Sentinel Support Center Help Center home page
Submit a request
Sign in
  1. Sentinel Support Center
  2. Alert Knowledge Base
  3. Malware Analysis

Malware Analysis

Follow New articles New articles and comments

An in-depth look into alerts, triggers, and known false positive indicators to assist customers with better understanding events on their networks.

  • MALWARE Observed Honeygain Domain (api .honeygain .com in TLS SNI)
  • TROJAN Possible Malicious Invoice EXE
  • MALWARE User-Agent (Firefox) - Possible Trojan Downloader
  • MALWARE TakeMyFile User-Agent
  • TROJAN Large DNS Query possible covert channel
  • TROJAN MS Remote Desktop edc User Login Request
  • MALWARE Suspicious Domain (flow .lavasoft .com) in TLS SNI
  • TROJAN Likely Linux/Xorddos.F DDoS Attack Participation (aa.hostasa.org)
  • MALWARE AndroidOS/Trojan.OJNF-2 Variant Sending Phone Information
  • TROJAN W32/Rodecap.BA
  • TROJAN Trojan Generic - POST To gate.php with no referer
  • TROJAN Observed Suspicious SSL Cert (testexample)
  • TROJAN Possible Win32/Gapz MSIE 9 on Windows NT 5
  • TROJAN Unrecom Style External IP Check
  • Lets Encrypt Free SSL Cert Paypal Phishing
Sentinel Support Center
Powered by Zendesk