[**] [1:32481:1] POLICY-OTHER Remote non-JavaScript file found in script tag src attribute [**]
[Classification: Potential Corporate Privacy Violation] [Priority: 1] 
11/12-16:59:49.721589 41.77.118.118:80 -> 192.168.122.187:49365
TCP TTL:128 TOS:0x0 ID:11217 IpLen:20 DgmLen:3527 DF
***A**** Seq: 0x948A15D8  Ack: 0xB61A7885  Win: 0xFD00  TcpLen: 20
[Xref => http://technet.microsoft.com/en-us/security/bulletin/MS14-065][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6345]

[**] [1:8375:10] BROWSER-PLUGINS QuickTime Object ActiveX clsid access [**]
[Classification: Attempted User Privilege Gain] [Priority: 1] 
11/12-16:59:50.902288 41.77.118.118:80 -> 192.168.122.187:49370
TCP TTL:128 TOS:0x0 ID:11328 IpLen:20 DgmLen:8151 DF
***A**** Seq: 0x4C8B9DED  Ack: 0xE644FA93  Win: 0xFB00  TcpLen: 20

[**] [139:1:1] (spp_sdf) SDF Combination Alert [**]
[Classification: Senstive Data] [Priority: 2] 
11/12-16:59:51.733676 41.77.118.118 -> 192.168.122.187
PROTO:254 TTL:128 TOS:0x0 ID:11492 IpLen:20 DgmLen:20 DF

[**] [139:1:1] (spp_sdf) SDF Combination Alert [**]
[Classification: Senstive Data] [Priority: 2] 
11/12-16:59:51.747351 41.77.118.118 -> 192.168.122.187
PROTO:254 TTL:128 TOS:0x0 ID:11514 IpLen:20 DgmLen:20 DF

[**] [139:1:1] (spp_sdf) SDF Combination Alert [**]
[Classification: Senstive Data] [Priority: 2] 
11/12-17:00:00.972697 104.236.62.254 -> 192.168.122.187
PROTO:254 TTL:128 TOS:0x0 ID:12963 IpLen:20 DgmLen:20 DF

[**] [1:27919:3] MALWARE-CNC Win.Trojan.Zeus encrypted POST Data exfiltration [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:00:11.631575 192.168.122.187:49380 -> 45.63.71.12:80
TCP TTL:54 TOS:0x0 ID:28826 IpLen:20 DgmLen:644 DF
***A**** Seq: 0xB168A1F6  Ack: 0xE1D41918  Win: 0x4180  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/8825abfca1a6d843ce5670858886cb63bb1317ddbb92f91ffd46cfdcaba9ac00/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:00:16.629208 192.168.122.187:49382 -> 119.59.99.92:80
TCP TTL:50 TOS:0x0 ID:49839 IpLen:20 DgmLen:533 DF
***A**** Seq: 0x8199496D  Ack: 0x5E59BBA6  Win: 0x1B00  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:00:41.712520 192.168.122.187:49383 -> 37.187.79.186:80
TCP TTL:55 TOS:0x0 ID:20389 IpLen:20 DgmLen:558 DF
***A**** Seq: 0xC5BE7648  Ack: 0xA7FF3F77  Win: 0x3D80  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:28190:3] INDICATOR-COMPROMISE Suspicious .cc dns query [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:00:44.051610 192.168.122.187:65526 -> 192.168.122.2:53
UDP TTL:128 TOS:0x0 ID:14294 IpLen:20 DgmLen:54
Len: 26

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:00:46.142016 192.168.122.187:49386 -> 178.212.144.5:80
TCP TTL:51 TOS:0x28 ID:40135 IpLen:20 DgmLen:542 DF
***A**** Seq: 0xDAA7B3E2  Ack: 0xEEA4A3A7  Win: 0x7800  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:01:16.762939 192.168.122.187:49387 -> 119.59.99.92:80
TCP TTL:50 TOS:0x0 ID:55551 IpLen:20 DgmLen:502 DF
***A**** Seq: 0x8584E37C  Ack: 0xAE38BB2E  Win: 0x1B00  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:01:47.244848 192.168.122.187:49388 -> 37.187.79.186:80
TCP TTL:55 TOS:0x0 ID:28776 IpLen:20 DgmLen:527 DF
***A**** Seq: 0x8A33F99E  Ack: 0xD2A3C0AF  Win: 0x3D80  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:01:51.371456 192.168.122.187:49391 -> 178.212.144.5:80
TCP TTL:51 TOS:0x28 ID:2696 IpLen:20 DgmLen:511 DF
***A**** Seq: 0x4253AD22  Ack: 0x77A8759E  Win: 0x7800  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:03:36.183661 192.168.122.187:49397 -> 119.59.99.92:80
TCP TTL:50 TOS:0x0 ID:62627 IpLen:20 DgmLen:503 DF
***A**** Seq: 0xBD7D18C0  Ack: 0x277170FD  Win: 0x1B00  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:03:49.049338 192.168.122.187:49398 -> 37.187.79.186:80
TCP TTL:55 TOS:0x0 ID:35911 IpLen:20 DgmLen:528 DF
***A**** Seq: 0xDB6AEC73  Ack: 0xDE86ABFC  Win: 0x3D80  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:03:52.739748 192.168.122.187:49401 -> 178.212.144.5:80
TCP TTL:51 TOS:0x28 ID:49095 IpLen:20 DgmLen:512 DF
***A**** Seq: 0xCFDB88D1  Ack: 0x5D374A59  Win: 0x7800  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:04:03.010526 192.168.122.187:49402 -> 119.59.99.92:80
TCP TTL:50 TOS:0x0 ID:58632 IpLen:20 DgmLen:518 DF
***A**** Seq: 0xFCEFABC8  Ack: 0xF18A085C  Win: 0x1B00  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:04:26.509088 192.168.122.187:49403 -> 37.187.79.186:80
TCP TTL:55 TOS:0x0 ID:7283 IpLen:20 DgmLen:543 DF
***A**** Seq: 0x31633F7  Ack: 0xC87B503D  Win: 0x3D80  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [1:34318:4] MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection [**]
[Classification: A Network Trojan was detected] [Priority: 1] 
11/12-17:04:30.101066 192.168.122.187:49406 -> 178.212.144.5:80
TCP TTL:51 TOS:0x28 ID:35538 IpLen:20 DgmLen:527 DF
***A**** Seq: 0x617E9E7E  Ack: 0xFE6890CB  Win: 0x7800  TcpLen: 20
[Xref => http://www.virustotal.com/en/file/d14f1d1e07bd116ed0faf5896438177f36a05adacf5af4f32910e313e9c1fd93/analysis/]

[**] [139:1:1] (spp_sdf) SDF Combination Alert [**]
[Classification: Senstive Data] [Priority: 2] 
11/12-17:05:32.066104 109.70.26.37 -> 192.168.122.187
PROTO:254 TTL:128 TOS:0x0 ID:14997 IpLen:20 DgmLen:20 DF