test.pcap

MD5104e3903ec5fb5dcb74f70c8c2cbe1e7
Submission Date2020-07-31 07:40:13
Tags(not set)
Alert 12
Showing 1-12 of 12 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2018-09-12T00:21:03.098990-0700192.168.131.143192.168.131.159ET EXPLOIT ETERNALBLUE Probe Vulnerable System Response MS17-010*
2
2018-09-12T00:22:05.165846-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
3
2018-09-12T00:22:05.173064-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
4
2018-09-12T00:21:03.098990-0700192.168.131.143192.168.131.159ET EXPLOIT ETERNALBLUE Probe Vulnerable System Response MS17-010*
5
2018-09-12T00:22:05.165846-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
6
2018-09-12T00:22:05.176716-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
7
2018-09-12T00:21:03.098990-0700192.168.131.143192.168.131.159ET EXPLOIT ETERNALBLUE Probe Vulnerable System Response MS17-010*
8
2018-09-12T00:22:05.165846-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
9
2018-09-12T00:22:05.176716-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
10
2018-09-12T00:21:03.098990-0700192.168.131.143192.168.131.159ET EXPLOIT ETERNALBLUE Probe Vulnerable System Response MS17-010*
11
2018-09-12T00:22:05.165846-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
12
2018-09-12T00:22:05.173064-0700192.168.131.159192.168.131.143ET POLICY SMB Executable File Transfer*
DNS 120
Showing 1-20 of 120 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2018-09-12T00:21:08.763031-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
2
2018-09-12T00:21:47.616133-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
3
2018-09-12T00:21:08.764764-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
4
2018-09-12T00:21:21.139139-0700192.168.131.159192.168.131.2queryssl.gstatic.comA(not set)
5
2018-09-12T00:21:21.139211-0700192.168.131.159192.168.131.2queryssl.gstatic.comAAAA(not set)
6
2018-09-12T00:21:47.624783-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
7
2018-09-12T00:21:21.141050-0700192.168.131.2192.168.131.159answerssl.gstatic.comA(not set)
8
2018-09-12T00:21:21.141057-0700192.168.131.2192.168.131.159answerssl.gstatic.comAAAA(not set)
9
2018-09-12T00:21:48.065732-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
10
2018-09-12T00:21:48.067308-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
11
2018-09-12T00:21:53.538653-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
12
2018-09-12T00:21:53.540245-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
13
2018-09-12T00:21:53.987345-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
14
2018-09-12T00:21:53.988895-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
15
2018-09-12T00:21:54.412956-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
16
2018-09-12T00:21:54.414811-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
17
2018-09-12T00:21:54.845742-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
18
2018-09-12T00:21:54.847656-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
19
2018-09-12T00:21:55.653475-0700192.168.131.159192.168.131.2query143.131.168.192.in-addr.arpaPTR(not set)
20
2018-09-12T00:21:55.655108-0700192.168.131.2192.168.131.159answer143.131.168.192.in-addr.arpaPTR(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 652
Showing 1-20 of 652 items.
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
1
2018-09-12T00:21:03.090554-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
2
2018-09-12T00:21:53.630405-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
3
2018-09-12T00:21:47.707323-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
4
2018-09-12T00:21:53.631545-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX20510
5
2018-09-12T00:21:53.632234-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX20510
6
2018-09-12T00:21:53.632781-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX20512054
7
2018-09-12T00:21:53.633250-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_NT_CREATE_ANDX20512054
8
2018-09-12T00:21:53.633764-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_TREE_DISCONNECT20512054
9
2018-09-12T00:21:53.634483-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_LOGOFF_ANDX20510
10
2018-09-12T00:21:55.340588-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
11
2018-09-12T00:21:55.341639-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX00
12
2018-09-12T00:21:55.342272-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX20510
13
2018-09-12T00:21:03.095290-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX204865535
14
2018-09-12T00:21:03.097387-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_SESSION_SETUP_ANDX204865535
15
2018-09-12T00:21:03.098666-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX20482048
16
2018-09-12T00:21:03.101226-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX20482049
17
2018-09-12T00:21:03.103756-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_NT_CREATE_ANDX20482049
18
2018-09-12T00:21:03.107637-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_WRITE_ANDX20482049
19
2018-09-12T00:21:03.108785-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_TREE_DISCONNECT20482049
20
2018-09-12T00:21:03.109986-0700192.168.131.159192.168.131.143NT LM 0.12SMB1_COMMAND_TREE_CONNECT_ANDX20482050
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 178
Showing 1-20 of 178 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2018-09-12T00:22:05.424134-07001691709210889716flow192.168.131.15957402192.168.131.253UDPpcapanalyzer
2
2018-09-12T00:22:05.424134-07002113925970762659flow192.168.131.15947646192.168.131.143445TCPpcapanalyzer
3
2018-09-12T00:22:05.424134-0700147930460925717flow192.168.131.15947652192.168.131.143445TCPpcapanalyzer
4
2018-09-12T00:22:05.424134-0700999747029257757flow192.168.131.15954350192.168.131.143445TCPpcapanalyzer
5
2018-09-12T00:22:05.424134-07001989771347844374flow192.168.131.15947634192.168.131.143445TCPpcapanalyzer
6
2018-09-12T00:22:05.424134-07001991137150815351flow192.168.131.15942295192.168.131.143445TCPpcapanalyzer
7
2018-09-12T00:22:05.424134-0700162408792630423flow192.168.131.15957850192.168.131.253UDPpcapanalyzer
8
2018-09-12T00:22:05.424134-0700304473428850171flow192.168.131.15945307192.168.131.143445TCPpcapanalyzer
9
2018-09-12T00:22:05.424134-0700446207349656501flow192.168.131.15948124192.168.131.143445TCPpcapanalyzer
10
2018-09-12T00:22:05.424134-07001017021388272319flow192.168.131.15963545192.168.131.143445TCPpcapanalyzer
11
2018-09-12T00:22:05.424134-07002002939720960975flow192.168.131.15956033192.168.131.253UDPpcapanalyzer
12
2018-09-12T00:22:05.424134-0700881931781885291flow192.168.131.15947654192.168.131.143445TCPpcapanalyzer
13
2018-09-12T00:22:05.424134-0700183467020384419flow192.168.131.15952841192.168.131.253UDPpcapanalyzer
14
2018-09-12T00:22:05.424134-07001733567961988581flow192.168.131.15960067192.168.131.143137UDPpcapanalyzer
15
2018-09-12T00:22:05.424134-07002016894067482499flow192.168.131.15943739192.168.131.253UDPpcapanalyzer
16
2018-09-12T00:22:05.424134-0700329856685631406flow192.168.131.15953407192.168.131.253UDPpcapanalyzer
17
2018-09-12T00:22:05.424134-07002159813400985796flow192.168.131.15960195192.168.131.253UDPpcapanalyzer
18
2018-09-12T00:22:05.424134-07001740259524099888flow192.168.131.15957481192.168.131.253UDPpcapanalyzer
19
2018-09-12T00:22:05.424134-07001882427233611044flow192.168.131.15948334192.168.131.143137UDPpcapanalyzer
20
2018-09-12T00:22:05.424134-0700335616236735772flow192.168.131.15949461192.168.131.253UDPpcapanalyzer
File 4
Showing 1-4 of 4 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2018-09-12T00:22:05.248258-0700192.168.131.159192.168.131.143<unknown>PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows15872
2
2018-09-12T00:22:05.248258-0700192.168.131.159192.168.131.143<unknown>PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows15872
3
2018-09-12T00:22:05.248258-0700192.168.131.159192.168.131.143<unknown>PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows15872
4
2018-09-12T00:22:05.248258-0700192.168.131.159192.168.131.143<unknown>PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows15872

Comments(not set)

Update Download PCAP Delete