wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 161-180 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
161
2017-05-12T11:10:47.739240-07002182990052629462flow192.168.56.10249759207.226.86.190445TCPpcapanalyzer
162
2017-05-12T11:10:47.739240-07001620061574382035flow192.168.56.1024984671.0.82.51445TCPpcapanalyzer
163
2017-05-12T11:10:47.739240-07001198020906391304flow192.168.56.102494043.146.42.82445TCPpcapanalyzer
164
2017-05-12T11:10:47.739240-07001762525638279171flow192.168.56.1024947227.178.49.3445TCPpcapanalyzer
165
2017-05-12T11:10:47.739240-0700918105003491786flow192.168.56.10249594197.114.123.59445TCPpcapanalyzer
166
2017-05-12T11:10:47.739240-07001622522589627505flow192.168.56.1024957821.187.162.231445TCPpcapanalyzer
167
2017-05-12T11:10:47.739240-07001341451340083347flow192.168.56.1024964130.127.53.141445TCPpcapanalyzer
168
2017-05-12T11:10:47.739240-07001060427335582299flow192.168.56.102498135.14.91.5445TCPpcapanalyzer
169
2017-05-12T11:10:47.739240-07002046002070920398flow192.168.56.1024981529.43.254.241445TCPpcapanalyzer
170
2017-05-12T11:10:47.739240-07001483292633957217flow192.168.56.1024932880.63.242.156445TCPpcapanalyzer
171
2017-05-12T11:10:47.739240-07001202401774174546flow192.168.56.10249728126.35.42.201445TCPpcapanalyzer
172
2017-05-12T11:10:47.739240-0700639550605467370flow192.168.56.1024984919.23.186.168445TCPpcapanalyzer
173
2017-05-12T11:10:47.739240-0700219257990491415flow192.168.56.10249774116.166.16.80445TCPpcapanalyzer
174
2017-05-12T11:10:47.739240-07002190489063943098flow192.168.56.10249323132.95.217.65445TCPpcapanalyzer
175
2017-05-12T11:10:47.739240-07001346218753797046flow192.168.56.102496572.72.105.161445TCPpcapanalyzer
176
2017-05-12T11:10:47.739240-07001346364783194140flow192.168.56.1024977315.117.134.186445TCPpcapanalyzer
177
2017-05-12T11:10:47.739240-07001065375136202857flow192.168.56.10249337163.19.87.35445TCPpcapanalyzer
178
2017-05-12T11:10:47.739240-0700925153043704818flow192.168.56.1024929698.231.218.217445TCPpcapanalyzer
179
2017-05-12T11:10:47.739240-07001911445040466650flow192.168.56.1024981062.238.48.222445TCPpcapanalyzer
180
2017-05-12T11:10:47.739240-07002052543305029877flow192.168.56.10249514169.115.250.32445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete