11/17-17:12:19.207567  [**] [1:22466:7] E2[rb] NETBIOS SMB-DS IPC$ unicode share access [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 130.13.162.0:18605 -> 192.168.1.166:445
11/17-17:12:19.912715  [**] [1:31000004:99] E3[rb] BotHunter Scrip-based Windows egg download .exe [**] [Classification: Misc activity] [Priority: 3] {TCP} 192.168.1.166:1130 -> 130.13.162.0:18608
11/17-17:12:19.611147  [**] [1:52123:3] E5[rb] REGISTERED FREE ATTACK-RESPONSES Microsoft cmd.exe banner [**] [Classification: Successful Administrator Privilege Gain] [Priority: 1] {TCP} 192.168.1.166:1130 -> 130.13.162.0:18608
11/17-17:12:20.280049  [**] [1:2001683:3] E3[rb] BLEEDING-EDGE Malware Windows executable sent from remote host [**] [Priority: 0] {TCP} 130.13.162.0:18704 -> 192.168.1.166:68
11/17-17:12:20.280049  [**] [1:5001684:99] E3[rb] BotHunter Malware Windows executable (PE) sent from remote host [**] [Priority: 0] {TCP} 130.13.162.0:18704 -> 192.168.1.166:68
11/17-17:12:28.905795  [**] [1:2000352:6] E6[rb] ET ATTACK RESPONSE IRC - dns request on non-std port [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 192.168.1.166:1030 -> 92.240.234.164:3305
11/17-17:12:29.078942  [**] [1:2000352:6] E6[rb] ET ATTACK RESPONSE IRC - dns request on non-std port [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 192.168.1.166:1030 -> 92.240.234.164:3305
11/17-17:12:29.080493  [**] [1:2000346:7] E4[rb] ET ATTACK RESPONSE IRC - Name response on non-std port [**] [Classification: A Network Trojan was detected] [Priority: 1] {TCP} 92.240.234.164:3305 -> 192.168.1.166:1030
11/17-17:12:29.088811  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.166:137 -> 192.168.1.166:137
11/17-17:12:30.604398  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.166:137 -> 192.168.1.166:137
11/17-17:12:32.096000  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.166:137 -> 192.168.1.166:137
11/17-17:12:33.736636  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.166:137 -> 192.168.1.166:137
11/17-17:12:35.080077  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.166:137 -> 192.168.1.166:137
11/17-17:12:36.632267  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.166:137 -> 192.168.1.166:137