DOCSLIB.ORG

MALICIOUS Threat Names: Trojan.Generickd.37460607 Generic.Delph.PWS.FF722F75

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
MALICIOUS Threat Names: Trojan.Generickd.37460607 Generic.Delph.PWS.FF722F75 DYNAMIC ANALYSIS REPORT #6972548 Classifications: Spyware AZORult Mal/Generic-S C2/Generic-A MALICIOUS Threat Names: Trojan.GenericKD.37460607 Generic.Delph.PWS.FF722F75 Verdict Reason: - Sample Type Windows Exe (x86-32) File Name Pi Request.exe ID #2651190 MD5 040026c9c18e8dc7ffc73f3790dbdf3b SHA1 70716c50c283b59eb9fd3137c68f9ff8a8824f56 SHA256 0768f66b3f6ee8f9f32520837cee96da8d725c789d82ba16771bbad740b737ee File Size 456.00 KB Report Created 2021-08-23 14:07 (UTC+2) Target Environment win10_64_th2_en_mso2016 | exe X-Ray Vision for Malware - www.vmray.com 1 / 37 DYNAMIC ANALYSIS REPORT #6972548 OVERVIEW VMRay Threat Identifiers (23 rules, 99 matches) Score Category Operation Count Classification 5/5 YARA Malicious content matched by YARA rules 1 Spyware • Rule "Azorult_Generic" from ruleset "Malware" has matched on a memory dump for (process #2) pi request.exe. 5/5 Data Collection Tries to read cached credentials of various applications 1 Spyware • Tries to read sensitive data of: Chromium, Sputnik, FileZilla, Pidgin, Comodo Dragon, Vivaldi, Torch, WinSCP, CocCoc, Chrome Canar... ...t Explorer / Edge, Google Chrome, Chedot, Comodo IceDragon, Cyberfox, Orbitum, Amigo, Mozilla Firefox, Kometa, CentBrowser, 7Star. 4/5 Antivirus Malicious content was detected by heuristic scan 2 - • Built-in AV detected the sample itself as "Trojan.GenericKD.37460607". • Built-in AV detected a memory dump of (process #2) pi request.exe as "Generic.Delph.PWS.FF722F75". 4/5 Reputation Known malicious file 1 - • Reputation analysis labels the sample itself as "Mal/Generic-S". 4/5 Reputation Contacts known malicious URL 1 - • Reputation analysis labels the URL "208.167.239.179/index.php" which was contacted by (process #2) pi request.exe as "C2/Generic-A". 2/5 Data Collection Reads sensitive browser data 23 - • (Process #2) pi request.exe tries to read sensitive data of web browser "Mozilla Firefox" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Comodo IceDragon" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Cyberfox" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Google Chrome" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Chrome Canary" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Yandex Browser" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Comodo Dragon" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Amigo" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Orbitum" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Chromium" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Vivaldi" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Sputnik" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Kometa" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Uran" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Epic Privacy Browser" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "CocCoc" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "CentBrowser" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "7Star" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Elements Browser" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Chedot" by file. • (Process #2) pi request.exe tries to read sensitive data of web browser "Torch" by file. • (Process #2) pi request.exe tries to read credentials of web browser "Internet Explorer" by reading from the system's credential vault. • (Process #2) pi request.exe tries to read sensitive data of web browser "Internet Explorer / Edge" by registry. 2/5 Data Collection Reads sensitive mail data 1 - • (Process #2) pi request.exe tries to read sensitive data of mail application "Microsoft Outlook" by registry. X-Ray Vision for Malware - www.vmray.com 2 / 37 DYNAMIC ANALYSIS REPORT #6972548 Score Category Operation Count Classification 2/5 Data Collection Reads sensitive ftp data 1 - • (Process #2) pi request.exe tries to read sensitive data of ftp application "FileZilla" by file. 2/5 Data Collection Reads sensitive application data 2 - • (Process #2) pi request.exe tries to read sensitive data of application "WinSCP" by registry. • (Process #2) pi request.exe tries to read sensitive data of application "Pidgin" by file. 2/5 Anti Analysis Tries to detect virtual machine 1 - • (Process #1) pi request.exe is possibly trying to detect a VM via rdtsc. 2/5 Injection Writes into the memory of a process started from a created or modified executable 1 - • (Process #1) pi request.exe modifies memory of (process #2) pi request.exe. 2/5 Injection Modifies control flow of a process started from a created or modified executable 1 - • (Process #1) pi request.exe alters context of (process #2) pi request.exe. 1/5 Hide Tracks Creates process with hidden window 1 - • (Process #1) pi request.exe starts (process #2) pi request.exe with a hidden window. 1/5 Obfuscation Reads from memory of another process 1 - • (Process #1) pi request.exe reads from (process #2) pi request.exe. 1/5 Obfuscation Creates a page with write and execute permissions 1 - • (Process #1) pi request.exe allocates a page in a foreign process with "PAGE_EXECUTE_READWRITE" permissions, often used to dynamically unpack code. 1/5 Discovery Reads system data 1 - • (Process #2) pi request.exe reads the cryptographic machine GUID from registry. 1/5 Mutex Creates mutex 1 - • (Process #2) pi request.exe creates mutex with name "A743A547-9C1AFDB0-AEA27C97-73E39B07-D5BBC660F". 1/5 Discovery Possibly does reconnaissance 6 - • (Process #2) pi request.exe tries to gather information about application "Mozilla Firefox" by file. • (Process #2) pi request.exe tries to gather information about application "Comodo IceDragon" by file. • (Process #2) pi request.exe tries to gather information about application "Cyberfox" by file. • (Process #2) pi request.exe tries to gather information about application "FileZilla" by file. • (Process #2) pi request.exe tries to gather information about application "WinSCP" by registry. • (Process #2) pi request.exe tries to gather information about application "Pidgin" by file. 1/5 Discovery Enumerates running processes 1 - • (Process #2) pi request.exe enumerates running processes. 1/5 System Modification Creates an unusually large number of files 1 - • (Process #2) pi request.exe creates an above average number of files. 1/5 Execution Executes itself 1 - X-Ray Vision for Malware - www.vmray.com 3 / 37 DYNAMIC ANALYSIS REPORT #6972548 Score Category Operation Count Classification • (Process #1) pi request.exe executes a copy of the sample at C:\Users\RDhJ0CNFevzX\Desktop\Pi Request.exe. 1/5 Execution Drops PE file 48 - • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-console-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-datetime-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-debug-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-errorhandling-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-file-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-file-l1-2-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-file-l2-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-handle-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-heap-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-interlocked-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-libraryloader-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-localization-l1-2-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-memory-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-namedpipe-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-processenvironment-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-processthreads-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-processthreads-l1-1-1.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-profile-l1-1-0.dll". • (Process #2) pi request.exe drops file "C:\Users\RDHJ0C~1\AppData\Local\Temp\2fda\/api-ms-win-core-rtlsupport-l1-1-0.dll".
Load more

Recommended publications
  • Cross-Platform Analysis of Indirect File Leaks in Android and Ios Applications
    Cross-Platform Analysis of Indirect File Leaks in Android and iOS Applications Daoyuan Wu and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University fcsdwu, [email protected] This paper was published in IEEE Mobile Security Technologies 2015 [47] with the original title of “Indirect File Leaks in Mobile Applications”. Victim App Abstract—Today, much of our sensitive information is stored inside mobile applications (apps), such as the browsing histories and chatting logs. To safeguard these privacy files, modern mobile Other systems, notably Android and iOS, use sandboxes to isolate apps’ components file zones from one another. However, we show in this paper that these private files can still be leaked by indirectly exploiting components that are trusted by the victim apps. In particular, Adversary Deputy Trusted we devise new indirect file leak (IFL) attacks that exploit browser (a) (d) parties interfaces, command interpreters, and embedded app servers to leak data from very popular apps, such as Evernote and QQ. Unlike the previous attacks, we demonstrate that these IFLs can Private files affect both Android and iOS. Moreover, our IFL methods allow (s) an adversary to launch the attacks remotely, without implanting malicious apps in victim’s smartphones. We finally compare the impacts of four different types of IFL attacks on Android and Fig. 1. A high-level IFL model. iOS, and propose several mitigation methods. four IFL attacks affect both Android and iOS. We summarize these attacks below. I. INTRODUCTION • sopIFL attacks bypass the same-origin policy (SOP), Mobile applications (apps) are gaining significant popularity which is enforced to protect resources originating from in today’s mobile cloud computing era [3], [4].
    [Show full text]
  • TR-SBA-Research-0512-01: Fast and Efficient Browser Identification With
    Fast and Efficient Browser Identification with JavaScript Engine Fingerprinting Technical Report TR-SBA-Research-0512-01 Martin Mulazzani∗, Philipp Reschl; Markus Huber∗, Manuel Leithner∗, Edgar Weippl∗ *SBA Research Favoritenstrasse 16 AT-1040 Vienna, Austria [email protected] Abstract. While web browsers are becoming more and more important in everyday life, the reliable detection of whether a client is using a specific browser is still a hard problem. So far, the UserAgent string is used, which is a self-reported string provided by the client. It is, however, not a security feature, and can be changed arbitrarily. In this paper, we propose a new method for identifying Web browsers, based on the underlying Javascript engine. We set up a Javascript confor- mance test and calculate a fingerprint that can reliably identify a given browser, and can be executed on the client within a fraction of a sec- ond. Our method is three orders of magnitude faster than previous work on browser fingerprinting, and can be implemented in just a few hun- dred lines of Javascript. Furthermore, we collected data for more than 150 browser and operating system combinations, and present algorithms to calculate minimal fingerprints for each of a given set of browsers to make fingerprinting as fast as possible. We evaluate the feasibility of our method with a survey and discuss the consequences for user privacy and security. This technique can be used to enhance state-of-the-art session management (with or without SSL), as it can make session hijacking considerably more difficult. 1 Introduction Today, the Web browser is a central component of almost every operating sys- tem.
    [Show full text]
  • 1 Questions for the Record from the Honorable David N. Cicilline, Chairman, Subcommittee on Antitrust, Commercial and Administra
    Questions for the Record from the Honorable David N. Cicilline, Chairman, Subcommittee on Antitrust, Commercial and Administrative Law of the Committee on the Judiciary Questions for Mr. Kyle Andeer, Vice President, Corporate Law, Apple, Inc. 1. Does Apple permit iPhone users to uninstall Safari? If yes, please describe the steps a user would need to take in order to do so. If no, please explain why not. Users cannot uninstall Safari, which is an essential part of iPhone functionality; however, users have many alternative third-party browsers they can download from the App Store. Users expect that their Apple devices will provide a great experience out of the box, so our products include certain functionality like a browser, email, phone and a music player as a baseline. Most pre-installed apps can be deleted by the user. A small number, including Safari, are “operating system apps”—integrated into the core operating system—that are part of the combined experience of iOS and iPhone. Removing or replacing any of these operating system apps would destroy or severely degrade the functionality of the device. The App Store provides Apple’s users with access to third party apps, including web browsers. Browsers such as Chrome, Firefox, Microsoft Edge and others are available for users to download. 2. Does Apple permit iPhone users to set a browser other than Safari as the default browser? If yes, please describe the steps a user would need to take in order to do so. If no, please explain why not. iPhone users cannot set another browser as the default browser.
    [Show full text]
  • Website Nash County, NC
    Website Nash County, NC Date range: Week 13 October - 19 October 2014 Test Report Visits Summary Value Name Value Unique visitors 5857 Visits 7054 Actions 21397 Maximum actions in one visit 215 Bounce Rate 46% Actions per Visit 3 Avg. Visit Duration (in seconds) 00:03:33 Website Nash County, NC | Date range: Week 13 October - 19 October 2014 | Page 2 of 9 Visitor Browser Avg. Time on Browser Visits Actions Actions per Visit Avg. Time on Bounce Rate Conversion Website Website Rate Internet Explorer 2689 8164 3.04 00:04:42 46% 0% Chrome 1399 4237 3.03 00:02:31 39.24% 0% Firefox 736 1784 2.42 00:02:37 50% 0% Unknown 357 1064 2.98 00:08:03 63.87% 0% Mobile Safari 654 1800 2.75 00:01:59 53.36% 0% Android Browser 330 1300 3.94 00:02:59 41.21% 0% Chrome Mobile 528 2088 3.95 00:02:04 39.02% 0% Mobile Safari 134 416 3.1 00:01:39 52.24% 0% Safari 132 337 2.55 00:02:10 49.24% 0% Chrome Frame 40 88 2.2 00:03:36 52.5% 0% Chrome Mobile iOS 20 46 2.3 00:01:54 60% 0% IE Mobile 8 22 2.75 00:00:45 37.5% 0% Opera 8 13 1.63 00:00:26 62.5% 0% Pale Moon 4 7 1.75 00:00:20 75% 0% BlackBerry 3 8 2.67 00:01:30 33.33% 0% Yandex Browser 2 2 1 00:00:00 100% 0% Chromium 1 3 3 00:00:35 0% 0% Mobile Silk 1 8 8 00:04:51 0% 0% Maxthon 1 1 1 00:00:00 100% 0% Obigo Q03C 1 1 1 00:00:00 100% 0% Opera Mini 2 2 1 00:00:00 100% 0% Puffin 1 1 1 00:00:00 100% 0% Sogou Explorer 1 1 1 00:00:00 100% 0% Others 0 0 0 00:00:00 0% 0% Website Nash County, NC | Date range: Week 13 October - 19 October 2014 | Page 3 of 9 Mobile vs Desktop Avg.
    [Show full text]
  • XCSSET Update: Abuse of Browser Debug Modes, Findings from the C2 Server, and an Inactive Ransomware Module Appendix
    XCSSET Update: Abuse of Browser Debug Modes, Findings from the C2 Server, and an Inactive Ransomware Module Appendix Introduction In our first blog post and technical brief for XCSSET, we discussed the depths of its dangers for Xcode developers and the way it cleverly took advantage of two macOS vulnerabilities to maximize what it can take from an infected machine. This update covers the third exploit found that takes advantage of other popular browsers on macOS to implant UXSS injection. It also details what we’ve discovered from investigating the command-and-control server’s source directory — notably, a ransomware feature that has yet to be deployed. Recap: Malware Capability List Aside from its initial entry behavior (which has been discussed previously), here is a summarized list of capabilities based on the source files found in the server: • Repackages payload modules to masquerade as well-known mac apps • Infects local Xcode and CocoaPods projects and injects malware to execute when infected project builds • Uses two zero-day exploits and trojanizes the Safari app to exfiltrate data • Uses a Data Vault zero-day vulnerability to dump and steal Safari cookie data • Abuses the Safari development version (SafariWebkitForDevelopment) to inject UXSS backdoor JS payload • Injects malicious JS payload code to popular browsers via UXSS • Exploits the browser debugging mode for affected Chrome-based and similar browsers • Collects QQ, WeChat, Telegram, and Skype user data in the infected machine (also forces the user to allow Skype and
    [Show full text]
  • Web Browser Pioneer Backs New Way to Surf Internet (Update 2) 7 November 2010, by MICHAEL LIEDTKE , AP Technology Writer
    Web browser pioneer backs new way to surf Internet (Update 2) 7 November 2010, By MICHAEL LIEDTKE , AP Technology Writer (AP) -- The Web has changed a lot since Marc Facebook's imprint also is all over RockMelt, Andreessen revolutionized the Internet with the although the two companies' only business introduction of his Netscape browser in the connection so far is Andreessen. He also serves on mid-1990s. That's why he's betting people are Facebook's board of directors. ready to try a different Web-surfing technique on a new browser called RockMelt. RockMelt only works if you have a Facebook account. That restriction still gives RockMelt plenty The browser, available for the first time Monday, is of room to grow, given Facebook has more than built on the premise that most online activity today 500 million users. revolves around socializing on Facebook, searching on Google, tweeting on Twitter and After Facebook users log on RockMelt with their monitoring a handful of favorite websites. It tries to Facebook account information, the person's minimize the need to roam from one website to the Facebook profile picture is planted in the browser's next by corralling all vital information and favorite left hand corner and a list of favorite friends can be services in panes and drop-down windows. displayed in the browser's left hand pane. There's also a built-in tool for posting updates in a pop-up "This is a chance for us to build a browser all over box. again," Andreessen said. "These are all things we would have done (at Netscape) if we had known The features extend beyond Facebook and Twitter.
    [Show full text]
  • Böngésző Programok 23. Tétel
    23.tétel 1.0 Böngész ő programok használata, összehasonlítása. Az információ keresés technikái. Bogdán;Sleisz Böngész ő programok (Használata, összehasonlítása. Az információ keresés technikái) 23. tétel Az Internet kialakulása 20. század második felére helyezhet ő. Az ARPA rendszerb ől fejl ődött tovább az USA-ban, azóta folyamatosan fejlesztgetik a különböz ő protokollokat, illetve technológiákat, az adatforgalom sebességének növelése érdekében. Komoly tévhitet képez a világban, hogy az Internet az a böngész őben megjeleníthet ő weboldalak összessége. Nagy tévedés, ugyanis ez csak a HTTP protokoll által szolgáltatott tartalom, amely a teljes internetes adatforgalomnak kevesebb, mint az 1/10-ét képezi. Az internetet úgy kell elképzelni, mint egy hardvereszközt, ami az egész világot lefedi, a rajta elérhet ő szolgáltatásokat pedig nevezzük "szoftvereknek". Kétségkívül az egyik legelterjedtebb szolgáltatás ("szoftver") a 80-as port -on kommunikáló HTTP protokoll, amihez tartozik egy kommunikációs nyelv is. A HTTP protokoll célja hagyományos esetben- a távoli "szerveren/kiszolgálón" elhelyezked ő weboldal letöltése a helyi számítógépre. 1. A böngész ő a HTTP kommunikációs nyelven megfogalmazott kérést küld a szerver felé, hogy szeretnénk megjeleníteni a kért weboldalt 2. A szerver válaszol. Többféle üzenetet küldhet vissza a böngész őnek, és minden üzenethez tartozik egy azonosító szám is, úgynevezett Status Code. A legismertebb visszatérési érték talán a Not Found (a keresett weboldal nem található), melynek Status Code-ja a 404. Ilyet könnyedén el őidézhetünk, ha pl. nem létez ő oldalt próbálunk letölteni. A leggyakoribb azonban, ha a 200-as üzenetet kapjuk vissza, vagyis megjelenik az oldal. 3. Ezek után a böngész ő elkezdi letölteni a kért oldal forráskódját . A forráskód egy olyan leíró kód nagyrészt HTML nyelven, amely leírja, hogyan néz ki a weboldal.
    [Show full text]
  • The Artist's Emergent Journey the Metaphysics of Henri Bergson, and Also Those by Eric Voegelin Against Gnosticism2
    Vol 1 No 2 (Autumn 2020) Online: jps.library.utoronto.ca/index.php/nexj Visit our WebBlog: newexplorations.net The Artist’s Emergent Journey Clinton Ignatov—The McLuhan Institute—[email protected] To examine computers as a medium in the style of Marshall McLuhan, we must understand the origins of his own perceptions on the nature of media and his deep-seated religious impetus for their development. First we will uncover McLuhan’s reasoning in his description of the artist and the occult origins of his categories of hot and cool media. This will prepare us to recognize these categories when they are reformulated by cyberneticist Norbert Wiener and ethnographer Sherry Turkle. Then, as we consider the roles “black boxes” play in contemporary art and theory, many ways of bringing McLuhan’s insights on space perception and the role of the artist up to date for the work of defining and explaining cyberspace will be demonstrated. Through this work the paradoxical morality of McLuhan’s decision to not make moral value judgments will have been made clear. Introduction In order to bring Marshall McLuhan into the 21st century it is insufficient to retrieve his public persona. This particular character, performed in the ‘60s and ‘70s on the global theater’s world stage, was tailored to the audiences of its time. For our purposes today, we’ve no option but an audacious attempt to retrieve, as best we can, the whole man. To these ends, while examining the media of our time, we will strive to delicately reconstruct the human-scale McLuhan from what has been left in both his public and private written corpus.
    [Show full text]
  • Instrumentalizing the Sources of Attraction. How Russia Undermines Its Own Soft Power
    INSTRUMENTALIZING THE SOURCES OF ATTRACTION. HOW RUSSIA UNDERMINES ITS OWN SOFT POWER By Vasile Rotaru Abstract The 2011-2013 domestic protests and the 2013-2015 Ukraine crisis have brought to the Russian politics forefront an increasing preoccupation for the soft power. The concept started to be used in official discourses and documents and a series of measures have been taken both to avoid the ‘dangers’ of and to streamline Russia’s soft power. This dichotomous approach towards the ‘power of attraction’ have revealed the differences of perception of the soft power by Russian officials and the Western counterparts. The present paper will analyse Russia’s efforts to control and to instrumentalize the sources of soft power, trying to assess the effectiveness of such an approach. Keywords: Russian soft power, Russian foreign policy, public diplomacy, Russian mass media, Russian internet Introduction The use of term soft power is relatively new in the Russian political circles, however, it has become recently increasingly popular among the Russian analysts, policy makers and politicians. The term per se was used for the first time in Russian political discourse in February 2012 by Vladimir Putin. In the presidential election campaign, the then candidate Putin drew attention to the fact that soft power – “a set of tools and methods to achieve foreign policy goals without the use of arms but by exerting information and other levers of influence” is used frequently by “big countries, international blocks or corporations” “to develop and provoke extremist, separatist and nationalistic attitudes, to manipulate the public and to directly interfere in the domestic policy of sovereign countries” (Putin 2012).
    [Show full text]
  • Background Setup
    1.5.09 [email protected] Mechanical Turk/Browser Ballot Findings Background To compliment the testing and research done by Critical and Patrick Finch in Europe, I conducted a series of tests on Amazon’s Mechanical Turk to try out various aspects of the EC's Ballot design. The goal is to determine both how to design the ballot in the most neutral way possible, and for Mozilla to determine the most successful summary and image for the Firefox section of the ballot. I used MT because it’s a very fast and cheap way to get a design in front of many eyes. And the responses that came back were very good; users spent an average of 2.8 minutes on a five- minute test, and gave complete answers to free-form questions. A few drawbacks of the test were: • Users tended to be more highly-technical than average • Users tended to have heard of Firefox and already have a favorable opinion about it • MT did not provide a way to filter results by country, and many users were in North America as a result Because of the above problems, the MT tests are not the best sample of users that are similar to those seeing the ballot in Europe. However, their answers still provided some insight into why people use what browsers, what factors would make them switch, and what presentations of Firefox’s brand and motto would be most compelling. Setup The MT tests were given in three phases. In all of these test, various demographics questions such as what browser the user was running and where they live were asked.
    [Show full text]
  • Analysis Report Blackenergy
    Analysis Report iTrust-Analysis-001 May 2016 BlackEnergy - Malware for Cyber-Physical Attacks About iTrust iTrust is a multidisciplinary research centre located in the Singapore University of Technology and Design (SUTD), established collaboratively by SUTD and the Ministry of Defence, Singapore (MINDEF). The focus of iTrust is on cyber security, spanning across three research areas: a. Cyber Physical System (CPS); b. Enterprise Networking / Security; and c. Internet of Things (IoT). iTrust researchers focus on the development of advanced tools and methodologies to ensure security and safety of current and future cyber physical systems and Internet of Things (IoT) systems. Systems of interest include large infrastructure of national importance such as power grid, water treatment, and oil refineries as well as cyber-devices such as smart watches, pacemakers, defibrillators, insulin pumps, and VNS implants. Cyber physical systems is one of the many areas we are working on. The focus of the proposed research is to improve our understanding of cyber threats to CPSs and to develop and experiment with strategies to mitigate such threats. Our approach is based on well understood technical foundations borrowed from the interdisciplinary fields of control theory, artificial intelligence, game theory, networking, and software engineering. The techniques propose will be evaluated against, and demonstrated in our Secure Water Treatment (SWaT) Testbed, Water Distribution System (WADI) testbed, and Electric Power and Intelligent Control (EPIC) testbed. Similarly, shielded room laboratory for IoT research. iTrust researchers are drawn from across SUTD and with a strong collaboration with Massachusetts Institute of Technology (MIT), enrich the depth, breadth, and quality of research.
    [Show full text]
  • Giant List of Web Browsers
    Giant List of Web Browsers The majority of the world uses a default or big tech browsers but there are many alternatives out there which may be a better choice. Take a look through our list & see if there is something you like the look of. All links open in new windows. Caveat emptor old friend & happy surfing. 1. 32bit https://www.electrasoft.com/32bw.htm 2. 360 Security https://browser.360.cn/se/en.html 3. Avant http://www.avantbrowser.com 4. Avast/SafeZone https://www.avast.com/en-us/secure-browser 5. Basilisk https://www.basilisk-browser.org 6. Bento https://bentobrowser.com 7. Bitty http://www.bitty.com 8. Blisk https://blisk.io 9. Brave https://brave.com 10. BriskBard https://www.briskbard.com 11. Chrome https://www.google.com/chrome 12. Chromium https://www.chromium.org/Home 13. Citrio http://citrio.com 14. Cliqz https://cliqz.com 15. C?c C?c https://coccoc.com 16. Comodo IceDragon https://www.comodo.com/home/browsers-toolbars/icedragon-browser.php 17. Comodo Dragon https://www.comodo.com/home/browsers-toolbars/browser.php 18. Coowon http://coowon.com 19. Crusta https://sourceforge.net/projects/crustabrowser 20. Dillo https://www.dillo.org 21. Dolphin http://dolphin.com 22. Dooble https://textbrowser.github.io/dooble 23. Edge https://www.microsoft.com/en-us/windows/microsoft-edge 24. ELinks http://elinks.or.cz 25. Epic https://www.epicbrowser.com 26. Epiphany https://projects-old.gnome.org/epiphany 27. Falkon https://www.falkon.org 28. Firefox https://www.mozilla.org/en-US/firefox/new 29.
    [Show full text]