| TimeStamp | ProcessID | ProcessName | STATE | LocalIpAddress | LocalPort | RemoteIpAddress | RemotePort |
|---|
| 06-28-2017-00-10-44 | 724 | svchost.exe | LISTEN | 0.0.0.0 | 135 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 4 | System | LISTEN | 0.0.0.0 | 445 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 400 | wininit.exe | LISTEN | 0.0.0.0 | 49152 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 824 | svchost.exe | LISTEN | 0.0.0.0 | 49153 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 908 | svchost.exe | LISTEN | 0.0.0.0 | 49154 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 508 | services.exe | LISTEN | 0.0.0.0 | 49155 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 524 | lsass.exe | LISTEN | 0.0.0.0 | 49156 | 0.0.0.0 | 0 |
| 06-28-2017-00-10-44 | 4 | System | LISTEN | 172.16.251.132 | 139 | 0.0.0.0 | 0 |
| 06-28-2017-00-15-17 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49247 | 172.16.251.0 | 445 |
| 06-28-2017-00-15-19 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49248 | 172.16.251.0 | 139 |
| 06-28-2017-00-15-21 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49249 | 172.16.251.1 | 445 |
| 06-28-2017-00-15-23 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49250 | 172.16.251.1 | 139 |
| 06-28-2017-00-15-25 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49251 | 172.16.251.2 | 445 |
| 06-28-2017-00-15-27 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49252 | 172.16.251.2 | 139 |
| 06-28-2017-00-15-29 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49253 | 172.16.251.3 | 445 |
| 06-28-2017-00-15-31 | 4 | System | INITIATING | 172.16.251.132 | 49254 | 172.16.251.254 | 445 |
| 06-28-2017-00-15-31 | 4 | System | INITIATING | 172.16.251.132 | 49255 | 172.16.251.2 | 445 |
| 06-28-2017-00-15-31 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49256 | 172.16.251.3 | 139 |
| 06-28-2017-00-15-32 | 4 | System | INITIATING | 172.16.251.132 | 49257 | 172.16.251.254 | 445 |
| 06-28-2017-00-15-32 | 4 | System | INITIATING | 172.16.251.132 | 49258 | 172.16.251.254 | 139 |
| 06-28-2017-00-15-32 | 4 | System | INITIATING | 172.16.251.132 | 49259 | 172.16.251.2 | 139 |
| 06-28-2017-00-15-32 | 4 | System | INITIATING | 172.16.251.132 | 49260 | 172.16.251.2 | 445 |
| 06-28-2017-00-15-33 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49262 | 172.16.251.4 | 445 |
| 06-28-2017-00-15-35 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49263 | 172.16.251.4 | 139 |
| 06-28-2017-00-15-37 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49264 | 172.16.251.5 | 445 |
| 06-28-2017-00-15-39 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49265 | 172.16.251.5 | 139 |
| 06-28-2017-00-15-41 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49266 | 172.16.251.6 | 445 |
| 06-28-2017-00-15-41 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49267 | 172.16.251.2 | 80 |
| 06-28-2017-00-15-44 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49268 | 172.16.251.6 | 139 |
| 06-28-2017-00-15-46 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49269 | 172.16.251.7 | 445 |
| 06-28-2017-00-15-48 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49270 | 172.16.251.7 | 139 |
| 06-28-2017-00-15-49 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49271 | 172.16.251.8 | 445 |
| 06-28-2017-00-15-51 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49272 | 172.16.251.8 | 139 |
| 06-28-2017-00-15-53 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49274 | 172.16.251.9 | 445 |
| 06-28-2017-00-15-55 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49275 | 172.16.251.9 | 139 |
| 06-28-2017-00-15-57 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49276 | 172.16.251.10 | 445 |
| 06-28-2017-00-15-59 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49277 | 172.16.251.10 | 139 |
| 06-28-2017-00-16-00 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49278 | 172.16.251.254 | 80 |
| 06-28-2017-00-16-01 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49279 | 172.16.251.11 | 445 |
| 06-28-2017-00-16-03 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49280 | 172.16.251.11 | 139 |
| 06-28-2017-00-16-05 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49281 | 172.16.251.12 | 445 |
| 06-28-2017-00-16-07 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49282 | 172.16.251.12 | 139 |
| 06-28-2017-00-16-09 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49283 | 172.16.251.13 | 445 |
| 06-28-2017-00-16-12 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49284 | 172.16.251.13 | 139 |
| 06-28-2017-00-16-14 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49285 | 172.16.251.14 | 445 |
| 06-28-2017-00-16-16 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49286 | 172.16.251.14 | 139 |
| 06-28-2017-00-16-18 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49287 | 172.16.251.15 | 445 |
| 06-28-2017-00-16-20 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49288 | 172.16.251.15 | 139 |
| 06-28-2017-00-16-22 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49289 | 172.16.251.16 | 445 |
| 06-28-2017-00-16-23 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49290 | 172.16.251.16 | 139 |
| 06-28-2017-00-16-25 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49291 | 172.16.251.17 | 445 |
| 06-28-2017-00-16-27 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49292 | 172.16.251.17 | 139 |
| 06-28-2017-00-16-29 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49293 | 172.16.251.18 | 445 |
| 06-28-2017-00-16-31 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49294 | 172.16.251.18 | 139 |
| 06-28-2017-00-16-33 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49295 | 172.16.251.19 | 445 |
| 06-28-2017-00-16-35 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49296 | 172.16.251.19 | 139 |
| 06-28-2017-00-16-37 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49297 | 172.16.251.20 | 445 |
| 06-28-2017-00-16-39 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49298 | 172.16.251.20 | 139 |
| 06-28-2017-00-16-41 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49299 | 172.16.251.21 | 445 |
| 06-28-2017-00-16-43 | 908 | svchost.exe | ESTABLISHED | 172.16.251.132 | 49300 | 13.107.4.50 | 80 |
| 06-28-2017-00-16-44 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49301 | 172.16.251.21 | 139 |
| 06-28-2017-00-16-45 | 908 | svchost.exe | INITIATING | 172.16.251.132 | 49302 | 157.55.240.94 | 443 |
| 06-28-2017-00-16-46 | 908 | svchost.exe | ESTABLISHED | 172.16.251.132 | 49302 | 157.55.240.94 | 443 |
| 06-28-2017-00-16-46 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49303 | 172.16.251.22 | 445 |
| 06-28-2017-00-16-48 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49304 | 172.16.251.22 | 139 |
| 06-28-2017-00-16-50 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49305 | 172.16.251.23 | 445 |
| 06-28-2017-00-16-52 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49306 | 172.16.251.23 | 139 |
| 06-28-2017-00-16-54 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49307 | 172.16.251.24 | 445 |
| 06-28-2017-00-16-56 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49308 | 172.16.251.24 | 139 |
| 06-28-2017-00-16-58 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49309 | 172.16.251.25 | 445 |
| 06-28-2017-00-17-00 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49310 | 172.16.251.25 | 139 |
| 06-28-2017-00-17-02 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49311 | 172.16.251.26 | 445 |
| 06-28-2017-00-17-04 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49312 | 172.16.251.26 | 139 |
| 06-28-2017-00-17-06 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49313 | 172.16.251.27 | 445 |
| 06-28-2017-00-17-08 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49314 | 172.16.251.27 | 139 |
| 06-28-2017-00-17-10 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49315 | 172.16.251.28 | 445 |
| 06-28-2017-00-17-12 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49316 | 172.16.251.28 | 139 |
| 06-28-2017-00-17-13 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49317 | 172.16.251.29 | 445 |
| 06-28-2017-00-17-15 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49318 | 172.16.251.29 | 139 |
| 06-28-2017-00-17-17 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49319 | 172.16.251.30 | 445 |
| 06-28-2017-00-17-19 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49320 | 172.16.251.30 | 139 |
| 06-28-2017-00-17-21 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49321 | 172.16.251.31 | 445 |
| 06-28-2017-00-17-23 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49322 | 172.16.251.31 | 139 |
| 06-28-2017-00-17-25 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49323 | 172.16.251.32 | 445 |
| 06-28-2017-00-17-27 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49324 | 172.16.251.32 | 139 |
| 06-28-2017-00-17-29 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49325 | 172.16.251.33 | 445 |
| 06-28-2017-00-17-31 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49326 | 172.16.251.33 | 139 |
| 06-28-2017-00-17-33 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49327 | 172.16.251.34 | 445 |
| 06-28-2017-00-17-36 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49328 | 172.16.251.34 | 139 |
| 06-28-2017-00-17-38 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49329 | 172.16.251.35 | 445 |
| 06-28-2017-00-17-40 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49330 | 172.16.251.35 | 139 |
| 06-28-2017-00-17-42 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49331 | 172.16.251.36 | 445 |
| 06-28-2017-00-17-44 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49332 | 172.16.251.36 | 139 |
| 06-28-2017-00-17-46 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49333 | 172.16.251.37 | 445 |
| 06-28-2017-00-17-48 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49334 | 172.16.251.37 | 139 |
| 06-28-2017-00-17-50 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49335 | 172.16.251.38 | 445 |
| 06-28-2017-00-17-52 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49336 | 172.16.251.38 | 139 |
| 06-28-2017-00-17-54 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49337 | 172.16.251.39 | 445 |
| 06-28-2017-00-17-56 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49338 | 172.16.251.39 | 139 |
| 06-28-2017-00-17-58 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49339 | 172.16.251.40 | 445 |
| 06-28-2017-00-18-00 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49340 | 172.16.251.40 | 139 |
| 06-28-2017-00-18-02 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49341 | 172.16.251.41 | 445 |
| 06-28-2017-00-18-04 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49342 | 172.16.251.41 | 139 |
| 06-28-2017-00-18-06 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49343 | 172.16.251.42 | 445 |
| 06-28-2017-00-18-08 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49344 | 172.16.251.42 | 139 |
| 06-28-2017-00-18-11 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49345 | 172.16.251.43 | 445 |
| 06-28-2017-00-18-12 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49346 | 172.16.251.43 | 139 |
| 06-28-2017-00-18-14 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49347 | 172.16.251.44 | 445 |
| 06-28-2017-00-18-16 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49348 | 172.16.251.44 | 139 |
| 06-28-2017-00-18-18 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49349 | 172.16.251.45 | 445 |
| 06-28-2017-00-18-20 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49350 | 172.16.251.45 | 139 |
| 06-28-2017-00-18-22 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49351 | 172.16.251.46 | 445 |
| 06-28-2017-00-18-24 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49352 | 172.16.251.46 | 139 |
| 06-28-2017-00-18-26 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49353 | 172.16.251.47 | 445 |
| 06-28-2017-00-18-28 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49354 | 172.16.251.47 | 139 |
| 06-28-2017-00-18-30 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49355 | 172.16.251.48 | 445 |
| 06-28-2017-00-18-31 | 4 | System | INITIATING | 172.16.251.132 | 49356 | 172.16.251.1 | 445 |
| 06-28-2017-00-18-32 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49357 | 172.16.251.48 | 139 |
| 06-28-2017-00-18-32 | 4 | System | INITIATING | 172.16.251.132 | 49358 | 172.16.251.1 | 139 |
| 06-28-2017-00-18-32 | 4 | System | INITIATING | 172.16.251.132 | 49359 | 172.16.251.1 | 445 |
| 06-28-2017-00-18-34 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49361 | 172.16.251.49 | 445 |
| 06-28-2017-00-18-34 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49362 | 172.16.251.1 | 80 |
| 06-28-2017-00-18-36 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49363 | 172.16.251.49 | 139 |
| 06-28-2017-00-18-38 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49364 | 172.16.251.50 | 445 |
| 06-28-2017-00-18-40 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49365 | 172.16.251.50 | 139 |
| 06-28-2017-00-18-42 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49366 | 172.16.251.51 | 445 |
| 06-28-2017-00-18-44 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49367 | 172.16.251.51 | 139 |
| 06-28-2017-00-18-46 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49368 | 172.16.251.52 | 445 |
| 06-28-2017-00-18-48 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49369 | 172.16.251.52 | 139 |
| 06-28-2017-00-18-51 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49370 | 172.16.251.53 | 445 |
| 06-28-2017-00-18-53 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49371 | 172.16.251.53 | 139 |
| 06-28-2017-00-18-55 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49372 | 172.16.251.54 | 445 |
| 06-28-2017-00-18-57 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49373 | 172.16.251.54 | 139 |
| 06-28-2017-00-18-59 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49374 | 172.16.251.55 | 445 |
| 06-28-2017-00-19-01 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49375 | 172.16.251.55 | 139 |
| 06-28-2017-00-19-03 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49376 | 172.16.251.56 | 445 |
| 06-28-2017-00-19-05 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49377 | 172.16.251.56 | 139 |
| 06-28-2017-00-19-07 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49378 | 172.16.251.57 | 445 |
| 06-28-2017-00-19-09 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49379 | 172.16.251.57 | 139 |
| 06-28-2017-00-19-11 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49380 | 172.16.251.58 | 445 |
| 06-28-2017-00-19-13 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49381 | 172.16.251.58 | 139 |
| 06-28-2017-00-19-15 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49382 | 172.16.251.59 | 445 |
| 06-28-2017-00-19-16 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49383 | 172.16.251.59 | 139 |
| 06-28-2017-00-19-18 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49384 | 172.16.251.60 | 445 |
| 06-28-2017-00-19-20 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49385 | 172.16.251.60 | 139 |
| 06-28-2017-00-19-22 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49386 | 172.16.251.61 | 445 |
| 06-28-2017-00-19-24 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49387 | 172.16.251.61 | 139 |
| 06-28-2017-00-19-26 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49388 | 172.16.251.62 | 445 |
| 06-28-2017-00-19-28 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49389 | 172.16.251.62 | 139 |
| 06-28-2017-00-19-30 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49390 | 172.16.251.63 | 445 |
| 06-28-2017-00-19-32 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49391 | 172.16.251.63 | 139 |
| 06-28-2017-00-19-34 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49392 | 172.16.251.64 | 445 |
| 06-28-2017-00-19-36 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49393 | 172.16.251.64 | 139 |
| 06-28-2017-00-19-38 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49394 | 172.16.251.65 | 445 |
| 06-28-2017-00-19-40 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49395 | 172.16.251.65 | 139 |
| 06-28-2017-00-19-42 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49396 | 172.16.251.66 | 445 |
| 06-28-2017-00-19-44 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49397 | 172.16.251.66 | 139 |
| 06-28-2017-00-19-46 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49398 | 172.16.251.67 | 445 |
| 06-28-2017-00-19-48 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49399 | 172.16.251.67 | 139 |
| 06-28-2017-00-19-50 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49400 | 172.16.251.68 | 445 |
| 06-28-2017-00-19-52 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49401 | 172.16.251.68 | 139 |
| 06-28-2017-00-19-55 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49402 | 172.16.251.69 | 445 |
| 06-28-2017-00-20-01 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49405 | 172.16.251.70 | 139 |
| 06-28-2017-00-20-03 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49406 | 172.16.251.71 | 445 |
| 06-28-2017-00-20-05 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49407 | 172.16.251.71 | 139 |
| 06-28-2017-00-20-07 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49408 | 172.16.251.72 | 445 |
| 06-28-2017-00-20-09 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49409 | 172.16.251.72 | 139 |
| 06-28-2017-00-20-11 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49410 | 172.16.251.73 | 445 |
| 06-28-2017-00-20-13 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49411 | 172.16.251.73 | 139 |
| 06-28-2017-00-20-15 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49412 | 172.16.251.74 | 445 |
| 06-28-2017-00-20-15 | 2860 | explorer.exe | ESTABLISHED | 172.16.251.132 | 49413 | 2.21.231.98 | 80 |
| 06-28-2017-00-20-17 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49414 | 172.16.251.74 | 139 |
| 06-28-2017-00-20-19 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49415 | 172.16.251.75 | 445 |
| 06-28-2017-00-20-21 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49416 | 172.16.251.75 | 139 |
| 06-28-2017-00-20-23 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49417 | 172.16.251.76 | 445 |
| 06-28-2017-00-20-25 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49418 | 172.16.251.76 | 139 |
| 06-28-2017-00-20-27 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49419 | 172.16.251.77 | 445 |
| 06-28-2017-00-20-29 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49420 | 172.16.251.77 | 139 |
| 06-28-2017-00-20-31 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49421 | 172.16.251.78 | 445 |
| 06-28-2017-00-20-33 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49422 | 172.16.251.78 | 139 |
| 06-28-2017-00-20-35 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49423 | 172.16.251.79 | 445 |
| 06-28-2017-00-20-37 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49424 | 172.16.251.79 | 139 |
| 06-28-2017-00-20-39 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49425 | 172.16.251.80 | 445 |
| 06-28-2017-00-20-41 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49426 | 172.16.251.80 | 139 |
| 06-28-2017-00-20-43 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49427 | 172.16.251.81 | 445 |
| 06-28-2017-00-20-45 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49428 | 172.16.251.81 | 139 |
| 06-28-2017-00-20-47 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49429 | 172.16.251.82 | 445 |
| 06-28-2017-00-20-49 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49430 | 172.16.251.82 | 139 |
| 06-28-2017-00-20-51 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49431 | 172.16.251.83 | 445 |
| 06-28-2017-00-20-53 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49432 | 172.16.251.83 | 139 |
| 06-28-2017-00-20-56 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49433 | 172.16.251.84 | 445 |
| 06-28-2017-00-20-58 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49434 | 172.16.251.84 | 139 |
| 06-28-2017-00-20-59 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49435 | 172.16.251.85 | 445 |
| 06-28-2017-00-21-01 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49436 | 172.16.251.85 | 139 |
| 06-28-2017-00-21-03 | 2188 | rundll32.exe | INITIATING | 172.16.251.132 | 49437 | 172.16.251.86 | 445 |