M10_Group B.pcap

MD5a6b5d43ae80598b43af083f35c866385
Submission Date2019-10-09 11:53:32
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2019-09-11T20:31:03.775389-070010.249.53.5910.249.52.231ET ATTACK_RESPONSE Net User Command Response*
DNS 14
Showing 1-14 of 14 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2019-09-11T20:28:37.351030-070010.249.53.598.8.8.8querypop3.189.cnA(not set)
2
2019-09-11T20:28:37.367826-07008.8.8.810.249.53.59answerpop3.189.cnA(not set)
3
2019-09-11T20:29:11.624592-070010.249.53.598.8.4.4querycheckappexec.microsoft.comA(not set)
4
2019-09-11T20:29:11.670518-07008.8.4.410.249.53.59answercheckappexec.microsoft.comA(not set)
5
2019-09-11T20:29:11.602479-070010.249.53.598.8.8.8querycheckappexec.microsoft.comA(not set)
6
2019-09-11T20:29:11.682464-07008.8.8.810.249.53.59answercheckappexec.microsoft.comA(not set)
7
2019-09-11T20:29:47.796583-070010.249.53.598.8.8.8querydownload.cdn.mozilla.netA(not set)
8
2019-09-11T20:29:47.826989-070010.249.53.598.8.4.4querydownload.cdn.mozilla.netA(not set)
9
2019-09-11T20:29:47.837666-07008.8.8.810.249.53.59answerdownload.cdn.mozilla.netA(not set)
10
2019-09-11T20:29:47.845832-07008.8.4.410.249.53.59answerdownload.cdn.mozilla.netA(not set)
11
2019-09-11T20:30:12.823330-070010.249.53.598.8.8.8queryv20.events.data.microsoft.comA(not set)
12
2019-09-11T20:30:13.135140-07008.8.8.810.249.53.59answerv20.events.data.microsoft.comA(not set)
13
2019-09-11T20:30:12.841997-070010.249.53.598.8.4.4queryv20.events.data.microsoft.comA(not set)
14
2019-09-11T20:30:12.957186-07008.8.4.410.249.53.59answerv20.events.data.microsoft.comA(not set)
TLS 4
Showing 1-4 of 4 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2019-09-11T20:29:12.058352-070010.249.53.59104.215.76.184TLS 1.2checkappexec.microsoft.com
2
2019-09-11T20:29:12.059380-070010.249.53.59104.215.76.184TLS 1.2checkappexec.microsoft.com
3
2019-09-11T20:29:21.410289-070010.249.53.59104.215.76.184TLS 1.2checkappexec.microsoft.com
4
2019-09-11T20:30:13.471314-070010.249.53.5952.114.74.44TLS 1.2v20.events.data.microsoft.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 1
Showing 1-1 of 1 item.
#
TimestampSourceHostnamePortMethodURLStatus
1
2019-09-11T20:29:47.942169-070010.249.53.59download.cdn.mozilla.net80GET/pub/thunderbird/releases/38.5.0/update/win32/en-US/thunderbird-38.5.0.complete.mar206
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 17
Showing 1-17 of 17 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2019-09-11T20:30:36.380752-07001643476676191950flow10.249.53.5913710.249.53.255137UDPpcapanalyzer
2
2019-09-11T20:30:36.380752-0700291073083889933flow10.249.53.59633278.8.4.453UDPpcapanalyzer
3
2019-09-11T20:30:36.380752-07001139122964735911flow10.249.53.59574838.8.8.853UDPpcapanalyzer
4
2019-09-11T20:30:36.380752-07001426701085417559flow10.249.53.595584647.254.17.28110TCPpcapanalyzer
5
2019-09-11T20:30:36.380752-07001029287764400143flow10.249.53.5955849104.215.76.184443TCPpcapanalyzer
6
2019-09-11T20:30:36.380752-070050855563009454flow10.249.53.595585352.114.74.44443TCPpcapanalyzer
7
2019-09-11T20:30:36.380752-0700758331159698230flow10.249.53.59557328.8.8.853UDPpcapanalyzer
8
2019-09-11T20:30:36.380752-07001466511143505954flow10.249.53.59633278.8.8.853UDPpcapanalyzer
9
2019-09-11T20:30:36.380752-070068486399740563flow10.249.53.5955847104.215.76.184443TCPpcapanalyzer
10
2019-09-11T20:30:36.380752-07001081956949894652flow10.249.53.595585147.254.17.28110TCPpcapanalyzer
11
2019-09-11T20:30:36.380752-07002215961457805971flow10.249.53.5955848104.215.76.184443TCPpcapanalyzer
12
2019-09-11T20:30:36.380752-0700956049983785680flow10.249.53.5955852104.70.237.8580TCPpcapanalyzer
13
2019-09-11T20:30:36.380752-0700821548785545583flow10.249.53.59588218.8.8.853UDPpcapanalyzer
14
2019-09-11T20:30:36.380752-07001525279177017296flow10.249.53.59588218.8.4.453UDPpcapanalyzer
15
2019-09-11T20:30:36.380752-07001106360952489875flow10.249.53.595585010.249.52.23131337TCPpcapanalyzer
16
2019-09-11T20:30:36.380752-07002100276516068973flow10.249.53.59574838.8.4.453UDPpcapanalyzer
17
2019-09-11T20:30:36.380752-0700981987288810054flow10.249.53.595574440.90.189.152443TCPpcapanalyzer
File 1
Showing 1-1 of 1 item.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2019-09-11T20:29:47.942169-0700104.70.237.8510.249.53.59/pub/thunderbird/releases/38.5.0/update/win32/en-US/thunderbird-38.5.0.complete.marPGP\011Secret Sub-key -300000

Comments(not set)

Update Download PCAP Delete