Forum Discussion

NY_Dina's avatar
NY_Dina
Copper Contributor
Nov 14, 2022

Microsoft Defender for Endpoint C2 network inspected

Hello MDE Community,

 

Recently, on my environment I got detected suspicious URL "http://h.parrable.com" from MDE on many Pcs trying to outbound connection from Google Chrome, Firefox & Edge to internet, and I trying to analysis this url on "VirusTotal and other cloud Sandbox" result few vendors flagged as Malicious site. Please kindly recommend for deep investigation from MDE. Thank

  • Dutchboy's avatar
    Dutchboy
    Copper Contributor
    Could you please check the timeline of one of the endpoints in MDE , processes and files created while this request is being made. may be a packet capture on the device ?

Resources