10.1.5.131:64535 | TCP | 11 | 6.9 KB | 250ms |
| 20.42.65.90:443 | 10.1.5.131:60407 | TCP | 9 | 6.8 KB | 177ms |
| 13.107.213.254:443 | 10.1.5.131:60400 | TCP | 11 | 6.1 KB | 23.355s |
| 10.1.5.131:60406 | 10.1.5.5:445 | TCP | 16 | 5.0 KB | 10.738s |
| 10.1.5.5:49670 | 10.1.5.131:63370 | TCP | 39 | 4.8 KB | 24.996s |
| 173.223.1.168:443 | 10.1.5.131:53209 | TCP | 14 | 4.8 KB | 34.39s |
| 10.1.5.131:53209 | 173.223.1.168:443 | TCP | 12 | 4.0 KB | 34.39s |
| 173.223.1.168:443 | 10.1.5.131:56241 | TCP | 6 | 4.0 KB | 34.371s |
| 10.1.5.131:49672 | 173.223.1.168:443 | TCP | 13 | 3.7 KB | 34.326s |
| 10.1.5.131:63368 | 204.79.197.222:443 | TCP | 25 | 3.6 KB | 31.005s |
| 10.1.5.131:60400 | 13.107.213.254:443 | TCP | 13 | 3.6 KB | 23.377s |
| 10.1.5.131:138 | 10.1.5.255:138 | UDP | 17 | 3.2 KB | 5m19.18s |
| 172.67.74.152:443 | 10.1.5.131:60405 | TCP | 7 | 3.2 KB | 233ms |
| 104.26.12.205:443 | 10.1.5.131:60409 | TCP | 7 | 3.2 KB | 176ms |
| 10.1.5.131:64535 | 20.150.160.75:443 | TCP | 11 | 2.4 KB | 321ms |
| 173.223.0.10:443 | 10.1.5.131:55905 | TCP | 4 | 2.4 KB | 33.723s |
| 10.1.5.5:445 | 10.1.5.131:60406 | TCP | 12 | 1.8 KB | 10.737s |
| 10.1.5.131:56241 | 173.223.1.168:443 | TCP | 7 | 1.8 KB | 34.37s |
| 10.1.5.131:60407 | 20.42.65.90:443 | TCP | 9 | 1.6 KB | 264ms |
| 10.1.5.131:60408 | 173.232.146.62:25658 | TCP | 341 | 1.6 KB | 28.795s |
| 10.1.5.131:60404 | 173.232.146.62:25658 | TCP | 33 | 1.5 KB | 39.905s |
| 10.1.5.131:62981 | 103.27.157.146:4444 | TCP | 13 | 1.5 KB | 5m15.902s |
| 34.117.59.81:80 | 10.1.5.131:60413 | TCP | 7 | 1.1 KB | 185ms |
| 10.1.5.131:55905 | 173.223.0.10:443 | TCP | 5 | 1017 B | 33.759s |
| 10.1.5.131:60402 | 45.61.136.222:80 | TCP | 74.5K | 800 B | 52.711s |
| 64.190.113.206:79 | 10.1.5.131:53210 | TCP | 6 | 732 B | 227ms |
| 10.1.5.131:60405 | 172.67.74.152:443 | TCP | 8 | 449 B | 39.048s |
| 10.1.5.131:60409 | 104.26.12.205:443 | TCP | 7 | 449 B | 255ms |
| 10.1.5.131:60411 | 173.232.146.62:25658 | TCP | 4.4K | 428 B | 12.551s |
| 10.1.5.5:135 | 10.1.5.131:63369 | TCP | 5 | 376 B | 9.99s |
| 10.1.5.5:53 | 10.1.5.131:50379 | UDP | 4 | 328 B | 6.333s |
| 10.1.5.131:63369 | 10.1.5.5:135 | TCP | 7 | 328 B | 9.991s |
| 10.1.5.5:53 | 10.1.5.131:63417 | UDP | 2 | 296 B | 39ms |
| 132.226.247.73:80 | 10.1.5.131:60412 | TCP | 3 | 273 B | 167ms |
| 10.1.5.131:60403 | 64.52.80.153:80 | TCP | 119 | 255 B | 49.032s |
| 10.1.5.5:53 | 10.1.5.131:51786 | UDP | 2 | 249 B | 33ms |
| 76.76.2.5:53 | 10.1.5.131:57804 | UDP | 2 | 214 B | 25ms |
Showing top 50 flows out of 179 total flows
Custom Signature Matches
Detections from user-defined JSON/NDJSON signatures (HTTP, TLS, DNS, raw payload)
| Rule Name | Severity | Source | Destination | Detail |
|---|---|---|---|---|
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.190.113.206 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.190.113.206 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.190.113.206 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 64.190.113.206 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.190.113.206->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.1.168 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.1.168 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.223.0.10 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.223.0.10 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.0.10 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.0.10 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 23.222.241.133 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.222.241.133->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 204.79.197.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 204.79.197.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 204.79.197.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->204.79.197.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 23.222.241.133 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->23.222.241.133 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 20.150.160.75 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->20.150.160.75 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 13.107.213.254 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 13.107.213.254->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 13.107.213.254 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->13.107.213.254 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 20.150.160.75 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 20.150.160.75->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.0.10 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.0.10->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.223.1.168 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.223.1.168->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 104.208.203.88 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 104.208.203.88 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 |
| Custom Signature Match (Payload) | CRITICAL | 23.47.48.15 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 23.47.48.15->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 104.208.203.88 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 104.208.203.88 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->104.208.203.88 |
| Custom Signature Match (Payload) | CRITICAL | 149.154.164.13 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 149.154.164.13->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 104.208.203.88 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 104.208.203.88->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 103.27.157.146 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->103.27.157.146 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.255 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.255 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.52.80.153 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 45.61.136.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 64.52.80.153 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->64.52.80.153 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 103.27.157.146 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 103.27.157.146->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 64.52.80.153 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 64.52.80.153->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 216.218.130.2 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 74.82.42.42 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 74.82.42.42 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->74.82.42.42 |
| Custom Signature Match (Payload) | CRITICAL | 74.82.42.42 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 74.82.42.42->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 1.1.1.1 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 1.1.1.1 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->1.1.1.1 |
| Custom Signature Match (Payload) | CRITICAL | 1.1.1.1 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 8.8.8.8 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 8.8.8.8 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->8.8.8.8 |
| Custom Signature Match (Payload) | CRITICAL | 1.1.1.1 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 1.1.1.1->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 8.8.8.8 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 208.67.222.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 208.67.222.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->208.67.222.222 |
| Custom Signature Match (Payload) | CRITICAL | 208.67.222.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 208.67.222.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 76.76.2.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 76.76.2.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->76.76.2.5 |
| Custom Signature Match (Payload) | CRITICAL | 76.76.2.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 76.76.2.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 76.76.2.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 8.8.8.8 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 8.8.8.8->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 216.218.130.2 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->216.218.130.2 |
| Custom Signature Match (Payload) | CRITICAL | 216.218.130.2 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 216.218.130.2 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 216.218.130.2->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 172.67.74.152 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 172.67.74.152 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 172.67.74.152 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->172.67.74.152 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 173.232.146.62 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->173.232.146.62 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 172.67.74.152 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 172.67.74.152->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 45.61.136.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 173.232.146.62 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 173.232.146.62->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 10.1.5.5 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->10.1.5.5 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.131 | 45.61.136.222 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.131->45.61.136.222 |
| Custom Signature Match (Payload) | CRITICAL | 10.1.5.5 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 10.1.5.5->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| Custom Signature Match (Payload) | CRITICAL | 45.61.136.222 | 10.1.5.131 | Custom sig 'Cobalt Strike Default Malleable Profile' matched payload from 45.61.136.222->10.1.5.131 |
| ... Truncated to 1000 entries. View CSV for full export ... | ||||
YARA Rule Matches
Pure-Go YARA engine: text, hex (with ?? wildcards), regex patterns
| Rule | Threat Name | Source | Destination | Context | Matched Strings |
|---|---|---|---|---|---|
| YARA Rule Match | YARA rule 'ZMap_Scanner' [default] matched in packet_payload (src=173.232.146.62 dst=10.1.5.131) - hex: | 173.232.146.62 | 10.1.5.131 (YARA: ZMap_Scanner) |
Threat Intelligence Matches
IP, domain, JA3/JA4, file hash lookups against loaded TI feeds
| Indicator | Type | Threat Name | Confidence | Source Feed | Matched Flow |
|---|---|---|---|---|---|
IP: 149.154.164.13 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 3 active pulses |
IP: 20.52.64.200 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 13 active pulses |
IP: 172.67.74.152 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 13 active pulses |
IP: 64.52.80.153 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 40 active pulses |
IP: 23.192.223.232 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 2 active pulses |
IP: 20.42.65.90 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 8 active pulses |
IP: 104.26.12.205 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 17 active pulses |
IP: 132.226.247.73 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 27 active pulses |
IP: 173.232.146.62 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 24 active pulses |
IP: 103.27.157.146 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 41 active pulses |
IP: 204.79.197.222 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 12 active pulses |
IP: 34.117.59.81 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 50 active pulses |
IP: 216.218.130.2 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 4 active pulses |
IP: 64.190.113.206 | AlienVault OTX | HIGH | 0% | - | AlienVault OTX: IP reported in 50 active pulses |
IP: 173.232.146.62 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 13 malicious, 1 suspicious |
IP: 216.218.130.2 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 1 suspicious |
IP: 64.52.80.153 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 8 malicious, 2 suspicious |
IP: 103.27.157.146 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 9 malicious, 2 suspicious |
IP: 34.117.59.81 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 0 suspicious |
IP: 74.82.42.42 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 0 suspicious |
IP: 64.190.113.206 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 8 malicious, 2 suspicious |
IP: 45.61.136.222 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 4 malicious, 0 suspicious |
IP: 132.226.247.73 | VirusTotal Plugin | HIGH | 0% | - | VT Detections: 1 malicious, 0 suspicious |
Network Flow Temporal Analysis
Inter-arrival time (IAT) stats, burst detection, periodicity scoring, diurnal patterns
| Flow | Packets | Mean IAT | Std Dev IAT | Burst Count | Periodicity | Night Activity | Flags |
|---|---|---|---|---|---|---|---|
10.1.5.131:60404 → 173.232.146.62:25658/TCP | 33 | 1247.0ms | 3583.0ms | 4 | 2% | DAY | |
23.222.241.133:443 → 10.1.5.131:55233/UDP | 44 | 198.9ms | 875.1ms | 3 | 1% | DAY | |
45.61.136.222:80 → 10.1.5.131:60402/TCP | 1000 | 19.0ms | 414.7ms | 3 | 1% | DAY | |
10.1.5.131:60410 → 173.232.146.62:25658/TCP | 19 | 342.6ms | 743.9ms | 3 | 3% | DAY | |
10.1.5.131:63368 → 204.79.197.222:443/TCP | 25 | 1291.9ms | 4800.9ms | 3 | 0% | DAY | |
10.1.5.5:49670 → 10.1.5.131:63370/TCP | 39 | 657.8ms | 2816.0ms | 3 | 0% | DAY | |
10.1.5.131:138 → 10.1.5.255:138/UDP | 17 | 19948.8ms | 50713.3ms | 3 | 0% | DAY | |
10.1.5.131:55233 → 23.222.241.133:443/UDP | 41 | 213.8ms | 901.8ms | 3 | 1% | DAY | |
10.1.5.131:60402 → 45.61.136.222:80/TCP | 1000 | 20.3ms | 410.7ms | 3 | 1% | DAY | |
173.232.146.62:25658 → 10.1.5.131:60410/TCP | 17 | 382.5ms | 775.3ms | 3 | 3% | DAY | |
10.1.5.131:63370 → 10.1.5.5:49670/TCP | 42 | 609.7ms | 2706.1ms | 3 | 0% | DAY | |
173.232.146.62:25658 → 10.1.5.131:60404/TCP | 63 | 419.9ms | 2059.2ms | 3 | 0% | DAY | |
204.79.197.222:443 → 10.1.5.131:63368/TCP | 38 | 836.9ms | 3919.6ms | 3 | 0% | DAY |
Plugin Results
Click any plugin card to open its full analysis report
Queries AlienVault OTX to enrich extracted IPs. (Configure via plugin settings: 'api_key')
AlienVault OTX: Checked IPs, found 14 threats
Builds a network connection graph for visualization
Connection Graph: 30 nodes, 57 edges
Comprehensive crypto detection with detailed tracking: wallets, mining pools, Stratum sessions, browser mining, miner software
Crypto Detection: 5 wallets, 0 pools, 0 browser mining, 0 miner software, 0 Stratum sessions
Enriches IP addresses with geolocation data and detects anomalous geographic patterns
Analyzed 27 unique IPs | High-risk: 6 | VPN: 6 | Impossible travel: 0
A simple template plugin that counts packets
Hello World: Analyzed 243564 packets
Extracts and categorizes HTTP request/response content
HTTP Content: 0 credential forms, 0 unique API endpoints
Detects IoT/OT protocol anomalies including Modbus, MQTT, BACnet, and CoAP attacks
IoT/OT Detection: 0 threats detected (Modbus: 0, MQTT: 0, BACnet: 0, CoAP: 0)
Advanced LOLBin detection with MITRE ATT&CK mapping, attack chains, and detailed reporting
LOLBin Detection: 455 threats (PS: 5, Certutil: 0, Bitsadmin: 0, WMI: 0, Mshta: 0, Regsvr32: 0, Rundll32: 0)
Detects Telegram Bot API and WhatsApp API used as covert C2 channels via IP, DNS, TLS SNI, payload, and beacon analysis
Messaging C2: 1 hits (1 Telegram, 0 WhatsApp) | 0 beacons | 0 exfiltration events
Random Forest (5 trees) + Isolation Forest over 20 flow features; DB grows with each scan
ML C2: 1 flows scored — 0 critical, 0 high, 0 medium, 1 low | DB: 10001 records
Detects violations of protocol specifications
Protocol Anomalies: 38 detected
Deep packet inspection for application-layer protocols (Modbus, MQTT, MySQL, SMTP, etc.)
Decoded 157 protocol messages | Violations: 0 | Tunneling: 0
Advanced ransomware detection: SMB enumeration, encryption, C2 beaconing, family identification, shadow copy deletion
Ransomware Detection: 5 threats detected (2 SMB enumerations, 0 encryption patterns, 0 beacons)
Queries VirusTotal API v3 to enrich extracted IPs. (Configure via plugin settings: 'api_key')
VirusTotal Enrichment: Checked IPs, found 9 threats
👽 alienvault_otx
Queries AlienVault OTX to enrich extracted IPs. (Configure via plugin settings: 'api_key')
| Type | Severity | Details | IOC |
|---|---|---|---|
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 3 active pulses | IP: 149.154.164.13 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 13 active pulses | IP: 20.52.64.200 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 13 active pulses | IP: 172.67.74.152 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 40 active pulses | IP: 64.52.80.153 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 2 active pulses | IP: 23.192.223.232 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 8 active pulses | IP: 20.42.65.90 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 17 active pulses | IP: 104.26.12.205 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 27 active pulses | IP: 132.226.247.73 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 24 active pulses | IP: 173.232.146.62 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 41 active pulses | IP: 103.27.157.146 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 12 active pulses | IP: 204.79.197.222 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 50 active pulses | IP: 34.117.59.81 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 4 active pulses | IP: 216.218.130.2 |
| Threat Intel Match (AlienVault OTX) | HIGH | AlienVault OTX: IP reported in 50 active pulses | IP: 64.190.113.206 |
🕸️ connection_graph
Builds a network connection graph for visualization
Network Nodes
| IP Address | Packets | Bytes | Status |
|---|---|---|---|
45.61.136.222 | 149398 | 213618059 | Normal |
173.232.146.62 | 13737 | 13724045 | Normal |
10.1.5.131 | 79822 | 4886414 | Normal |
64.52.80.153 | 266 | 374604 | Normal |
204.79.197.222 | 38 | 27448 | Normal |
173.223.1.168 | 33 | 22561 | Normal |
10.1.5.5 | 104 | 17034 | Normal |
23.222.241.133 | 48 | 13298 | Normal |
103.27.157.146 | 17 | 10045 | Normal |
20.150.160.75 | 11 | 7715 | Normal |
20.42.65.90 | 9 | 7491 | Normal |
13.107.213.254 | 11 | 6851 | Normal |
172.67.74.152 | 7 | 3639 | Normal |
104.26.12.205 | 7 | 3638 | Normal |
173.223.0.10 | 4 | 2640 | Normal |
34.117.59.81 | 7 | 1540 | Normal |
64.190.113.206 | 6 | 1092 | Normal |
104.208.203.88 | 5 | 597 | Normal |
8.8.8.8 | 4 | 596 | Normal |
216.218.130.2 | 6 | 538 | Normal |
132.226.247.73 | 3 | 453 | Normal |
1.1.1.1 | 3 | 447 | Normal |
74.82.42.42 | 3 | 447 | Normal |
76.76.2.5 | 3 | 447 | Normal |
208.67.222.222 | 2 | 298 | Normal |
23.192.223.232 | 4 | 240 | Normal |
23.47.48.15 | 3 | 198 | Normal |
149.154.164.13 | 2 | 138 | Normal |
20.52.64.200 | 1 | 60 | Normal |
10.1.5.255 | 0 | 0 | Normal |
Connection Edges
| Source | Destination | Protocol | Packets | Bytes |
|---|---|---|---|---|
45.61.136.222 | 10.1.5.131 | TCP | 149398 | 213618059 |
10.1.5.131 | 45.61.136.222 | TCP | 74504 | 4499226 |
173.232.146.62 | 10.1.5.131 | TCP | 13737 | 13724045 |
10.1.5.131 | 173.232.146.62 | TCP | 4785 | 297868 |
64.52.80.153 | 10.1.5.131 | TCP | 266 | 374604 |
10.1.5.131 | 64.52.80.153 | TCP | 140 | 8933 |
10.1.5.131 | 10.1.5.5 | UDP | 140 | 22919 |
10.1.5.5 | 10.1.5.131 | UDP | 104 | 17034 |
23.222.241.133 | 10.1.5.131 | UDP | 48 | 13298 |
10.1.5.131 | 23.222.241.133 | UDP | 43 | 15777 |
204.79.197.222 | 10.1.5.131 | TCP | 38 | 27448 |
173.223.1.168 | 10.1.5.131 | TCP | 33 | 22561 |
10.1.5.131 | 173.223.1.168 | TCP | 32 | 11658 |
10.1.5.131 | 204.79.197.222 | TCP | 25 | 5105 |
10.1.5.131 | 10.1.5.255 | UDP | 19 | 4207 |
103.27.157.146 | 10.1.5.131 | TCP | 17 | 10045 |
10.1.5.131 | 103.27.157.146 | TCP | 13 | 2267 |
10.1.5.131 | 13.107.213.254 | TCP | 13 | 4397 |
20.150.160.75 | 10.1.5.131 | TCP | 11 | 7715 |
10.1.5.131 | 20.150.160.75 | TCP | 11 | 3108 |
13.107.213.254 | 10.1.5.131 | TCP | 11 | 6851 |
20.42.65.90 | 10.1.5.131 | TCP | 9 | 7491 |
10.1.5.131 | 20.42.65.90 | TCP | 9 | 2161 |
10.1.5.131 | 216.218.130.2 | UDP | 9 | 799 |
10.1.5.131 | 23.192.223.232 | TCP | 8 | 480 |
10.1.5.131 | 172.67.74.152 | TCP | 8 | 917 |
10.1.5.131 | 104.208.203.88 | TCP | 7 | 608 |
34.117.59.81 | 10.1.5.131 | TCP | 7 | 1540 |
172.67.74.152 | 10.1.5.131 | TCP | 7 | 3639 |
104.26.12.205 | 10.1.5.131 | TCP | 7 | 3638 |
10.1.5.131 | 104.26.12.205 | TCP | 7 | 857 |
64.190.113.206 | 10.1.5.131 | TCP | 6 | 1092 |
10.1.5.131 | 34.117.59.81 | TCP | 6 | 533 |
216.218.130.2 | 10.1.5.131 | UDP | 6 | 538 |
10.1.5.131 | 64.190.113.206 | TCP | 6 | 368 |
10.1.5.131 | 8.8.8.8 | UDP | 6 | 670 |
10.1.5.131 | 74.82.42.42 | UDP | 5 | 493 |
10.1.5.131 | 173.223.0.10 | TCP | 5 | 1311 |
104.208.203.88 | 10.1.5.131 | TCP | 5 | 597 |
10.1.5.131 | 208.67.222.222 | UDP | 4 | 316 |
8.8.8.8 | 10.1.5.131 | UDP | 4 | 596 |
10.1.5.131 | 76.76.2.5 | UDP | 4 | 414 |
173.223.0.10 | 10.1.5.131 | TCP | 4 | 2640 |
10.1.5.131 | 1.1.1.1 | UDP | 4 | 414 |
10.1.5.131 | 132.226.247.73 | TCP | 4 | 308 |
23.192.223.232 | 10.1.5.131 | TCP | 4 | 240 |
23.47.48.15 | 10.1.5.131 | TCP | 3 | 198 |
76.76.2.5 | 10.1.5.131 | UDP | 3 | 447 |
74.82.42.42 | 10.1.5.131 | UDP | 3 | 447 |
132.226.247.73 | 10.1.5.131 | TCP | 3 | 453 |
1.1.1.1 | 10.1.5.131 | UDP | 3 | 447 |
208.67.222.222 | 10.1.5.131 | UDP | 2 | 298 |
149.154.164.13 | 10.1.5.131 | TCP | 2 | 138 |
10.1.5.131 | 23.47.48.15 | TCP | 2 | 120 |
10.1.5.131 | 20.52.64.200 | TCP | 2 | 120 |
20.52.64.200 | 10.1.5.131 | TCP | 1 | 60 |
10.1.5.131 | 149.154.164.13 | TCP | 1 | 60 |
🔌 crypto_wallet_detection
Comprehensive crypto detection with detailed tracking: wallets, mining pools, Stratum sessions, browser mining, miner software
₿ Cryptocurrency Detection Summary
💰 Wallet Types Detected
Detected wallet addresses in network traffic
| Type | Address | Packets | Source IPs | First Seen | Last Seen |
|---|---|---|---|---|---|
| Ripple | rYMKLxblnVF9fAYA6iD6VUWeLZrv4dj |
1 | 1 | 2026-01-08 21:42:49 | 2026-01-08 21:42:49 |
| Ripple | rr8f92982aqmpr8fisljtfm2son |
1 | 1 | 2026-01-08 21:42:50 | 2026-01-08 21:42:50 |
| Ripple | romPipelineByPropertyName |
1 | 1 | 2026-01-08 21:43:04 | 2026-01-08 21:43:04 |
| Ripple | rkaablampgoqrkaablejaeor4 |
1 | 1 | 2026-01-08 21:43:04 | 2026-01-08 21:43:04 |
| Ripple | rkanltp6m8fjeor5j882sgb55j84 |
2 | 1 | 2026-01-08 21:43:04 | 2026-01-08 21:43:04 |
Wallet addresses grouped by source IP address
| Source IP | Wallet Count | Wallet Types | Sample Addresses |
|---|---|---|---|
64.52.80.153 |
1 | Ripple: 1 | rYMKLxblnVF9fAY...6VUWeLZrv4dj |
45.61.136.222 |
4 | Ripple: 4 | rr8f92982aqmpr8fisljtfm2son |
🔌 geo_intelligence
Enriches IP addresses with geolocation data and detects anomalous geographic patterns
| Type | Severity | Details | IOC |
|---|---|---|---|
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 23.222.241.133 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 20.150.160.75 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 20.52.64.200 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 23.192.223.232 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 23.47.48.15 |
| Geolocation Risk | MEDIUM | Chicago, United States - VPN/Proxy detected | 20.42.65.90 |
👋 hello_world
A simple template plugin that counts packets
🌐 http_content
Extracts and categorizes HTTP request/response content
🔌 iot_ot_detection
Detects IoT/OT protocol anomalies including Modbus, MQTT, BACnet, and CoAP attacks
🔌 lolbin_detection
Advanced LOLBin detection with MITRE ATT&CK mapping, attack chains, and detailed reporting
🛠️ LOLBin Tools Detected
📊 Attack Statistics
Multi-stage attacks using multiple LOLBin tools
| Source IP | Target IP | Tools Used | Events | Severity | Timeline |
|---|---|---|---|---|---|
173.232.146.62 |
10.1.5.131 |
PowerShell | 18 | MEDIUM | 21:46:15: T1027 - Encoded (Short) 21:46:15: T1059.001 - Command (Alias) 21:46:15: T1059.001 - REST Method (Alias) ... and 15 more |
10.1.5.131 |
10.1.5.5 |
PowerShell | 2 | MEDIUM | 21:38:35: T1059.001 - Command (Alias) 21:38:35: T1059.001 - Command (Alias) |
10.1.5.5 |
10.1.5.131 |
PowerShell | 3 | MEDIUM | 21:38:35: T1059.001 - Command (Alias) 21:38:35: T1059.001 - Command (Alias) 21:40:19: T1059.001 - Command (Alias) |
10.1.5.131 |
20.150.160.75 |
PowerShell | 2 | MEDIUM | 21:38:35: T1059.001 - Command (Alias) 21:38:35: T1059.001 - Command (Alias) |
64.52.80.153 |
10.1.5.131 |
PowerShell | 7 | MEDIUM | 21:42:49: T1564.003 - Hidden Window Style 21:42:49: T1059.001 - Process Execution 21:42:49: T1059.001 - Dynamic Compilation ... and 4 more |
45.61.136.222 |
10.1.5.131 |
PowerShell | 423 | MEDIUM | 21:42:50: T1059.001 - Object Creation 21:42:50: T1027 - Encoding Conversion 21:42:50: T1059.001 - Object Creation ... and 420 more |
| Source IP | Techniques | Downloads | Executions | Encoded | Remote | Targets | Duration | Severity |
|---|---|---|---|---|---|---|---|---|
10.1.5.131 |
T1059.001 - Command (Alias) | 0 | 0 | 0 | 4 | 2 | 0s | CRITICAL |
10.1.5.5 |
T1059.001 - Command (Alias) | 0 | 0 | 0 | 3 | 1 | 1m44s | CRITICAL |
64.52.80.153 |
T1564.003 - Hidden Window Style T1059.001 - Process Execution T1059.001 - Dynamic Compilation ... +3 more |
0 | 0 | 0 | 0 | 1 | 0s | HIGH |
45.61.136.222 |
T1059.001 - Object Creation T1027 - Encoding Conversion T1055 - Reflective Loading ... +8 more |
0 | 99 | 0 | 90 | 1 | 46s | CRITICAL |
173.232.146.62 |
T1027 - Encoded (Short) T1059.001 - Command (Alias) T1059.001 - REST Method (Alias) ... +2 more |
0 | 6 | 0 | 6 | 1 | 10s | CRITICAL |
| Target IP | Total Attacks | Attack Types | Attackers | First Attack | Last Attack |
|---|---|---|---|---|---|
10.1.5.5 |
2 | PowerShell: 2 |
1 | 21:38:35 | 21:38:35 |
10.1.5.131 |
451 | PowerShell: 451 |
4 | 21:38:35 | 21:46:25 |
20.150.160.75 |
2 | PowerShell: 2 |
1 | 21:38:35 | 21:38:35 |
Mapping of detected LOLBin abuse to MITRE ATT&CK framework
📱 messaging_c2_detection
Detects Telegram Bot API and WhatsApp API used as covert C2 channels via IP, DNS, TLS SNI, payload, and beacon analysis
Telegram Bot API and WhatsApp Business API are popular C2 channels because they:
• Use HTTPS on port 443 — blends with normal web traffic
• Servers are hosted on trusted CDN/Meta/Telegram IPs — bypasses IP blocklists
• Polling (getUpdates) creates a reliable command channel with no inbound connections
• sendDocument / sendPhoto enable stealthy data exfiltration
• Bot tokens provide out-of-band control — no attacker server needed
🔬 Detection Methods
| Service | Source IP | Destination | Severity | Method | API Call | Bot Token |
|---|---|---|---|---|---|---|
| 📱 Telegram | 10.1.5.131 |
149.154.164.13:443 |
MEDIUM | IP Range Match | - | - |
T1102 Web Service — using Telegram/WhatsApp as external C2 infrastructure
T1102.002 Bidirectional Communication —
getUpdates polling for commandsT1041 Exfiltration Over C2 Channel —
sendDocument/sendPhotoT1132.001 Data Encoding: Standard Encoding — JSON-encoded commands
T1008 Fallback Channels — messaging APIs as backup C2
🧠 ml_c2_detection
Random Forest (5 trees) + Isolation Forest over 20 flow features; DB grows with each scan
📊 Score Distribution (1 flows)
| Flow (src→dst) | Proto | Pkts | Duration | Final Score | RF | IsoF | Confidence |
|---|---|---|---|---|---|---|---|
173.223.0.10:443→10.1.5.131:55905 |
TCP | 4 | 33.7s | 0.40 | 0.00 | LOW |
intel_db/ml_c2_db.json.gz (gzip-compressed JSON).
Appended after each scan — max 10000 records (FIFO). Use a populated DB to improve future baseline accuracy.
🚨 protocol_anomaly
Detects violations of protocol specifications
| Type | Severity | Details | IOC |
|---|---|---|---|
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 53209 (possible tunneling or C2): 173.223.1.168 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 63368 (possible tunneling or C2): 204.79.197.222 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 64535 (possible tunneling or C2): 20.150.160.75 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60400 (possible tunneling or C2): 13.107.213.254 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60401: 64.52.80.153 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60402: 45.61.136.222 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60403: 64.52.80.153 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 25658 (possible tunneling or C2): 10.1.5.131 -> 173.232.146.62 | 173.232.146.62 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60405 (possible tunneling or C2): 172.67.74.152 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60404 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60402 (possible tunneling or C2): 45.61.136.222 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60409 (possible tunneling or C2): 104.26.12.205 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60407 (possible tunneling or C2): 20.42.65.90 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60408 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60410 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60411 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60412: 132.226.247.73 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | MEDIUM | [HTTP] HTTP traffic on non-standard port 60413: 34.117.59.81 -> 10.1.5.131 | 10.1.5.131 |
| Protocol Anomaly | HIGH | [TLS] TLS on non-standard port 60414 (possible tunneling or C2): 173.232.146.62 -> 10.1.5.131 | 10.1.5.131 |
🔌 protocol_decoders
Deep packet inspection for application-layer protocols (Modbus, MQTT, MySQL, SMTP, etc.)
Protocol Breakdown
Decoded Messages
| Protocol | Source | Destination | Command/Method | Status |
|---|---|---|---|---|
| DNS | 10.1.5.131:56052 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56052 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56052 | RESPONSE | - |
| DNS | 10.1.5.131:53714 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62530 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:53714 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62530 | RESPONSE | - |
| DNS | 10.1.5.131:64378 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50017 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:54906 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64378 | RESPONSE | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:63971 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:59770 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:63971 | RESPONSE | - |
| DNS | 10.1.5.131:53670 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56055 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56055 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:53670 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:59770 | RESPONSE | - |
| DNS | 10.1.5.131:50379 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50017 | RESPONSE | - |
| DNS | 10.1.5.131:60266 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:49705 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:54906 | RESPONSE | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50867 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50830 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:60266 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50867 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50830 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50379 | RESPONSE | - |
| DNS | 10.1.5.131:56901 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:49705 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56901 | RESPONSE | - |
| DNS | 10.1.5.131:57511 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:57511 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:57511 | RESPONSE | - |
| DNS | 10.1.5.131:60868 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:60868 | RESPONSE | - |
| DNS | 10.1.5.131:60868 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64039 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64039 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64039 | RESPONSE | - |
| DNS | 10.1.5.131:62327 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62327 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62327 | RESPONSE | - |
| DNS | 10.1.5.131:51977 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.131:51977 | 216.218.130.2:53 | QUERY | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:51977 | RESPONSE | - |
| DNS | 10.1.5.131:49808 | 74.82.42.42:53 | QUERY | - |
| DNS | 10.1.5.131:49808 | 74.82.42.42:53 | QUERY | - |
| DNS | 74.82.42.42:53 | 10.1.5.131:49808 | RESPONSE | - |
| DNS | 10.1.5.131:64980 | 1.1.1.1:53 | QUERY | - |
| DNS | 10.1.5.131:64980 | 1.1.1.1:53 | QUERY | - |
| DNS | 1.1.1.1:53 | 10.1.5.131:64980 | RESPONSE | - |
| DNS | 10.1.5.131:52181 | 8.8.8.8:53 | QUERY | - |
| DNS | 10.1.5.131:52181 | 8.8.8.8:53 | QUERY | - |
| DNS | 1.1.1.1:53 | 10.1.5.131:64980 | RESPONSE | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:52181 | RESPONSE | - |
| DNS | 10.1.5.131:61250 | 208.67.222.222:53 | QUERY | - |
| DNS | 10.1.5.131:61250 | 208.67.222.222:53 | QUERY | - |
| DNS | 208.67.222.222:53 | 10.1.5.131:61250 | RESPONSE | - |
| DNS | 10.1.5.131:57804 | 76.76.2.5:53 | QUERY | - |
| DNS | 10.1.5.131:57804 | 76.76.2.5:53 | QUERY | - |
| DNS | 76.76.2.5:53 | 10.1.5.131:57804 | RESPONSE | - |
| DNS | 10.1.5.131:64347 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64347 | 10.1.5.5:53 | QUERY | - |
| DNS | 76.76.2.5:53 | 10.1.5.131:57804 | RESPONSE | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:52181 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64347 | RESPONSE | - |
| DNS | 10.1.5.131:54363 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.131:54363 | 216.218.130.2:53 | QUERY | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:54363 | RESPONSE | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:54363 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:59985 | RESPONSE | - |
| DNS | 10.1.5.131:59985 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:59985 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:55831 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:55831 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:55831 | RESPONSE | - |
| DNS | 10.1.5.131:62608 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62608 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62608 | RESPONSE | - |
| DNS | 10.1.5.131:62162 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62162 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62162 | RESPONSE | - |
| DNS | 10.1.5.131:65434 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:65434 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:65434 | RESPONSE | - |
| DNS | 10.1.5.131:50763 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50763 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50763 | RESPONSE | - |
| DNS | 10.1.5.131:50313 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:50313 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:49938 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:50313 | RESPONSE | - |
| DNS | 10.1.5.131:49938 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:49938 | RESPONSE | - |
| DNS | 10.1.5.131:62592 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:62592 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64726 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56819 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:64726 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:64726 | RESPONSE | - |
| DNS | 10.1.5.131:56819 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:62592 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56819 | RESPONSE | - |
| DNS | 10.1.5.131:64187 | 216.218.130.2:53 | QUERY | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:64187 | RESPONSE | - |
| DNS | 10.1.5.131:58806 | 74.82.42.42:53 | QUERY | - |
| DNS | 10.1.5.131:58806 | 74.82.42.42:53 | QUERY | - |
| DNS | 74.82.42.42:53 | 10.1.5.131:58806 | RESPONSE | - |
| DNS | 10.1.5.131:62527 | 1.1.1.1:53 | QUERY | - |
| DNS | 10.1.5.131:53609 | 8.8.8.8:53 | QUERY | - |
| DNS | 74.82.42.42:53 | 10.1.5.131:58806 | RESPONSE | - |
| DNS | 1.1.1.1:53 | 10.1.5.131:62527 | RESPONSE | - |
| DNS | 10.1.5.131:53609 | 8.8.8.8:53 | QUERY | - |
| DNS | 10.1.5.131:58067 | 208.67.222.222:53 | QUERY | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:53609 | RESPONSE | - |
| DNS | 10.1.5.131:58067 | 208.67.222.222:53 | QUERY | - |
| DNS | 8.8.8.8:53 | 10.1.5.131:53609 | RESPONSE | - |
| DNS | 10.1.5.131:61016 | 76.76.2.5:53 | QUERY | - |
| DNS | 208.67.222.222:53 | 10.1.5.131:58067 | RESPONSE | - |
| DNS | 10.1.5.131:51924 | 10.1.5.5:53 | QUERY | - |
| DNS | 76.76.2.5:53 | 10.1.5.131:61016 | RESPONSE | - |
| DNS | 10.1.5.131:64187 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.131:64187 | 216.218.130.2:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51924 | RESPONSE | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:64187 | RESPONSE | - |
| DNS | 216.218.130.2:53 | 10.1.5.131:64187 | RESPONSE | - |
| DNS | 10.1.5.131:51924 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:51924 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51924 | RESPONSE | - |
| DNS | 10.1.5.131:63417 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:63417 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:63417 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:63417 | RESPONSE | - |
| DNS | 10.1.5.131:56922 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:56922 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:56922 | RESPONSE | - |
| DNS | 10.1.5.131:59898 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.131:51786 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51786 | RESPONSE | - |
| DNS | 10.1.5.131:51786 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:59898 | RESPONSE | - |
| DNS | 10.1.5.131:57599 | 10.1.5.5:53 | QUERY | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:57599 | RESPONSE | - |
| DNS | 10.1.5.5:53 | 10.1.5.131:51786 | RESPONSE | - |
🔌 ransomware_detection
Advanced ransomware detection: SMB enumeration, encryption, C2 beaconing, family identification, shadow copy deletion
| Type | Severity | Details | IOC |
|---|---|---|---|
| Ransomware Family Detected | CRITICAL | Conti ransomware family signature detected: 'conti' from 64.52.80.153 | Conti |
| Ransomware Family Detected | CRITICAL | STOP ransomware family signature detected: 'stop' from 45.61.136.222 | STOP |
| Ransomware Family Detected | CRITICAL | Conti ransomware family signature detected: 'conti' from 45.61.136.222 | Conti |
| Ransomware Family Detected | CRITICAL | Hive ransomware family signature detected: 'hive' from 10.1.5.131 | Hive |
| Ransomware Family Detected | CRITICAL | Hive ransomware family signature detected: 'hive' from 45.61.136.222 | Hive |
🦠 virustotal
Queries VirusTotal API v3 to enrich extracted IPs. (Configure via plugin settings: 'api_key')
| Type | Severity | Details | IOC |
|---|---|---|---|
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 13 malicious, 1 suspicious | IP: 173.232.146.62 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 1 suspicious | IP: 216.218.130.2 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 8 malicious, 2 suspicious | IP: 64.52.80.153 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 9 malicious, 2 suspicious | IP: 103.27.157.146 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 0 suspicious | IP: 34.117.59.81 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 0 suspicious | IP: 74.82.42.42 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 8 malicious, 2 suspicious | IP: 64.190.113.206 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 4 malicious, 0 suspicious | IP: 45.61.136.222 |
| Threat Intel Match (VirusTotal Plugin) | HIGH | VT Detections: 1 malicious, 0 suspicious | IP: 132.226.247.73 |