Remote Desktop Protocol

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 10 (version 1607)/Windows Server 2016 (version 1607)
  OS Build: 10.0.14393
  Target Name: SERVER
  NetBIOS Domain Name: SERVER
  NetBIOS Computer Name: SERVER
  DNS Domain Name: Server
  FQDN: Server

Warning: Your files are encrypted.
The computers on your network have been compromised and your files were encrypted
by Cloak Ransomware. Additionally, a copy of all your files were exported to our servers.
Please read the text note left on your desktop for more information.

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:85:b6:7b:57:14:e3:87:4f:47:da:6d:8b:2c:69:3c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Server
        Validity
            Not Before: Dec 21 20:32:20 2023 GMT
            Not After : Jun 21 20:32:20 2024 GMT
        Subject: CN=Server
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8b:8c:92:78:97:2b:87:b8:48:85:ae:34:61:29:
                    78:3a:9b:a9:81:24:a5:c0:5f:48:be:4b:69:7b:76:
                    d1:44:22:bb:50:a5:91:98:61:32:3a:4f:aa:01:f9:
                    6c:ae:d5:9c:a2:d3:c9:13:72:40:87:54:9c:b6:df:
                    43:0e:41:5d:30:14:08:fe:29:16:7c:7a:5b:9f:4a:
                    12:f5:90:34:df:4f:22:5f:51:4b:5a:fc:09:f1:da:
                    8e:b0:3f:9b:6f:b7:85:7e:09:0e:58:32:58:2d:5f:
                    a1:e7:35:39:31:04:a6:ba:bb:15:c7:da:bf:0d:bf:
                    f4:8f:04:23:51:2b:61:c7:da:b1:ed:bf:29:c4:cf:
                    c4:da:b0:6b:2b:5c:32:72:53:c5:94:f0:3c:97:ec:
                    f6:cf:75:7f:04:bd:73:27:a7:e8:b6:29:bb:1f:9c:
                    a3:06:9c:45:4f:d3:fe:8a:62:42:32:c6:5a:76:7f:
                    4f:3b:25:7d:b8:d5:87:d5:25:69:4d:c7:9e:d0:9e:
                    a9:d4:4c:9a:36:21:df:3b:11:48:4a:de:cf:f4:74:
                    76:c1:a1:57:fc:bc:ce:9f:94:d8:93:43:1e:f3:12:
                    38:3d:d9:83:af:7f:53:15:ed:8d:3b:16:65:18:ee:
                    0a:75:03:67:de:73:f9:56:fc:a9:03:8a:d7:ec:12:
                    20:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6e:10:c5:89:00:bf:85:51:ae:82:56:19:cb:fd:e7:0f:60:db:
        22:5c:a3:17:b6:79:ab:60:d3:04:cb:3a:20:0e:f0:9f:a4:f2:
        e1:31:03:36:0f:7d:fa:d0:27:ba:7c:2e:12:7a:f4:f9:2d:26:
        23:1c:9d:18:92:f2:c2:cb:d7:48:fd:42:86:75:76:61:24:c5:
        a4:85:bb:d5:43:03:6b:b6:84:67:e6:a1:f0:38:8c:c3:5b:1b:
        76:66:5c:8d:22:fc:6e:7f:c9:6e:36:5e:61:d1:f3:a8:7a:95:
        b2:c8:0e:3d:fc:28:88:f8:aa:94:1c:46:59:c1:36:b9:ae:e4:
        a5:c4:0b:4b:1e:56:0e:ec:21:bf:44:7f:1b:c7:56:8c:36:19:
        08:24:16:f1:53:61:47:bc:ef:1e:d6:df:47:18:ef:9a:67:42:
        75:97:7c:d2:ae:a5:86:f7:67:12:b2:36:c9:11:cf:aa:4e:06:
        05:a5:2b:32:60:04:dc:30:60:4e:36:c9:5d:3d:ef:11:b9:4f:
        fa:f9:99:ab:d8:6b:95:fc:7d:a2:57:eb:f8:43:2d:78:08:4e:
        e5:ec:3b:e1:c9:b2:dd:42:ab:98:6f:be:89:84:3a:24:1e:2b:
        32:50:20:df:ce:97:aa:17:2f:4a:72:4a:9a:51:c6:40:1e:0f:
        73:cd:8f:ae

WinRM

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 02 May 2024 19:02:00 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2016 (version 1607)
  OS Build: 10.0.14393
  Target Name: SERVER
  NetBIOS Domain Name: SERVER
  NetBIOS Computer Name: SERVER
  DNS Domain Name: Server
  FQDN: Server