| cym-files-download.s3.eu-west-1.amazonaws.com/revised/malware/Cred/CymulatecrednaggerScr.scr | 52.92.33.154 | 403 Forbidden | 243 B |
URL User Request GET HTTP/1.1cym-files-download.s3.eu-west-1.amazonaws.com/revised/malware/Cred/CymulatecrednaggerScr.scr IP52.92.33.154:80
File typeXML 1.0 document, ASCII text Hashb90bf37cc8d798954d5c051687ae8bd9 021b06436593b11896f6ae53aac2f3dc037f8fbd ba0871dc77ef04e5c67920c68dde27d49ac9906d931b8d10e62f7693c872d59b
NIDS | Severity | Alert | suricata | low | ET HUNTING HTTP request for resource ending in .scr |
GET /revised/malware/Cred/CymulatecrednaggerScr.scr HTTP/1.1
Host: cym-files-download.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-request-id: AG3KFNVBNEHCXDFT
x-amz-id-2: 5dYwdZ4mx0F9omxwAhzWqGG1McxpxysKJTz6/z5ZmmnQOVAnWay6+Oe7JtRniHLTe99rQdk7j04=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Fri, 19 Apr 2024 18:53:14 GMT
Server: AmazonS3
|
| cym-files-download.s3.eu-west-1.amazonaws.com/revised/malware/Cred/CymulatecrednaggerScr.scr | 52.218.57.8 | 403 Forbidden | 243 B |
URL User Request GET HTTP/1.1cym-files-download.s3.eu-west-1.amazonaws.com/revised/malware/Cred/CymulatecrednaggerScr.scr IP52.218.57.8:80
File typeXML 1.0 document, ASCII text Hashfcbed9eeb9d84eeafbbd66548de87142 e30f3565072f726d1b817de5cb431cbe86f87fd8 0411dd9bfb1897b067532804a99f5eb7642e6afc1e43abc8831de08265945e5c
NIDS | Severity | Alert | suricata | low | ET HUNTING HTTP request for resource ending in .scr |
GET /revised/malware/Cred/CymulatecrednaggerScr.scr HTTP/1.1
Host: cym-files-download.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-request-id: AG3WE6WSPXG5JYDF
x-amz-id-2: JtCBF+v0I1Dxa7Xyu7PUC6zJTgptokps2ydnQ+3FBJFCiEio664gZKL+oHEUD3wtCz3/WWj1TVI=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Fri, 19 Apr 2024 18:53:15 GMT
Server: AmazonS3
|
| cym-files-download.s3.eu-west-1.amazonaws.com/favicon.ico | 52.218.57.8 | 403 Forbidden | 243 B |
URL GET HTTP/1.1cym-files-download.s3.eu-west-1.amazonaws.com/favicon.ico IP52.218.57.8:80
Requested byhttp://cym-files-download.s3.eu-west-1.amazonaws.com/revised/malware/Cred/CymulatecrednaggerScr.scr
File typeXML 1.0 document, ASCII text Hasha19f41cbdae498dfaedc2daeac8c3c17 834cdf4394185248e0ff3ddc1885e45014be8eb8 0c63815485f1b89778314262d5a6d79b6ebd5db700a754610b164fc6003b1d7b
GET /favicon.ico HTTP/1.1
Host: cym-files-download.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cym-files-download.s3.eu-west-1.amazonaws.com/revised/malware/Cred/CymulatecrednaggerScr.scr
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-request-id: AG3ZP41EYNWQZ3ZM
x-amz-id-2: IF9H9XloMT1Ve7uUjABa2uDMAM1XARsfat1OmKLDVLBz5SKAcmrvCfaAsEdYqZz8k6jZsmbWB5o=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Fri, 19 Apr 2024 18:53:15 GMT
Server: AmazonS3
|