Microsoft Defender for Endpoint C2 network inspected

Occasional Contributor

Hello MDE Community,

 

Recently, on my environment I got detected suspicious URL "http://h.parrable.com" from MDE on many Pcs trying to outbound connection from Google Chrome, Firefox & Edge to internet, and I trying to analysis this url on "VirusTotal and other cloud Sandbox" result few vendors flagged as Malicious site. Please kindly recommend for deep investigation from MDE. Thank

1 Reply
Could you please check the timeline of one of the endpoints in MDE , processes and files created while this request is being made. may be a packet capture on the device ?