| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXDMojgMqTPg7afVQRTaiXhBoowNNcYrNGLSzneh1LltfSe30HEQYg2qPo6aDsMX4t7aDg5O2Nr3yuvOXb%2FQgeO%2BYH2s%2BODP49D5Mzi6X4eEVNTwu119Uw81SZ1f4fDPR%2Fc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40b7850b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cg9I%2Fvl8ENsbI7rMCZ5%2FamYbHYvGNWeC%2BuuySr1Tb7n6GbNVs29Vjgnt0HS2F68kmZVFz9qgzmpz47z8ctx4OoA%2Bc2LkvZwOVO%2BJyiF1ovBhr1NVqaMebtS6rKY1lbNOxNQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40bb8a0b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ClPRu1E66inVOoKECpM1BLouRr6qwHGP1XDJLjbvNeasq16gkiDhrl6q6Ce96kQZKx2T7WzxgcJnqxloHsnUq0gYIraVx1CEf%2BFFWUFur2JzQQd8C7dnV9HQGqy%2BgjbuQM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40bd8c9b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL9UiH5QW6gvqOy8iv3B5g4QuaHA2L7tqiKnqZM1muUbkKNYVj3ZwMixYRzM8AwzbLrkd0NnvI6fa4J%2FNhvog5NLKQ%2FXjfCddq4m8PlMx8du467PliOSlJsAtwce0qKPFR8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40c393cb500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lkaTEl7mICT%2BETDmbKN63ku%2BfisH89tq7AVCB7yipITJ8aeYqP5xInh%2FGPneeZJ7HVffqOZdpo6tWEplxc3BQlNusKbaQjp9vJgZocU6ElhQcqJsR%2BXrp0bqyn3bIcTzdM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40c5984b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e16W0THZwpLzDGgUsIh%2FavI6yBIzmCaqbliv%2F0vtp9cepwtojqc75PDTJbUXhAFdwUbgEzGCGqdLI9n9ARJ9%2FidCLeDMDeTrDTyTzmRgkTAuwHYIh6C9akxTjsrTX4am80Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40c89adb500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 104.21.87.185 | 301 Moved Permanently | 324 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP104.21.87.185:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash5aebd17d44825463dc5d20a0fd8b6061 fd05ef614c535a8934771c6fea5b5fdebd105ecb 698865e01b55bfdcc7135031fa7f59454b3153cca7f68c414e801c74a21e8291
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sun, 04 Jun 2023 10:54:57 GMT
content-type: text/html
location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1I7O0Xn%2Bic7Jxlnoxo2bro1K1JGTh18qk%2F1npzH5sJXFytZ4zHB7sMHTSYQIgtR6MmsTJ3ARPtmEKvKvIRZNI83XV%2F8weSOO4R2ehCetgylDwpA6%2B7ZEO%2BJaDq1hwaonnI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fa40a6a540b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkUUNCicLsBb9d62WBvG%2B239e23OnCIrnGi9o5U2ubPLVS6cM%2F2gmICUK9eY3X8D0JOVfSZzHd%2BFLhoEz8ac2Ix0pAoTkdsVimzlFfCQx1FAUmbzAiV2qCaTnGJqbR96Hek%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40d0a42b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ilbYLfyv2He%2BM70MPquwLGOCc3hUjeC7zQgEV%2BJtkViy9O6WKUMCzTUyoxZAO8stmS59%2FX2XfNXKC8bc2F8ycVGNfSrmeC%2Ba2lFI2ruD7PgDsJfLABfabGIw04fWoQEopE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40d2a65b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak2yfx2RUSeD11HEwHvqdc%2BfBg2ThGeinW7gfgJcEqW1ja22u9KErc6o21c6KbYhuLzWcbI3w3RaBuLC2qVd1ATb6UqiRYpZnkDEojFLXXBR4oM%2BOLUY8PY9ox%2FX%2BE86JRE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40d3a79b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZih1y2xHjJW%2FPB6y%2BGHqBlEZUQdeays5OeRkGFCKVAJ7ewWuilF60%2BdCy7i53Mowk4Znof%2FpS%2FYcntiA0fL41TT9zEJ71NCiZeCn8z11tJpuslP32R%2BcKUr4blBnAIHm0Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40d5a9db500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51Ag4HmzAnNsxWMTb203IV1cTEds5V5UcAcVM%2BJvdP1cPmxz8E2R7c4wl6c%2FDs16x08EE9CcYwEZqs7xtd3OXhok752ibZWRbbVDmE7QaCN1N3vPJel0lhI%2FYODiudjaK4o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40d7ac0b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohtuzRkwe%2BYixLn%2B19cQeqx9RfGlm4e5BLKRBTGqpP12VUuUT%2Fj0aiIRooWIrCabuqhUo3uZYmTvg1c9R5xFcnCa04nWzuZ%2Fdu0Iq%2FKSxtEnsFDXSjbfa6aJFsg7k9XYzl0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40d9af0b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtG4j%2F2e9N%2BZSTyZ1syMWhX10ZQbPeuxg3D9IJxXhu59AgHWT96EpbvloYcb%2FeLwiHKg3RaTxzI4FZ%2FpAPcRwRJEwmAGWc4ddilN8HZudNWURsS9U5zjB2ZpC3JLhn2I7WY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40dcb2ab500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWIbdpepi9VhoAe%2BpnYjSWg%2FkWXBV6iqQNrTAWCkVncnnWIPH%2F2JixhNeDA1zsbp9uOHgerTHb8YMNHRfu5oUm%2FDGr5KIcQasInQRNRjlMSobLYwQYWgBmpzCeaXMggNkQw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40ddb48b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl1v4NyUvWwjWr5wr3oixwEsRvu5yNkUBMlpbQFy42l5lB1%2BEhSMRGCBqUW0DKBBU4UQ6RVteworCFfnR61YadNQKv28jXUy23utm1sQlVXKUGm3gDl46tYUhktbU6FXnP4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40deb5db500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQU%2FShVJIwvqnLgMYItBv4tyN%2B9iPtdZ3TawzyiaKoD%2BzieTfModmxeT01K%2FPOO%2FYOA%2FnbgANlbZ0Uam%2BFvvrmKTePPObxVjM%2FEsYR1segVeisLQdqSn5JydIcHr0hBSdU8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40dfb6ab500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCGr9HIeRP7lHSH4TZBjtrKVIH%2Bxr%2BqFPqdBQjiiq1GQdH%2F5qbCqjiKD2AT7EuACeBazEjFZveMl75Ci71%2F0FTfsFII9F8B9dMSZZdbBaY3LGYZwoOVaib3pXeDNA8j600U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40e0b72b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| vetka-sakury.ru/wp-content/uploads/svhostss.exe | 172.67.145.154 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1vetka-sakury.ru/wp-content/uploads/svhostss.exe IP172.67.145.154:80
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS | Severity | Alert | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious | suricata | high | ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious |
GET /wp-content/uploads/svhostss.exe HTTP/1.1
Host: vetka-sakury.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Jun 2023 10:54:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://vetka-sakury.ru/wp-content/uploads/svhostss.exe
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npuWe55V2r8CYmDvkwP%2FWxCsW5QQewDnEJtM7L%2BLZqI5Q%2BXbQaYm4boYnTDL8izAPFB4M7j%2BiMn73LbXJr6LLzneQcVTlmijYr1pLlZ25XWsBurwPVtW2RDbHnvg%2F%2B%2BRR%2BU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1fa40e1b84b500-OSL
alt-svc: h2=":443"; ma=60
|
|