- The packets are sent at a certain rate.
- The source is one address, the destinations are many.
- Almost all of the destination addresses are in ISP ranges and none have a meaningful FQDN (linking them to a particular service or purpose).
- The protocol shown is UDP-only (UDP "means" you don't care if a single packet arrives or not).
- The single source port UDP/61787 isn't linked to any know application (or `getent services 61787` or
Seifried).
ISC lists the port as a troublesome
destination port, but most likely this concerns TCP, not UDP.
- The destination ports are ephemeral ports, in other words not linked to an application.
- The destination ports vary, meaning some remote hosts are more loaded than others.
- The packet contents, illegible as they are, seem more or less similar.
Why no detailed conclusion?
I shouldn't conclude anything because the data is inconclusive to begin with. The packet capture is one-sided: we only get to see this side of the conversation while we should see both for better understanding. The OP didn't post the tcpdump commandline: we don't know if there's a BPF filter attached that doesn't show other traffic between this and other hosts. Next to that we don't know if the OP manually scrubbed other related traffic between this and remote hosts, what O.S. and services the suspect box runs.