-2017558120 | 2024-09-22T08:45:18.098951
135 /
tcp
Microsoft RPC Endpoint Mapper
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: DNSResolver
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncacn_np: \\USER\PIPE\atsvc
ncalrpc: LRPC00000340.00000001
ncalrpc: OLEC7E61C7B8C8F476EAE938B7A6993
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\USER\PIPE\atsvc
ncalrpc: LRPC00000340.00000001
ncalrpc: OLEC7E61C7B8C8F476EAE938B7A6993
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\USER\PIPE\atsvc
ncalrpc: LRPC00000340.00000001
ncalrpc: OLEC7E61C7B8C8F476EAE938B7A6993
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC000003a4.00000001
ncalrpc: LRPC000003a4.00000001
ncalrpc: LRPC000003a4.00000001
ncalrpc: LRPC000003a4.00000001
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 94.177.106.43:1025
ncalrpc: dsrole
ncacn_np: \\USER\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\USER\PIPE\lsass
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: dsrole
ncacn_np: \\USER\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\USER\PIPE\lsass
1973395793 | 2024-09-30T11:06:27.837972
137 /
udp
NetBIOS Response:
Server Name: USER
MAC Address: 00:16:3E:9B:3C:7E
Names:
USER <0x0>
WORKGROUP <0x0>
USER <0x20>
WORKGROUP <0x1e>
MAC Addresses
00:16:3E:9B:3C:7E
OUI: 00:16:3E
Organization: Xensource, Inc.
Assignment: MA-L
Registration Date: 2005-10-29
1135973263 | 2024-09-28T17:48:52.963855
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x03\x00\x08\x00\x02\x00\x00\x00
TH)