filenet.pcap

MD5624bc595194c7077e719cb8bd9ae646c
Submission Date2017-12-20 20:29:49
Tagsxmaya6 encrypted-peexe pedll rig-ek cve-2016-0189
Alert 22
Showing 1-20 of 22 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-02-15T00:35:42.880683-0800192.168.30.12913.76.98.135ET CURRENT_EVENTS RIG EK URI Struct Mar 13 2017*
2
2017-02-15T00:35:42.186876-0800192.168.30.12913.76.96.38ET CURRENT_EVENTS RIG EK URI Struct Mar 13 2017*
3
2017-02-15T00:35:40.381910-080052.230.19.131192.168.30.129ET CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 M3*
4
2017-02-15T00:35:40.381910-080052.230.19.131192.168.30.129ET CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 M4*
5
2017-02-15T00:35:43.051387-080013.76.98.135192.168.30.129ET EXPLOIT CVE-2016-0189 Common Construct M1*
6
2017-02-15T00:35:43.051387-080013.76.98.135192.168.30.129ET EXPLOIT CVE-2016-0189 Common Construct M2*
7
2017-02-15T00:35:43.051387-080013.76.98.135192.168.30.129ET CURRENT_EVENTS Terror EK CVE-2016-0189 Exploit M2*
8
2017-02-15T00:35:43.051387-080013.76.98.135192.168.30.129ET CURRENT_EVENTS CVE-2016-0189 Exploit*
9
2017-02-15T00:35:43.125350-0800192.168.30.12913.76.98.135ET CURRENT_EVENTS RIG EK URI Struct Mar 13 2017*
10
2017-02-15T00:35:43.335813-080013.76.98.135192.168.30.129ET EXPLOIT CVE-2016-0189 Common Construct M1*
11
2017-02-15T00:35:43.335813-080013.76.98.135192.168.30.129ET EXPLOIT CVE-2016-0189 Common Construct M2*
12
2017-02-15T00:35:43.335813-080013.76.98.135192.168.30.129ET CURRENT_EVENTS Terror EK CVE-2016-0189 Exploit M2*
13
2017-02-15T00:35:43.335813-080013.76.98.135192.168.30.129ET CURRENT_EVENTS CVE-2016-0189 Exploit*
14
2017-02-15T00:35:43.801674-080013.76.98.135192.168.30.129ET POLICY PE EXE or DLL Windows file download HTTP*
15
2017-02-15T00:35:43.801674-080013.76.98.135192.168.30.129ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)*
16
2017-02-15T00:35:44.734213-080013.76.98.135192.168.30.129ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)*
17
2017-02-15T00:35:49.894159-080013.76.98.135192.168.30.129ET WEB_CLIENT Possible Internet Explorer VBscript CVE-2014-6332 multiple redim preserve*
18
2017-02-15T00:35:49.894159-080013.76.98.135192.168.30.129ET EXPLOIT CVE-2016-0189 Common Construct M1*
19
2017-02-15T00:35:49.894159-080013.76.98.135192.168.30.129ET EXPLOIT CVE-2016-0189 Common Construct M2*
20
2017-02-15T00:35:49.894159-080013.76.98.135192.168.30.129ET CURRENT_EVENTS Terror EK CVE-2016-0189 Exploit M2*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 18
Showing 1-18 of 18 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2017-02-15T00:35:04.765745-0800192.168.30.129204.79.197.203TLS 1.2www.msn.com
2
2017-02-15T00:35:05.279513-0800192.168.30.129103.20.94.1TLS 1.2www.linkedin.com
3
2017-02-15T00:35:05.985352-0800192.168.30.12954.251.253.37TLS 1.2dc.ads.linkedin.com
4
2017-02-15T00:35:15.719936-0800192.168.30.129131.253.61.80TLS 1.2login.live.com
5
2017-02-15T00:35:20.893515-0800192.168.30.12913.107.21.200TLS 1.2www.bing.com
6
2017-02-15T00:35:26.150112-0800192.168.30.129172.217.24.36TLS 1.2www.google.com
7
2017-02-15T00:35:28.327379-0800192.168.30.129216.58.196.67TLS 1.2www.gstatic.com
8
2017-02-15T00:35:27.951121-0800192.168.30.129216.58.196.67TLS 1.2ssl.gstatic.com
9
2017-02-15T00:35:28.325717-0800192.168.30.129216.58.196.67TLS 1.2www.gstatic.com
10
2017-02-15T00:35:15.626235-0800192.168.30.129131.253.61.80TLS 1.2login.live.com
11
2017-02-15T00:35:20.893460-0800192.168.30.12913.107.21.200TLS 1.2www.bing.com
12
2017-02-15T00:35:27.947684-0800192.168.30.129216.58.196.67TLS 1.2ssl.gstatic.com
13
2017-02-15T00:35:28.831467-0800192.168.30.129216.58.196.78TLS 1.2apis.google.com
14
2017-02-15T00:35:29.897397-0800192.168.30.129117.18.232.200TLS 1.2iecvlist.microsoft.com
15
2017-02-15T00:35:28.835230-0800192.168.30.129216.58.196.78TLS 1.2apis.google.com
16
2017-02-15T00:35:56.708324-0800192.168.30.129111.221.29.46TLS 1.2arc.msn.com
17
2017-02-15T00:36:05.295391-0800192.168.30.129204.79.197.200TLS 1.2ieonline.microsoft.com
18
2017-02-15T00:36:05.301309-0800192.168.30.129204.79.197.200TLS 1.2ieonline.microsoft.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 89
Showing 1-20 of 89 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2017-02-15T00:35:04.436921-0800192.168.30.129g2.symcb.com80GET/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6bw%3D%3D200
2
2017-02-15T00:35:05.350828-0800192.168.30.129trc.taboola.com80GET/msn-malaysia-home/trc/3/json?tim=17%3A32%3A12.792&data=%7B%22id%22%3A814%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_bfab5ee6f6dfb494c5fd4ebdc09beb9b_0134C650F6C567343B39CC71F7A966B5_1486442746_1486442746_CIi3jgYQjIc_GKOmkbehKyABKAU%22%2C%22ui%22%3A%220134C650F6C567343B39CC71F7A966B5%22%2C%22vi%22%3A1487151132789%2C%22cv%22%3A%22244-51-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.msn.com%2Fen-my%22%2C%22did%22%3A%221185D11A79D06EE1091BDB3B7DD068E5%22%2C%22extpvid%22%3A%225aeda3510feb46e9bf2cb6156255c4cd%22%2C%22qs%22%3A%22%3Focid%3Diehp%22%2C%22nsid%22%3A%22msn-home-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-2x1%3Apub%3Dmsn-home-network%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Infopane%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Infopane%20Thumbnails%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x1%3Apub%3Dmsn-home-network%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Infopane%20Thumbnails%20PROMO%22%2C%22orig_uip%22%3A%22Mid%20Infopane%20Thumbnails%20PROMO%22%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22normal%22%7D200
3
2017-02-15T00:35:05.693449-0800192.168.30.129match.adsrvr.org80GET/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1302
4
2017-02-15T00:35:05.799236-0800192.168.30.129trc.taboola.com80GET/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3e54ed2d-3045-4a05-a73a-bd52ee538bbf204
5
2017-02-15T00:35:05.877571-0800192.168.30.129images.taboola.com80GET/taboola/image/fetch/f_jpg%2Cq_80%2Ch_334%2Cw_207%2Cc_fill%2Cg_faces%2Ce_sharpen/http%3A//dailylifetech.com/banners/trackr/v1/001.jpg200
6
2017-02-15T00:35:05.964478-0800192.168.30.129trc.taboola.com80GET/msn-malaysia-home/log/3/available?ri=75ab6547687d1a46f9721584017fc3d5&sd=v2_fca4985d2390a994948f81d107479378_0134C650F6C567343B39CC71F7A966B5_1487151168_1487151168_CIi3jgYQjIc_GPXg9YikKyABKAM&ui=0134C650F6C567343B39CC71F7A966B5&pi=/en-my&wi=-8769816884653206442&pt=home&vi=1487151132789&li=rbox-h2m&utm=13%2C438%2C509%2C1782&mgo=1&df=1&tim=17%3A32%3A14.391&id=9955&llvl=1&cv=244-51-RELEASE&fil=%5B%7B%22tii%22%3A%22%7E%7EV1%7E%7E-4225773420841768371%7E%7EvZTTpu24_VZJeaMbOcOR7X6XuwNy-kgGlR0S5FEF6qASO_fFkG-bpaW2-qyqBDD6-dsxK586cKRygtzee0nq8spmH75EHDC85Z5AEfrNYWFkN3paCqc_GXowchfgAwTJToBrUFzm9y0dkxHFstDHyrqtfNB9PSjDBlig62vbwfc%22%2C%22tipt%22%3A%22SP%22%2C%22tit%22%3A%22text%22%2C%22tids%22%3A%22a%22%7D%2C%7B%22tii%22%3A%22%7E%7EV1%7E%7E-2117520334719324895%7E%7ECAzGV4nzMOa6FDL7LldV-SItunY2dpi87v_IfxwvEo8SO_fFkG-bpaW2-qyqBDD6Rx-dd2ekd6EhZWR-QhqWdcpmH75EHDC85Z5AEfrNYWFkN3paCqc_GXowchfgAwTJToBrUFzm9y0dkxHFstDHyrqtfNB9PSjDBlig62vbwfc%22%2C%22tipt%22%3A%22SP%22%2C%22tit%22%3A%22text%22%2C%22tids%22%3A%22a%22%7D%2C%7B%22tii%22%3A%22%7E%7EV1%7E%7E703412539278820702%7E%7EwnQGk0Mi0GijksyA9BGosW3dVppf3Hngoq9scqIJMIcSO_fFkG-bpaW2-qyqBDD6cG00XPyvcF9GfDRBNEvwE8pmH75EHDC85Z5AEfrNYWFkN3paCqc_GXowchfgAwTJToBrUFzm9y0dkxHFstDHyrqtfNB9PSjDBlig62vbwfc%22%2C%22tipt%22%3A%22SP%22%2C%22tit%22%3A%22text%22%2C%22tids%22%3A%22a%22%7D%5D&204
7
2017-02-15T00:35:07.015135-0800192.168.30.129d.agkn.com80GET/pixel/8463/?che=1487151169&sk=164030502237000367926&puid=0134C650F6C567343B39CC71F7A966B5&l0=http://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164030502237000367926302
8
2017-02-15T00:35:05.943051-0800192.168.30.129trc.taboola.com80GET/msn-malaysia-home/log/3/available?ri=1f6ee75b0425e10edd9a7c660fc91659&sd=v2_fca4985d2390a994948f81d107479378_0134C650F6C567343B39CC71F7A966B5_1487151168_1487151168_CIi3jgYQjIc_GPXg9YikKyABKAM&ui=0134C650F6C567343B39CC71F7A966B5&pi=/en-my&wi=-8769816884653206442&pt=home&vi=1487151132789&li=rbox-h2m&utm=13%2C438%2C509%2C1782&mgo=1&df=1&tim=17%3A32%3A14.425&id=7511&llvl=1&cv=244-51-RELEASE&fil=%5B%7B%22tii%22%3A%22%7E%7EV1%7E%7E-6670120709173712749%7E%7ErBcmKqZ0DxB1rB8Tf4orR97qqevXAtpVnLG1mM5X7wChazXnsmiIABcgqL354tooCTsq35LxkoIBG0Y6zxvQaFqHTxlYDQLiJbZrppueFYWbH2jmuevJHpHDcO5U_kePDVjmRhMeHH-jrCeSHdKlTA%22%2C%22tipt%22%3A%22NAV%22%2C%22tit%22%3A%22video%22%2C%22tids%22%3A%22a%22%7D%5D&204
9
2017-02-15T00:35:05.877572-0800192.168.30.129images.taboola.com80GET/taboola/image/fetch/f_jpg%2Cq_80%2Ch_334%2Cw_207%2Cc_fill%2Cg_faces%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/d49216656db35e33d9c1379504aa1ffb.jpg200
10
2017-02-15T00:35:06.071264-0800192.168.30.129images.taboola.com80GET/taboola/image/fetch/f_jpg%2Cq_80%2Ch_334%2Cw_207%2Cc_fill%2Cg_faces%2Ce_sharpen/http%3A//dailylifetech.com/banners/lumify/v1dt/2.png200
11
2017-02-15T00:35:06.134728-0800192.168.30.129aa.agkn.com80GET/adscores/g.pixel?sid=9212237748&puid=0134C650F6C567343B39CC71F7A966B5302
12
2017-02-15T00:35:07.217070-0800192.168.30.129trc.taboola.com80GET/sg/neustar/1/cm?taboola_hm=164030502237000367926200
13
2017-02-15T00:35:06.143058-0800192.168.30.129images.taboola.com80GET/taboola/image/fetch/f_jpg%2Cq_80%2Ch_368%2Cw_622%2Cc_fill%2Cg_faces%2Ce_sharpen/http%3A//img-s-msn-com.akamaized.net/tenant/amp/entityid/BBr9sAf.img200
14
2017-02-15T00:35:08.020992-0800192.168.30.129tags.bluekai.com80GET/site/35702?id=0134C650F6C567343B39CC71F7A966B5&redir=%2F%2Ftrc.taboola.com%2Fsg%2Fbluekai%2F1%2Fcm%3Ftaboola_hm%3D%24_BK_UUID302
15
2017-02-15T00:35:09.114898-0800192.168.30.129ping.chartbeat.net80GET/ping?h=en-my.msn.com&p=%2Fen-my&u=wjIFSQMIsUDBa34W&d=msn.com&g=42635&g0=homepage&n=0&f=80101&c=0&x=0&m=0&y=5881&o=1130&w=637&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=975&t=CHlD88vk6AhZtnpvXTAzTB_x_7E&V=89&i=MSN%20Malaysia%20-%20Outlook%2C%20Skype%2C%20Hotmail%2C%20Messenger&tz=-480&_cdname=easia&sn=1&EE=0&sv=DFFH95J7pj2ChkBhTBKxWgewaEtF&_200
16
2017-02-15T00:35:08.112375-0800192.168.30.129trc.taboola.com80GET/sg/bluekai/1/cm?taboola_hm=rSFQu99999YBt8kR200
17
2017-02-15T00:35:14.925787-0800192.168.30.129ping.chartbeat.net80GET/ping?h=en-my.msn.com&p=%2Fen-my&u=wjIFSQMIsUDBa34W&d=msn.com&g=42635&g0=homepage&n=0&f=80101&c=0&x=0&m=0&y=5881&o=1130&w=637&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1067&t=CKhLU2CyCfB4CQKCLnawl1ZZct1J&V=89&z=t%3DCHlD88vk6AhZtnpvXTAzTB_x_7E%26E%3D7%26EE%3D7%26x%3D0%26c%3D0.14%26y%3D5881%26w%3D637&i=MSN%20Malaysia%20-%20Outlook%2C%20Skype%2C%20Hotmail%2C%20Messenger&tz=-480&_cdname=easia&sn=1&EE=0&sv=DFFH95J7pj2ChkBhTBKxWgewaEtF&_200
18
2017-02-15T00:35:15.741098-0800192.168.30.129trc.taboola.com80GET/msn-malaysia-home/trc/3/json?tim=17%3A32%3A24.195&data=%7B%22id%22%3A137%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_fca4985d2390a994948f81d107479378_0134C650F6C567343B39CC71F7A966B5_1487151168_1487151168_CIi3jgYQjIc_GPXg9YikKyABKAM%22%2C%22ui%22%3A%220134C650F6C567343B39CC71F7A966B5%22%2C%22vi%22%3A1487151144193%2C%22cv%22%3A%22244-51-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.msn.com%2Fen-my%22%2C%22qs%22%3A%22%3Focid%3Diehp%22%2C%22nsid%22%3A%22msn-home-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-2x1%3Apub%3Dmsn-home-network%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Infopane%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Infopane%20Thumbnails%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x1%3Apub%3Dmsn-home-network%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Infopane%20Thumbnails%20PROMO%22%2C%22orig_uip%22%3A%22Mid%20Infopane%20Thumbnails%20PROMO%22%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22normal%22%7D&cache=1200
19
2017-02-15T00:35:16.377982-0800192.168.30.129trc.taboola.com80GET/msn-malaysia-home/log/3/available?ri=f85b4bd4546fe3845352d639f81dccb8&sd=v2_fca4985d2390a994948f81d107479378_0134C650F6C567343B39CC71F7A966B5_1487151168_1487151179_CIi3jgYQjIc_GIG69oikKyACKAM&ui=0134C650F6C567343B39CC71F7A966B5&pi=/en-my&wi=-8769816884653206442&pt=home&vi=1487151144193&li=rbox-h2m&utm=3%2C60%2C227%2C592&mgo=1&df=1&tim=17%3A32%3A24.908&id=7220&llvl=1&cv=244-51-RELEASE&fil=%5B%7B%22tii%22%3A%22%7E%7EV1%7E%7E-6520570996792348034%7E%7EvZTTpu24_VZJeaMbOcOR7X6XuwNy-kgGlR0S5FEF6qASO_fFkG-bpaW2-qyqBDD6-dsxK586cKRygtzee0nq8oGtFS_VK8s7r8OhT6R3c48%22%2C%22tipt%22%3A%22SP%22%2C%22tit%22%3A%22text%22%2C%22tids%22%3A%22a%22%7D%2C%7B%22tii%22%3A%22%7E%7EV1%7E%7E-2117520334719324895%7E%7ECAzGV4nzMOa6FDL7LldV-SItunY2dpi87v_IfxwvEo8SO_fFkG-bpaW2-qyqBDD6Rx-dd2ekd6EhZWR-QhqWdYGtFS_VK8s7r8OhT6R3c48%22%2C%22tipt%22%3A%22SP%22%2C%22tit%22%3A%22text%22%2C%22tids%22%3A%22a%22%7D%2C%7B%22tii%22%3A%22%7E%7EV1%7E%7E703412539278820702%7E%7EwnQGk0Mi0GijksyA9BGosW3dVppf3Hngoq9scqIJMIcSO_fFkG-bpaW2-qyqBDD6cG00XPyvcF9GfDRBNEvwE4GtFS_VK8s7r8OhT6R3c48%22%2C%22tipt%22%3A%22SP%22%2C%22tit%22%3A%22text%22%2C%22tids%22%3A%22a%22%7D%5D&204
20
2017-02-15T00:35:21.248120-0800192.168.30.129ctldl.windowsupdate.com80GET/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?2d51281fe41dcb22304
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 119
Showing 1-20 of 119 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2017-02-15T00:36:30.404731-0800423037416663844flow54.169.157.10880192.168.30.12950249TCPpcapanalyzer
2
2017-02-15T00:36:30.404731-08001971171261192328flow192.168.30.12950310216.58.196.67443TCPpcapanalyzer
3
2017-02-15T00:36:30.404731-08001830800991622844flow192.168.30.12950252111.221.29.3080TCPpcapanalyzer
4
2017-02-15T00:36:30.404731-0800705341319053512flow192.168.30.1295026023.99.125.5580TCPpcapanalyzer
5
2017-02-15T00:36:30.404731-0800567251678301062flow157.240.0.5443192.168.30.12950657TCPpcapanalyzer
6
2017-02-15T00:36:30.404731-0800568288914235418flow192.168.30.1295032652.230.19.13180TCPpcapanalyzer
7
2017-02-15T00:36:30.404731-0800570103535593632flow192.168.30.12950263117.18.237.2980TCPpcapanalyzer
8
2017-02-15T00:36:30.404731-0800288881962102540flow192.168.30.12950235104.103.70.880TCPpcapanalyzer
9
2017-02-15T00:36:30.404731-08001418406822521455flow192.168.30.12950304172.217.24.36443TCPpcapanalyzer
10
2017-02-15T00:36:30.404731-0800434590877414958flow192.168.30.12950331216.58.196.6780TCPpcapanalyzer
11
2017-02-15T00:36:30.404731-08001004099245880922flow192.168.30.1295033452.230.19.13180TCPpcapanalyzer
12
2017-02-15T00:36:30.404731-0800723762433672679flow192.168.30.12950287131.253.61.80443TCPpcapanalyzer
13
2017-02-15T00:36:30.404731-08001429165714259643flow192.168.30.12950279104.66.29.7180TCPpcapanalyzer
14
2017-02-15T00:36:30.404731-0800725542697672368flow192.168.30.1295025313.107.21.20080TCPpcapanalyzer
15
2017-02-15T00:36:30.404731-08001992283173429054flow192.168.30.12950315104.66.2.7580TCPpcapanalyzer
16
2017-02-15T00:36:30.404731-0800446762812884884flow192.168.30.12950288131.253.61.80443TCPpcapanalyzer
17
2017-02-15T00:36:30.404731-08001291911444395749flow192.168.30.12950272103.20.94.1443TCPpcapanalyzer
18
2017-02-15T00:36:30.404731-0800590072985913180flow125.252.232.13680192.168.30.12950264TCPpcapanalyzer
19
2017-02-15T00:36:30.404731-0800872318909332440flow192.168.30.12950271204.79.197.203443TCPpcapanalyzer
20
2017-02-15T00:36:30.404731-0800872372597769306flow192.168.30.12950301216.58.196.7880TCPpcapanalyzer
File 65
Showing 61-65 of 65 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
61
2017-02-15T00:35:43.130680-080013.76.98.135192.168.30.129/rHTML document, ASCII text, with CRLF line terminators7667
62
2017-02-15T00:35:43.674511-080013.76.98.135192.168.30.129/garbage/ieshell32.dllPE32 executable (DLL) (GUI) Intel 80386, for MS Windows69632
63
2017-02-15T00:35:44.338253-080013.76.98.135192.168.30.129/garbage/ielocalserver.dllPE32 executable (DLL) (GUI) Intel 80386, for MS Windows75264
64
2017-02-15T00:35:44.803129-080013.76.98.135192.168.30.129/garbage/rzex.htmlHTML document, ASCII text, with very long lines, with CRLF line terminators5433
65
2017-02-15T00:35:55.420438-080023.58.152.144192.168.30.129/libhtp::request_uri_not_seenHTML document, ASCII text218

Comments

Update Download PCAP Delete