× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 04a8b5a41cf58c2b9330c07e77949b0f94a632e74e7889f7c99f03e74da0f475
File name: vti-rescan
Detection ratio: 0 / 48
Analysis date: 2013-10-17 18:39:02 UTC ( 4 years, 8 months ago )
Intrusion Detection System Result
Snort 5 alerts
Suricata 5 alerts
Antivirus Result Update
Yandex 20131017
AhnLab-V3 20131017
AntiVir 20131017
Antiy-AVL 20131017
Avast 20131017
AVG 20131017
Baidu-International 20131017
BitDefender 20131012
Bkav 20131017
ByteHero 20130920
CAT-QuickHeal 20131017
ClamAV 20131017
Commtouch 20131017
Comodo 20131017
DrWeb 20131017
Emsisoft 20131017
ESET-NOD32 20131017
F-Prot 20131017
F-Secure 20131017
Fortinet 20131017
GData 20131017
Ikarus 20131017
Jiangmin 20131017
K7AntiVirus 20131017
K7GW 20131017
Kaspersky 20131017
Kingsoft 20130829
Malwarebytes 20131017
McAfee 20131017
McAfee-GW-Edition 20131017
Microsoft 20131017
eScan 20131017
NANO-Antivirus 20131017
Norman 20131017
nProtect 20131017
Panda 20131017
PCTools 20131002
Rising 20131017
Sophos AV 20131017
SUPERAntiSpyware 20131017
Symantec 20131017
TheHacker 20131017
TotalDefense 20131016
TrendMicro 20131017
TrendMicro-HouseCall 20131017
VBA32 20131017
VIPRE 20131017
ViRobot 20131017
PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 5 alerts and Suricata triggered 5 alerts.
Wireshark file metadata
File encapsulation Ethernet
Number of packets 1393
Data size 1084262 bytes
Start time 2013-03-02 09:16:39
File type libpcap
End time 2013-03-02 09:17:09
Capture duration 30 seconds
HTTP requests
DNS requests
Snort alerts Sourcefire VRT ruleset
Suricata alerts Emerging Threats ETPro ruleset
File identification
MD5 915ffefc3c794f191b64cd07a3c02c84
SHA1 52dfb36607be1e6dd7ef0875166ecd4266a22663
SHA256 04a8b5a41cf58c2b9330c07e77949b0f94a632e74e7889f7c99f03e74da0f475
ssdeep
24576:BPeOn7ltyBM/i8JzUSHYMpysTyGvNaSKZvIH95KrTN8geiJ2:BPeOn7lVhJzUSHYaQZv+juJ2

File size 1.1 MB ( 1106574 bytes )
File type Network capture
Magic literal
tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65536)

TrID TCPDUMP's style capture (100.0%)
Tags
cap

VirusTotal metadata
First submission 2013-03-05 21:42:04 UTC ( 5 years, 3 months ago )
Last submission 2013-10-17 18:39:02 UTC ( 4 years, 8 months ago )
File names vti-rescan
packetcapture.pcap
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!