wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 181-200 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
181
2017-05-12T11:10:47.739240-07001067548390256419flow192.168.56.10249478111.7.3.5445TCPpcapanalyzer
182
2017-05-12T11:10:47.739240-0700363865244676972flow192.168.56.1024984031.138.212.208445TCPpcapanalyzer
183
2017-05-12T11:10:47.739240-0700927077189758732flow192.168.56.10249466165.176.223.229445TCPpcapanalyzer
184
2017-05-12T11:10:47.739240-0700504924855501689flow192.168.56.1024982322.116.157.158445TCPpcapanalyzer
185
2017-05-12T11:10:47.739240-0700224609519239931flow192.168.56.1024963323.137.247.243445TCPpcapanalyzer
186
2017-05-12T11:10:47.739240-07001209896492346756flow192.168.56.1024978583.240.229.157445TCPpcapanalyzer
187
2017-05-12T11:10:47.739240-0700647071091382192flow192.168.56.10249332121.183.29.242445TCPpcapanalyzer
188
2017-05-12T11:10:47.739240-0700367288333490730flow192.168.56.10249816148.140.119.11445TCPpcapanalyzer
189
2017-05-12T11:10:47.739240-07001493231189109611flow192.168.56.1024957754.155.36.149445TCPpcapanalyzer
190
2017-05-12T11:10:47.739240-07002056309992424727flow192.168.56.10249812188.117.21.145445TCPpcapanalyzer
191
2017-05-12T11:10:47.739240-0700789994719140573flow192.168.56.10249650223.96.62.206445TCPpcapanalyzer
192
2017-05-12T11:10:47.739240-0700508528332576669flow192.168.56.10249722210.232.163.122445TCPpcapanalyzer
193
2017-05-12T11:10:47.739240-07001494266275572505flow192.168.56.10249378193.16.226.18445TCPpcapanalyzer
194
2017-05-12T11:10:47.739240-07001916538871148074flow192.168.56.10249656164.198.66.204445TCPpcapanalyzer
195
2017-05-12T11:10:47.739240-07001353623277852872flow192.168.56.10249760182.118.188.193445TCPpcapanalyzer
196
2017-05-12T11:10:47.739240-07001074961504667538flow192.168.56.1024975520.131.251.109445TCPpcapanalyzer
197
2017-05-12T11:10:47.739240-0700512088860935626flow192.168.56.1024982280.123.49.119445TCPpcapanalyzer
198
2017-05-12T11:10:47.739240-0700371862473595051flow192.168.56.10249791171.162.94.207445TCPpcapanalyzer
199
2017-05-12T11:10:47.739240-07001920056449445644flow192.168.56.1024970662.77.113.59445TCPpcapanalyzer
200
2017-05-12T11:10:47.739240-07001217133511787383flow192.168.56.10249674122.154.172.148445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete