Alert_393131.pcap

MD5295b2020d16ba021a515147fcab82401
Submission Date2020-09-28 03:38:02
Tags
Alert 2
Showing 1-2 of 2 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2020-09-20T16:30:09.531097-070010.77.68.4410.54.208.136ET EXPLOIT Possible ETERNALBLUE Probe MS17-010 (MSF style)*
2
2020-09-20T16:30:09.531097-070010.77.68.4410.54.208.136ET EXPLOIT Possible ETERNALBLUE Probe MS17-010 (Generic Flags)*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 4
Showing 1-4 of 4 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-09-20T16:27:08.582498-070010.54.208.136HQBUSM2063.nestle.com52311GET/cgi-bin/bfenterprise/BESGatherMirror.exe?url=http://bigfix.nestle.com:52311/cgi-bin/bfgather.exe/opsite127&Time=21Sep01:27:08&rand=26390523&ManyVersionSha1=cf41f3ecde1fbf46a0537a3080bd2a733e1c79b9200
2
2020-09-20T16:27:08.582503-070010.54.208.136HQBUSM2063.nestle.com52311GET/cgi-bin/bfenterprise/BESGatherMirror.exe?url=http://bigfix.nestle.com:52311/cgi-bin/bfgather.exe/opsite127&Time=21Sep01:27:08&rand=26390523&ManyVersionSha1=cf41f3ecde1fbf46a0537a3080bd2a733e1c79b9200
3
2020-09-20T16:30:13.833850-070010.54.208.136HQBUSM2063.nestle.com52311GET/cgi-bin/bfenterprise/BESGatherMirror.exe?url=http://bigfix.nestle.com:52311/cgi-bin/bfgather.exe/opsite13&Time=21Sep01:27:08&rand=c699ef9e&ManyVersionSha1=b6699fc39c7b59d64c270863e8849a4176d1b40b(not set)
4
2020-09-20T16:30:13.833850-070010.54.208.136HQBUSM2063.nestle.com52311GET/cgi-bin/bfenterprise/BESGatherMirror.exe?url=http://bigfix.nestle.com:52311/cgi-bin/bfgather.exe/opsite13&Time=21Sep01:27:08&rand=c699ef9e&ManyVersionSha1=b6699fc39c7b59d64c270863e8849a4176d1b40b(not set)
SMB 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
1
2020-09-20T16:30:09.531097-070010.77.68.4410.54.208.136NT LM 0.12SMB1_COMMAND_NEGOTIATE_PROTOCOL00
2
2020-09-20T16:30:13.833850-070010.77.68.4410.54.208.137unknownSMB1_COMMAND_NEGOTIATE_PROTOCOL00
3
2020-09-20T16:30:13.833850-070010.77.68.4410.54.208.137unknownSMB1_COMMAND_NEGOTIATE_PROTOCOL00
4
2020-09-20T16:30:13.833850-070010.77.68.4410.54.208.136unknownSMB1_COMMAND_NEGOTIATE_PROTOCOL00
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 85
Showing 1-20 of 85 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-09-20T16:27:08.582498-0700217599772394033flow10.54.208.136(not set)10.54.131.221(not set)ICMPpcapanalyzer
2
2020-09-20T16:30:13.833850-07002115043311055349flow10.54.131.2216227910.54.208.1365985TCPpcapanalyzer
3
2020-09-20T16:30:13.833850-0700567566593675028flow10.54.208.13613810.54.208.255138UDPpcapanalyzer
4
2020-09-20T16:30:13.833850-0700287556202457253flow10.54.208.13658287141.122.181.18352311TCPpcapanalyzer
5
2020-09-20T16:30:13.833850-0700710206761800165flow10.77.68.445631310.54.208.81445TCPpcapanalyzer
6
2020-09-20T16:30:13.833850-07001555013939075694flow10.77.68.446420110.54.208.11445TCPpcapanalyzer
7
2020-09-20T16:30:13.833850-07008572305764778flow10.54.208.136598510.54.131.22162279TCPpcapanalyzer
8
2020-09-20T16:30:13.833850-07001134798642830070flow10.77.68.446329210.54.208.135445TCPpcapanalyzer
9
2020-09-20T16:30:13.833850-07001276429484800286flow10.77.68.446397310.54.208.136445TCPpcapanalyzer
10
2020-09-20T16:30:13.833850-0700855097474737936flow10.54.208.136598510.54.131.22160388TCPpcapanalyzer
11
2020-09-20T16:30:13.833850-0700151805183339711flow10.77.68.446424810.54.208.137445TCPpcapanalyzer
12
2020-09-20T16:30:13.833850-07001981491302763131flow10.54.131.2216014610.54.208.1365985TCPpcapanalyzer
13
2020-09-20T16:30:13.833850-07001277881178748464flow10.77.68.445534910.54.208.73445TCPpcapanalyzer
14
2020-09-20T16:30:13.833850-0700997325315762335flow141.122.115.571012310.54.208.13651144TCPpcapanalyzer
15
2020-09-20T16:30:13.833850-0700998326045310219flow10.54.208.13658285141.122.181.18352311TCPpcapanalyzer
16
2020-09-20T16:30:13.833850-07001845929260778294flow10.54.131.2215676410.54.208.1365985TCPpcapanalyzer
17
2020-09-20T16:30:13.833850-0700865753297304535flow10.77.68.445619610.54.208.80445TCPpcapanalyzer
18
2020-09-20T16:30:13.833850-0700162538306184238flow10.77.68.446344710.54.208.136445TCPpcapanalyzer
19
2020-09-20T16:30:13.833850-0700585712830793159flow10.54.208.136598510.54.131.22159583TCPpcapanalyzer
20
2020-09-20T16:30:13.833850-07001853058909195500flow10.77.68.446424810.54.208.137445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete