wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 1-20 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2017-05-12T11:10:47.739240-0700985716378273284flow192.168.56.1024947012.145.237.99445TCPpcapanalyzer
2
2017-05-12T11:10:47.739240-0700141304333065139flow192.168.56.1024947587.191.10.219445TCPpcapanalyzer
3
2017-05-12T11:10:47.739240-0700423127201726705flow192.168.56.1024937098.166.24.0445TCPpcapanalyzer
4
2017-05-12T11:10:47.739240-07001971630416626012flow192.168.56.10249663183.22.49.63445TCPpcapanalyzer
5
2017-05-12T11:10:47.739240-07001549490966485982flow192.168.56.1024978160.195.14.146445TCPpcapanalyzer
6
2017-05-12T11:10:47.739240-07002263356637414flow192.168.56.1024942496.5.110.154445TCPpcapanalyzer
7
2017-05-12T11:10:47.739240-0700706023812814900flow192.168.56.1024941742.157.148.184445TCPpcapanalyzer
8
2017-05-12T11:10:47.739240-07001410278191164442flow192.168.56.10249707102.78.61.57445TCPpcapanalyzer
9
2017-05-12T11:10:47.739240-0700284597326190787flow192.168.56.1024929480.21.223.117445TCPpcapanalyzer
10
2017-05-12T11:10:47.739240-0700143907083978864flow192.168.56.10249708186.26.24.127445TCPpcapanalyzer
11
2017-05-12T11:10:47.739240-0700988722856689774flow192.168.56.10249836214.71.240.55445TCPpcapanalyzer
12
2017-05-12T11:10:47.739240-07001833426959106320flow192.168.56.1024970132.114.131.225445TCPpcapanalyzer
13
2017-05-12T11:10:47.739240-0700567502528436740flow192.168.56.1024969314.15.234.107445TCPpcapanalyzer
14
2017-05-12T11:10:47.739240-07001693445385379311flow192.168.56.10249789106.105.140.42445TCPpcapanalyzer
15
2017-05-12T11:10:47.739240-07001975744995980205flow192.168.56.1024982946.112.27.86445TCPpcapanalyzer
16
2017-05-12T11:10:47.739240-0700569881940919714flow192.168.56.1024983471.200.62.65445TCPpcapanalyzer
17
2017-05-12T11:10:47.739240-0700288557287555797flow192.168.56.1024970956.54.105.134445TCPpcapanalyzer
18
2017-05-12T11:10:47.739240-0700992283384525099flow192.168.56.10249818158.89.20.180445TCPpcapanalyzer
19
2017-05-12T11:10:47.739240-07001555276287394486flow192.168.56.10249767171.55.165.37445TCPpcapanalyzer
20
2017-05-12T11:10:47.739240-0700852980413572028flow192.168.56.10249371192.168.56.100445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete