wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 81-100 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
81
2017-05-12T11:10:47.739240-0700737235340498966flow192.168.56.10249545114.70.176.178445TCPpcapanalyzer
82
2017-05-12T11:10:47.739240-07002144751957848027flow192.168.56.10249492176.156.52.168445TCPpcapanalyzer
83
2017-05-12T11:10:47.739240-070033857136766797flow192.168.56.10249669133.125.139.173445TCPpcapanalyzer
84
2017-05-12T11:10:47.739240-0700738339147957588flow192.168.56.1024977625.77.91.222445TCPpcapanalyzer
85
2017-05-12T11:10:47.739240-0700316380085793017flow192.168.56.10249723206.119.24.72445TCPpcapanalyzer
86
2017-05-12T11:10:47.739240-0700598039745233426flow192.168.56.1024945954.25.49.177445TCPpcapanalyzer
87
2017-05-12T11:10:47.739240-0700317548316950735flow192.168.56.1024973870.77.160.9445TCPpcapanalyzer
88
2017-05-12T11:10:47.739240-0700317728705300256flow192.168.56.1024968745.145.108.129445TCPpcapanalyzer
89
2017-05-12T11:10:47.739240-07001162535887826858flow192.168.56.10249743152.83.251.50445TCPpcapanalyzer
90
2017-05-12T11:10:47.739240-0700742762963435790flow192.168.56.1024953374.196.251.121445TCPpcapanalyzer
91
2017-05-12T11:10:47.739240-0700461369591345268flow192.168.56.1024962721.172.69.175445TCPpcapanalyzer
92
2017-05-12T11:10:47.739240-07001024615897219673flow192.168.56.10249509128.118.97.52445TCPpcapanalyzer
93
2017-05-12T11:10:47.739240-0700884110337606280flow192.168.56.10249675125.113.139.46445TCPpcapanalyzer
94
2017-05-12T11:10:47.739240-0700743965555224745flow192.168.56.1024978437.102.179.214445TCPpcapanalyzer
95
2017-05-12T11:10:47.739240-07001869972836129041flow192.168.56.1024978230.43.194.135445TCPpcapanalyzer
96
2017-05-12T11:10:47.739240-0700322113865963785flow192.168.56.1024938661.137.232.102445TCPpcapanalyzer
97
2017-05-12T11:10:47.739240-07002011303029474321flow192.168.56.1024964610.147.102.96445TCPpcapanalyzer
98
2017-05-12T11:10:47.739240-0700605397024343628flow192.168.56.10249508110.113.72.52445TCPpcapanalyzer
99
2017-05-12T11:10:47.739240-0700464998838688337flow192.168.56.10249608167.185.220.150445TCPpcapanalyzer
100
2017-05-12T11:10:47.739240-07001731683477864549flow192.168.56.102494036.31.44.61445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete