wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 141-160 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
141
2017-05-12T11:10:47.739240-07002170946963620445flow192.168.56.10249567192.228.164.155445TCPpcapanalyzer
142
2017-05-12T11:10:47.739240-07001749468938061621flow192.168.56.1024960384.220.168.60445TCPpcapanalyzer
143
2017-05-12T11:10:47.739240-07001186544754001185flow192.168.56.10249446213.235.191.6445TCPpcapanalyzer
144
2017-05-12T11:10:47.739240-0700906950973758174flow192.168.56.102497025.69.106.180445TCPpcapanalyzer
145
2017-05-12T11:10:47.739240-07001892237946051033flow192.168.56.1024962297.37.43.189445TCPpcapanalyzer
146
2017-05-12T11:10:47.739240-07001892667443370135flow192.168.56.10249771162.100.15.23445TCPpcapanalyzer
147
2017-05-12T11:10:47.739240-07002033821543449840flow192.168.56.10249756199.177.153.145445TCPpcapanalyzer
148
2017-05-12T11:10:47.739240-0700768008781617397flow192.168.56.1024966595.76.217.6445TCPpcapanalyzer
149
2017-05-12T11:10:47.739240-0700206815469383713flow192.168.56.10249549140.141.247.122445TCPpcapanalyzer
150
2017-05-12T11:10:47.739240-070066829599977007flow192.168.56.1024943388.108.207.117445TCPpcapanalyzer
151
2017-05-12T11:10:47.739240-0700912139294667555flow192.168.56.10249796105.78.89.154445TCPpcapanalyzer
152
2017-05-12T11:10:47.739240-07001616187513346399flow192.168.56.10249712105.146.187.103445TCPpcapanalyzer
153
2017-05-12T11:10:47.739240-0700349627427329615flow192.168.56.10249666163.110.74.84445TCPpcapanalyzer
154
2017-05-12T11:10:47.739240-07002039117236278930flow192.168.56.1024926835.196.67.245445TCPpcapanalyzer
155
2017-05-12T11:10:47.739240-07001477168012215685flow192.168.56.1024978710.153.3.67445TCPpcapanalyzer
156
2017-05-12T11:10:47.739240-07001899457786555730flow192.168.56.1024975454.129.245.84445TCPpcapanalyzer
157
2017-05-12T11:10:47.739240-07001759008060239353flow192.168.56.10249550183.23.92.39445TCPpcapanalyzer
158
2017-05-12T11:10:47.739240-07002040581821515600flow192.168.56.1024964423.48.180.189445TCPpcapanalyzer
159
2017-05-12T11:10:47.739240-0700915235965819069flow192.168.56.1024973062.110.178.66445TCPpcapanalyzer
160
2017-05-12T11:10:47.739240-07001479251070168626flow192.168.56.10249456150.83.59.35445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete