× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e4f8aa594791ad59f19ed42a5c9d350b1224a4029ff3c0282c1bb53206d91928
File name: boston.cap
Detection ratio: 2 / 45
Analysis date: 2013-04-28 04:12:35 UTC ( 11 months, 3 weeks ago )
Intrusion Detection System Result
Snort 42 alerts
Suricata 57 alerts
Antivirus Result Update
Avast JS:Iframe-BBV [Trj] 20130428
GData JS:Iframe-BBV 20130428
AVG 20130427
Agnitum 20130427
AhnLab-V3 20130427
AntiVir 20130427
Antiy-AVL 20130427
BitDefender 20130428
ByteHero 20130425
CAT-QuickHeal 20130427
ClamAV 20130428
Commtouch 20130427
Comodo 20130428
DrWeb 20130428
ESET-NOD32 20130427
Emsisoft 20130428
F-Prot 20130427
F-Secure 20130428
Fortinet 20130428
Ikarus 20130427
Jiangmin 20130427
K7AntiVirus 20130426
K7GW 20130426
Kaspersky 20130428
Kingsoft 20130422
Malwarebytes 20130427
McAfee 20130428
McAfee-GW-Edition 20130427
MicroWorld-eScan 20130428
Microsoft 20130428
NANO-Antivirus 20130428
Norman 20130426
PCTools 20130428
Panda 20130427
SUPERAntiSpyware 20130427
Sophos 20130428
Symantec 20130427
TheHacker 20130426
TrendMicro 20130427
TrendMicro-HouseCall 20130428
VBA32 20130427
VIPRE 20130428
ViRobot 20130427
eSafe 20130423
nProtect 20130427
PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 42 alerts and Suricata triggered 57 alerts.
Wireshark file metadata
File encapsulation Ethernet
Number of packets 33129
Data size 18220662 bytes
Start time 2013-04-17 21:02:17
File type libpcap
End time 2013-04-17 21:12:18
Capture duration 601 seconds
HTTP requests
DNS requests
Snort alerts Sourcefire VRT ruleset
Suricata alerts Emerging Threats ETPro ruleset
File identification
MD5 debaabf855a6e481e28c969d253a9d38
SHA1 c2de946729ebad3fb73223e7b9c8927cfb795374
SHA256 e4f8aa594791ad59f19ed42a5c9d350b1224a4029ff3c0282c1bb53206d91928
ssdeep
196608:mAe9BITesVgVi7TvHzdgtN9jsOlOexgZ3BajG+qqBXDe7T5yMoyf/yG:Be9k1cYzHzd4N9jBRM+5O7TyG

File size 17.9 MB ( 18750750 bytes )
File type Network capture
Magic literal
tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65535)

TrID TCPDUMP's style capture (100.0%)
Tags
cap

VirusTotal metadata
First submission 2013-04-28 04:12:35 UTC ( 11 months, 3 weeks ago )
Last submission 2013-04-28 04:12:35 UTC ( 11 months, 3 weeks ago )
File names boston.cap
ExifTool file metadata
FileAccessDate
2013:04:28 05:12:39+01:00

FileCreateDate
2013:04:28 05:12:39+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!