wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 21-40 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
21
2017-05-12T11:10:47.739240-0700149365987428174flow192.168.56.10249717208.83.131.137445TCPpcapanalyzer
22
2017-05-12T11:10:47.739240-07001134670139698581flow192.168.56.1024968635.147.5.161445TCPpcapanalyzer
23
2017-05-12T11:10:47.739240-07001416815130564350flow192.168.56.10249429175.250.2.125445TCPpcapanalyzer
24
2017-05-12T11:10:47.739240-0700572922777367161flow192.168.56.1024973327.200.231.164445TCPpcapanalyzer
25
2017-05-12T11:10:47.739240-0700854526601991566flow192.168.56.10249418222.165.223.177445TCPpcapanalyzer
26
2017-05-12T11:10:47.739240-07001136177672766397flow192.168.56.10249530195.234.9.214445TCPpcapanalyzer
27
2017-05-12T11:10:47.739240-07001136212032745828flow192.168.56.1024959917.145.140.164445TCPpcapanalyzer
28
2017-05-12T11:10:47.739240-0700854797185861007flow192.168.56.102497008.167.40.127445TCPpcapanalyzer
29
2017-05-12T11:10:47.739240-0700996131675260751flow192.168.56.1024984357.11.246.110445TCPpcapanalyzer
30
2017-05-12T11:10:47.739240-07001277615240829441flow192.168.56.1024954445.165.40.250445TCPpcapanalyzer
31
2017-05-12T11:10:47.739240-0700151947262598084flow192.168.56.1024966481.41.217.149445TCPpcapanalyzer
32
2017-05-12T11:10:47.739240-0700433525319150547flow192.168.56.1024982093.167.125.73445TCPpcapanalyzer
33
2017-05-12T11:10:47.739240-07002122650056213618flow192.168.56.10249496115.194.108.135445TCPpcapanalyzer
34
2017-05-12T11:10:47.739240-0700715434086357427flow192.168.56.10249463218.211.50.146445TCPpcapanalyzer
35
2017-05-12T11:10:47.739240-07001137826940966620flow192.168.56.10249741141.135.236.237445TCPpcapanalyzer
36
2017-05-12T11:10:47.739240-070012687243698550flow192.168.56.10249848223.91.149.180445TCPpcapanalyzer
37
2017-05-12T11:10:47.739240-07001421397861440775flow192.168.56.10249692159.132.7.71445TCPpcapanalyzer
38
2017-05-12T11:10:47.739240-07001421891782875769flow192.168.56.10249729197.1.156.138445TCPpcapanalyzer
39
2017-05-12T11:10:47.739240-07001281373337873960flow192.168.56.1024972426.59.187.77445TCPpcapanalyzer
40
2017-05-12T11:10:47.739240-07001564772458441449flow192.168.56.10249316156.70.196.181445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete