Pcap nam.pcap

MD5b64b5f92e6136a66c26aa44a3359db89
Submission Date2021-10-04 15:44:56
Tags(not set)
Alert 8
Showing 1-8 of 8 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2021-10-01T11:13:51.575352-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
2
2021-10-01T11:13:51.677961-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
3
2021-10-01T11:13:51.807336-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
4
2021-10-01T11:13:51.964083-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
5
2021-10-01T11:13:52.107609-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
6
2021-10-01T11:13:52.223256-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
7
2021-10-01T11:13:52.291993-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
8
2021-10-01T11:13:52.318454-0700172.16.104.96172.217.14.78ET TROJAN Possible Win32/Get2 Downloader Activity*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 8
Showing 1-8 of 8 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2021-10-01T11:13:51.575352-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_Success&ec=Recovery_Deep_Recover&t=event&tid=UA-89782350-3&v=1200
2
2021-10-01T11:13:51.677961-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_Duration&ec=Recovery_Deep_Recover&el=24:45:20&t=event&tid=UA-89782350-3&v=1200
3
2021-10-01T11:13:51.807336-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_FileType&ec=Recovery_Deep_Recover&el=ppt&t=event&tid=UA-89782350-3&v=1200
4
2021-10-01T11:13:51.964083-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_FileType&ec=Recovery_Deep_Recover&el=xls&t=event&tid=UA-89782350-3&v=1200
5
2021-10-01T11:13:52.107609-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_FileType&ec=Recovery_Deep_Recover&el=doc&t=event&tid=UA-89782350-3&v=1200
6
2021-10-01T11:13:52.223256-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_FileType&ec=Recovery_Deep_Recover&el=gif&t=event&tid=UA-89782350-3&v=1200
7
2021-10-01T11:13:52.291993-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_FileType&ec=Recovery_Deep_Recover&el=zip&t=event&tid=UA-89782350-3&v=1200
8
2021-10-01T11:13:52.318454-0700172.16.104.96www.google-analytics.com80GET/collect?cd1=Buy&cd2=6.1.1&cd3=829&cid=C4346B56963B&ea=Deep_Recovery_DataRecoveryWizard_FileType&ec=Recovery_Deep_Recover&el=jpg&t=event&tid=UA-89782350-3&v=1(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 1
Showing 1-1 of 1 item.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2021-10-01T11:13:52.318454-07002023637458598791flow172.16.104.9656884172.217.14.7880TCPpcapanalyzer
File 7
Showing 1-7 of 7 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2021-10-01T11:13:51.575352-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135
2
2021-10-01T11:13:51.677961-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135
3
2021-10-01T11:13:51.807336-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135
4
2021-10-01T11:13:51.964083-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135
5
2021-10-01T11:13:52.107609-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135
6
2021-10-01T11:13:52.223256-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135
7
2021-10-01T11:13:52.291993-0700172.217.14.78172.16.104.96/collectGIF image data, version 89a, 1 x 135

Comments(not set)

Update Download PCAP Delete