Upload File

target: threatexpert.com report google cache

5
Text-only version This is Google's cache of http://www.threatexpert.com /report.aspx?md5=ce0296e2d77ec3bb112e270fc260f274. It is a snapshot of the page as it appeared on Jan 8, 2014 02:13:06 GMT. The current page could have changed in the meantime. Learn more Tip: To quickly find your search term on this page, press Ctrl+F or -F (Mac) and use the find bar. Visit ThreatExpert web site | Close Report Submission Summary: Submission details: Submission received: 18 December 2013, 16:08:11 Processing time: 5 min 50 sec Submitted sample: File MD5: 0xCE0296E2D77EC3BB112E270FC260F274 File SHA-1: 0x8A6AF8587ADF0E743871AD6B9889428B5F75B86B Filesize: 270,336 bytes Summary of the findings: What's been found Severity Level Downloads/requests other files from Internet. Technical Details: There was a new process created in the system: Process Name Process Filename Main Module Size [filename of the sample #1] [file and pathname of the sample #1] 278,528 bytes There was a new service created in the system: Memory Modifications ThreatExpert Report http://webcache.googleusercontent.com/search?q=cache:UYk... 1 of 5 1/16/14 9:26 AM

Upload: indeep-media

Post on 22-Oct-2015

29 views

Category:

Documents


0 download

Report

DESCRIPTION

Threatexpert.com is an automated service, it analyses submitted files to figure out how they behave. It hold an archive of searchable reports as a resource for the security community.Brian Krebs, a security writer, noted threatexpert.com's report on Targets attack was removed, more mysteriously though it also disappeared from Google's cache shortly after he published a post on January 15. He preserved a PDF of it, however.When questioned on the removal, a Symantec spokeswoman said "we took the initiative to remove it because we didn't want the information to compromise the ongoing investigation."READ MORE: http://is.gd/QvWUGIvia http://is.gd/HuAcWK

TRANSCRIPT

Page 1: Target: threatexpert.com Report Google Cache

Text-only version

This is Google's cache of http://www.threatexpert.com/report.aspx?md5=ce0296e2d77ec3bb112e270fc260f274. It is a snapshot of the page as it appeared onJan 8, 2014 02:13:06 GMT. The current page could have changed in the meantime. Learn moreTip: To quickly find your search term on this page, press Ctrl+F or ⌘-F (Mac) and use the find bar.

Visit ThreatExpert web site | Close Report

Submission Summary:

Submission details:

Submission received: 18 December 2013, 16:08:11

Processing time: 5 min 50 sec

Submitted sample:

File MD5: 0xCE0296E2D77EC3BB112E270FC260F274

File SHA-1: 0x8A6AF8587ADF0E743871AD6B9889428B5F75B86B

Filesize: 270,336 bytes

Summary of the findings:

What's been found Severity Level

Downloads/requests other files from Internet.

Technical Details:

There was a new process created in the system:

Process Name Process Filename Main Module Size

[filename of the sample #1] [file and pathname of the sample #1] 278,528 bytes

There was a new service created in the system:

Memory Modifications

ThreatExpert Report http://webcache.googleusercontent.com/search?q=cache:UYk...

1 of 5 1/16/14 9:26 AM

Page 2: Target: threatexpert.com Report Google Cache

Service Name Display Name Status Service Filename

POSWDS POSWDS "Running" [file and pathname of the sample #1]

The following Registry Keys were created:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_POSWDS

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_POSWDS\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_POSWDS\0000\Control

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\POSWDS

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\POSWDS\Security

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\POSWDS\Enum

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POSWDS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POSWDS\0000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POSWDS\0000\Control

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POSWDS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POSWDS\Security

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POSWDS\Enum

The newly created Registry Values are:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_POSWDS\0000\Control]

*NewlyCreated* = 0x00000000

ActiveService = "POSWDS"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_POSWDS\0000]

Service = "POSWDS"

Legacy = 0x00000001

ConfigFlags = 0x00000000

Class = "LegacyDriver"

ClassGUID = "{8ECC055D-047F-11D1-A537-0000F8753ED1}"

DeviceDesc = "POSWDS"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_POSWDS]

NextInstance = 0x00000001

Registry Modifications

ThreatExpert Report http://webcache.googleusercontent.com/search?q=cache:UYk...

2 of 5 1/16/14 9:26 AM

Page 3: Target: threatexpert.com Report Google Cache

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\POSWDS\Enum]

0 = "Root\LEGACY_POSWDS\0000"

Count = 0x00000001

NextInstance = 0x00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\POSWDS\Security]

Security = 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 0200 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 0000 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 0000 05 12 00 00 00 00 00 18 00 FF 01 0F 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\POSWDS]

Type = 0x00000110

Start = 0x00000002

ErrorControl = 0x00000000

ImagePath = "[file and pathname of the sample #1]"

DisplayName = "POSWDS"

ObjectName = "LocalSystem"

FailureActions = FF FF FF FF 01 00 00 00 01 00 00 00 03 00 00 00 74 00 6D00 01 00 00 00 A0 86 01 00 01 00 00 00 A0 86 01 00 01 00 00 00 A0 86 0100

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POSWDS\0000\Control]

*NewlyCreated* = 0x00000000

ActiveService = "POSWDS"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POSWDS\0000]

Service = "POSWDS"

Legacy = 0x00000001

ConfigFlags = 0x00000000

Class = "LegacyDriver"

ClassGUID = "{8ECC055D-047F-11D1-A537-0000F8753ED1}"

DeviceDesc = "POSWDS"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POSWDS]

NextInstance = 0x00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POSWDS\Enum]

0 = "Root\LEGACY_POSWDS\0000"

Count = 0x00000001

NextInstance = 0x00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POSWDS\Security]

ThreatExpert Report http://webcache.googleusercontent.com/search?q=cache:UYk...

3 of 5 1/16/14 9:26 AM

Page 4: Target: threatexpert.com Report Google Cache

Security = 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 0200 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 0000 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 0000 05 12 00 00 00 00 00 18 00 FF 01 0F 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POSWDS]

Type = 0x00000110

Start = 0x00000002

ErrorControl = 0x00000000

ImagePath = "[file and pathname of the sample #1]"

DisplayName = "POSWDS"

ObjectName = "LocalSystem"

FailureActions = FF FF FF FF 01 00 00 00 01 00 00 00 03 00 00 00 74 00 6D00 01 00 00 00 A0 86 01 00 01 00 00 00 A0 86 01 00 01 00 00 00 A0 86 0100

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\InternetSettings]

ProxyEnable = 0x00000000

The following Registry Values were modified:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]

(Default) =

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]

(Default) =

The following Internet Connection was established:

Server Name Server Port Connect as User Connection Password

10.116.240.31 80 10.116.240.31 10.116.240.31

The following Network Connection was requested:

Remote Name Resource Type LocalResourceto Map

Connect as User ConnectionPassword

\\10.116.240.31\c$\WINDOWS\twain_32

RESOURCETYPE_DISK S: ttcopscli3acs\Best1_user BackupU$r

Other details

ThreatExpert Report http://webcache.googleusercontent.com/search?q=cache:UYk...

4 of 5 1/16/14 9:26 AM

Page 5: Target: threatexpert.com Report Google Cache

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associatedcompanies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, tothe maximum extent permitted by law, including the implied warranties that the Information is merchantable, ofsatisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warrantiesare legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding theuse or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.

ThreatExpert Report http://webcache.googleusercontent.com/search?q=cache:UYk...

5 of 5 1/16/14 9:26 AM


thaicom.dkthaicom.dk/assets/files/Thanulux Company Profile.pdfladieswear, childrenswear and leather goods under brand Lollipop , CACHE CACHE , ERAWON Cadeau , Lollipop , CACHE: CACHE

NET+OS 6.1 Training. Cache API NET+OS 6.1 Cache API H/W Features NET+OS Cache Initialization Cache and DMA Configuring Cache API Functions

LogiCORE IP System Cache v1The Cache memory provides the actual cache functionality in the System Cache. The cache is configurable in terms of size and associativity. The cache size

Prime-Cache / Pro-Cache / Power-Cache Archive Appliance User

Building Software Systems at Google and Lessons Learned• Cache servers: –cache both index results and doc snippets –hit rates typically 30-60% • depends on frequency of index

Cache memory and cache

Some statistics - · PDF fileService Worker Libraries: • workbox-sw • workbox-cli • workbox-build • workbox-runtime-caching • workbox-cache-expiration • workbox-google-analytics

Internet Explorer Fire Fox Google Chrome · Procedure for clearing Cache and Cookies Internet Explorer Fire Fox Google Chrome Internet Explorer 1. Click on Menu Tools, then selection

UNITED STATES DISTRICT COURT FOR THE DISTRICT OF … · 1 For the particular target account, Google produced subscriber information, chats, “Google Plus” profile records, search

Clearing IE 11 Browser Cache - famit.nwcg.gov · Clears history from all signed-in devices. Your Google Account may have Your Google Account may have other forms of browsing history

Target Marketing Webinar | Make Google Fall In Love With You

Lecture 3 – Google File Systemntucsiecloud98.appspot.com/files/3/1/GFS.pdf · 3 Numbers real world engineers should know L1 cache reference 0.5 ns Branch mispredict 5 ns L2 cache

1Ensure you are using Google Chrome NOT Google. · Cookies ache Cache Storage Console Sources Network Performance Memory Welcome to Al-DB The Agriculture & Horticulture Development

George Abbot Clearing Cache Guide...How to clear the cache in Google Chrome From a PC 1. On your computer, open Chrome.2. At the top right, click More . 3. Click More tools. Clear

GOOGLE APPS By John Berglund & Aimee Herrig ASU. PICASA, GOOGLE NEWS, AND GOOGLE OFFERS The purpose Key features Free or fee Target audience You tube

How to Clear Your Cache (History) on Google Chrome

[Software Tutorial] How to Use Google Map Create ArcGIS Server Cache

Cache-Oblivious Ray Reordering - KAISTsglab.kaist.ac.kr/CORR/CORR_techreport.pdf · cache-oblivious. Cache-aware algorithms utilize the knowledge of cache parameters, such as cache

Guidelines for Managing Google Chrome, Internet · PDF fileGuidelines for Managing Google Chrome, Internet Explorer, and Download Settings Browsing history, File cache, and Downloads

Google Search Commands - Amazon Web Servicescheat-sheets.s3.amazonaws.com/.../google-search... · GOOGLE SEARCH COMMANDS Alternative Query Types Goo Ale O erators cache: Meanin Display

Google Drive Connector Template · Drive target. You must create a connection for Google Drive Object that you want to connect to. You can use Google Drive connections in Data Synchronization

How Google protect your data? · Edge points of presence (>100) Google global cache edge nodes (>800) Better global infrastructure More edge & peering points than any public cloud

Tips for Clearing Browser Cache · Web viewTips for Clearing Browser Cache Google Chrome Click the Tools menu (three dotted lines in the upper-right corner)Select History. 3. Select

Memory Hierarchy Design Memory Hierarchy Design. 2 Outline Introduction Cache Basics Cache Performance Reducing Cache Miss Penalty Reducing Cache Miss

Clear Internet Cache Files: Google Chrome...Update Flash Settings: Google Chrome 1. Open Google Chrome and type Chrome://settings/content into the URL box and press enter. 2. Click

Cache me outside - Umbraco Spark · Cache me outside ANTHONY DANG HEAD OF TECHNOLOGY, THE COGWORKS ... Partial Cache Output Cache / Donut Cache Custom Inline (method-level) Cache

Memory Hierarchy for Web Search - Stanford Universitycsl.stanford.edu/~christos/publications/2018.search.hpca... · 2018-07-03 · Latency-optimized L4 cache Target the available

cache. ... cache

INF3380: Parallel Programming for Natural Sciences · Cache Cache Core Core Core Core Cache Cache Bus Compute Node Memory Core Core Core Core Cache Cache Core Core Core Core ... Compute

googless - SecTor 2018 · Resolved in OWASP Testing Guide v3. OWASP 28 OWASP Testing Guide v3 Methodology Based on Google Advanced Search Operators: site: cache: OWASP 29 Google Advanced

What is Google AdWords Remarketing? - e-dashere-dasher.com/...on-AdWordsRemarketing-US-English.pdf · With Google AdWords Remarketing, you can target ... Yankee Candle Company said

Benefits Why Google? 2 million + 650,000 + 90% · • Using advanced Google algorithms, you can target your property to those in the market to buy. • You can also target on location,

Target your audience with google ad words

Google Earth Cache Forensics - Jesse Kornblumjessekornblum.com/presentations/dodcc10-2.pdf · Introduction • Google Earth – – Free and Pro versions – Windows, OS X, and Linux

S cache: Thwarting Cache Attacks via Cache Set Randomization