Awesome Malware 4.pcap

MD574af96dd271d8950cd6511acc93d8b2c
Submission Date2021-04-07 04:11:28
Tags(not set)
Alert 0
#
TimestampSrc IpDest IpAlert SignatureP
No results found.
DNS 4386
Showing 1-20 of 4,386 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2021-03-26T05:47:12.481495-0700192.168.150.128192.168.150.1query2.debian.pool.ntp.orgA(not set)
2
2021-03-26T05:47:12.481994-0700192.168.150.128192.168.150.1query2.debian.pool.ntp.orgAAAA(not set)
3
2021-03-26T05:47:12.483625-0700192.168.150.128192.168.150.1query2.debian.pool.ntp.org.localdomainA(not set)
4
2021-03-26T05:47:12.484092-0700192.168.150.128192.168.150.1query2.debian.pool.ntp.org.localdomainAAAA(not set)
5
2021-03-26T05:47:12.486792-0700192.168.150.128192.168.150.1query3.debian.pool.ntp.orgA(not set)
6
2021-03-26T05:47:12.487329-0700192.168.150.128192.168.150.1query3.debian.pool.ntp.orgAAAA(not set)
7
2021-03-26T05:47:12.489003-0700192.168.150.128192.168.150.1query3.debian.pool.ntp.org.localdomainA(not set)
8
2021-03-26T05:47:12.489463-0700192.168.150.128192.168.150.1query3.debian.pool.ntp.org.localdomainAAAA(not set)
9
2021-03-26T05:47:12.491085-0700192.168.150.128192.168.150.1query0.debian.pool.ntp.orgA(not set)
10
2021-03-26T05:47:12.491565-0700192.168.150.128192.168.150.1query0.debian.pool.ntp.orgAAAA(not set)
11
2021-03-26T05:47:12.496176-0700192.168.150.128192.168.150.1query1.debian.pool.ntp.orgA(not set)
12
2021-03-26T05:47:12.496693-0700192.168.150.128192.168.150.1query1.debian.pool.ntp.orgAAAA(not set)
13
2021-03-26T05:47:12.499388-0700192.168.150.128192.168.150.1query1.debian.pool.ntp.org.localdomainA(not set)
14
2021-03-26T05:47:12.499882-0700192.168.150.128192.168.150.1query1.debian.pool.ntp.org.localdomainAAAA(not set)
15
2021-03-26T05:47:12.502127-0700192.168.150.128192.168.150.1query2.debian.pool.ntp.orgA(not set)
16
2021-03-26T05:47:12.502394-0700192.168.150.128192.168.150.1query2.debian.pool.ntp.orgAAAA(not set)
17
2021-03-26T05:47:12.504728-0700192.168.150.128192.168.150.1query3.debian.pool.ntp.orgA(not set)
18
2021-03-26T05:47:12.504964-0700192.168.150.128192.168.150.1query3.debian.pool.ntp.orgAAAA(not set)
19
2021-03-26T05:47:12.506826-0700192.168.150.128192.168.150.1query0.debian.pool.ntp.orgA(not set)
20
2021-03-26T05:47:12.507071-0700192.168.150.128192.168.150.1query0.debian.pool.ntp.orgAAAA(not set)
TLS 5
Showing 1-5 of 5 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2021-03-26T05:54:18.919521-0700200.200.200.1100.100.100.11TLS 1.2iecvlist.microsoft.com
2
2021-03-26T05:54:18.963795-0700200.200.200.1100.100.100.11TLS 1.2iecvlist.microsoft.com
3
2021-03-26T05:54:53.875801-0700200.200.200.1100.100.100.12TLS 1.2ieonline.microsoft.com
4
2021-03-26T05:54:53.920053-0700200.200.200.1100.100.100.12TLS 1.2ieonline.microsoft.com
5
2021-03-26T06:03:28.724822-0700200.200.200.1100.100.100.13TLSv1update.googleapis.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 2
Showing 1-2 of 2 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2021-03-26T05:46:58.125367-0700192.168.150.1192.168.150.1288080POST/starter204
2
2021-03-26T05:47:39.032200-0700192.168.150.1192.168.150.1288080POST/starter204
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 1940
Showing 1-20 of 1,940 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2021-03-26T06:02:39.229556-0700985166050424052flow192.168.150.12845691192.168.150.153UDPpcapanalyzer
2
2021-03-26T06:02:39.236158-0700844651896386193flow192.168.150.12836701192.168.150.153UDPpcapanalyzer
3
2021-03-26T06:02:39.236158-07002113612870882369flow192.168.150.12857155192.168.150.153UDPpcapanalyzer
4
2021-03-26T06:02:39.236158-0700284120011563265flow192.168.150.12840433192.168.150.153UDPpcapanalyzer
5
2021-03-26T06:02:39.236158-0700987979253940939flow192.168.150.12855798192.168.150.153UDPpcapanalyzer
6
2021-03-26T06:02:39.236158-07001413803786563982flow192.168.150.12835838192.168.150.153UDPpcapanalyzer
7
2021-03-26T06:02:39.236158-07001978003564306108flow192.168.150.12844724192.168.150.153UDPpcapanalyzer
8
2021-03-26T06:02:39.236158-0700290519514747989flow192.168.150.12858102192.168.150.153UDPpcapanalyzer
9
2021-03-26T06:02:39.236158-0700291687745852703flow192.168.150.12835907192.168.150.153UDPpcapanalyzer
10
2021-03-26T06:02:39.236158-0700573514909877782flow192.168.150.12850352192.168.150.153UDPpcapanalyzer
11
2021-03-26T06:02:39.238177-0700151573027750406flow192.168.150.12851172192.168.150.153UDPpcapanalyzer
12
2021-03-26T06:02:39.238185-07001418854666133163flow192.168.150.12854850192.168.150.153UDPpcapanalyzer
13
2021-03-26T06:02:39.238375-070011492669456060flow192.168.150.12841655192.168.150.153UDPpcapanalyzer
14
2021-03-26T06:02:39.238375-07001982526164856200flow192.168.150.12840719192.168.150.153UDPpcapanalyzer
15
2021-03-26T06:02:39.238375-070012686670300494flow192.168.150.12837718192.168.150.153UDPpcapanalyzer
16
2021-03-26T06:02:39.238375-0700435517608754472flow192.168.150.12854974192.168.150.153UDPpcapanalyzer
17
2021-03-26T06:02:39.238375-07001702833599593942flow192.168.150.12852057192.168.150.153UDPpcapanalyzer
18
2021-03-26T06:02:39.238375-07001423660734525897flow192.168.150.12834622192.168.150.153UDPpcapanalyzer
19
2021-03-26T06:02:39.238375-07001987302168493645flow192.168.150.12842777192.168.150.153UDPpcapanalyzer
20
2021-03-26T06:02:39.238375-0700861574060356504flow192.168.150.12838719192.168.150.153UDPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments(not set)

Update Download PCAP Delete