-639909762 | 2024-12-29T17:32:38.304556
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 188.40.221.194:4352
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\InitShutdown
ncalrpc: WMsgKRpc0171280
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\InitShutdown
ncalrpc: WMsgKRpc0171280
ncalrpc: WMsgKRpc01CCF91
ncalrpc: WMsgKRpc07D5DFC2
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-836a599daf592d21be
ncalrpc: LRPC-7781535fb1f40165b6
ncalrpc: LRPC-2059328918c8c505a9
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-836a599daf592d21be
ncalrpc: LRPC-7781535fb1f40165b6
ncalrpc: LRPC-2059328918c8c505a9
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-7781535fb1f40165b6
ncalrpc: LRPC-2059328918c8c505a9
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-2059328918c8c505a9
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-292e589020749fe77d
ncalrpc: LRPC-5be0caac4433c02c35
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-836a599daf592d21be
ncalrpc: LRPC-7781535fb1f40165b6
ncalrpc: LRPC-2059328918c8c505a9
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-7781535fb1f40165b6
ncalrpc: LRPC-2059328918c8c505a9
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-c17c1af749eadd5eaa
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
b8cadbaf-e84b-46b9-84f2-6f71c03f9e55
version: v1.0
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v1.0
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v1.0
ncalrpc: LRPC-df67894d04a45df261
ncalrpc: OLE78E45ABBE2263EAB1C90F8C60507
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-dc8f2d7f6b699687f0
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-bc47e6cf92d930a63f
ncalrpc: LRPC-2baba763f21faf7a3b
ncalrpc: IUserProfile2
ncalrpc: LRPC-33f3d379ace8edd2a3
ncalrpc: senssvc
ncalrpc: LRPC-9126eb30b96d330223
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-f2a3344afbefee64fb
ncalrpc: LRPC-292e589020749fe77d
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
annotation: Network Connection Broker server endpoint
ncalrpc: LRPC-573b5be7dde6b501cc
ncalrpc: OLEA078D933FED2D231D10D9E370B95
ncalrpc: LRPC-e87ad196a4f2683bb1
ncalrpc: LRPC-5be0caac4433c02c35
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: LRPC-573b5be7dde6b501cc
ncalrpc: OLEA078D933FED2D231D10D9E370B95
ncalrpc: LRPC-e87ad196a4f2683bb1
ncalrpc: LRPC-5be0caac4433c02c35
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
annotation: Network Connection Broker server endpoint for NCB Reset module
ncalrpc: LRPC-e87ad196a4f2683bb1
ncalrpc: LRPC-5be0caac4433c02c35
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 188.40.221.194:4353
ncacn_np: \\WIN-TI6F5D7K18P\pipe\eventlog
ncalrpc: eventlog
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-a8826779aa1c41bfc2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-5222f77ea6930e7bab
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: dhcpcsvc
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc6
ncalrpc: dhcpcsvc
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 188.40.221.194:4354
ncalrpc: LRPC-d045feb86c30821866
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\atsvc
ncalrpc: LRPC-7ab70d25cde1126b0d
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 188.40.221.194:4354
ncalrpc: LRPC-d045feb86c30821866
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\atsvc
ncalrpc: LRPC-7ab70d25cde1126b0d
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-d045feb86c30821866
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\atsvc
ncalrpc: LRPC-7ab70d25cde1126b0d
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\atsvc
ncalrpc: LRPC-7ab70d25cde1126b0d
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\atsvc
ncalrpc: LRPC-7ab70d25cde1126b0d
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-7ab70d25cde1126b0d
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-d4053300174a3773f3
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-7a9f3a387122bc9795
ncalrpc: OLE6E6664C26F0D637BBEBAB70862CB
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-7a9f3a387122bc9795
ncalrpc: OLE6E6664C26F0D637BBEBAB70862CB
7aeb6705-3ae6-471a-882d-f39c109edc12
version: v1.0
ncalrpc: LRPC-7a9f3a387122bc9795
ncalrpc: OLE6E6664C26F0D637BBEBAB70862CB
e7f76134-9ef5-4949-a2d6-3368cc0988f3
version: v1.0
ncalrpc: LRPC-7a9f3a387122bc9795
ncalrpc: OLE6E6664C26F0D637BBEBAB70862CB
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-7a9f3a387122bc9795
ncalrpc: OLE6E6664C26F0D637BBEBAB70862CB
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-7a9f3a387122bc9795
ncalrpc: OLE6E6664C26F0D637BBEBAB70862CB
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WIN-TI6F5D7K18P\PIPE\wkssvc
ncalrpc: LRPC-9d4bbd6fe77cd6d884
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-9d4bbd6fe77cd6d884
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-9d4bbd6fe77cd6d884
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-aacb081356d344a231
ncalrpc: LRPC-a658c48ebce441d531
ncalrpc: LRPC-05c9026eb469ae4633
ncalrpc: LRPC-53f65ae989d279ece3
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-a658c48ebce441d531
ncalrpc: LRPC-05c9026eb469ae4633
ncalrpc: LRPC-53f65ae989d279ece3
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-05c9026eb469ae4633
ncalrpc: LRPC-53f65ae989d279ece3
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-53f65ae989d279ece3
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-0a5bb6d68509fa66d1
ncalrpc: OLE3D941E4698796C4A53C95A8BDAA0
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-0a5bb6d68509fa66d1
ncalrpc: OLE3D941E4698796C4A53C95A8BDAA0
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 188.40.221.194:4357
ncacn_np: \\WIN-TI6F5D7K18P\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-9126eb30b96d330223
df4df73a-c52d-4e3a-8003-8437fdf8302a
version: v0.0
annotation: WM_WindowManagerRPC\Server
ncalrpc: LRPC-2499f659ff03bc84a1
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-e4716873e90c9f5c09
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-b6a745bc2cd6763244
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-b6a745bc2cd6763244
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-b6a745bc2cd6763244
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncalrpc: LRPC-b6a745bc2cd6763244
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-315e7f984b015dbf23
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-315e7f984b015dbf23
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 188.40.221.194:4359
98cd761e-e77d-41c8-a3c0-0fb756d90ec2
version: v1.0
ncalrpc: LRPC-2b10d302a9f1cdaec3
d22895ef-aff4-42c5-a5b2-b14466d34ab4
version: v1.0
ncalrpc: LRPC-2b10d302a9f1cdaec3
e38f5360-8572-473e-b696-1b46873beeab
version: v1.0
ncalrpc: LRPC-2b10d302a9f1cdaec3
95095ec8-32ea-4eb0-a3e2-041f97b36168
version: v1.0
ncalrpc: LRPC-2b10d302a9f1cdaec3
fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
version: v1.0
ncalrpc: LRPC-2b10d302a9f1cdaec3
4c9dbf19-d39e-4bb9-90ee-8f7179b20283
version: v1.0
ncalrpc: LRPC-2b10d302a9f1cdaec3
f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
version: v1.0
ncalrpc: LRPC-8ed5e44d5c97a8ef64
ncalrpc: LRPC-06812d50503d0080b6
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 188.40.221.194:4369
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-TI6F5D7K18P\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 188.40.221.194:4369
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-TI6F5D7K18P\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 188.40.221.194:4369
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-TI6F5D7K18P\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 188.40.221.194:4369
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-TI6F5D7K18P\pipe\lsass
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: LRPC-a358f83af48c8bb306
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-58b2e155abe650b4dd
ncalrpc: LRPC-58b2e155abe650b4dd
ncalrpc: LRPC-58b2e155abe650b4dd
54b4c689-969a-476f-8dc2-990885e9f562
version: v0.0
ncalrpc: LRPC-3a0f657fadc5e12591
be7f785e-0e3a-4ab7-91de-7e46e443be29
version: v0.0
ncalrpc: LRPC-3a0f657fadc5e12591
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc07D5DFC2
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-683da2c802f6001eea
ncalrpc: OLED4A617AE0A71A9C078553335AA86
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-683da2c802f6001eea
ncalrpc: OLED4A617AE0A71A9C078553335AA86
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-683da2c802f6001eea
ncalrpc: OLED4A617AE0A71A9C078553335AA86
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-ce8b52f9dee5f7650b
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-ce8b52f9dee5f7650b
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-ce8b52f9dee5f7650b
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-ce8b52f9dee5f7650b
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: LRPC-ce8b52f9dee5f7650b
a4b8d482-80ce-40d6-934d-b22a01a44fe7
version: v1.0
annotation: LicenseManager
ncalrpc: LicenseServiceEndpoint
bf4dc912-e52f-4904-8ebe-9317c1bdd497
version: v1.0
ncalrpc: LRPC-53bd6b03aa353b6f7f
ncalrpc: OLE8CA15088E8B4BDD0CC7E6D259B64
c503f532-443a-4c69-8300-ccd1fbdb3839
version: v2.0
ncalrpc: LRPC-b0a56c7e03ea55f91e
ncalrpc: OLED5770E2D29076BF30CCF8E4FDA4C
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-cb90783186fb2321ee
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: 6c2b5a45-2e5f-42ed-9f2a-18aeed287f29
ncalrpc: LRPC-60314377db2e5cba22
-83623055 | 2025-01-14T09:53:28.163571
443 /
tcp
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html
Content-Length: 3338
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bd:af:be:00:4c:0b:a9:f3:9e:10:1d:15:6d:c5:54:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=LV, L=Riga, O=GoGetSSL, CN=GoGetSSL RSA DV CA
Validity
Not Before: Nov 20 00:00:00 2024 GMT
Not After : Oct 24 23:59:59 2025 GMT
Subject: CN=mt5live.admiralmarkets.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b5:bc:6a:ce:5d:26:55:7a:9f:43:28:2d:47:16:
a3:a8:64:bd:44:28:53:62:ad:58:ad:f4:79:3a:3f:
92:5e:d9:6b:1a:1d:81:ec:46:57:fa:9d:67:ca:95:
bd:a3:dc:3b:0b:33:c2:7c:0f:af:95:3c:8a:07:d3:
c9:9e:ae:94:c2:d4:c8:e5:ed:2f:49:f5:e4:94:ec:
46:f4:a7:5c:c5:5d:c6:df:58:41:71:30:15:aa:26:
14:8a:1a:47:85:22:8f:7a:a5:03:26:07:02:d1:23:
17:5b:d6:8c:27:f0:82:4e:22:6e:4d:46:a6:bc:2c:
16:f4:ef:3c:78:b8:d8:55:3f:24:69:fd:be:aa:16:
34:af:e4:3f:0a:49:e2:9b:75:2a:f4:c2:6e:08:83:
b9:b1:fe:fe:cf:da:c9:d6:f9:54:5b:6e:f1:f4:a5:
56:c1:ac:9e:72:b2:ae:39:8b:2d:d9:7a:6f:fc:42:
df:90:69:ca:9e:1c:2b:09:8b:c5:cd:7a:9d:0a:17:
20:62:d7:ec:8f:3b:8e:6d:37:0f:df:ac:a3:c8:c1:
cb:53:05:52:af:44:25:6c:ab:46:3a:3c:1f:c5:98:
50:7e:82:14:af:50:c8:3c:52:1d:63:65:65:35:91:
c8:ee:7a:c9:5d:7c:bb:b4:74:13:b1:17:29:ff:9f:
a7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
F9:FB:50:C4:8B:67:BB:67:64:FE:83:21:A6:A9:CE:3F:55:84:93:99
X509v3 Subject Key Identifier:
C5:D7:62:8B:23:48:34:C8:CA:6D:AF:BA:42:64:B3:62:FA:42:DB:8E
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.64
CPS: https://cps.usertrust.com
Policy: 2.23.140.1.2.1
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.usertrust.com/GoGetSSLRSADVCA.crl
Authority Information Access:
CA Issuers - URI:http://crt.usertrust.com/GoGetSSLRSADVCA.crt
OCSP - URI:http://ocsp.usertrust.com
X509v3 Subject Alternative Name:
DNS:mt5live.admiralmarkets.com, DNS:www.mt5live.admiralmarkets.com
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Nov 20 09:51:37.144 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:8C:3E:E7:08:8C:13:35:2E:22:3F:2D:
17:97:78:3C:7A:2D:B2:CF:83:56:C0:83:B7:33:66:52:
66:16:0C:CE:0E:02:20:70:1E:43:FF:C8:FB:0E:0E:29:
AE:DA:BA:68:E0:DB:A3:95:24:C5:7A:20:01:BE:99:B6:
87:5B:32:A0:86:59:0F
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Nov 20 09:51:37.160 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:C8:A4:04:D4:C6:83:91:41:C1:38:96:
60:08:5F:46:24:0F:7C:A8:6D:DC:AA:4C:47:61:32:00:
FC:0B:CA:61:E4:02:20:6E:60:FA:F7:41:88:64:D8:59:
8C:89:73:CB:AD:30:10:69:82:80:56:DE:77:C7:EE:7D:
C1:AE:D4:EC:CE:B5:96
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Nov 20 09:51:37.156 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:2F:2D:0C:08:45:68:D4:F7:48:00:54:81:
F5:AF:63:27:91:0D:CA:C1:35:3C:FB:B6:20:8A:DD:1E:
69:36:40:CF:02:20:7E:5E:BA:DE:C6:15:0B:C7:89:E3:
6F:72:82:43:3F:85:3C:E9:FC:DF:B1:C1:9F:EA:C3:4D:
53:E6:DC:72:99:2F
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
31:3e:91:f1:2d:3f:5c:79:9a:0f:fa:b3:e3:1d:37:6f:5b:72:
01:b8:1d:6e:40:d6:53:36:e4:64:ea:12:44:c1:af:3b:f3:24:
fc:80:00:0b:2f:02:2e:92:c9:03:37:5d:23:75:88:34:55:c5:
8f:a8:67:56:ca:be:43:9f:f1:05:4a:53:81:b1:d4:7f:c4:31:
04:1a:eb:0e:9e:16:c9:34:24:9d:40:e7:64:44:b0:5c:17:34:
8c:82:9e:4a:68:8f:6a:d2:bf:cb:a3:14:9e:41:23:15:8b:36:
ad:c1:2f:6b:9b:68:b1:a1:5f:91:84:80:ad:94:3a:f7:7d:35:
29:8e:85:44:19:d4:95:f6:63:46:4b:7a:f6:7c:ab:41:b2:47:
80:b7:2d:9e:fe:e9:71:97:82:22:09:af:27:d3:78:66:59:13:
ae:83:c3:f6:49:cc:06:dc:10:26:cd:da:d1:78:aa:e2:b8:a7:
e3:4b:85:5c:15:bb:f8:d0:90:eb:41:7e:2e:f2:0b:f4:e4:c6:
e3:45:dd:8b:0f:cc:47:54:89:e2:ea:5f:7a:0f:bb:5c:e6:99:
58:ea:c3:02:fb:cd:65:5d:09:38:37:b5:30:4b:dd:49:b0:33:
83:78:26:f7:e7:61:47:bb:92:04:48:ee:b9:0c:42:e5:c2:89:
2e:97:96:15
-1813699871 | 2025-01-13T17:16:30.184898
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
OS Build: 10.0.17763
Target Name: WIN-TI6F5D7K18P
NetBIOS Domain Name: WIN-TI6F5D7K18P
NetBIOS Computer Name: WIN-TI6F5D7K18P
DNS Domain Name: WIN-TI6F5D7K18P
FQDN: WIN-TI6F5D7K18P
; Administrator
SES
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:38:c4:64:0d:c5:06:85:4d:9a:94:08:ef:cd:d8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=WIN-TI6F5D7K18P
Validity
Not Before: Sep 27 17:06:11 2024 GMT
Not After : Mar 29 17:06:11 2025 GMT
Subject: CN=WIN-TI6F5D7K18P
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b0:03:a1:b7:ec:2a:f5:37:6f:19:b9:ef:00:6d:
19:9b:be:26:c8:4b:31:6a:53:35:2d:36:80:8c:65:
b7:2b:43:fe:4d:ba:6d:5e:d8:5c:08:4c:5f:20:7f:
8f:c1:c3:33:74:d3:44:ea:ba:b6:c5:e2:ec:a9:18:
61:fe:17:48:ac:f3:be:1b:12:bf:cb:2a:54:08:62:
97:83:4f:b5:be:53:79:2f:96:fe:7f:bd:06:5d:82:
bb:8b:7e:75:f4:b9:31:e3:69:98:31:6e:14:db:cc:
e4:88:8e:0a:a4:bb:ec:27:76:60:69:62:ee:3b:21:
2c:3f:b1:a5:0d:aa:48:b1:b6:d3:d9:4d:21:79:94:
2f:3b:81:78:61:10:8b:f1:3d:d7:1a:34:58:83:cf:
c5:b3:cb:9e:e5:96:db:85:d6:bb:5e:ca:4e:36:12:
25:4e:fc:f4:47:63:e7:fc:b8:58:01:36:d7:0b:41:
96:3f:8d:57:de:4f:42:06:e4:dd:d3:b4:ff:c4:6f:
4a:cc:9b:a6:cf:13:6b:bd:36:c4:f7:83:a4:05:19:
d0:0d:a4:fb:0c:0f:31:3e:6a:e1:f3:1d:6d:02:1c:
99:43:b6:12:75:40:81:1d:ae:43:d1:26:99:b9:2b:
cb:bf:72:de:e0:ab:d6:93:fb:ef:30:94:1c:27:b7:
a6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
46:79:8e:5a:9f:f9:2c:da:6f:40:64:89:67:2d:9a:e7:99:35:
9e:f3:e0:ba:4d:7b:58:fa:1e:af:35:b7:ae:fb:86:2e:2d:8d:
ba:ee:43:cb:8a:e7:b2:e4:d5:f1:22:d0:e7:65:1b:a4:43:fc:
cd:23:60:84:e6:e2:0d:6d:19:b4:62:8f:ab:60:97:c8:98:fa:
ba:48:a8:01:cb:8d:9f:bf:32:f9:07:20:71:11:4f:b9:21:39:
d8:f3:0d:c5:9f:00:52:0a:cd:e0:83:c9:1c:29:17:4d:a9:46:
89:7a:0f:dc:29:28:e4:d3:00:2b:72:dd:28:0c:48:33:74:a6:
17:f1:a9:11:eb:e2:b5:27:68:f0:36:51:c9:8c:d3:2d:20:5c:
52:f0:b2:55:55:b0:11:18:49:34:32:84:42:6c:2c:84:93:7f:
96:46:ae:93:6b:5e:f6:cd:1a:0f:a2:ce:12:7f:3f:cc:0f:c6:
6f:fd:48:0b:33:8f:1e:7e:7a:18:1e:39:a3:12:01:cd:74:58:
56:49:0d:89:47:30:00:19:68:89:dc:ab:cc:e5:0a:a6:2f:4b:
7c:28:52:86:e7:aa:c3:f5:56:b8:f7:05:30:8a:2b:2a:c5:c4:
fa:63:ce:07:b0:df:06:b2:91:7b:a8:1a:aa:51:2e:95:de:4d:
96:ab:0b:29
