DOCSLIB.ORG

Automated Malware Analysis Report for 928374982730947.Cmd

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automated Malware Analysis Report for 928374982730947.Cmd ID: 70283 Sample Name: 928374982730947.cmd Cookbook: default.jbs Time: 13:28:23 Date: 31/07/2018 Version: 23.0.0 Table of Contents Table of Contents 2 Analysis Report 4 Overview 4 General Information 4 Detection 4 Confidence 4 Classification 5 Signature Overview 5 AV Detection: 6 Networking: 6 System Summary: 6 Hooking and other Techniques for Hiding and Protection: 6 Malware Analysis System Evasion: 6 Behavior Graph 6 Simulations 7 Behavior and APIs 7 Antivirus Detection 7 Initial Sample 7 Dropped Files 7 Unpacked PE Files 7 Domains 7 URLs 8 Yara Overview 8 Initial Sample 8 PCAP (Network Traffic) 8 Dropped Files 8 Memory Dumps 8 Unpacked PEs 8 Joe Sandbox View / Context 8 IPs 8 Domains 8 ASN 8 Dropped Files 8 Screenshots 8 Startup 9 Created / dropped Files 9 Contacted Domains/Contacted IPs 10 Contacted Domains 10 Contacted IPs 10 Public 10 Private 10 Static File Info 10 General 10 File Icon 11 Network Behavior 11 Code Manipulations 11 Statistics 11 Behavior 11 System Behavior 11 Analysis Process: cmd.exe PID: 3944 Parent PID: 3512 11 General 11 Copyright Joe Security LLC 2018 Page 2 of 13 File Activities 12 File Created 12 File Read 12 Analysis Process: PING.EXE PID: 3984 Parent PID: 3944 12 General 12 File Activities 12 Analysis Process: wscript.exe PID: 4008 Parent PID: 3944 12 General 12 File Activities 13 Registry Activities 13 Key Created 13 Disassembly 13 Code Analysis 13 Copyright Joe Security LLC 2018 Page 3 of 13 Analysis Report Overview General Information Joe Sandbox Version: 23.0.0 Analysis ID: 70283 Start time: 13:28:23 Joe Sandbox Product: CloudBasic Start date: 31.07.2018 Overall analysis duration: 0h 1m 44s Hypervisor based Inspection enabled: false Report type: light Sample file name: 928374982730947.cmd Cookbook file name: default.jbs Analysis system description: Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java 8.0.1440.1) Number of analysed new started processes analysed: 5 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies HCA enabled EGA enabled HDC enabled Analysis stop reason: Timeout Detection: MAL Classification: mal56.troj.evad.winCMD@5/1@0/1 EGA Information: Failed HDC Information: Failed HCA Information: Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0 Cookbook Comments: Adjust boot time Correcting counters for adjusted boot time Found application associated with file extension: .cmd Stop behavior analysis, all processes terminated Warnings: Show All Exclude process from analysis (whitelisted): dllhost.exe, conhost.exe Report size getting too big, too many NtSetInformationFile calls found. Detection Strategy Score Range Reporting Detection Threshold 56 0 - 100 Report FP / FN Confidence Copyright Joe Security LLC 2018 Page 4 of 13 Strategy Score Range Further Analysis Required? Confidence Threshold 5 0 - 5 false Classification Ransomware Miner Spreading mmaallliiiccciiioouusss malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious cccllleeaann clean Exploiter Banker Spyware Trojan / Bot Adware Signature Overview Copyright Joe Security LLC 2018 Page 5 of 13 • AV Detection • Networking • System Summary • Hooking and other Techniques for Hiding and Protection • Malware Analysis System Evasion Click to jump to signature section AV Detection: Multi AV Scanner detection for submitted file Networking: Uses ping.exe to check the status of other devices and networks Urls found in memory or binary data System Summary: Classification label Creates files inside the user directory Executes visual basic scripts Found command line output Reads software policies Sample is known by Antivirus Spawns processes Hooking and other Techniques for Hiding and Protection: Disables application error messsages (SetErrorMode) Malware Analysis System Evasion: Uses ping.exe to sleep Found WSH timer for Javascript or VBS script (likely evasive script) Behavior Graph Copyright Joe Security LLC 2018 Page 6 of 13 Hide Legend Behavior Graph Legend: ID: 70283 Process Sample: 928374982730947.cmd Signature Startdate: 31/07/2018 Architecture: WINDOWS Created File Score: 56 DNS/IP Info Is Dropped Is Windows Process Uses ping.exe to check Multi AV Scanner detection Uses ping.exe to sleep the status of other started Number of created Registry Values for submitted file devices and networks Number of created Files Visual Basic Delphi cmd.exe Java .Net C# or VB.NET 2 C, C++ or other language Is malicious Uses ping.exe to sleep started started PING.EXE wscript.exe 127.0.0.1 unknown unknown Simulations Behavior and APIs Time Type Description 13:28:30 API Interceptor 1x Sleep call for process: wscript.exe modified Antivirus Detection Initial Sample Source Detection Scanner Label Link 928374982730947.cmd 23% virustotal Browse 928374982730947.cmd 0% metadefender Browse Dropped Files No Antivirus matches Unpacked PE Files No Antivirus matches Domains No Antivirus matches Copyright Joe Security LLC 2018 Page 7 of 13 URLs No Antivirus matches Yara Overview Initial Sample No yara matches PCAP (Network Traffic) No yara matches Dropped Files No yara matches Memory Dumps No yara matches Unpacked PEs No yara matches Joe Sandbox View / Context IPs No context Domains No context ASN No context Dropped Files No context Screenshots Copyright Joe Security LLC 2018 Page 8 of 13 Startup System is w7 cmd.exe (PID: 3944 cmdline: C:\Windows\system32\cmd.exe /c ''C:\Users\user\Desktop\928374982730947.cmd' ' MD5: AD7B9C14083B52BC532FBA5948342B98) PING.EXE (PID: 3984 cmdline: ping 127.0.0.1 -n 1 MD5: 6242E3D67787CCBF4E06AD2982853144) wscript.exe (PID: 4008 cmdline: wscript //Nologo C:\Users\user\Temp\user.vbs MD5: 979D74799EA6C8B8167869A68DF5204A) cleanup Created / dropped Files \Device\Null Process: C:\Windows\System32\PING.EXE File Type: ASCII text, with CRLF line terminators Size (bytes): 282 Entropy (8bit): 4.885120575367097 Encrypted: false MD5: 3D76B6100402FB39286186736F21B2CF SHA1: 3267DA48E71623AB8E342C06F4733FFD2FF5BEAD SHA-256: 0455D41F72FC7E9C08BF80270E75B86BF879E10DB2407926A10E43F3BDD1233E SHA-512: 33F800C96C7701D4983C9CDAD0F85C2D84EF4FBBB39D8F0B850586593101E9249097AAA5735CE9583A38C71A250 0B9D875C2CFE2398BDD64218810FB18F3D949 Malicious: false Reputation: moderate, very likely benign file Copyright Joe Security LLC 2018 Page 9 of 13 Contacted Domains/Contacted IPs Contacted Domains No contacted domains info Contacted IPs No. of IPs < 25% 25% < No. of IPs < 50% 50% < No. of IPs < 75% 75% < No. of IPs Public IP Country Flag ASN ASN Name Malicious Private IP 127.0.0.1 Static File Info General File type: DOS batch file, ASCII text, with very long lines, with CRLF line terminators Entropy (8bit): 4.402118298331553 TrID: Visual Basic Script (6000/0) 100.00% File name: 928374982730947.cmd File size: 84974 MD5: 5a9f8669fa3b27c26ab298c9213931c6 SHA1: b9f54c25314e16096b3c332f0c65ae4d348d64c0 SHA256: dce92dfc27f21b03951df1ddee498fdcbf1b7b5d7f2a0c33 b8ee3fd10325aa75 SHA512: 83a6fe98398959019d3be7fcd1fe0b41c77cbaeeca58787 840b4d1b5a3068f7917363646ca9cc2d9a1eb06c3ee8a6 9bfa9bdb16d8219e0e9e85db494dd664c49 Copyright Joe Security LLC 2018 Page 10 of 13 General File Content Preview: @echo off..SETLOCAL..md "%USERPROFILE%\Temp" && cls..set BMASNAKDNKFASDCYCYCYCYYCYCYC YCYC=%USERNAME%.vbs..set BANNASJAKSKNKNB ANNASKALJSNLKNCIIIICICCCIICIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII IIIIIIIIIIIIIIIIIIIIIIIIIIIIIAHSHSHSIHIHSISHISHSHIISHIHSIH SIHSIHSASDJ File Icon Network Behavior No network behavior found Code Manipulations Statistics Behavior • cmd.exe • PING.EXE • wscript.exe Click to jump to process System Behavior Analysis Process: cmd.exe PID: 3944 Parent PID: 3512 General Start time: 13:28:28 Start date: 31/07/2018 Path: C:\Windows\System32\cmd.exe Wow64 process (32bit): false Commandline: C:\Windows\system32\cmd.exe /c ''C:\Users\user\Desktop\928374982730947.cmd' ' Imagebase: 0x4a5d0000 Copyright Joe Security LLC 2018 Page 11 of 13 File size: 302592 bytes MD5 hash: AD7B9C14083B52BC532FBA5948342B98 Has administrator privileges: true Programmed in: C, C++ or other language Reputation: high File Activities File Created Source File Path Access Attributes Options Completion Count Address Symbol C:\Users\user\Temp read data or list normal directory file | success or wait 1 4A5DF8A4 CreateDirectoryW directory | synchronous io synchronize non alert | open for backup ident | open reparse point C:\Users\Sam read attributes | normal synchronous io success or wait 1 4A5DD8F1 CreateFileW synchronize | non alert | non generic write directory file File Read Source File Path Offset Length Completion Count Address Symbol C:\Users\user\Desktop\928374982730947.cmd unknown 8191 success or wait 7 4A5D4DE3 ReadFile C:\Users\user\Desktop\928374982730947.cmd unknown 512 success or wait 1 4A5D4DE3 ReadFile C:\Users\user\Desktop\928374982730947.cmd unknown 8191 success or wait 202 4A5D4DE3 ReadFile C:\Users\user\Desktop\928374982730947.cmd unknown 512 success or wait 210 4A5D4DE3 ReadFile C:\Users\user\Desktop\928374982730947.cmd unknown 512 end of file 1 4A5D4DE3 ReadFile C:\Users\user\Desktop\928374982730947.cmd unknown 8191 end of file 1 4A5D4DE3 ReadFile Analysis Process: PING.EXE PID: 3984 Parent PID: 3944 General Start time: 13:28:29 Start date: 31/07/2018 Path: C:\Windows\System32\PING.EXE Wow64 process (32bit): false Commandline: ping 127.0.0.1 -n 1 Imagebase: 0xe10000 File size: 15360 bytes MD5 hash: 6242E3D67787CCBF4E06AD2982853144 Has administrator privileges: true Programmed
Load more

Recommended publications
  • Exploring the X64
    Exploring the x64 Junichi Murakami Executive Officer, Director of Research Fourteenforty Research Institute, Inc. Who am I? • Junichi Murakami – @Fourteenforty Research Institute, Inc. – Both Windows and Linux kernel development – Reversing malware and P2P software, etc. – Speaker at: • Black Hat 2008 US and Japan, AVAR 2009, RSA Conference(2009-) – Instructor at Security & Programming Camp(2006-) 2 Environment • Windows 7 x64 Edition • Visual Studio 2008 • Windbg • IDA Pro Advanced – STD doesn’t support x64, an offering is needed! 4 Agenda • Windows x64 • ABI(Application Binary Interface) • API Hooking • Code Injection 5 Windows x64 • Native x64 and WoW64 • Virtual Address Space – 2^64 = 16 Exa Byte ( Exa: 10^18) – but, limited to 16TB by Microsoft • File/Registry reflection • New 64-bit APIs – IsWow64Process, GetNativeSystemInfo, etc. 6 ABI • Binary Format • Register • Calling Convention • Exception Handling • Systemcall(x64, WoW64) 11 Binary Format(Cont.) • Some fields were extended to 64-bits – IMAGE_NT_HEADERS.IMAGE_OPTIONAL_HEADER • ImageBase • SizeOfStackReserve • SizeOfStackCommit • SizeOfHeapReserve • SizeOfHeapCommit 13 Calling Convention • first 4 parameters are passed by RCX, RDX, R8, R9 – 5th and later are passed on the stack • caller allocates register home space on the stack • RAX is used for return values • leaf / non-leaf function – leaf function: never use stack – PE32+ contains non-leaf function’s information in its EXCEPTION DIRECTORY • Register’s volatility – volatile: RAX, RCX, RDX, R8-R11 15 Exception Handling •
    [Show full text]
  • Through the Looking Glass: Webcam Interception and Protection in Kernel
    VIRUS BULLETIN www.virusbulletin.com Covering the global threat landscape THROUGH THE LOOKING GLASS: and WIA (Windows Image Acquisition), which provides a WEBCAM INTERCEPTION AND still image acquisition API. PROTECTION IN KERNEL MODE ATTACK VECTORS Ronen Slavin & Michael Maltsev Reason Software, USA Let’s pretend for a moment that we’re the bad guys. We have gained control of a victim’s computer and we can run any code on it. We would like to use his camera to get a photo or a video to use for our nefarious purposes. What are our INTRODUCTION options? When we talk about digital privacy, the computer’s webcam The simplest option is just to use one of the user-mode APIs is one of the most relevant components. We all have a tiny mentioned previously. By default, Windows allows every fear that someone might be looking through our computer’s app to access the computer’s camera, with the exception of camera, spying on us and watching our every move [1]. And Store apps on Windows 10. The downside for the attackers is while some of us think this scenario is restricted to the realm that camera access will turn on the indicator LED, giving the of movies, the reality is that malware authors and threat victim an indication that somebody is watching him. actors don’t shy away from incorporating such capabilities A sneakier method is to spy on the victim when he turns on into their malware arsenals [2]. the camera himself. Patrick Wardle described a technique Camera manufacturers protect their customers by incorporating like this for Mac [8], but there’s no reason the principle into their devices an indicator LED that illuminates when can’t be applied to Windows, albeit with a slightly different the camera is in use.
    [Show full text]
  • Minimum Hardware and Operating System
    Hardware and OS Specifications File Stream Document Management Software – System Requirements for v4.5 NB: please read through carefully, as it contains 4 separate specifications for a Workstation PC, a Web PC, a Server and a Web Server. Further notes are at the foot of this document. If you are in any doubt as to which specification is applicable, please contact our Document Management Technical Support team – we will be pleased to help. www.filestreamsystems.co.uk T Support +44 (0) 118 989 3771 E Support [email protected] For an in-depth list of all our features and specifications, please visit: http://www.filestreamsystems.co.uk/document-management-specification.htm Workstation PC Processor (CPU) ⁴ Supported AMD/Intel x86 (32bit) or x64 (64bit) Compatible Minimum Intel Pentium IV single core 1.0 GHz Recommended Intel Core 2 Duo E8400 3.0 GHz or better Operating System ⁴ Supported Windows 8, Windows 8 Pro, Windows 8 Enterprise (32bit, 64bit) Windows 10 (32bit, 64bit) Memory (RAM) ⁵ Minimum 2.0 GB Recommended 4.0 GB Storage Space (Disk) Minimum 50 GB Recommended 100 GB Disk Format NTFS Format Recommended Graphics Card Minimum 128 MB DirectX 9 Compatible Recommended 128 MB DirectX 9 Compatible Display Minimum 1024 x 768 16bit colour Recommended 1280 x 1024 32bit colour Widescreen Format Yes (minimum vertical resolution 800) Dual Monitor Yes Font Settings Only 96 DPI font settings are supported Explorer Internet Minimum Microsoft Internet Explorer 11 Network (LAN) Minimum 100 MB Ethernet (not required on standalone PC) Recommended
    [Show full text]
  • Programming Model Intel Itanium 64
    11/11/2003 64-bit computing AMD Opteron 64 Application of Win32 Executable File Legacy 64 bit platforms Inbuilt 128-bit bus DDR memory controller with memory bandwidth speed up to 5.3GB/s. Infectors on Intel Itanium and AMD Benefits of 64-bit processors Opteron Based Win64 Systems Use of hyper transport protocol, “glueless” architecture. Oleg Petrovsky and Shali Hsieh Increased integer dynamic range Computer Associates International Inc. Available in up to 8 way configuration with the clock speeds 1 Computer Associates Plaza, Islandia, NY 11749, Much larger addressable memory space of 1.4 GHz, 1.6 GHz and 1.8 GHz . USA Benefits to database, scientific and cryptography Reuses already familiar 32-bit x86 instruction set and applications extends it to support 64-bit operands, registers and memory pointers. AMD64 Programming Model AMD64: Programming model Intel Itanium 64 X86 32-64 64 bit Itanium line of processors is being developed by Intel XMM8 X86 80-Bit Extends general use registers to 64-bit, adds additional eight 64-Bit X87 general purpose 64-bit registers. Itanium - 800 MHz, no on die L3 cache, Itanium 2 - 1GHz, RAX EAX AX 3MB L3 on die, Itanium 2003 (Madison) - 1.5 GHz, 6MB L3 on die cache, 410M transistors, largest integration on a RBX Reuses x86 instruction set. single silicon crystal today. XMM15 RCX Runs 32-bit code without emulation or translation to a native Itanium line of processors utilizes more efficient and robust XMM0 than legacy x86 instruction set architecture F instruction set. R8 L A Itanium has to use x86-to-IA-64 decoder a specifically Minimizes learning curve.
    [Show full text]
  • Sample2.Js Malware Summary
    Threat Analysis Report Summary Threat Malicious Level File Name sample2.js MD5 Hash 580E637B97B16698CC750B445223D5C0 Identifier SHA-1 Hash 07E507426F72522DABFECF91181D7F64DC3B8D23 Identifier SHA-256 Hash 790999F47B2FA4396FF6B0A6916E295D832A12B3495A87590C859A1FE9D73245 Identifier File Size 3586 bytes File Type ASCII text File 2015-11-06 09:26:23 Submitted Duration 38 seconds Sandbox 27 seconds Replication Engine Analysis Engine Threat Name Severity GTI File Reputation --- Unverified Gateway Anti-Malware JS/Downloader.gen.f Very High Anti-Malware JS/Downloader.gen.f Very High YARA Custom Rules Sandbox Malware.Dynamic Very High Final Very High Sample is malicious: f inal severit y level 5 Behavior Classif icat ion Networking Very High Exploiting, Shellcode High Security Solution / Mechanism bypass, termination and removal, Anti Unverified Debugging, VM Detection Spreading Unverified Persistence, Installation Boot Survival Unverified Hiding, Camouflage, Stealthiness, Detection and Removal Protection Unverified Data spying, Sniffing, Keylogging, Ebanking Fraud Unverified Dynamic Analysis Action Severity Malware behavior: networking activities from non-executable file Very High ATTENTION: connection made to a malicious website (see Web/URL Very High reputation for details) Detected suspicious Java Script content High Downloaded data from a webserver Low Modified INTERNET_OPTION_CONNECT_RETRIES: number of times that Low WinInet attempts to resolve and connect to a host Connected to a specific service provider Low Cracks a URL into its component
    [Show full text]
  • Oracle Database Platform Guide for Windows
    Oracle® Database Platform Guide 10g Release 1 (10.1) for Windows Part No. B10113-01 December 2003 Oracle Database Platform Guide, 10g Release 1 (10.1) for Windows Part No. B10113-01 Copyright © 1996, 2003 Oracle Corporation. All rights reserved. Primary Author: Craig B. Foch Contributing Author: Mark Kennedy and Helen Slattery Contributor: David Collelo The Programs (which include both the software and documentation) contain proprietary information of Oracle Corporation; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent and other intellectual and industrial property laws. Reverse engineering, disassembly or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose. If the Programs are delivered to the U.S. Government or anyone licensing or using the programs on behalf of the U.S. Government, the following notice is applicable: Restricted Rights Notice Programs delivered subject to the DOD FAR Supplement are "commercial computer software" and use, duplication, and disclosure of the Programs, including documentation, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement.
    [Show full text]
  • Product Name User Guide
    Smart-X Software Solutions Core Configurator User guide _______________________________________________________________ SmartX Software Solutions Core Configurator User Guide Table of content: WELCOME 4 FEATURES AND CAPABILITIES 5 MORE SYSTEM MANAGEMENT TOOLS 6 REQUIREMENTS 8 LICENSING AND INSTALLATION 8 EVALUATION VERSION LIMITATION 8 INSTALLATION 8 INSTALLING CORECONFIG ON WINDOWS 7 / 2008 R2 BETA VERSIONS 9 LICENSING 10 WORKING WITH CORE CONFIGURATOR 11 שגיאה! הסימניה אינה מוגדרת. CORE CONFIGURATOR MAIN SCREEN – 32 BIT HOW IT WORKS 11 CORE CONFIGURATOR MAIN SCREEN – 64 BIT 12 ACTIVATION SCREEN 13 HOW IT WORKS: 13 DISPLAY SETTINGS 14 HOW IT WORKS 14 TIME ZONE 15 HOW IT WORKS 15 REMOTE DESKTOP 16 HOW IT WORKS 16 ACCOUNT MANAGEMENT 17 HOW IT WORKS 17 FIREWALL 18 HOW IT WORKS 18 WINRM 19 HOW IT WORKS 19 NETWORKING 20 HOW IT WORKS 21 COMPUTER NAME 22 HOW IT WORKS 22 FEATURES 23 HOW IT WORKS 23 BACKUP PERFORMANCE 24 DCPROMO 25 HOW IT WORKS 26 AUTOMATIC UPDATES 27 HOW IT WORKS 29 REGIONAL LANGUAGES 30 HOW IT WORKS 30 REGISTRY EDITOR 31 2 SmartX Software Solutions Core Configurator User Guide HOW IT WORKS 31 TASK MANAGER 32 HOW IT WORKS 32 SERVICE 33 HOW IT WORKS 33 SYSTEM INFO 34 SHOW COMMANDS 35 3 SmartX Software Solutions Core Configurator User Guide Chapter 1 Welcome Welcome to Smart-X. Thank you for choosing Core Configurator™, one of the top tools developed by Smart-X Software Solutions expert team in an effort to optimize your everyday work. Core Configurator helps you manage your system efficiently, effortlessly and productively. This chapter describes the features and capabilities of Core Configurator, and lists additional tools in the same field that can help optimize your work environment.
    [Show full text]
  • The Evolution of TDL: Conquering X64
    The Evolution of TDL: Conquering x64 Revision 1.1 Eugene Rodionov, Malware Researcher Aleksandr Matrosov, Senior Malware Researcher 2 2 CONTENTS 3 INTRODUCTION ..................................................................................................................................................... 4 1 INVESTIGATION ............................................................................................................................................. 5 1.1 GANGSTABUCKS ............................................................................................................................................... 6 2 INSTALLATION ............................................................................................................................................. 11 2.1 INFECTING X86 SYSTEMS .................................................................................................................................. 11 2.2 INFECTING X64 SYSTEMS .................................................................................................................................. 13 2.3 THE DROPPER’S PAYLOAD ................................................................................................................................ 14 2.4 COMPARISON WITH TDL3/TDL3+..................................................................................................................... 15 3 THE BOT .....................................................................................................................................................
    [Show full text]
  • System Requirements for Microsoft Dynamics NAV 2009 SP1
    System Requirements System Requirements for Microsoft Dynamics NAV 2009 SP1 RoleTailored client Operating system Microsoft Dynamics NAV 2009 SP1 runs on 32-bit and 64-bit operating system editions. On 64-bit (x64) editions, Microsoft Dynamics NAV runs in WOW64 emulation mode. Windows 7 Professional, Ultimate, or Enterprise Windows Server 2008 Windows Server 2008 R2 Windows Vista Business, Enterprise, or Ultimate with SP1 or SP2 Windows Server 2003 SP2 Windows Server 2003 R2 SP2 Windows XP Professional SP3 Hardware resources Hard disk space: Minimum 30 MB Memory: Minimum 1 GB Additional software Microsoft .NET Framework 3.5 SP1, which is automatically installed by Microsoft Dynamics NAV 2009 Setup if it is not already present. Microsoft Office Communicator 2007 is required for instant messaging and TAPI. Microsoft Office 2007 or 2003 is required for e-mail logging, Outlook client integration, budget importing, Office XML, SharePoint links, and budgets in Excel. Collaboration Data Objects (CDO) are required for mail merge and e-mail logging. 1 System Requirements Classic client Operating system Microsoft Dynamics NAV 2009 SP1 runs on 32-bit and 64-bit operating system editions. On 64-bit (x64) editions, Microsoft Dynamics NAV runs in WOW64 emulation mode. Windows 7 Professional, Ultimate or Enterprise Windows Server 2008 Windows Server 2008 R2 Windows Vista Business, Enterprise, or Ultimate with SP1 or SP2 Windows Server 2003 SP2 Windows Server 2003 R2 SP2 Windows XP Professional SP3 Hardware resources Hard disk space: Minimum 250 MB Memory: Minimum 1 GB Additional software Microsoft .NET Framework 3.5 SP1, which is automatically installed by Microsoft Dynamics NAV 2009 Setup if it is not already present.
    [Show full text]
  • Dell Openmanage IT Assistant Version 8.9 Release Notes
    Dell OpenManage IT Assistant Version 8.9 Release Notes What’s New New major features Now, you can launch the warranty support site and view the current warranty information. In addition to the Express Service Code for PowerEdge servers; now, IT Assistant displays Chassis Express Service code and Chassis Service Tag for PowerEdge Blade servers running OpenManage Server administrator version 6.5 or later. You can also see Enclosure specific Express service code in the Details tab. New OS Support Microsoft Windows 2008 Standard Server NOTE: These operating systems must be WoW64 enabled. Deprecated features The following features are not supported in IT Assistant: Topology view Volume Information Report—As IT Assistant does not support Volume Info Report, this will be removed if you upgrade from previous version to IT Assistant 8.9. Installation For information on Installation, see the Dell OpenManage IT Assistant version 8.9 on support.dell.com/manuals Prerequisites For more information on Operating system, Browser & Consoles, and Minimum hardware Configuration see the Dell Systems Software Support Matrix Version 6.5 on support.dell.com/manuals Database (SQL Server) SQL Server 2008 R2 (This is part of IT Assistant install). Also supports: SQL Server 2000 SQL Server 2005 SP1/SP2 Additional Softwares Navisphere(R) Secure CLI For Dell/EMC storage arrays inventory, ensure your array is FLARE(R) version 19 or above. You should also install Navisphere(R) Secure CLI (version 19 or above) on your management station. NOTE: This CLI software
    [Show full text]
  • Serverprotect Support for Microsoft Windows Server System
    Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes and the latest version of the Getting Started Guide, which are available from the Trend Micro Website at: http://docs.trendmicro.com/ NOTE: A license to the Trend Micro Software includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. Thereafter, you must renew Maintenance on an annual basis by paying Trend Micro then-current Maintenance fees to have the right to continue receiving product updates, pattern updates and basic technical support. To order renewal Maintenance, you may download and complete the Trend Micro Maintenance Agreement at the following site: www.trendmicro.com/license Trend Micro, ServerProtect, Control Manager, MacroTrap, TrendLabs, and the Trend Micro t-ball logo are trademarks of Trend Micro Incorporated. Microsoft Windows, Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019, Windows 7, Windows 8, Windows 10, Windows NT, MS-DOS, PowerPoint, Excel, and Microsoft Office are trademarks of Microsoft Incorporated. Netware® is the trademark of the Novell corporation. Intel®, and Pentium® are trademarks of Intel Corporation. All other brand and product names are trademarks or registered trademarks of their respective companies or organizations. Copyright © 2019, Trend Micro Incorporated. All rights reserved. No part of this publication may be reproduced, photocopied, stored in a retrieval system, or transmitted without the express prior written consent of Trend Micro Incorporated.
    [Show full text]
  • SAS 9.2 Foundation for Microsoft Windows for 64-Bit Itanium-Based Systems, Cary, NC: SAS Institute Inc., 2010
    System Requirements for SAS® 9.2 Foundation for Microsoft® Windows® for 64-Bit Itanium- based Systems® Copyright Notice The correct bibliographic citation for this manual is as follows: SAS Institute Inc., System Requirements for SAS 9.2 Foundation for Microsoft Windows for 64-Bit Itanium-based Systems, Cary, NC: SAS Institute Inc., 2010. System Requirements for SAS 9.2 Foundation for Microsoft® Windows® for 64-Bit Itanium- based Systems Copyright © 2010, SAS Institute Inc., Cary, NC, USA. Some software included in SAS Foundation may display a release number other than 9.2. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, by any form or by any means, electronic, mechanical, photocopying, or otherwise, without the prior written permission of the publisher, SAS Institute Inc. Limited permission is granted to store the copyrighted material in your system and display it on terminals, print only the number of copies required for use by those persons responsible for installing and supporting the SAS programming and licensed programs for which this material has been provided, and to modify the material to meet specific installation requirements. The SAS Institute copyright notice must appear on all printed versions of this material or extracts thereof and on the display medium when the material is displayed. Permission is not granted to reproduce or distribute the material except as stated above. U.S. Government Restricted Rights Notice. Use, duplication, or disclosure of the software by the government is subject to restrictions as set forth in FAR 52.227-19 Commercial Computer Software-Restricted Rights (June 1987).
    [Show full text]