Alerts

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/c6864d9c-9efd-4c9c-8b6f-cda6026fb077/2020-08-21-traffic-analysis-exercise-alerts.jpg

Report

Victim

10.8.21.163

DESKTOP-OF4FE8A

matthew.jones

Windows 10

ASUSTekC_0a:f2:85 (10:c3:7b:0a:f2:85)

IOC

2020-08-21 15:04:24.612762

10.8.21.163:61208

45.12.4.190:80 HTTP

GET /dujok/kevyl.php?l=ranec11.cab HTTP/1.1

ncznw6a[.]com

hxxp://ncznw6a[.]com/dujok/kevyl.php?l=ranec11.cab

SHA256: 054FF4620AAA40928CA67A2C364BEDF71D79672874D75BA50FF8231069AD74D9