FleetMonterey Mechanical
Active Cases
0
Entities Tracked
0
Candidates
4
Anomalies
2
Breakouts
1
Avg Risk Score
3.4
Current Window — Top 10 Candidates
#1
10.0.1.39(C100694)· monterey-nta
Breakout x76.7
Baseline: 76 windows· Breakout for 7 consecutive windows· First seen: 6:06:41 PM
ICMP
1+900%
avg: 0.1
Conns In
5+100%
avg: 2.5
Int Peers
0-100%
avg: 1.9
DNS
0-100%
avg: 17.5
SMB
0-100%
avg: 0.4
Kerberos
0-100%
avg: 0.4
52.182.143.215: 2 conns20.42.65.84 (v20.events.data.microsoft.com): 2 conns69.192.139.80: 2 conns13.107.6.163 (upload.fp.measure.office.com): 2 connsconfig.teams.microsoft.com: 4substrate.office.com: 3www.bing.com: 2
#2
10.0.1.42(C100730)· monterey-nta
Rising4.7
Baseline: 22 windows· Breakout for 2 consecutive windows· First seen: 4:36:41 PM
Conns In
0-100%
avg: 0.1
ICMP
0-100%
avg: 0.2
SMB
3+100%
avg: 1.5
TLS SNI
1-99%
avg: 109.5
Ext Peers
13-90%
avg: 135.2
DNS
8-89%
avg: 74.4
104.46.162.225: 46 conns13.107.136.10: 4 conns20.59.87.226: 2 conns52.111.246.62: 1 connsmontmech.sharepoint.com: 4
#3
10.0.1.60(C100740)· monterey-nta
Rising4.5
Baseline: 22 windows· First seen: 8:49:10 PM
Conns In
0-100%
avg: 0.2
RPC
0-100%
avg: 1.4
Bytes Out
4.9 MB-77%
avg: 21.2 MB
Kerberos
2-74%
avg: 7.6
Ext Peers
42-47%
avg: 79.9
DNS
40+22%
avg: 32.8
57.144.120.128 (connect.facebook.net): 26 conns40.79.173.41: 25 conns151.101.201.91 (s3-media0.fl.yelpcdn.com): 6 conns142.251.188.84: 4 connsimages.squarespace-cdn.com: 5px.ads.linkedin.com: 4edge.microsoft.com: 3
#4
10.0.1.251· monterey-nta
Stable3.7
Baseline: 77 windows· First seen: 8:21:42 PM
Conns Out
1-23%
avg: 1.3
Bytes Out
96 B-21%
avg: 122 B
Int Peers
1-17%
avg: 1.2
#5
10.0.1.84(C100722)· monterey-nta
Stable3.5
Baseline: 68 windows· First seen: 8:49:10 PM
DNS
24+120%
avg: 10.9
Conns In
0-100%
avg: 2.6
ICMP
0-100%
avg: 0.2
SMB
0-100%
avg: 0.5
Kerberos
0-100%
avg: 3.3
TLS SNI
36+88%
avg: 19.1
40.79.141.153: 63 conns172.66.0.84: 4 conns150.171.27.11: 2 conns150.171.28.11 (edge.microsoft.com): 2 connscloudflare-ech.com: 4login.microsoftonline.com: 3mobile.events.data.microsoft.com: 2
#6
10.0.9.48· monterey-nta
Stable3.4
Baseline: 63 windows· First seen: 8:21:42 PM
DNS
1-47%
avg: 1.9
Int Peers
1-38%
avg: 1.6
Bytes Out
56 B-24%
avg: 74 B
Conns Out
2-13%
avg: 2.3
#7
10.0.1.68· monterey-nta
Rising2.4
Baseline: 21 windows· First seen: 8:49:10 PM
Int Peers
0-100%
avg: 0.1
DNS
0-100%
avg: 0.1
Conns Out
154+97%
avg: 78.2
TLS SNI
14-50%
avg: 27.8
Ext Peers
21-37%
avg: 33.6
Bytes Out
1.4 MB-14%
avg: 1.6 MB
57.144.120.141 (ep2.facebook.com): 50 conns57.144.44.141 (ep2.facebook.com): 39 conns57.144.120.145: 11 conns57.144.44.1 (www.facebook.com): 11 connsep2.facebook.com: 47apps.loop.in: 15www.facebook.com: 7
#8
10.220.0.6(ESTIMATING)· monterey-nta
Stable1.9
Baseline: 78 windows
Conns In
0-100%
avg: 1.7
Bytes Out
390 B-73%
avg: 1.4 KB
DNS
2-72%
avg: 7.2
Conns Out
41-55%
avg: 90.6
Int Peers
2-26%
avg: 2.7
#9
10.220.0.8(MMCSTORAGE3)· monterey-nta
Stable1.9
Baseline: 78 windows
Conns In
0-100%
avg: 2.6
Bytes Out
119 B-71%
avg: 406 B
Conns Out
29-57%
avg: 67.7
DNS
3-50%
avg: 6
Int Peers
2-26%
avg: 2.7
#10
10.0.1.50· monterey-nta
Stable1.4
Baseline: 27 windows
ICMP
1+400%
avg: 0.2
Conns In
0-100%
avg: 0.6
Int Peers
0-100%
avg: 2.1
DNS
0-100%
avg: 1.6
Kerberos
0-100%
avg: 0.1
Bytes Out
175.5 KB-90%
avg: 1.7 MB
52.96.188.184: 5 conns20.190.190.131: 3 conns40.97.221.120: 3 conns162.247.243.29: 2 connslogin.microsoftonline.com: 3roaming.svc.cloud.microsoft: 3bam.nr-data.net: 2