services.banner
|
|
|
services.banner_hashes
|
sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
|
services.discovery_method
|
PREDICTIVE_METHOD_16 |
|
services.extended_service_name
|
DCERPC |
|
services.observed_at
|
2025-01-19T06:56:04.929512043Z |
|
services.parsed.dcerpc.could_bind |
true |
|
services.parsed.dcerpc.could_query_epm |
true |
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-SAMR]: Security Account Manager (SAM) Remote Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
samsrv.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
12345778-1234-abcd-ef00-0123456789ac v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49165] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[samss lpc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[dsrole] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\protected_storage] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[protected_storage] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[lsasspirpc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[lsapolicylookup] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LSARPC_ENDPOINT] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[securityevent] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[audit] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-865d0c7863d5b6174c] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\pipe\lsass] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
srvsvc.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
98716d03-89ac-44c7-bb8c-285824e51c4a v1.0 XactSrv service |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[senssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
authui.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
24019106-a203-4642-b88d-82dae9158929 v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-6fc9bb4630b4ce7c2a] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
MPSSVC.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
2fb92682-6599-42dc-ae13-bd2ca89bd11c v1.0 Fw APIs |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-da99f4e19730bb6524] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-PAN]: Print System Asynchronous Notification Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
spoolsv.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
ae33069b-a2a8-46ee-a235-ddfd339be281 v1.0 Spooler base remote object endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[spoolss] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-RPRN]: Print System Remote Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
spoolsv.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
12345678-1234-abcd-ef00-0123456789ab v1.0 IPSec Policy agent endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-3fc0237889bdfae9da] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49154] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-SCMR]: Service Control Manager Remote Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
services.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
367abb81-9844-35f1-ad32-98f038001003 v2.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49156] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-RSP]: Remote Shutdown Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
wininit.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49152] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WindowsShutdown] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\InitShutdown] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WMsgKRpc04EF20] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
spoolsv.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
4a452661-8290-4b36-8fbe-7f4093a94978 v1.0 Spooler function endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[spoolss] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-CMPO]: MSDTC Connection Manager: |
|
services.parsed.dcerpc.endpoints.executable
|
msdtcprx.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
906b0ce0-c70b-1067-b317-00dd010662da v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-5c00d44ffe86157a7a] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEBFD81EE7720045CD922E71985B9F] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-3884e6dabb64549e03] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-3884e6dabb64549e03] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-3884e6dabb64549e03] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-3884e6dabb64549e03] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
sysntfy.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 v1.0 Impl friendly name |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-ae4077dfa1f0f4e212] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\srvsvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[senssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[senssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
dhcpcsvc.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 v1.0 DHCP Client LRPC Endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[dhcpcsvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49153] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\pipe\eventlog] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[eventlog] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
N/A |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
7f1343fe-50a9-4927-a778-0c5859517bac v1.0 DfsDs service |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\wkssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[DNSResolver] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-PAN]: Print System Asynchronous Notification Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
spoolsv.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 v1.0 Spooler function endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[spoolss] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
IKEEXT.DLL |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
a398e520-d59a-4bdd-aa7a-3c1e0303a511 v1.0 IKE/Authip API |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[senssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
BFE.DLL |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
dd490425-5325-4565-b774-7e27d6c09c24 v1.0 Base Firewall Engine API |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-da99f4e19730bb6524] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
nrpsrv.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
30adc50c-5cbc-46ce-9a0e-91914789e23c v1.0 NRP server endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49153] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\pipe\eventlog] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[eventlog] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-EVEN6]: EventLog Remoting Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
wevtsvc.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
f6beaff7-1e19-4fbb-9f8f-b89e2018337c v1.0 Event log TCPIP |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49153] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\pipe\eventlog] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[eventlog] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
[MS-FASP]: Firewall and Advanced Security Protocol |
|
services.parsed.dcerpc.endpoints.executable
|
FwRemoteSvr.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
6b5bdd1e-528c-422c-af8c-a4079be4fe48 v1.0 Remote Fw APIs |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49154] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
winlogon.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
12e65dd8-887f-41ef-91bf-8d816c42c2e7 v1.0 Secure Desktop LRPC interface |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WMsgKRpc02D8E02] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
N/A |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
3473dd4d-2e88-4006-9cba-22570909dd10 v5.1 WinHttp Auto-Proxy Service |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\W32TIME_ALT] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[W32TIME_ALT] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-a0462a5962ceeb70ee] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEDA7E3439717B481B97DC21E6AFFF] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
winlogon.exe |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
76f226c3-ec14-4325-8a99-6a46348418af v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WindowsShutdown] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\InitShutdown] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WMsgKRpc04EF20] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WMsgKRpc04F151] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[WMsgKRpc02D8E02] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
dhcpcsvc6.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 v1.0 DHCPv6 Client LRPC Endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[dhcpcsvc6] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[dhcpcsvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_ip_tcp:192.168.0.19[49153] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\pipe\eventlog] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[eventlog] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
iphlpsvc.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
552d076a-cb29-4e44-8b6a-d15e59e2c0af v1.0 IP Transition Configuration endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\srvsvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[senssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
MPSSVC.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 v1.0 Fw APIs |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-da99f4e19730bb6524] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
certprop.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
30b044a5-a225-43f0-b3a4-e060df91f9c1 v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncacn_np:\\ECS-6FDB-100875[\PIPE\srvsvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[senssvc] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
gpsvc.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
2eb08e3e-639f-4fba-97b1-14f878961076 v1.0 |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEF626962F0C21413D9D720371CC8E] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[IUserProfile2] |
|
|
services.parsed.dcerpc.endpoints.protocol
|
N/A |
|
services.parsed.dcerpc.endpoints.executable
|
nsisvc.dll |
|
services.parsed.dcerpc.endpoints.explained_uuid
|
7ea70bcf-48af-4f6a-8968-6a440754d5fa v1.0 NSI server endpoint |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[LRPC-a0462a5962ceeb70ee] |
|
services.parsed.dcerpc.endpoints.bindings
|
ncalrpc:[OLEDA7E3439717B481B97DC21E6AFFF] |
|
|
services.perspective_id
|
PERSPECTIVE_UNKNOWN |
|
services.port
|
135 |
|
services.service_name
|
DCERPC |
|
services.source_ip
|
167.94.145.100 |
|
services.transport_protocol
|
TCP |
|
services.truncated |
false |
|