× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 884a837145bd098edcd04ec700068501a6643c3b71e0c2cd3bf5cde9a0a9395b
File name: wannacry_pcap_on_virustotal.pcap
Detection ratio: 0 / 56
Analysis date: 2017-06-22 01:30:45 UTC ( 1 year ago )
Intrusion Detection System Result
Snort 9 alerts
Suricata 6 alerts
Antivirus Result Update
Ad-Aware 20170622
AegisLab 20170622
AhnLab-V3 20170621
Alibaba 20170621
ALYac 20170622
Antiy-AVL 20170622
Arcabit 20170621
Avast 20170622
AVG 20170622
Avira (no cloud) 20170621
AVware 20170622
Baidu 20170621
BitDefender 20170622
Bkav 20170621
CAT-QuickHeal 20170621
ClamAV 20170621
CMC 20170619
Comodo 20170622
CrowdStrike Falcon (ML) 20170420
Cyren 20170621
DrWeb 20170621
Emsisoft 20170621
Endgame 20170615
ESET-NOD32 20170622
F-Prot 20170621
F-Secure 20170621
Fortinet 20170622
GData 20170622
Ikarus 20170621
Sophos ML 20170607
Jiangmin 20170621
K7AntiVirus 20170620
K7GW 20170621
Kaspersky 20170622
Kingsoft 20170622
Malwarebytes 20170621
McAfee 20170622
McAfee-GW-Edition 20170621
Microsoft 20170621
eScan 20170621
NANO-Antivirus 20170621
nProtect 20170622
Palo Alto Networks (Known Signatures) 20170622
Panda 20170621
Qihoo-360 20170622
Rising 20170622
SentinelOne (Static ML) 20170516
Sophos AV 20170622
SUPERAntiSpyware 20170622
Symantec 20170621
Symantec Mobile Insight 20170621
Tencent 20170622
TheHacker 20170621
TotalDefense 20170621
TrendMicro-HouseCall 20170622
Trustlook 20170622
VBA32 20170621
VIPRE 20170622
ViRobot 20170621
Webroot 20170622
WhiteArmor 20170616
Yandex 20170621
Zillya 20170619
ZoneAlarm by Check Point 20170621
Zoner 20170622
PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 9 alerts and Suricata triggered 6 alerts.
Wireshark file metadata
File encapsulation Ethernet
Number of packets 11 k
Data size 9437 kB
Start time 2017-05-15 22:03:13
File type pcap
End time 2017-05-15 22:18:32
Capture duration 919.832395 seconds
HTTP requests
DNS requests
Snort alerts Sourcefire VRT ruleset
Suricata alerts Emerging Threats ETPro ruleset
File identification
MD5 5bdf91f28d80dfe69116ddb32e05b693
SHA1 1c72feac1225e195bb3224589eb7f33cb7a701b1
SHA256 884a837145bd098edcd04ec700068501a6643c3b71e0c2cd3bf5cde9a0a9395b
ssdeep
98304:rNnE41tDZXjlEXUMeVcI+eyIUKlxecJ6IocLTeVjtEJ+v63A28I1e:rNE4zDZCX3eByIUKTeA6I9TMjJa8I1e

File size 9.2 MB ( 9628065 bytes )
File type Network capture
Magic literal
tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 262144)

TrID TCPDUMP's style capture (100.0%)
Tags
malware cap shellcode trojan

VirusTotal metadata
First submission 2017-05-15 20:34:02 UTC ( 1 year, 2 months ago )
Last submission 2017-06-22 01:30:45 UTC ( 1 year ago )
File names wannacry_pcap_on_virustotal.pcap
Wannacry.pcap
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!