wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 101-120 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
101
2017-05-12T11:10:47.739240-0700746787347895646flow192.168.56.10249584177.249.199.0445TCPpcapanalyzer
102
2017-05-12T11:10:47.739240-07001309926279643923flow192.168.56.10249483114.61.4.55445TCPpcapanalyzer
103
2017-05-12T11:10:47.739240-07001452020977861346flow192.168.56.1024955669.205.178.232445TCPpcapanalyzer
104
2017-05-12T11:10:47.739240-0700185598331815008flow192.168.56.10249777213.178.157.8445TCPpcapanalyzer
105
2017-05-12T11:10:47.739240-07001311558367566118flow192.168.56.1024959894.152.24.138445TCPpcapanalyzer
106
2017-05-12T11:10:47.739240-07001170846648402321flow192.168.56.10249412126.243.254.41445TCPpcapanalyzer
107
2017-05-12T11:10:47.739240-07002016152046824429flow192.168.56.1024942193.234.155.122445TCPpcapanalyzer
108
2017-05-12T11:10:47.739240-0700327310777228705flow192.168.56.1024964961.210.7.233445TCPpcapanalyzer
109
2017-05-12T11:10:47.739240-0700186895411211277flow192.168.56.10249588146.247.70.9445TCPpcapanalyzer
110
2017-05-12T11:10:47.739240-0700891051004478256flow192.168.56.10249593218.11.71.191445TCPpcapanalyzer
111
2017-05-12T11:10:47.739240-0700609769301726924flow192.168.56.10249713101.64.144.141445TCPpcapanalyzer
112
2017-05-12T11:10:47.739240-07001314697988730609flow192.168.56.10249614121.175.162.1445TCPpcapanalyzer
113
2017-05-12T11:10:47.739240-0700892567128446542flow192.168.56.1024975186.34.246.250445TCPpcapanalyzer
114
2017-05-12T11:10:47.739240-07001456264404517943flow192.168.56.10249283108.146.43.23445TCPpcapanalyzer
115
2017-05-12T11:10:47.739240-0700752813187805138flow192.168.56.1024979718.224.70.239445TCPpcapanalyzer
116
2017-05-12T11:10:47.739240-070049336197912377flow192.168.56.102493723.210.53.21445TCPpcapanalyzer
117
2017-05-12T11:10:47.739240-0700471656038506428flow192.168.56.1024974947.250.28.123445TCPpcapanalyzer
118
2017-05-12T11:10:47.739240-07001879043806391893flow192.168.56.10249576115.200.95.163445TCPpcapanalyzer
119
2017-05-12T11:10:47.739240-07002160896740843285flow192.168.56.1024975854.7.26.54445TCPpcapanalyzer
120
2017-05-12T11:10:47.739240-07001457230774081421flow192.168.56.10249817161.234.47.118445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete