11/10-00:14:25.656593  [**] [1:22466:7] E2[rb] NETBIOS SMB-DS IPC$ unicode share access [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 84.224.178.224:18400 -> 192.168.1.182:445
11/10-00:14:26.637999  [**] [1:299913:1] E2[rb] SHELLCODE x86 0x90 unicode NOOP [**] [Classification: Executable code was detected] [Priority: 1] {TCP} 84.224.178.224:18400 -> 192.168.1.182:445
11/10-00:14:26.737814  [**] [1:299913:1] E2[rb] SHELLCODE x86 0x90 unicode NOOP [**] [Classification: Executable code was detected] [Priority: 1] {TCP} 84.224.178.224:18400 -> 192.168.1.182:445
11/10-00:14:28.915502  [**] [1:22466:7] E2[rb] NETBIOS SMB-DS IPC$ unicode share access [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 84.224.178.224:18566 -> 192.168.1.182:445
11/10-00:14:29.938010  [**] [1:299913:1] E2[rb] SHELLCODE x86 0x90 unicode NOOP [**] [Classification: Executable code was detected] [Priority: 1] {TCP} 84.224.178.224:18566 -> 192.168.1.182:445
11/10-00:14:30.037826  [**] [1:299913:1] E2[rb] SHELLCODE x86 0x90 unicode NOOP [**] [Classification: Executable code was detected] [Priority: 1] {TCP} 84.224.178.224:18566 -> 192.168.1.182:445
11/10-00:14:31.915444  [**] [1:2000047:4] E3[rb] ET WORM Sasser Transfer _up.exe [**] [Classification: Misc activity] [Priority: 3] {TCP} 84.224.178.224:18766 -> 192.168.1.182:9996
11/10-00:14:32.198347  [**] [1:31000004:99] E3[rb] BotHunter Scrip-based Windows egg download .exe [**] [Classification: Misc activity] [Priority: 3] {TCP} 192.168.1.182:9996 -> 84.224.178.224:18766
11/10-00:14:34.436300  [**] [1:2001683:3] E3[rb] BLEEDING-EDGE Malware Windows executable sent from remote host [**] [Priority: 0] {TCP} 84.224.178.224:18922 -> 192.168.1.182:1033
11/10-00:14:34.436300  [**] [1:5001684:99] E3[rb] BotHunter Malware Windows executable (PE) sent from remote host [**] [Priority: 0] {TCP} 84.224.178.224:18922 -> 192.168.1.182:1033
11/10-00:14:34.899646  [**] [1:22001056:5] E2[rb] BLEEDING-EDGE VIRUS W32/Sasser.worm.b -NAI-) [**] [Classification: Misc activity] [Priority: 3] {TCP} 84.224.178.224:18922 -> 192.168.1.182:1033
11/10-00:14:31.766987  [**] [1:52123:3] E5[rb] REGISTERED FREE ATTACK-RESPONSES Microsoft cmd.exe banner [**] [Classification: Successful Administrator Privilege Gain] [Priority: 1] {TCP} 192.168.1.182:9996 -> 84.224.178.224:18766