ID: Cookbook: browseurl.jbs Time: 03:38:04 Date: 30/04/2018 Version:
|
|
- Joel Shields
- 5 years ago
- Views:
Transcription
1 ID: Cookbook: browseurl.jbs Time: 03:38:04 Date: 30/04/2018 Version:
2 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature Overview Networking: System Summary: Hooking and other Techniques for Hiding and Protection: Behavior Graph Simulations Behavior and APIs Antivirus Detection Initial Sample Dropped Files Unpacked PE Files Domains Yara Overview Initial Sample PCAP (Network Traffic) Dropped Files Memory Dumps Unpacked PEs Joe Sandbox View / Context IPs Domains ASN Dropped Files Screenshots Startup Created / dropped Files Contacted Domains/Contacted IPs Contacted Domains Contacted IPs Static File Info No static file info Network Behavior Network Port Distribution TCP Packets UDP Packets DNS Queries DNS Answers HTTP Request Dependency Graph HTTP Packets HTTPS Packets Code Manipulations Statistics Behavior Table of Contents Copyright Joe Security LLC 2018 Page 2 of
3 System Behavior Analysis iexplore.exe PID: 3380 Parent PID: 548 General File Activities Registry Activities Analysis iexplore.exe PID: 3436 Parent PID: 3380 General File Activities Registry Activities Analysis ssvagent.exe PID: 3496 Parent PID: 3436 General Registry Activities Disassembly Code Analysis Copyright Joe Security LLC 2018 Page 3 of 40
4 Analysis Report Overview General Information Joe Sandbox Version: Analysis ID: Start time: 03:38:04 Joe Sandbox Product: CloudBasic Start date: Overall analysis duration: Hypervisor based Inspection enabled: Report type: Cookbook file name: Sample URL: 0h 5m 6s light browseurl.jbs Analysis system description: Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java ) Number of analysed new started processes analysed: 5 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies Analysis stop reason: Detection: Classification: HCA enabled EGA enabled HDC enabled Timeout CLEAN clean1.win@5/39@6/3 HCA Information: Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0 EGA Information: HDC Information: Cookbook Comments: Warnings: Failed Failed Adjust boot time Correcting counters for adjusted boot time Show All Exclude process from analysis (whitelisted): dllhost.exe Execution Graph export aborted for target iexplore.exe, PID 3436 because there are no executed function Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtDeviceIoControlFile calls found. Report size getting too big, too many NtEnumerateKey calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryValueKey calls found. Detection Strategy Score Range Reporting Detection Copyright Joe Security LLC 2018 Page 4 of 40
5 Strategy Score Range Reporting Detection Threshold Report FP / FN Confidence Strategy Score Range Further Analysis Required? Confidence Threshold true Classification Copyright Joe Security LLC 2018 Page 5 of 40
6 Ransomware Miner Spreading malicious malicious malicious Evader Phishing suspicious suspicious suspicious clean clean clean Exploiter Banker Spyware Trojan / Bot Adware Analysis Advice Sample has a GUI, but Joe Sandbox has not found any clickable buttons, likely more UI automation may extend behavior Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted ' cookbook for further analysis Signature Overview Networking Summary System Hooking and other Techniques for Hiding and Protection Copyright Joe Security LLC 2018 Page 6 of 40
7 Click to jump to signature section Networking: Social media urls found in memory Downloads files Downloads files from webservers via HTTP Found strings which match to known social media urls Performs DNS lookups Urls found in memory or binary Uses HTTPS System Summary: Searches the installation path of Mozilla Firefox Classification label Creates files inside the user directory Creates temporary files Reads ini files Reads software policies Spawns processes Uses an in-process (OLE) Automation server Found graphical window changes (likely an installer) Uses new MSVCR Dlls Binary contains paths to debug symbols Hooking and other Techniques for Hiding and Protection: Disables application error messsages (SetErrorMode) Behavior Graph Copyright Joe Security LLC 2018 Page 7 of 40
8 Behavior Graph ID: URL: Startdate: 30/04/2018 Architecture: WINDOWS Score: 1 started Legend: Process Signature Created File DNS/IP Info Is Dropped Is Windows Process Hide Legend iexplore.exe Number of created Registry Values Number of created Files Visual Basic Delphi Java , 49408, 50323, GOOGLE-GoogleIncUS United States crl.godaddy.com started.net C# or VB.NET C, C++ or other language Is malicious iexplore.exe , 443, 49164, ESSENTIALENERGY-AS-APESSENTIALENERGYAU Australia crl.godaddy.com , 49175, 49178, AS GO-DADDY-COM-LLC-GoDaddycomLLCUS Netherlands started ssvagent.exe 6 Simulations Behavior and APIs Time Type Description 03:38:47 API Interceptor 1761x Sleep call for process: iexplore.exe modified 03:38:48 API Interceptor 1x Sleep call for process: ssvagent.exe modified Antivirus Detection Initial Sample Detection Scanner Label Link 0% virustotal Browse Dropped Files No Antivirus matches Unpacked PE Files No Antivirus matches Domains Detection Scanner Label Link crl.godaddy.com 0% virustotal Browse Copyright Joe Security LLC 2018 Page 8 of 40
9 Yara Overview Initial Sample No yara matches PCAP (Network Traffic) No yara matches Dropped Files No yara matches Memory Dumps No yara matches Unpacked PEs No yara matches Joe Sandbox View / Context IPs No context Domains No context ASN No context Dropped Files No context Screenshots Copyright Joe Security LLC 2018 Page 9 of 40
10 Startup System is w7 cleanup iexplore.exe (PID: 3380 cmdline: '' -Embedding CA1F703CD665867E8132D2946FB55750) iexplore.exe (PID: 3436 cmdline: '' SCODEF:3380 CREDAT: /prefetch:2 CA1F703CD665867E8132D2946FB55750) ssvagent.exe (PID: 3496 cmdline: 'C:\PROGRA~1\Java\JRE18~1.0_1\bin\ssvagent.exe' -new 0953A FD1E655B75B63B9083B7) Created / dropped Files C:\Users\HERBBL~1\AppData\Local\Temp\JavaDeployReg.log Size (bytes): 89 ASCII text, with CRLF line terminators Entropy (8bit): DC93439CF59FA3ABE1ACD41F28CE E9FC8A047485BDB95B6B3F551B11AFFF E7726C5BD5B50C01B26E9A3EB48A A66A481F5FC A5121 7A85183D2E75F24D997E968D0C B53CA1BFF E8DFE15E8AD57B6E1645FEE8DDC1D149F66806E B517F99B7B6AC5D9044A414F5F11F BC Copyright Joe Security LLC 2018 Page 10 of 40
11 C:\Users\HERBBL~1\AppData\Local\Temp\~DF08F0DD47394B9E63.TMP FoxPro FPT, blocks size 258, next free block index Size (bytes): Entropy (8bit): B0FDAA C5D40C478D4D990D9 B90A5BBEEEA6E964B6D08D8A78CB5C E2 34B43CE10D411A3233D0A0CDFA3E7EAF7952B745331B5ACC6625DA4F548CBD53 9EAE018E01174DE28BE4E5AE38D3050B96DB9EBAC130CBBC1AEECED452FD98AE67F7A62AA38DFD9E415EB BCBB4A86D96493F3FB7FDD8CA96E676BD315 C:\Users\HERBBL~1\AppData\Local\Temp\~DF5686D6C74AC510A5.TMP Size (bytes): Entropy (8bit): E1566A282A9E6B3FA338A9BA9DB8ABCB E4D1198DB7D64825BCFB3DF89FAC7503D96B5D5C A23DA534CDEB E1142DA2B305E04D45D8C68FD1B7161CE E 650E790157AFF91AB00FFE3BE94FC8DA8DC67B4A77FC440CBA3DD2871F635A1BC2CE4A0A6BD08168F93E91F08 8A5D8374F0DD8AFF6532C528AAEE0BC8B5D4235 C:\Users\HERBBL~1\AppData\Local\Temp\~DFD41C8312EA71BE1D.TMP Size (bytes): Entropy (8bit): E1D74CC111D216CC02A2AE4E2A6DFEB 59E9D6A8510DCC5ADC4383D3FAE76F4909FE1643 CC8F430CF45E446E3CEC370BD90CAB37672C95958A90A0EC22DF77BA6CEB2A15 305B6DC60610FD468CDEB8FC836DECEAEFB05A50AB182F7532A78A722994A3DFE9839E6E438AB040D73B36B E02AC08A9A9CCA479FCDD75AB62 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\223DE96EE A660ED7C9DD9E7_EFF9B9BA98DEAA773F261FA85A0B177 1 Size (bytes): 1730 Entropy (8bit): C427ECFE3239C751255A57486C49879E 6DA45E49A2F8D54DCA58380CCB34C356756ACD1B DC4937AF1303FC00690C7021CCE86991CFA7DA02957AAA17E5E1864AB 9024C36D9D949E31EDEE4B4C3C4364A9D9C229906D042EDC71CC1F84D DB5A64D5B F1B3C B450B82AA7BEC839385FFC1B8455B175C C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 Microsoft Cabinet archive, 6509 bytes, 1 file Size (bytes): 6509 Entropy (8bit): B39E2A516EF730A8FA922894F0FBD5 03D455583DDA59215D945AF76AF6293B202F586F 9446E8F2056FEA3AC1365A809ADA C396F72FFE42FD1B781C24CBA Copyright Joe Security LLC 2018 Page 11 of 40
12 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD AA13B43EB96294B0F84E E06FB79F4AF4F35D020ED0ADD9D8D1B42FE7EC2C6340AC8E08B 182F83469D813087C321C878F96970C C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\67F6625BC22310D5C99DDE12020DBD90 Size (bytes): 462 Entropy (8bit): A68A2AE020719B8942F12700C2AA7326 8B382EF2E4FE11578EB042012F49DA87F2CC56E9 D605EF4CA0057C59A4E90EB65A86BFFCA2A76509F5D67A2B7C6FCB66DA48B95F E9E343A249A7E304703D C17A870C4245A84755B2592A6736A70CD921D0B249A14A7EA4E3C9674CED206B E0D D A722A7495CE672BAE C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF B E0 4 Size (bytes): 471 Entropy (8bit): F0210FCA CC216A E2 D10B86C6F353C30D98B55BFCAADD40E7D493397C 397AD878DB2D20AFD65BA634252E B089E1C9526BD D1221F9 C5CA0CE0D36CB0716ECC6E37F96C261EF4E992C6C6B03D7EF703252D5494DE7AAFB222089C8BEC0A52ECD39D CF B994898E994C7D29C8C513BB690DA C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F Size (bytes): 4267 Entropy (8bit): F8216FD354CA2C606769D95731D45B19 950CA8F6EE3A EB8BD1CF170C259D80 68B74DD2A491A8490A6DCF99AF4AC4F E712F92545DF678962EF2D903D 2E19E49E10747CCB526591CDFB4BBD7F0F55B8BB34F1C11509D130710EDCEE87E4FB313BC74164D4F1F1E1F91A F6ECF30ADB8A AC072D EC5 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AA EAEF011FC9E8317E _3B624A83E42510D810A545A57D1217A9 Size (bytes): 1776 Entropy (8bit): A8A51F16F9F1ED4FF4FEBD744 61D7BA508D5B7BF ABD8176E3665ED3D7 EA6D2449B A5C8747BA237B B1C075F92609DCD3EA28E5DF59 FA9D36AED75C61A7E97E734E ED877DEA52B9AC67BD4F0D5BB6F461D749155E2D478A2F D5 F6B5150ED52C34F0EC670FAD80B25E36330F53 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C5FD5BF0CE6372B1CAFE381FD0BC969C Size (bytes): 429 Copyright Joe Security LLC 2018 Page 12 of 40
13 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C5FD5BF0CE6372B1CAFE381FD0BC969C Entropy (8bit): EC298C64E5AACBC4DBD62633AA53A80B 5A5CA27645EBCE6B9AEAFC9A803C39FD3E2C8B5E CC4BEAAB8386E2700C8CED0C4556B2C24DBA47B6FE9F0BD4D9AB2B408C9355A9 874F02B0FCB2A7A00C79A E92B8E45A8BC6FF34B90E079578F3E4C A26659B737B2BB10CB662 9CF95F06BAC0F6D4240FCEA2675DB472AABF1 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C6D8D1AEC0F5BF411CC9D27E9BFE3C04 Size (bytes): Entropy (8bit): DDC54BF93DC46E5A40D9BECF46 4D8B16C4B4DB07740F56A492B B31725A FF3E790E8A770B3497B E53E0964C6BAC9C51AD73250B480C9DE2FE6B DDECD6664F664EBFA1591FAB2B40E4F84DAA8D1DFB66C012A26CF4F2A897401C0C2BF4E441A5F23BF0C1 61EBD0A6EBA393C51C6EC0BAB92E1160A C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EB2C4AB8B68FFA4B7733A A396_D76DB901EE986B889F30D8CC06229E2 D Size (bytes): 1697 Entropy (8bit): D6BC1F709C7535E286D80E4F7FB24A 5AB3C155FE4F8FEDC51013C6721C97FA5F45DE03 2D01DA652C0FAAD1F4B30A8E75E12114E247FC6F9BC18E091D4FB281C1A5B7C8 874F0BD1541FAF2CEB1A2F04404C274359DFCD070307FC317AF30ACFCEE96C9F12AD1E5D375C4F D26C A F4349C09535EBE16CD0E2EEEF112 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\223DE96EE A660ED7C9DD9E7_EFF9B9BA98DEAA773F26 1FA85A0B1771 Size (bytes): 450 Entropy (8bit): A80FE4741DFF138BDEC4A3DA E00AF753F0DA771E005BBEB2AFE49BC77B0EC6F A9F50B2748FDA4B5B525DF8557BC4677B42F0E82D713EBBEF8EB476F1BD921E0 34A81F4CB525BD1B594088F7978FE3B9AFB1FE1138E6C D2C58BF1B2E43FB208367F8068DAABD C4F435A975D28210B1719D2C526D3F07 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 Size (bytes): 342 Entropy (8bit): ACFB013A6823F6A20224C445B0 CD57B31C1D8448F82533BF23ACE1EF77667C D4CC27A0D759BB0E97ADE2E E33522C38D90A634B46B4FDC7A3 67D2EC1E02E60E77533B36679C01F711FB1E32EEB8D3CCCA503F13BFF9492BD87F4055CA3A76C134A47C57D23C 4C70755AE47B A6E2203FBF A3 Copyright Joe Security LLC 2018 Page 13 of 40
14 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\67F6625BC22310D5C99DDE12020DBD90 Size (bytes): 230 Entropy (8bit): B263D42E76B34670DCC0EAD CB1970FD33DD25FF538A9E ABB2B36 782B8C137912E706C691A38D85E0D185ACF2E7A1EA9EB07972DA90AB96DC71E1 6887DD6DEC E B73570CE2E7A E2C4C41A1090E101BD AC17F84322ACB3C297A EC1E395FEC3C40F0C39D5A6727A2A545E284 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF B E04 Size (bytes): 868 Entropy (8bit): E15570B001535A9C5250 F9BB33CA3E1371E35BE6B2261A EDCF 8AF49D BAB02ECED5A8A31C69B7AD6A933C64B58E1DAD25786AD6CC9C 261F34ACDF3F05A2D10267BFE1088B7F7C3D75A7F30E597C41DB27A663BD13EE1AE184292C38FFD88B7BBFF9B 43C850547E733F275805C7F4CA57C82F6EDED18 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F Size (bytes): 448 Entropy (8bit): F276CBE674A461F9D8A9138E67AF7E AD80CC BB8B83C621D ECAA8232 7D902F7EA46E D0E21195BE56C89D359FEDF291CE815F1160BBD2E3B95 C19341A948C6DEFFCC97437A3EA32AF6522DA01FD61FA07C709AFC1A223D0412AC7C5264A307F36AB3B653D83E 63AB2FA82C8620CFB87374CD4EF0F18E7304CD C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AA EAEF011FC9E8317E _3B624A83E42510D810A545A57D1217 A9 Size (bytes): 458 Entropy (8bit): D5E1412EE8880B6194FF08F0E898DD0D B57C59E68B13EF1044F9E756C79F8BE3DD7957D2 9AC837AE39C036BEE0905D762C9DBD671AC798C884796B9E20DED649A75E62AE 0FF94E13F72980D1F7EE4EBADDA215DCBE33976E5D8022F0D64C9D8E1CF0D7ABDEBF8FDBCE95FDD326B0F1C 4B63F31D887C1D102B8F88A269AE6E9CE0533BEFB C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C5FD5BF0CE6372B1CAFE381FD0BC969C Size (bytes): 224 Entropy (8bit): Copyright Joe Security LLC 2018 Page 14 of 40
15 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C5FD5BF0CE6372B1CAFE381FD0BC969C 97B C5CAFF79678A5D6B46E 1E1B636D7C62A46E AAAAF94EAC65CD 0C682A5CE4E CB0AC487E37784F7C9BC F5F B55D63D 3B0ADC24C A09ECC D3411C A690FB27FEEDFD87F174A4A02CE6C663EAF899D2E0C88C0 533F8A4F34E0E1A5F740FEFB158552E76E004F C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C6D8D1AEC0F5BF411CC9D27E9BFE3C04 Size (bytes): 238 Entropy (8bit): F700503C7E8EB2A9B42211F9B94F0E25 D2922FD553546F5B7951C3A924A23A5E550F2857 1DB EF8BE61B6A2A2DC7413BAFB7C00D0B9AB7C52BFFD6E057EC B6253EF6AB5DC0DC7DE99B469187B4B3DD261EF359FE7836CBB443E1ECDD66C34F7D0D675FD0BAC82D7BF9D5 D5BE46EB40845EB15A7C463FABEA1AF23C9A1B6E C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EB2C4AB8B68FFA4B7733A A396_D76DB901EE986B889F30D8CC06229E 2D Size (bytes): 458 Entropy (8bit): CE0C9CAE3426AA2E20466A23312D2A2 EB2F47D1C833F1872A52D2A7F9A0ED6D5CB00B02 EE35F026A016D254A2FAE25E1325F4C5D960DF0691C498B9CAB F46E7 C1ABD93AE B BE71FC5FA195B3BBB972C B1E1AF1AB6E109DA23BF82CC021C4B11FE BB3EBAFDD479F1A7C EA2B02FC0DFBC5 C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D f-A0FF-E1416B8B2E3A}.ico Size (bytes): 237 Entropy (8bit): PNG image, 16 x 16, 4-bit colormap, non-interlaced 9FB559A E77D F6541 EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 6D8A01DC7647BC218D003B58FE04049E24A B7E0CEBAE76EDF85B8B914 0E CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCF B74437DE D0009D452FB96A8ECE236B C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\en-US.1 Size (bytes): Entropy (8bit): A34CB996293FDE2CB7A4AC A 3C96C D1A77873CD62BC639B3A10653F C6A5377CBC07EECE33790CFC70572E12C7A48AD8296BE25C0CC805A1F384DBAD E1B7D F E70F68B1BE6FD0CA65DCCF4FF D44278D3A77F704AEDFF59D2DBC0D56A6 09B2590C8EC0DD6BC48AB30F1DAD0C07A0A3EE Copyright Joe Security LLC 2018 Page 15 of 40
16 C:\Users\user\AppData\Local\Microsoft\Internet Explorer\IECompatData\iecompat.xml Size (bytes): Entropy (8bit): XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 41B359B77895C21C3ABB E66A1 6FB1E19BCCAC371EF16CDFA7D6B E5CE8C C04DA787E2D9EF9F2F76C796AA7425A27B31489A4CB8890D0B06C0C97DF38C5C 3D2B9AA084F8241AF2DA92B1B2441C89DDC8433BBD2E0B4E7A031CA5ED8F62C19D77C6816B226E4CCC49A424E F ED11D28909A4DB F C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{39429FC1-4C17-11E8-B7AC-B2C276BF9C88}.dat Size (bytes): Microsoft Word Document Entropy (8bit): B0C7D36CC55B4766A64D09A44CCDBDB8 F3ABF49B7F00C0F1BBA368057C6D58D74A75844C 6A7111EEA6DE3A14205C5F8B0BAD0742D542D3017EAFFEF310B CE55AB A4D7B8B6DA6A9834DACAF341EC040CADA38389F72971C51CB07EF0A3755A50655AA6BC70 D7490B01D2DC4ACA12E B FF2 C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{39429FC3-4C17-11E8-B7AC-B2C276BF9C88}.dat Size (bytes): Microsoft Word Document Entropy (8bit): ABBEC170688AD4896E6F4A5E9E993 A4403F4E8F75F EE4AEDA53B20399A5CF 23C49D23E449A1C5737B145C86A57550EFC1616CD230587DCFB79D905A1739A0 DA1D416F2A63F63ADACB E406CD0D04740F01775B83089CEB091588E90B462DD232F50101E8BC41B296D7 3986C1B8BDF5DDAD987962CC62C51BD13FA08 C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{42F2B110-4C17-11E8-B7AC-B2C276BF9C88}.dat Size (bytes): Microsoft Word Document Entropy (8bit): A9D2B6FF8FFA56105B26D2736C9 B34710E1CEDF F47B11585C7B7BD6A 144A0F78383C000F2C7EEB877EDA221A1FA75564D48BC56FF195F1C8E663380E 88ED25BFC751C FC34DA21D3F04E07FDDFF43C BDFA72574CB161AD86C377FC182E068EE173 BA574B942ABED512B55B8C7482AA21A2FCF3A C:\Users\user\AppData\Local\Microsoft\Internet Explorer\VersionManager\verF17A.tmp Size (bytes): Entropy (8bit): XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 095C72688DE7D90E6526DC0D8878F3F6 A1CAE182FB7E86C74FB5467C0014B2A27472BE DA E9B4B0D245C5B7E1FAC1242A087DED44EAF3B792E4A231E AB7FD229A6F532AE11E4CCEB01F823810B33D5C740BC9F290C79646C422AFFC27DDB8476C931D6E4A9686EED97 0E219B6CEBBF68F9A12B6C629B6816CDE1615C Copyright Joe Security LLC 2018 Page 16 of 40
17 C:\Users\user\AppData\Local\Microsoft\Internet Explorer\VersionManager\verF17A.tmp C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0316J1PS\dnserror[1] Size (bytes): 1857 Entropy (8bit): HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 73C70B34B5F8F158D38A94B9D E9EAA065BD6585A1B176E13615FD7E6EF96230A9 3EBD34328A4386B4EBA1F3D5F1252E7BD13744A B4689C13FCF4 927DCD4A8CFDEB0F970CB4EE3F059168B37E1E4E04733ED3356F77CA0448D2145E1ABDD4F7CE1C6CA23C1E B17987CC56C84C78E73F60E08FC0D C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0316J1PS\iecompatviewlist[1].xml Size (bytes): Entropy (8bit): XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 021B677623B5092A2049AEB828A9B0BA CE5DC9C5D8C065B D9BA0674F DC83EA97F10C5CE73FD1E2D4D32F BC58841EAF1185A13B977698B B5D1967C90442EE6F7AD77DB5D0FF4338E6A16C6EBCD18B447CC69A EB226F A7A705E B7ACA51F152CCF32A6E13D7688C240F C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0316J1PS\suggestions[1].en-US Size (bytes): Entropy (8bit): A34CB996293FDE2CB7A4AC A 3C96C D1A77873CD62BC639B3A10653F C6A5377CBC07EECE33790CFC70572E12C7A48AD8296BE25C0CC805A1F384DBAD E1B7D F E70F68B1BE6FD0CA65DCCF4FF D44278D3A77F704AEDFF59D2DBC0D56A6 9B2590C8EC0DD6BC48AB30F1DAD0C07A0A3EE C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\NewErrorPageTemplate[1] Size (bytes): 1310 Entropy (8bit): UTF-8 Unicode (with BOM) text, with CRLF line terminators CDF81E591D9CBFB47A7F97A2BCDB70B9 8F12010DFAACDECAD77B70A3E781C707CF D95C6FB161368C795BB63E538FE0B11F9E406494BB5758B3B0D60C5F651BD 977DCC2C6488ACAF0E5970CEF1A7A72C9F9DC6BB82DA54F057E0853C8E939E4AB01B163EB7A5058E093A8BC44 ECAD9D06880FDC883E67E28AC67FEE4D070A4CC C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\urlblockindex[1].bin Size (bytes): 16 Entropy (8bit): FA518E3DFAE8CA3A0E495460FD60C791 Copyright Joe Security LLC 2018 Page 17 of 40
18 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\urlblockindex[1].bin E4F30E D37267C0162FD4A C C4B4E5F883F9FD5A278E61C471B3EE B6D129499AA7 D21667F3FB081D39B579178E74E9BB1B6E9A97F C165729A58F1787DC0ADADD980CD026C7A601D416665A 81AC13A69E49A6A2FE2FDD AA645C07 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\errorPageStrings[1] Size (bytes): 3470 Entropy (8bit): UTF-8 Unicode (with BOM) text, with CRLF line terminators 6B26ECFA58E37D4B5EC861FCDD3F04FA B69CD71F68FE35A9CE0D7EA17B5F1B2BAD9EA8FA 7F7D1069CA8A852C1C8EB36E1D988FE6A9C17ECB8EFF1F66FC5EBFEB A 1676D43B977C07A3F6A5473F12FD16E A1CB9771D0F189B EE79480C33A010F08DC521E57332EC4 C4D888D693C6A2323C97750E C3F4 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEWWYACU\favicon[1].ico Size (bytes): 237 Entropy (8bit): PNG image, 16 x 16, 4-bit colormap, non-interlaced 9FB559A E77D F6541 EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 6D8A01DC7647BC218D003B58FE04049E24A B7E0CEBAE76EDF85B8B914 0E CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCF B74437DE D0009D452FB96A8ECE236B C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEWWYACU\httpErrorPagesScripts[1] Size (bytes): 8714 Entropy (8bit): UTF-8 Unicode (with BOM) text, with CRLF line terminators 3F57B781CB3EF114DD0B B7B CE6A63F996DF3A1CCCB81720E21204B825E0238C 46E019FA34465F4ED096A9665D1827B AD82E98BE01EDB1DDBC94D3AD 8CBF4EF582332AE7EA605F910AD6F8A4BC FA84F08943A72CAC2CF0FA32B6AF4C20C697E1FAC2C5B A16B5A64A23AF0C11EEFBF69625B8F9F90C8FA Contacted Domains/Contacted IPs Contacted Domains Name IP Active Malicious Antivirus Detection Reputation crl.godaddy.com true 0%, virustotal, Browse high Contacted IPs Copyright Joe Security LLC 2018 Page 18 of 40
19 No. of IPs < 25% 25% < No. of IPs < 50% 50% < No. of IPs < 75% 75% < No. of IPs IP Country Flag ASN ASN Name Malicious United States GOOGLE-GoogleIncUS Netherlands AS GO-DADDY-COM-LLC- GoDaddycomLLCUS Australia 9463 ESSENTIALENERGY-AS- APESSENTIALENERGYAU Static File Info No static file info Network Behavior Network Port Distribution Total Packets: (HTTPS) 53 (DNS) 80 (HTTP) TCP Packets Copyright Joe Security LLC 2018 Page 19 of 40
20 Timestamp Port Dest Port IP Dest IP Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Copyright Joe Security LLC 2018 Page 20 of 40
21 Timestamp Port Dest Port IP Dest IP Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Copyright Joe Security LLC 2018 Page 21 of 40
22 Timestamp Port Dest Port IP Dest IP Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Copyright Joe Security LLC 2018 Page 22 of 40
23 Timestamp Port Dest Port IP Dest IP Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Copyright Joe Security LLC 2018 Page 23 of 40
24 Timestamp Port Dest Port IP Dest IP Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: Apr 30, :39: UDP Packets Timestamp Port Dest Port IP Dest IP Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Copyright Joe Security LLC 2018 Page 24 of 40
25 Timestamp Port Dest Port IP Dest IP Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :38: Apr 30, :39: Apr 30, :39: Copyright Joe Security LLC 2018 Page 25 of 40
ID: Cookbook: browseurl.jbs Time: 15:40:31 Date: 11/04/2018 Version:
ID: 54174 Cookbook: browseurl.jbs Time: 15:40:31 Date: 11/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 19:33:28 Date: 25/04/2018 Version:
ID: 56640 Cookbook: browseurl.jbs Time: 19:33:28 Date: 25/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Cookbook: browseurl.jbs Time: 17:57:53 Date: 27/04/2018 Version:
ID: 57046 Cookbook: browseurl.jbs Time: 17:57:53 Date: 27/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 10:30:00 Date: 09/01/2018 Version:
ID: 42036 Cookbook: browseurl.jbs Time: 10:30:00 Date: 09/01/2018 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Cookbook: browseurl.jbs Time: 21:16:31 Date: 24/04/2018 Version:
ID: 56483 Cookbook: browseurl.jbs Time: 21:16:31 Date: 24/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 01:14:26 Date: 03/05/2018 Version:
ID: 57739 Cookbook: browseurl.jbs Time: 01:14:26 Date: 03/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 18:33:33 Date: 06/04/2018 Version:
ID: 53568 Cookbook: browseurl.jbs Time: 18:33:33 Date: 06/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Cookbook: browseurl.jbs Time: 01:54:38 Date: 10/05/2018 Version:
ID: 58820 Cookbook: browseurl.jbs Time: 01:54:38 Date: 10/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 20:25:07 Date: 07/05/2018 Version:
ID: 58298 Cookbook: browseurl.jbs Time: 20:25:07 Date: 07/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Cookbook: browseurl.jbs Time: 22:08:00 Date: 05/07/2018 Version:
ID: 66955 Cookbook: browseurl.jbs Time: 22:08:00 Date: 05/07/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 21:49:21 Date: 20/04/2018 Version:
ID: 55777 Cookbook: browseurl.jbs Time: 21:49:21 Date: 20/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: html Cookbook: defaultwindowshtmlcookbook.jbs Time: 15:11:10 Date: 11/04/2018 Version: 22.0.
ID: 54166 Sample Name: 14527716735276.html Cookbook: defaultwindowshtmlcookbook.jbs Time: 15:11:10 Date: 11/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection
More informationID: Cookbook: browseurl.jbs Time: 16:38:13 Date: 14/04/2018 Version:
ID: 54814 Cookbook: browseurl.jbs Time: 16:38:13 Date: 14/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: sentenza berwind.pdf Cookbook: defaultwindowspdfcookbook.jbs Time: 21:41:19 Date: 11/04/2018 Version: 22.0.
ID: 54234 Sample Name: sentenza berwind.pdf Cookbook: defaultwindowspdfcookbook.jbs Time: 21:41:19 Date: 11/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection
More informationID: Cookbook: urldownload.jbs Time: 15:58:06 Date: 04/06/2018 Version:
ID: 62516 Cookbook: urldownload.jbs Time: 15:58:06 Date: 04/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Sample Name: Harry Potter and the Sorcerer's Stone.pdf Cookbook: defaultwindowspdfcookbook.jbs Time: 06:34:30 Date: 24/04/2018 Version:
ID: 56310 Sample Name: Harry Potter and the Sorcerer's Stone.pdf Cookbook: defaultwindowspdfcookbook.jbs Time: 06:34:30 Date: 24/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General
More informationID: Cookbook: browseurl.jbs Time: 09:15:48 Date: 09/01/2018 Version:
ID: 42027 Cookbook: browseurl.jbs Time: 0:15:48 Date: 0/01/2018 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Sample Name: message_zdm.html Cookbook: default.jbs Time: 17:40:56 Date: 04/05/2018 Version:
ID: 58003 Sample Name: message_zdm.html Cookbook: default.jbs Time: 17:40:56 Date: 04/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection
More informationID: Sample Name: Zipongo Value for Investment_ Theresa & Year 1 ROI vs. treatment costs.pdf Cookbook: defaultwindowspdfcookbook.
ID: 56479 Sample Name: Zipongo Value for Investment_ Theresa & Year 1 ROI vs. treatment costs.pdf Cookbook: defaultwindowspdfcookbook.jbs Time: 20:35:00 Date: 24/04/2018 Version: 22.0.0 Table of Contents
More informationFAQs GOLF CANADA KIOSK
FAQs GOLF CANADA KIOSK WHY THE GOLF CANADA KIOSK? The kiosk web address is generally used at the course because of its basic features and user-friendly interface. There is no password required for entry,
More informationXC2 Client/Server Installation & Configuration
XC2 Client/Server Installation & Configuration File downloads Server Installation Backup Configuration Services Client Installation Backup Recovery Troubleshooting Aug 12 2014 XC2 Software, LLC Page 1
More informationOxygen Meter User Manual
Oxygen Meter User Manual Monday, July 23, 2007 1. Outline...2 2. Program...3 2.1. Environment for program execution...3 2.2. Installation...3 2.3. Un installation...3 2.4. USB driver installation...3 2.5.
More informationPRODUCT MANUAL. Diver-Mobile for Android
PRODUCT MANUAL Diver-Mobile for Android Contact details: Van Essen Instruments B.V. Van Essen Instruments - Canada Delftechpark 20 630 Riverbend Drive, Suite 100 2628 XH Delft Kitchener, ON, The Netherlands
More informationCisco SIP Proxy Server (CSPS) Compliance Information
APPENDIX A Cisco SIP Proxy Server (CSPS) Compliance Information This appendix describes how the CSPS complies with the IETF definition of SIP (Internet Draft draft-ietf-sip-rfc2543bis-04.txt, based on
More informationThe MQ Console and REST API
The MQ Console and REST API Matt Leming lemingma@uk.ibm.com Agenda Existing capabilities What s new? The mqweb server The MQ REST API The MQ Console 1 Existing capabilities Administering software MQ Queue
More informationACI_Release_Notes.txt VERSION Fixed Tank info for ELITE in Dive section 2. Fixed USB port initializing for old DC VERSION
VERSION 2.4.0 1. Fixed Tank info for ELITE in Dive section 2. Fixed USB port initializing for old DC VERSION 2.3.9 1. Fixed Dive Computer configuration section error 2. Fixed message for download/upload
More informationREMOTE CLIENT MANAGER HELP VERSION 1.0.2
VERSION 1.0.2 MERCHANT SALES: 800-637-8268 New Merchant Accounts PARTNER PROGRAMS: 800-637-8268 New and existing partnerships CUSTOMER CARE: 800-338-6614 Existing merchant account support Statements and
More informationWe release Mascot Server 2.6 at the end of last year. There have been a number of changes and improvements in the search engine and reports.
1 We release Mascot Server 2.6 at the end of last year. There have been a number of changes and improvements in the search engine and reports. I ll also be covering some enhancements and changes in Mascot
More informationDiver Training Options
MAIN INTERNET ON-SITE TAILORED PACKAGES INTER-COMPANY Diver Training Options DBI offers a menu of tailored courses Designed for users as well as IT Professionals to learn how to master the functionality
More informationAGW SYSTEMS. Blue Clock W38X
AGW SYSTEMS Blue Clock W38X Contents table BLUECLOCKS...3 THE EVOLUTION...4 WHAT S NEW!...5 HARDWARE...6 SOFTWARE...7 MULTI COMPANY...8 INSTANTLY...9 EVEN MORE!...10 WHAT S INSIDE HOW DOES IT WORK...11...12
More informationIntegrate Riverbed SteelHead. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: March 27, 2018 Abstract This guide provides instructions to configure a Riverbed SteelHead to send its syslog to EventTracker Enterprise Scope The configurations
More informationTHE STATCREW SYSTEM For Basketball - What's New Page 1
THE STATCREW SYSTEM For Basketball - What's New 2000-2011 - Page 1 What's New For 2011: Version 4.13.0 (available June 2011) Access to all updates from June 2011 through May 2012 (i.e., versions 4.13.1-4.13.xx)
More informationDESKTOP SKILLS COURSEWARE
Introducing Mac OS X Yosemite Course... ds_maco_a01_dt_enus Working with Mac OS X Yosemite Course... ds_maco_a02_dt_enus Installing Mac OS X Yosemite Course... ds_macp_a01_dt_enus Managing and Configuring
More informationUsing the Lego NXT with Labview.
Using the Lego NXT with Labview http://www.legoengineering.com/component/content/article/105 The Lego NXT 32-bit ARM microcontroller - an Atmel AT91SAM7S256. Flash memory/file system (256 kb), RAM (64
More informationTennis...32 Stay above...34 Decimal...36 Bundesliga simulator...38 Shooter management...41 Installation...43 Registration...45 Where do I get the
Content ShotAnalyzer with Scatt and the Häring target system... 3 ShotAnalyzer with Scatt and the Meyton target system... 5 ShotAnalyzer with Scatt and the Disag target system... 7 ShotAnalyzer with Scatt
More informationFlow Vision I MX Gas Blending Station
Flow Vision I MX Gas Blending Station Alicat Scientific, Inc. 7641 N Business Park Drive Tucson, Arizona 85743 USA alicat.com 1 Notice: Alicat Scientific, Inc. reserves the right to make any changes and
More informationVersion 3.1.0: New Features/Improvements: Improved Bluetooth connection on Windows 10
Version 3.1.0: Improved Bluetooth connection on Windows 10 ***Important notice for Mac Users: Upgrading from Shearwater Desktop 3.0.8 to 3.1.0 will not cause issues. Upgrading from any 2.X.X to any 3.X.X
More informationDigi Connect ME 9210 Linux: serial port 2 for JTAG modules
Digi Connect ME 9210 Linux: serial port 2 for JTAG modules Document History Date Version Change Description 08/05/2009 Initial entry/outline Table of Contents Document History... 2 Table of Contents...
More information- 2 - Companion Web Site. Back Cover. Synopsis
Companion Web Site A Programmer's Introduction to C# by Eric Gunnerson ISBN: 1893115860 Apress 2000, 358 pages This book takes the C programmer through the all the details from basic to advanced-- of the
More informationUsing MATLAB with CANoe
Version 2.0 2017-03-09 Application Note AN-IND-1-007 Author Restrictions Abstract Vector Informatik GmbH Public Document This application note describes the usage of MATLAB /Simulink combined with CANoe.
More informationMicrosoft Windows Software Manual for FITstep Stream Version 4
Thank you for purchasing this product from Gopher. If you are not satisfied with any Gopher purchase for any reason at any time, contact us and we will replace the product, credit your account, or refund
More informationTotalflow Web Interface (TWI) software Help notes v1.0 Oct. 3, 2014
Technical reference Totalflow products Totalflow Web Interface (TWI) software Help notes v1.0 Oct. 3, 2014 File name: Totalflow products 2105166MNAA.docx Document name: Document status: Totalflow products
More information86 5A 62 DF 67 3A 7B A F A 65 F6 95 F4. win7-sp1-x64-app02-1 win7-sp1-x64-app02-1 KVM :32: :51:37
9B 76 FE 5B 89 51 68 06 67 62 A5 4A 06 67 7C 7B 57 5F 00 59 CB F6 95 F4 7E D3 67 5F F6 95 F4 63 01 7E ED F6 95 F4 06 67 5F 15 64 CE 72 48 67 2C FILE 2017-01-31 15:32:29 2017-01-31 15:51:38 1149 79 D2 1.4-Maldun
More informationQuintic Automatic Putting Report
Quintic Automatic Putting Report Tutorial www.quintic.com Introduction The Quintic Automatic Putting Report is designed to work as an add on to our premier Quintic Biomechanics analysis software. Auto
More informationPrevious Release Notes
Release Notes Shearwater Desktop 3.1.5 Support for NERD 2. Previous Release Notes Version 3.1.4 Improved Bluetooth Reliability with the initial connection. Bug Notes: dded software workaround to allow
More informationSkillsoft Course Catalog. Desktop Collection
Skillsoft Course Catalog Desktop Collection Adobe Reader X Course... at_adre_a01_dt_enus Adobe Air 3 for Flash CS5.5 Developers Course... at_airr_a01_it_enus Adobe InDesign CS5: Fundamentals Course...
More informationNETDIVER TUTORIAL. Revision Doc-NDT Dimensional Insight
NETDIVER TUTORIAL Revision Doc-NDT-121411-02 2011 Dimensional Insight NetDiver 6.3 Tutorial, Manual Revision Doc-NDT-021411-02. Dimensional Insight, Inc. disclaims the implied warranties of merchantability
More informationSQL LiteSpeed 3.0 Installation Guide
SQL LiteSpeed 3.0 Installation Guide Revised January 27, 2004 Written by: Jeremy Kadlec Edgewood Solutions www.edgewoodsolutions.com 888.788.2444 2 Introduction This guide outlines the SQL LiteSpeed 3.0
More information[CROSS COUNTRY SCORING]
2018 The Race Director Guide [CROSS COUNTRY SCORING] This document describes the setup and scoring processes employed when scoring a cross country race with Race Director. Contents Intro... 3 Division
More informationMeter Data Distribution User Manual
0.1 Meter Data Distribution User Manual February 2016 Public Copyright 2015 Independent Electricity System Operator. All rights reserved. Public Page 2 of 24 Table of Contents Contents 1. Overview... 4
More informationBlackwave Dive Table Creator User Guide
Blackwave Dive Table Creator User Guide Copyright 2002-2009 Blackwave. All rights reserved. These materials (including without limitation all articles, text, images, logos, compilation, and design) are
More informationTable of Content IMPORTANT NOTE: Before using this guide, please make sure you have already set up your settings in
Quick Start Guide Table of Content Introduction... 3 Prerequisites... 3 How to Open QQEvolution 2... 4 How to do Carrier Downloads... 5 Locating a Client in QQEvolution 2... 7 Adding a New Client... 8
More informationBVIS Beach Volleyball Information System
BVIS Beach Volleyball Information System Developments in computer science over the past few years, together with technological innovation, has in turn stimulated the development of tailored software solutions
More informationSoftware Manual for FITstep Pro Version 2
Thank you for purchasing this product from Gopher. If you are not satisfied with any Gopher purchase for any reason at any time, contact us and we will replace the product, credit your account, or refund
More informationRanging and Communications Module Reconfiguration and Evaluation Tool (RCM RET) User Guide
Ranging and Communications Module Reconfiguration and Evaluation Tool (RCM RET) User Guide PulsON 400 RCM TIME DOMAIN Cummings Research Park 4955 Corporate Drive Suite 101 Huntsville, AL 35805 USA http://www.timedomain.com
More informationSection 8: Model-View-Controller. Slides adapted from Alex Mariakakis, with material from Krysta Yousoufian and Kellen Donohue
Section 8: Model-View-Controller Slides adapted from Alex Mariakakis, with material from Krysta Yousoufian and Kellen Donohue Agenda MVC MVC example 1: traffic light MVC example 2: registration HW8 info
More informationSection 8: Model-View-Controller
Section 8: Model-View-Controller Slides by Alex Mariakakis with material from Krysta Yousoufian and Kellen Donohue Agenda MVC MVC example 1: traffic light MVC example 2: registration HW8 info MVC The classic
More informationExcel 2013 Pivot Table Calculated Field Greyed Out
Excel 2013 Pivot Table Calculated Field Greyed Out Use Excel pivot table calculated item to create unique items in a pivot table field. (00:47 minute mark) Group By Date: Excel PivotTable: 1) Drag Date
More informationKEM Scientific, Inc. Instruments for Science from Scientists
KEM Scientific, Inc. Instruments for Science from Scientists J-KEM Scientific, Inc. 6970 Olive Blvd. St. Louis, MO 63130 (314) 863-5536 Fax (314) 863-6070 E-Mail: jkem911@jkem.com Precision Vacuum Controller,
More informationSoftware for electronic scorekeeping of volleyball matches, developed and distributed by:
Software for electronic scorekeeping of volleyball matches, developed and distributed by: Developed for the rules of USports 2017-18 As adopted by Ontario University Athletics for Men s & Women s Volleyball
More informationMulti Class Event Results Calculator User Guide Updated Nov Resource
Multi Class Event Results Calculator User Guide Updated Nov 2011 The Multi Class Point Score has been developed as part of Swimming Australia Ltd. s commitment to creating opportunities for people with
More informationInstruction Manual. BZ7002 Calibration Software BE
Instruction Manual BZ7002 Calibration Software BE6034-12 Index _ Index Index... 2 Chapter 1 BZ7002 Calibration Software... 4 1. Introduction... 5 Chapter 2 Installation of the BZ7002... 6 2. Installation
More informationby Robert Gifford and Jorge Aranda University of Victoria, British Columbia, Canada
Manual for FISH 4.0 by Robert Gifford and Jorge Aranda University of Victoria, British Columbia, Canada Brief Introduction FISH 4.0 is a microworld exercise designed by University of Victoria professor
More informationDigi Connect ME 9210 Linux: 2 nd serial over FIM
Digi Connect ME 9210 Linux: 2 nd serial over FIM Document History Date Version Change Description 09/04/2009 Initial entry/outline Table of Contents Document History... 2 Table of Contents... 2 1 Problem
More informationArmfield Distillation Column Operation Guidelines
Armfield Distillation Column Operation Guidelines 11-2016 R.Cox Safety SAFETY GLASSES ARE REQUIRED WHEN OPERATING THE DISTILLATION COLUMN Wear gloves when mixing alcohol feedstock The column will become
More informationSteltronic StelPad User Guide
StelPad User Guide Steltronic StelPad User Guide Contents Contents... 1 About StelPad and its Features... 3 StelPad System Elements... 3 StelPad Computer Integration with Focus... 4 Enable Custom Graphic
More informationInspection User Manual
2016 TABLE OF CONTENTS Inspection User Manual This application allows you to easily inspect equipment located in Onix Work. Onix AS Version 1.0.15.0 03.06.2016 0 P a g e TABLE OF CONTENTS TABLE OF CONTENTS
More informationInspection User Manual This application allows you to easily inspect equipment located in Onix Work.
2016 TABLE OF CONTENTS Inspection User Manual This application allows you to easily inspect equipment located in Onix Work. Onix AS Version 1.0.15.0 03.06.2016 0 P a g e TABLE OF CONTENTS TABLE OF CONTENTS
More informationThe Race Director. IPICO Integration Direct Connect [IPICO INTEGRATION]
2017 The Race Director IPICO Integration Direct Connect [IPICO INTEGRATION] This document explains how to manage the results data between your IPCIO readers and Race Director using a direct connection
More informationSystem Administration Tasks
Welcome to MyCricket! Please take a few minutes to read through this getting started guide, which gives an overview of how to set up MyCricket for your Club and how to carry out the key tasks at Club level.
More informationTournament Manager: Running a VEX IQ Event - Beginner
Tournament Manager: Running a VEX IQ Event - Beginner Indiana IQ Event Partner Workshop Agenda 1. Main Window a. Once i. The Main Window has a standard menu bar. ii. A series of tabbed pages filling the
More informationICD-10-CM IN VERSION 10
ICD-10-CM IN VERSION 10 June 2014 eclinicalworks, 2014. All rights reserved Introduction Effective Date CONTENTS INTRODUCTION 3 Effective Date 3 Global Effective Date 3 Individual Insurance Effective Date
More informationFencing Fox SmartApp Documentation. 25 avril 2018
Fencing Fox Fencing Competition Software SmartApp User Guide Copyright AFC Europe 2014-2018 1 1 TABLE OF CONTENTS 2 General overview... 3 2.1 Installation... 3 2.2 Local network setting... 3 2.3 Starting
More informationNanoSight NS300. NanoSight NS300. Operation instructions. Laser Spectroscopy Labs, UCI
NanoSight NS300 Operation instructions Injection/flushing brief overview: 1. Do not exceed flow of 1 ml per 20 seconds. 2. Inject two 1 ml syringes with nano-pure or DI water. 3. If the water does not
More informationWorld Leading Traffic Analysis
World Leading Traffic Analysis Over the past 25 years, has worked closely with road authorities and traffic managers around the world to deliver leading traffic monitoring equipment. With products now
More informationAPP NOTES Onsight Connect Cisco Integration. July 2016
APP NOTES Onsight Connect Cisco Integration July 2016 Table of Contents 1. Direct Onsight Device to Cisco Endpoint Calling... 4 2. Onsight Device to Onsight Device (including Cisco Endpoint) Calling...
More informationiregatta User Manual
iregatta User Manual iregatta User Manual This manual may not always be up to date with the latest version of iregatta available in Apples App Store, as minor additions or bug fixes may be published without
More informationInstrument pucks. Copyright MBARI Michael Risi SIAM design review November 17, 2003
Instrument pucks Michael Risi SIAM design review November 17, 2003 Instrument pucks Pucks and Plug-and-Work The MBARI puck prototype Puck software interface Pucks in practice (A Puck s Tale) Embedding
More informationAustralian Ice Hockey League Limited Privacy Policy
Australian Ice Hockey League Limited Privacy Policy 1. AIHL Australian Ice Hockey League Ltd (ACN 114 658 123) of GPO Box 329, Melbourne VIC 3001 (AIHL) is the administrator of the Australian Ice Hockey
More informationFireHawk M7 Interface Module Software Instructions OPERATION AND INSTRUCTIONS
FireHawk M7 Interface Module Software Instructions OPERATION AND INSTRUCTIONS WARNING THE WARRANTIES MADE BY MSA WITH RESPECT TO THE PRODUCT ARE VOIDED IF THE PRODUCT IS NOT USED AND MAINTAINED IN ACCORDANCE
More informationRules of Soccer Simulation League 2D
Rules of Soccer Simulation League 2D (RoboCup2016 Leipzig, Germany) This document contains the rules for the RoboCup2016 Soccer Simulation League 2D competition in Leipzig, Germany. 1. Soccer Simulator
More informationOnline League Management lta.tournamentsoftware.com. User Manual. Further support is available online at
Online League Management lta.tournamentsoftware.com User Manual Further support is available online at www.lta.org.uk/leagueplanner Contents Welcome... 3 Using this guide... 3 Further support?... 3 Publishing
More informationdive site directory 2009 Dive Site Directory Ltd Page. 2
dive site directory dive site directory was set up to give divers easy access to diving information on dive sites all over the world, with information collated from contributions by the diving community.
More informationLiteSpeed for SQL Server 6.5. Integration with TSM
LiteSpeed for SQL Server 6.5 Integration with TSM 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationN4 Hazards (Hazardous Cargo) Training Document
N4 Hazards (Hazardous Cargo) Training Document Prepared By: Gene Ferguson, Leslie Edmondson 1 Table of Content A. Typographical Conventions B. Additional Training C. Hazards form 1. Define 2. Add 3. Update
More informationONSIGHT FIREWALL CONFIGURATION GUIDE
ONSIGHT FIREWALL CONFIGURATION GUIDE Librestream Onsight Firewall Configuration Guide Doc #: 400295-03, rev A January 2019 Information in this document is subject to change without notice. Reproduction
More informationONSIGHT FIREWALL CONFIGURATION GUIDE
ONSIGHT FIREWALL CONFIGURATION GUIDE Librestream Onsight Firewall Configuration Guide Doc #: 400295-01, rev A January 2018 Information in this document is subject to change without notice. Reproduction
More informationCONTENTS. Welcome to Season Setup in Play Football Setting Up Our Details Setting up Age Groups... 9
SEASON SETUP 2018 CONTENTS Welcome to Season Setup in Play Football... 2 Setting Up Our Details... 5 Setting up Age Groups... 9 Setting up Fees and Registration Packages... 11 Create a Registration Package...
More informationMapping a course for Pocket Caddy
Contents: 1. Mapping overview 2. Mapping your course o 2.1. Locating the course o 2.2. Mapping the holes o 2.3. Opening the template file and naming the course o 2.4. Mapping the greens o 2.5. Mapping
More informationBurner Management System DEMO Operating instructions
Burner Management System DEMO Operating instructions Burner Management System DEMO Operating Instructions Startup Summary - Normal startup is accomplished in four basic steps: 1. Leak Test a. Safety Valve
More informationSteelHead SaaS User s Guide
SteelHead SaaS User s Guide RiOS Version 9.6 March 2017 2017 Riverbed Technology, Inc. All rights reserved. Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed.
More informationIntegrated Sports Systems (ISS) Inc. Meet Management Suite
November 2010 Integrated Sports Systems (ISS) Inc. Meet Management Suite User Guide and Technical Document Version 2.0 Table of Contents Table of Contents... 2 General Concepts... 3 Installation Meet Management
More informationGuide to Pedestrian & Bicycling Maps. How to create route maps and arrival/dismissal maps for your school
Guide to Pedestrian & Bicycling Maps How to create route maps and arrival/dismissal maps for your school Table of Contents 1. Introduction...1 Why is mapping important for SRTS?...1 Guide purpose and organization...1
More information2 November WSI Hubcast VERSION 3.5 RELEASE NOTES
2 November 2016 WSI Hubcast VERSION 3.5 RELEASE NOTES THE WEATHER COMPANY WSI Hubcast 2 2 WSI HUBCAST 3.5 RELEASE NOTES This document describes the major changes introduced with version 3.5 of the WSI
More informationHeart Foundation Walking Website user guide for Walk Organisers
Heart Foundation Walking Website user guide for Walk Organisers Proudly supported by Website User Guide for Walk Organisers Contents 1. Introduction... 2 1.1 Finding the HFW website... 2 1.2 Log in on
More informationUSA Jump Rope Tournament Software User Guide 2014 Edition
USA Jump Rope Tournament Software User Guide www.usajumprope.org Table of Contents Contents System Requirements... 3 System Conventions... 4 Phase 1 Tournament Pre registration Preparation... 5 Name Your
More informationSofort Banking. How to configure your Sofort and Ingenico epayments account. Copyright 2017 Ingenico epayments
How to configure your Sofort and Ingenico epayments account Table of contents 1. Getting started 1.1 What to configure 1.2 How to configure 1.2.1 Automatic configuration 1.2.2 Manual configuration 1.3
More informationA physicist, an engineer and a programmer were in a car driving over a steep alpine pass when the brakes failed. The car was getting faster and
A physicist, an engineer and a programmer were in a car driving over a steep alpine pass when the brakes failed. The car was getting faster and faster, they were struggling to get round the corners and
More informationDecompression of run-time compressed PE-files
Decompression of run-time compressed PE-files MIROSLAV VNUK, PAVOL NÁVRAT Slovak University of Technology Faculty of Informatics and Information Technologies Ilkovičova 3, 842 6 Bratislava, Slovakia Abstract.
More informationWickets Administrator
Wickets Administrator Software For Managing Stored Value Wickets 01/08/2008 Product Details And Operating Instructions Overview This page describes each major function of Wickets Administrator in detail.
More information