-897245083 | 2024-04-23T18:00:54.462829
135 /
tcp
Microsoft RPC Endpoint Mapper
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 104.244.75.104:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SMVPS\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 104.244.75.104:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SMVPS\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 104.244.75.104:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SMVPS\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 104.244.75.104:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SMVPS\pipe\lsass
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 104.244.75.104:49665
ncalrpc: WindowsShutdown
ncalrpc: WMsgKRpc07AEE0
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncalrpc: WMsgKRpc07AEE0
ncalrpc: WMsgKRpc07CDA1
ncalrpc: WMsgKRpc06D79D2
ncalrpc: WMsgKRpc0A87A53
ncalrpc: WMsgKRpc0E5D60C4
ncalrpc: WMsgKRpc0778992357
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-1645e292739eba2dac
ncalrpc: LRPC-05610afc8cdb322b9a
ncalrpc: LRPC-7df69dff7e9557354f
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-1645e292739eba2dac
ncalrpc: LRPC-05610afc8cdb322b9a
ncalrpc: LRPC-7df69dff7e9557354f
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-05610afc8cdb322b9a
ncalrpc: LRPC-7df69dff7e9557354f
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-7df69dff7e9557354f
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-5228015ba970195536
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-1645e292739eba2dac
ncalrpc: LRPC-05610afc8cdb322b9a
ncalrpc: LRPC-7df69dff7e9557354f
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-05610afc8cdb322b9a
ncalrpc: LRPC-7df69dff7e9557354f
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-bc1e03a57439e42342
ncacn_np: \\SMVPS\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v2.0
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v2.0
ncalrpc: OLE775CE9562EC78388F746889EEA1F
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-21b3fa1ce6aeac59f2
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-5755cc0aa93b3ea5d7
ncalrpc: actkernel
ncalrpc: umpo
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
version: v1.0
ncalrpc: LRPC-7e58b8ab422273a650
ncalrpc: LRPC-b7441bc2bec7e2a437
ncalrpc: LRPC-27198dd45f5c61f50a
ncalrpc: LRPC-149c5de1a5990330ed
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: 8dd02131-1c6d-45c7-8e00-abfa9bcb7228
ncalrpc: LRPC-2f97dbddea1a75858e
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 104.244.75.104:49666
ncacn_np: \\SMVPS\pipe\eventlog
ncalrpc: eventlog
ncalrpc: LRPC-51e4dfd0943f71c91e
ncalrpc: LRPC-5228015ba970195536
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 104.244.75.104:49666
ncacn_np: \\SMVPS\pipe\eventlog
ncalrpc: eventlog
ncalrpc: LRPC-51e4dfd0943f71c91e
ncalrpc: LRPC-5228015ba970195536
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 104.244.75.104:49666
ncacn_np: \\SMVPS\pipe\eventlog
ncalrpc: eventlog
ncalrpc: LRPC-51e4dfd0943f71c91e
ncalrpc: LRPC-5228015ba970195536
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 104.244.75.104:49666
ncacn_np: \\SMVPS\pipe\eventlog
ncalrpc: eventlog
ncalrpc: LRPC-51e4dfd0943f71c91e
ncalrpc: LRPC-5228015ba970195536
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-51e4dfd0943f71c91e
ncalrpc: LRPC-5228015ba970195536
3f787932-3452-4363-8651-6ea97bb373bb
version: v1.0
annotation: NSP Rpc Interface
ncalrpc: LRPC-d2c882a497a8e771ad
ncalrpc: LRPC-8525b4eb063fa08cea
ncalrpc: OLE9A9BE890DF73A3879A623638CC57
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-8525b4eb063fa08cea
ncalrpc: OLE9A9BE890DF73A3879A623638CC57
509bc7ae-77be-4ee8-b07c-0d096bb44345
version: v1.0
ncalrpc: LRPC-f1abe4f59ff51a448c
ncalrpc: OLEFE4BE6CE3E8BA8498F3C91D6E579
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\SMVPS\PIPE\wkssvc
ncalrpc: nlaapi
ncalrpc: nlaplg
ncalrpc: LRPC-bee5347aad9ad62d12
ncalrpc: DNSResolver
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: nlaapi
ncalrpc: nlaplg
ncalrpc: LRPC-bee5347aad9ad62d12
ncalrpc: DNSResolver
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: nlaapi
ncalrpc: nlaplg
ncalrpc: LRPC-bee5347aad9ad62d12
ncalrpc: DNSResolver
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-bee5347aad9ad62d12
ncalrpc: DNSResolver
13560fa9-8c09-4b56-a1fd-04d083b9b2a1
version: v1.0
ncalrpc: LRPC-c251b5bca44683e63b
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-c251b5bca44683e63b
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-c251b5bca44683e63b
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-c251b5bca44683e63b
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-c251b5bca44683e63b
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-57f3da9bf51c73e800
ncalrpc: LRPC-9ff3af1a2290c8d0e6
ncalrpc: LRPC-ceffc7612da7ae2cb9
ncalrpc: LRPC-8751af603dd0051c53
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-9ff3af1a2290c8d0e6
ncalrpc: LRPC-ceffc7612da7ae2cb9
ncalrpc: LRPC-8751af603dd0051c53
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-ceffc7612da7ae2cb9
ncalrpc: LRPC-8751af603dd0051c53
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-8751af603dd0051c53
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 104.244.75.104:49668
ncalrpc: LRPC-a459b38bffbfab085b
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 104.244.75.104:49668
ncalrpc: LRPC-a459b38bffbfab085b
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 104.244.75.104:49668
ncalrpc: LRPC-a459b38bffbfab085b
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 104.244.75.104:49668
ncalrpc: LRPC-a459b38bffbfab085b
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 104.244.75.104:49668
ncalrpc: LRPC-a459b38bffbfab085b
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-f30daa49afc485e32b
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-f30daa49afc485e32b
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: OLEE335C6E726992F39C915209D1616
ncalrpc: LRPC-ceafa413c261ddc846
ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
ncalrpc: RemoteDevicesLPC_API
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-ceafa413c261ddc846
ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
ncalrpc: RemoteDevicesLPC_API
3d267954-eeb7-11d1-b94e-00c04fa3080d
version: v1.0
provider: lserver.dll
ncacn_ip_tcp: 104.244.75.104:49672
ncacn_np: \\SMVPS\pipe\HydraLsPipe
ncalrpc: LRPC-bf9f8f07e08355bc63
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 104.244.75.104:49675
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc06D79D2
ncalrpc: WMsgKRpc0A87A53
ncalrpc: WMsgKRpc0E5D60C4
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-eb3579c596a4de4649
ncalrpc: OLE6A8E2644C5D542F1C3B849998131
ncalrpc: LRPC-11b262a71f5fb8c970
ncalrpc: OLE5E1BEF17C87A74F22625C7D8B2D8
ncalrpc: LRPC-deab3201592e5c0901
ncalrpc: OLE2E23F2FD3FB2E1DECCE1A06F396D
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-eb3579c596a4de4649
ncalrpc: OLE6A8E2644C5D542F1C3B849998131
ncalrpc: LRPC-11b262a71f5fb8c970
ncalrpc: OLE5E1BEF17C87A74F22625C7D8B2D8
ncalrpc: LRPC-deab3201592e5c0901
ncalrpc: OLE2E23F2FD3FB2E1DECCE1A06F396D
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-eb3579c596a4de4649
ncalrpc: OLE6A8E2644C5D542F1C3B849998131
ncalrpc: LRPC-11b262a71f5fb8c970
ncalrpc: OLE5E1BEF17C87A74F22625C7D8B2D8
ncalrpc: LRPC-deab3201592e5c0901
ncalrpc: OLE2E23F2FD3FB2E1DECCE1A06F396D
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 104.244.75.104:59416
ncalrpc: LRPC-d2c73888239296a433
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SMVPS\PIPE\atsvc
ncalrpc: LRPC-a6a43d51915f27bbb2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 104.244.75.104:59416
ncalrpc: LRPC-d2c73888239296a433
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SMVPS\PIPE\atsvc
ncalrpc: LRPC-a6a43d51915f27bbb2
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-d2c73888239296a433
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SMVPS\PIPE\atsvc
ncalrpc: LRPC-a6a43d51915f27bbb2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SMVPS\PIPE\atsvc
ncalrpc: LRPC-a6a43d51915f27bbb2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SMVPS\PIPE\atsvc
ncalrpc: LRPC-a6a43d51915f27bbb2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-a6a43d51915f27bbb2
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
ncalrpc: LRPC-1805e588c96e63d131
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
ncalrpc: LRPC-1805e588c96e63d131
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-2c3b516ee5faa419f5
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 104.244.75.104:59427
ncacn_np: \\SMVPS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: IUserProfile2
ncalrpc: DeviceSetupManager
ncalrpc: OLE62EA7C1A452BDAA9DB0671DD80F0
-757264002 | 2024-05-02T10:48:43.974904
139 /
tcp
-1166656618 | 2024-04-28T15:45:00.133367
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 2
Capabilities: raw-mode
6420056 | 2024-04-29T14:48:52.150041
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: SMVPS
NetBIOS Domain Name: SMVPS
NetBIOS Computer Name: SMVPS
DNS Domain Name: SMVPS
FQDN: SMVPS
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:4b:af:7b:5e:9a:05:a9:4c:36:c1:06:b6:23:bf:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=SMVPS
Validity
Not Before: Apr 10 13:02:01 2024 GMT
Not After : Oct 10 13:02:01 2024 GMT
Subject: CN=SMVPS
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c9:ee:a0:17:8d:f8:bd:c3:17:5d:65:e8:0d:f0:
37:d9:95:72:b5:6e:74:34:e4:ac:51:24:e9:4d:05:
3a:83:91:3f:16:bf:1e:bf:0f:7b:c5:59:c7:ba:d6:
6e:e5:60:c9:0a:0f:79:4f:f4:e2:44:4d:68:2a:bc:
27:86:91:66:49:a1:f9:2f:f4:24:76:9c:8d:55:05:
18:98:52:d1:1d:51:b1:df:57:92:43:bb:a7:6c:91:
84:39:15:73:98:10:09:a6:3a:70:0a:7d:c0:42:11:
d9:38:fe:54:d0:b1:48:8e:e3:77:c4:f6:70:a2:d6:
5a:02:70:f9:63:c1:30:8b:52:bc:5f:1c:8f:0e:23:
98:d3:99:b7:28:db:d8:e3:44:d6:98:2a:d9:f6:be:
3f:b8:97:06:d0:a5:a5:b1:76:0e:a2:7c:0b:ea:c8:
30:cb:2f:aa:5f:e3:03:6d:aa:55:35:47:bd:02:62:
c0:a3:3a:f2:3d:15:4b:43:57:30:fd:27:ce:cd:7a:
ad:cb:86:42:84:c2:68:46:7d:68:f0:b3:1e:f5:00:
52:aa:ae:32:42:56:f2:07:1b:6e:e6:78:13:49:cc:
06:be:b5:e4:27:a0:dc:1a:4d:56:bd:d2:48:1f:ac:
5c:97:16:d3:33:e0:52:dd:ca:88:53:bd:ff:b4:f3:
de:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
35:25:3a:f7:46:c4:95:3f:8d:bf:b0:fa:5e:37:c3:ab:46:f4:
3f:fa:4d:eb:01:12:e4:7c:a1:73:15:14:c4:d0:2f:42:39:62:
73:3c:4b:5c:cc:af:70:7e:b3:07:64:1a:3d:c9:1c:d7:70:41:
26:fa:f8:6a:ea:26:2b:bc:4e:9a:31:77:40:13:2f:04:44:3b:
d8:7d:aa:07:cc:65:aa:c5:66:53:87:86:31:c7:54:8d:69:28:
1e:ff:d7:71:63:5b:62:46:ac:31:3e:6c:7a:d3:6a:ab:30:3d:
25:de:8d:5f:a7:98:74:f3:ef:6c:77:27:e1:29:02:6b:aa:93:
72:da:4a:9a:f7:8c:2d:ac:19:85:91:9b:dc:16:87:b5:9e:ab:
c3:94:0d:1c:ec:9a:cd:0f:e5:da:5e:ce:44:6a:fc:c1:7f:5f:
54:d0:e0:84:90:8f:ca:f5:31:e4:a2:a8:4d:cc:d2:5d:85:31:
bc:e3:5a:2f:22:a2:d2:7f:a0:38:72:48:00:4b:8d:03:90:d3:
92:6d:82:11:56:80:39:ef:af:a2:21:19:c5:e8:4e:43:a9:0a:
40:78:fe:62:72:82:4d:e4:2b:5d:ee:59:e6:28:fc:8c:ba:5a:
b8:0e:37:9b:c1:ae:bc:0c:80:df:ee:06:8e:38:cc:e7:90:8e:
9a:59:da:2e
-1684583448 | 2024-05-01T18:29:50.342341
5357 /
tcp
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 01 May 2024 18:29:49 GMT
Connection: close
Content-Length: 326
