bearreqop.blogg.se - Microsoft .NET Desktop Runtime 7.0.7 instal the new for ios

Yara signature match Source: dump.pcap, type: PCA P TCP traffic detected without corresponding DNS query: 101.33.231. Network traffic detected: HTTP traff ic on port 62563 -> 49181Ĭonnects to IPs without corresponding DNS lookups Source: unknown Network traffic detected: HTTP traff ic on port 49181 -> 62563

Network traffic detected: HTTP traff ic on port 62563 -> 49180 Network traffic detected: HTTP traff ic on port 49180 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49179 Network traffic detected: HTTP traff ic on port 49179 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49178 Network traffic detected: HTTP traff ic on port 49178 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49177 Network traffic detected: HTTP traff ic on port 49177 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49176 Network traffic detected: HTTP traff ic on port 49176 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49175 Network traffic detected: HTTP traff ic on port 49175 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49174 Network traffic detected: HTTP traff ic on port 49174 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49173 Network traffic detected: HTTP traff ic on port 49173 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49172 Network traffic detected: HTTP traff ic on port 49172 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49171 Network traffic detected: HTTP traff ic on port 49171 -> 62563 Uses known network protocols on non-standard ports Source: unknown Yara detected Microsoft Office Exploit Follina / CVE-2022-30190Ĭ:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.M SO\42A30EF B.htmĬ:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.I E5\ZAE7RW1 P\exploit.htm C:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.M SO\6B087DC 1.htmĮXPL_Follina_CVE_2022_30190_Msdt_MSProtocolURI_May22ĭetects the malicious usage of the ms-msdt URI as seen in CVE-2022-30190 / Follina exploitation