wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 41-60 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
41
2017-05-12T11:10:47.739240-0700441586970903185flow192.168.56.10249308216.2.44.92445TCPpcapanalyzer
42
2017-05-12T11:10:47.739240-07001004554104177836flow192.168.56.10249300152.168.177.160445TCPpcapanalyzer
43
2017-05-12T11:10:47.739240-07002130896394477495flow192.168.56.1024981450.224.43.80445TCPpcapanalyzer
44
2017-05-12T11:10:47.739240-07002130909278269201flow192.168.56.10249493179.198.149.203445TCPpcapanalyzer
45
2017-05-12T11:10:47.739240-07001568710945316092flow192.168.56.1024982537.182.9.120445TCPpcapanalyzer
46
2017-05-12T11:10:47.739240-0700583630130043270flow192.168.56.1024948728.56.25.32445TCPpcapanalyzer
47
2017-05-12T11:10:47.739240-07001569346599966744flow192.168.56.10249703135.69.168.82445TCPpcapanalyzer
48
2017-05-12T11:10:47.739240-07001147271572870523flow192.168.56.1024939564.249.236.205445TCPpcapanalyzer
49
2017-05-12T11:10:47.739240-0700584459057550710flow192.168.56.102553328.8.8.853UDPpcapanalyzer
50
2017-05-12T11:10:47.739240-0700584746821883964flow192.168.56.10249623185.71.69.144445TCPpcapanalyzer
51
2017-05-12T11:10:47.739240-0700866221798562677flow192.168.56.10249597204.55.198.135445TCPpcapanalyzer
52
2017-05-12T11:10:47.739240-07001710681089241439flow192.168.56.1024980815.53.249.205445TCPpcapanalyzer
53
2017-05-12T11:10:47.739240-0700585137664099967flow192.168.56.1024967354.9.234.246445TCPpcapanalyzer
54
2017-05-12T11:10:47.739240-0700867591892571926flow192.168.56.1024944127.163.254.13445TCPpcapanalyzer
55
2017-05-12T11:10:47.739240-07001430627744651924flow192.168.56.10249272147.24.136.160445TCPpcapanalyzer
56
2017-05-12T11:10:47.739240-07001290736366027093flow192.168.56.10249579193.223.88.248445TCPpcapanalyzer
57
2017-05-12T11:10:47.739240-0700728031225551518flow192.168.56.10249498103.163.183.218445TCPpcapanalyzer
58
2017-05-12T11:10:47.739240-07001150372540007765flow192.168.56.10249632178.235.96.75445TCPpcapanalyzer
59
2017-05-12T11:10:47.739240-070024571417805814flow192.168.56.10249737170.163.94.179445TCPpcapanalyzer
60
2017-05-12T11:10:47.739240-0700306226783127180flow192.168.56.1024973658.47.153.138445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete