DOCSLIB.ORG

Automated Malware Analysis Report for FIAS 2.11.Chm

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automated Malware Analysis Report for FIAS 2.11.Chm ID: 195209 Sample Name: FIAS_2.11.chm Cookbook: default.jbs Time: 22:51:24 Date: 10/12/2019 Version: 28.0.0 Lapis Lazuli Table of Contents Table of Contents 2 Analysis Report FIAS_2.11.chm 4 Overview 4 General Information 4 Detection 4 Confidence 5 Classification 5 Mitre Att&ck Matrix 6 Signature Overview 6 Networking: 6 System Summary: 6 Hooking and other Techniques for Hiding and Protection: 6 Malware Analysis System Evasion: 6 Anti Debugging: 7 HIPS / PFW / Operating System Protection Evasion: 7 Language, Device and Operating System Detection: 7 Malware Configuration 7 Behavior Graph 7 Simulations 7 Behavior and APIs 7 Antivirus, Machine Learning and Genetic Malware Detection 8 Initial Sample 8 Dropped Files 8 Unpacked PE Files 8 Domains 8 URLs 8 Yara Overview 9 Initial Sample 9 PCAP (Network Traffic) 9 Dropped Files 9 Memory Dumps 9 Unpacked PEs 9 Sigma Overview 9 Joe Sandbox View / Context 10 IPs 10 Domains 10 ASN 10 JA3 Fingerprints 10 Dropped Files 10 Screenshots 10 Thumbnails 10 Startup 11 Created / dropped Files 11 Domains and IPs 13 Contacted Domains 13 URLs from Memory and Binaries 13 Contacted IPs 17 Static File Info 17 General 17 File Icon 17 Network Behavior 17 Code Manipulations 17 Statistics 18 System Behavior 18 Analysis Process: hh.exe PID: 4496 Parent PID: 4256 18 General 18 File Activities 18 Copyright Joe Security LLC 2019 Page 2 of 18 Registry Activities 18 Disassembly 18 Code Analysis 18 Copyright Joe Security LLC 2019 Page 3 of 18 Analysis Report FIAS_2.11.chm Overview General Information Joe Sandbox Version: 28.0.0 Lapis Lazuli Analysis ID: 195209 Start date: 10.12.2019 Start time: 22:51:24 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 4m 49s Hypervisor based Inspection enabled: false Report type: light Sample file name: FIAS_2.11.chm Cookbook file name: default.jbs Analysis system description: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113 Number of analysed new started processes analysed: 5 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies: HCA enabled EGA enabled HDC enabled AMSI enabled Analysis stop reason: Timeout Detection: CLEAN Classification: clean1.winCHM@1/5@0/0 EGA Information: Failed HDC Information: Failed HCA Information: Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0 Cookbook Comments: Adjust boot time Enable AMSI Found application associated with file extension: .chm Warnings: Show All Exclude process from analysis (whitelisted): dllhost.exe, conhost.exe, CompatTelRunner.exe Execution Graph export aborted for target hh.exe, PID 4496 because it is empty Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryValueKey calls found. Detection Strategy Score Range Reporting Whitelisted Detection Threshold 1 0 - 100 false Copyright Joe Security LLC 2019 Page 4 of 18 Confidence Strategy Score Range Further Analysis Required? Confidence Threshold 5 0 - 5 false Classification Ransomware Miner Spreading mmaallliiiccciiioouusss malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious cccllleeaann clean Exploiter Banker Spyware Trojan / Bot Adware Copyright Joe Security LLC 2019 Page 5 of 18 Mitre Att&ck Matrix Initial Privilege Credential Lateral Command Network Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Impact Effects Valid Windows Winlogon Process Masquerading 1 Credential Process Application Data from Data Data Modify Eavesdrop on Accounts Remote Helper DLL Injection 1 Dumping Discovery 1 Deployment Local Compressed Obfuscation System Insecure Management Software System Partition Network Communication Replication Service Port Accessibility Disabling Security Network Security Remote Data from Exfiltration Fallback Device Exploit SS7 to Through Execution Monitors Features Tools 1 Sniffing Software Services Removable Over Other Channels Lockout Redirect Phone Removable Discovery 1 Media Network Calls/SMS Media Medium External Windows Accessibility Path Virtualization/Sandbox Input System Windows Data from Automated Custom Delete Exploit SS7 to Remote Management Features Interception Evasion 1 Capture Information Remote Network Exfiltration Cryptographic Device Track Device Services Instrumentation Discovery 1 2 Management Shared Protocol Data Location Drive Drive-by Scheduled System DLL Search Process Injection 1 Credentials System Logon Input Data Multiband Premium SIM Card Compromise Task Firmware Order in Files Network Scripts Capture Encrypted Communication SMS Swap Hijacking Configuration Toll Discovery Fraud Signature Overview • Networking • System Summary • Hooking and other Techniques for Hiding and Protection • Malware Analysis System Evasion • Anti Debugging • HIPS / PFW / Operating System Protection Evasion • Language, Device and Operating System Detection Click to jump to signature section Networking: Found strings which match to known social media urls Urls found in memory or binary data System Summary: Classification label Creates files inside the user directory Creates temporary files Reads software policies Uses an in-process (OLE) Automation server Executable creates window controls seldom found in malware Checks if Microsoft Office is installed Hooking and other Techniques for Hiding and Protection: Disables application error messsages (SetErrorMode) Malware Analysis System Evasion: Allocates memory with a write watch (potentially for evading sandboxes) Copyright Joe Security LLC 2019 Page 6 of 18 May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) Anti Debugging: Creates guard pages, often used to prevent reverse engineering and debugging HIPS / PFW / Operating System Protection Evasion: May try to detect the Windows Explorer process (often used for injection) Language, Device and Operating System Detection: Queries the volume information (name, serial number etc) of a device Malware Configuration No configs have been found Behavior Graph Hide Legend Legend: Process Signature Created File DNS/IP Info Is Dropped Is Windows Process Behavior Graph Number of created Registry Values Number of created Files ID: 195209 Visual Basic Sample: FIAS_2.11.chm Startdate: 10/12/2019 Delphi Architecture: WINDOWS Java Score: 1 .Net C# or VB.NET C, C++ or other language started Is malicious Internet hh.exe 26 Simulations Behavior and APIs Copyright Joe Security LLC 2019 Page 7 of 18 No simulations Antivirus, Machine Learning and Genetic Malware Detection Initial Sample Source Detection Scanner Label Link FIAS_2.11.chm 0% Virustotal Browse Dropped Files No Antivirus matches Unpacked PE Files No Antivirus matches Domains No Antivirus matches URLs Source Detection Scanner Label Link www.mercadolivre.com.br/ 0% Virustotal Browse www.mercadolivre.com.br/ 0% Avira URL Cloud safe www.merlin.com.pl/favicon.ico 0% Virustotal Browse www.merlin.com.pl/favicon.ico 0% URL Reputation safe www.dailymail.co.uk/ 0% Virustotal Browse www.dailymail.co.uk/ 0% URL Reputation safe image.excite.co.jp/jp/favicon/lep.ico 0% Virustotal Browse image.excite.co.jp/jp/favicon/lep.ico 0% URL Reputation safe %s.com 0% Virustotal Browse %s.com 0% URL Reputation safe www.zhongyicts.com.cn 0% Virustotal Browse www.zhongyicts.com.cn 0% URL Reputation safe busca.igbusca.com.br//app/static/images/favicon.ico 0% Virustotal Browse busca.igbusca.com.br//app/static/images/favicon.ico 0% URL Reputation safe www.etmall.com.tw/favicon.ico 0% Virustotal Browse www.etmall.com.tw/favicon.ico 0% URL Reputation safe it.search.dada.net/favicon.ico 0% Virustotal Browse it.search.dada.net/favicon.ico 0% URL Reputation safe search.hanafos.com/favicon.ico 0% Virustotal Browse search.hanafos.com/favicon.ico 0% URL Reputation safe cgi.search.biglobe.ne.jp/favicon.ico 0% Virustotal Browse cgi.search.biglobe.ne.jp/favicon.ico 0% Avira URL Cloud safe www.abril.com.br/favicon.ico 0% Virustotal Browse www.abril.com.br/favicon.ico 0% Avira URL Cloud safe search.msn.co.jp/results.aspx?q= 0% Virustotal Browse search.msn.co.jp/results.aspx?q= 0% URL Reputation safe buscar.ozu.es/ 0% Virustotal Browse buscar.ozu.es/ 0% Avira URL Cloud safe busca.igbusca.com.br/ 0% Virustotal Browse busca.igbusca.com.br/ 0% URL Reputation safe www.carterandcone.coml 0% URL Reputation safe search.auction.co.kr/ 0% Virustotal Browse search.auction.co.kr/ 0% URL Reputation safe busca.buscape.com.br/favicon.ico 0% Virustotal Browse busca.buscape.com.br/favicon.ico 0% Avira URL Cloud safe www.pchome.com.tw/favicon.ico 0% Virustotal Browse www.pchome.com.tw/favicon.ico 0% Avira URL Cloud safe browse.guardian.co.uk/favicon.ico 0% Virustotal Browse browse.guardian.co.uk/favicon.ico 0% URL Reputation safe Copyright Joe Security LLC 2019 Page 8 of 18 Source Detection Scanner Label Link google.pchome.com.tw/ 0% Virustotal Browse google.pchome.com.tw/ 0% Avira URL Cloud safe www.ozu.es/favicon.ico 0% Virustotal Browse www.ozu.es/favicon.ico 0% Avira URL Cloud safe search.yahoo.co.jp/favicon.ico 0% Virustotal Browse search.yahoo.co.jp/favicon.ico 0% URL Reputation safe www.gmarket.co.kr/ 0% Virustotal Browse www.gmarket.co.kr/ 0% URL Reputation safe www.founder.com.cn/cn/bThe 0% Virustotal Browse www.founder.com.cn/cn/bThe
Load more

Recommended publications
  • Analyzing Safari 2.X Web Browser Artifacts Using SFT
    Analyzing Safari 2.x Web Browser Artifacts using SFT. Copyright 2007 - Jacob Cunningham (v1.0) Table of Contents Introduction:...............................................................................................................................................3 Safari Forensic Tools................................................................................................................................. 3 OSX Property List files..............................................................................................................................3 Safari Related Files.................................................................................................................................... 4 The Safari Preferences files....................................................................................................................... 5 Browser History......................................................................................................................................... 7 Downloads history:.................................................................................................................................... 8 Bookmarks file ........................................................................................................................................10 Cookies file:............................................................................................................................................. 11 Browser Cache........................................................................................................................................
    [Show full text]
  • Smug May 09 Final
    STANFORD/PALO ALTO MACINTOSH USERS GROUP NEWSLETTER Vol.19 No.5 May 2009 Will be presenting at the monday May 4 Meeting Kathy Garrigan will be the presenter. Avery DesignPro for Mac is software that lets you print on Avery products on your Macintosh. Like business cards, label sheets, greeting cards, iron-ons, and so on. Both Dave and myself have only used the CD. The business card template and labels are very easy to use. I hope to have some samples of the things that I used the Avery templates for. Cards, T-shirts and hopefully wine labels. The great part about this app it is FREE!!!! Lorrie bleiler "Select All." April Meeting Report "Go to end." "Undo dictation." "Select the word 'sigh'". by Dave Strom (Note from Dave: Hey, this works really well!) Jay is read- MacSpeech ing words, and he will speak punctuation like "period" or and Drobo "hyphen", and the punctuation goes in. We had two (count 'em: two in "Capitalize the word group", and Dictate capped it! "Open one!) this evening. Quote", and Jay read, then said "comma", then Jay read MacSpeech and Drobo. more, "close quote", "period", "go to sleep". MacSpeech If you speak fast, you can get up to 120 words a minute, www.macspeech.com but with most people it is more like 60, then 80-90 with Jay Gonzales presented MacSpeech Dictate. This software, practice. Dictate can keep up with you. It will not print out with a microphone, does speech recognition on the the text instantly (note from Dave: I notice it does buffer Macintosh.
    [Show full text]
  • Personalizing Voyager Using Browser Extensions
    University of Kentucky UKnowledge Library Presentations University of Kentucky Libraries 5-8-2015 Personalizing Voyager Using Browser Extensions Kathryn Lybarger University of Kentucky, [email protected] Right click to open a feedback form in a new tab to let us know how this document benefits oy u. Follow this and additional works at: https://uknowledge.uky.edu/libraries_present Part of the Cataloging and Metadata Commons Repository Citation Lybarger, Kathryn, "Personalizing Voyager Using Browser Extensions" (2015). Library Presentations. 128. https://uknowledge.uky.edu/libraries_present/128 This Presentation is brought to you for free and open access by the University of Kentucky Libraries at UKnowledge. It has been accepted for inclusion in Library Presentations by an authorized administrator of UKnowledge. For more information, please contact [email protected]. Personalizing Voyager using Browser Extensions Kathryn Lybarger @zemkat ELUNA 2015 #eluna2015 May 8, 2015 Personalizing Voyager As an institution, we have a fair amount of power over how Voyager’s OPAC looks Colors and fonts Which fields are searchable What displays in search results What displays in full record view … (anything really) Must find a balance Provide good access to most of our patrons Don’t clutter the interface needlessly But how about… Personalizing for particular groups of patrons? Personalizing for staff needs? Doing so quickly? Even temporarily? Web browser extensions Custom search bars Extensions Bookmarklets User scripts Browser
    [Show full text]
  • Mozilla: a Users Guide
    Mozilla: A Users Guide. or Using the Mozilla Application Suite Kevin T. Neely October 17, 2003 Contents 1 Installation 15 1.1 Deciding which Mozilla to Run ........................ 15 1.1.1 Platform ................................. 15 1.1.2 Version .................................. 15 1.2 Installing Mozilla ................................ 16 1.2.1 Using an Installer Package ....................... 16 1.2.2 Manual Installation ........................... 17 1.3 Upgrading .................................... 19 1.3.1 Make a Backup ............................. 19 1.3.2 Uninstall ................................. 19 1.3.3 Install Mozilla .............................. 20 1.3.4 Retrieve Missing Files ......................... 20 1.4 Running Multiple versions of Mozilla ..................... 21 2 Getting Started and Mozilla Basics 23 2.1 Starting Mozilla ................................. 23 2.2 Exiting Mozilla ................................. 23 2.2.1 QuickLaunch .............................. 23 3 CONTENTS CONTENTS 2.3 Preferences ................................... 24 2.4 Advanced Settings ............................... 24 2.4.1 prefs.js .................................. 25 2.4.2 user.js .................................. 25 2.4.3 userContent.css ............................. 26 2.5 Profiles ...................................... 27 2.6 Themes ..................................... 27 2.7 Security ..................................... 27 2.7.1 Passwords ................................ 27 2.8 Cookies ....................................
    [Show full text]
  • In Action Second Edition
    Bear Bibeault Covers jQuery 1.4 and jQuery UI 1.8 Yehuda Katz IN ACTION SECOND EDITION MANNING Praise for the First Edition This is an excellent work, a worthy successor to others in Manning’s “In Action” series. It is highly readable and chock-full of working code. The Lab pages are a marvelous way to explore the library, which should become an important part of every web developer’s arsenal. Five stars all ‘round! —David Sills, JavaLobby, Dzone I highly recommend the book for learning the fundamentals of jQuery and then serving as a good reference book as you leverage the power of jQuery more and more in your daily development. —David Hayden, MVP C#, Codebetter.com The Elements of Style for JavaScript. —Joshua Heyer, Trane Inc. For those new to jQuery, this book is a good primer that covers a range of common uses of the framework.... The examples throughout the book are relevant, and make the point effectively. The code snippets are easily distinguishable from the rest of the text, and the text is clear and easy to follow. —Grant Palin, Blogger It works and makes for a very readable book that you can just breeze through very quickly and pick up and retain a lot of information. —Rich Strahl, Blogger Thanks to the authors Bear Bibeault and Yehuda Katz and their exemplary style, this compre- hensive book, or operating manual as it might be called, can be taken in a front-to-back approach to learn from scratch, or as a reference to those already dabbling in jQuery and needing verifica- tion of best practices.
    [Show full text]
  • Firefox Hacks Is Ideal for Power Users Who Want to Maximize The
    Firefox Hacks By Nigel McFarlane Publisher: O'Reilly Pub Date: March 2005 ISBN: 0-596-00928-3 Pages: 398 Table of • Contents • Index • Reviews Reader Firefox Hacks is ideal for power users who want to maximize the • Reviews effectiveness of Firefox, the next-generation web browser that is quickly • Errata gaining in popularity. This highly-focused book offers all the valuable tips • Academic and tools you need to enjoy a superior and safer browsing experience. Learn how to customize its deployment, appearance, features, and functionality. Firefox Hacks By Nigel McFarlane Publisher: O'Reilly Pub Date: March 2005 ISBN: 0-596-00928-3 Pages: 398 Table of • Contents • Index • Reviews Reader • Reviews • Errata • Academic Copyright Credits About the Author Contributors Acknowledgments Preface Why Firefox Hacks? How to Use This Book How This Book Is Organized Conventions Used in This Book Using Code Examples Safari® Enabled How to Contact Us Got a Hack? Chapter 1. Firefox Basics Section 1.1. Hacks 1-10 Section 1.2. Get Oriented Hack 1. Ten Ways to Display a Web Page Hack 2. Ten Ways to Navigate to a Web Page Hack 3. Find Stuff Hack 4. Identify and Use Toolbar Icons Hack 5. Use Keyboard Shortcuts Hack 6. Make Firefox Look Different Hack 7. Stop Once-Only Dialogs Safely Hack 8. Flush and Clear Absolutely Everything Hack 9. Make Firefox Go Fast Hack 10. Start Up from the Command Line Chapter 2. Security Section 2.1. Hacks 11-21 Hack 11. Drop Miscellaneous Security Blocks Hack 12. Raise Security to Protect Dummies Hack 13. Stop All Secret Network Activity Hack 14.
    [Show full text]
  • Developing Applications with Oracle Visual Builder
    Oracle® Cloud Developing Applications with Oracle Visual Builder Release 21.10.0 F43660-01 August 2021 Oracle Cloud Developing Applications with Oracle Visual Builder, Release 21.10.0 F43660-01 Copyright © 2018, 2021, Oracle and/or its affiliates. Primary Author: Oracle Corporation This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer software" or "commercial computer software
    [Show full text]
  • JSN Mico 1 Configuration Manual Getting Started
    JSN Mico 1 Configuration Manual Getting Started Template Installation After downloading, you should have a template installation file called jsn_mico_pro_unlimited_Z.Z.Z_install.zip if you purchased the PRO UNLIMITED Edition, or jsn_mico_pro_standard_Z.Z.Z_install.zip if you purchased the PRO STANDARD Edition. ZZZ is the template version This is a standard Joomla! Template installation file, which can be installed in Joomla! Administration as usual. Here are quick instructions to remind you: In Joomla! Administration, go to menu Extensions -> Extension Manager Once you are on Extension Manager, click Browse button and select template installation file jsn_mico_pro_unlimited_Z.Z.Z_install.zip or jsn_mico_pro_standard_Z.Z.Z_install.zip. After that, click on button Upload & Install. Installation file will be uploaded to your server and installed in Joomla! Set the templates as default, go to menu Extensions -> Template Manager Sample Data Installation All JoomlaShine templates have unique feature of installing sample data which makes your testing website look the same as on the template demo website. You can choose to install: Sample Data – A light package with only JSN Mico data. You install it on your available Joomla website Sample data will be installed for common Joomla components and for supported third-party extensions (K2, Kunena, VirtueMart, OS Property...) which are already available on your website. If you have installed the third-party extensions after installing Sample Data, you must reinstall the Sample Data to have the content for those extensions. QuickStart package – It contains both the latest Joomla installation file and JSN Mico. By default, free extensions like K2 and Kunena are already included in the package with their sample data.
    [Show full text]
  • Sign-In Page Customization Guide
    Customizing the Leostream Sign In Page Remote Access to Anything, from Anywhere, for Everyone Version 9.0.40 February 2021 Leostream Customization Guide Connection Broker Login Page Design The Leostream Sign In page can be fully customized to match the style of your organization. This guide provides examples you can use for basic customization. To begin, it helps to have the following files and information ready: • A company logo in PNG format named custom_logo.png that is approximately 350x50 pixels • A 64x64 pixel image named favicon.ico to display in browser tabs – you can create this file by renaming a png file to ico. • Any additional graphics in PNG format • Any text content to be added • The hexadecimal value for any colors you want to add or change The following examples start with the standard Leostream login page: Important File Locations To customize the Sign in page, you must log into the console of the machine running your Leostream Connection Broker. You can find the Connection Broker files that define the style and layout of the Sign In page in the following directories: • /home/leo/app/css – Contains files that define styles • /home/leo/app/templates – Contains files that define page layouts • /home/leo/app/tpc – Contains third-party content uploaded into your Connection Broker 2 © Copyright 2021 Leostream Corporation Leostream Customization Guide The css and templates directories has a custom subdirectory where you must store all customizations you make to the Sign In page. Any customizations made outside of the custom directories to files in the parent directories are lost during Connection Broker updates.
    [Show full text]
  • Web Standards.Pdf
    BOOKS FOR PROFESSIONALS BY PROFESSIONALS® Sikos, Ph.D. RELATED Web Standards Web Standards: Mastering HTML5, CSS3, and XML gives you a deep understand- ing of how web standards can be applied to improve your website. You will also find solutions to some of the most common website problems. You will learn how to create fully standards-compliant websites and provide search engine-optimized Web documents with faster download times, accurate rendering, lower development costs, and easy maintenance. Web Standards: Mastering HTML5, CSS3, and XML describes how you can make the most of web standards, through technology discussions as well as practical sam- ple code. As a web developer, you’ll have seen problems with inconsistent appearance and behavior of the same site in different browsers. Web standards can and should be used to completely eliminate these problems. With Web Standards, you’ll learn how to: • Hand code valid markup, styles, and news feeds • Provide meaningful semantics and machine-readable metadata • Restrict markup to semantics and provide reliable layout • Achieve full standards compliance Web standardization is not a sacrifice! By using this book, we can create and maintain a better, well-formed Web for everyone. CSS3, and XML CSS3, Mastering HTML5, US $49.99 Shelve in Web Development/General User level: Intermediate–Advanced SOURCE CODE ONLINE www.apress.com www.it-ebooks.info For your convenience Apress has placed some of the front matter material after the index. Please use the Bookmarks and Contents at a Glance links to access them. www.it-ebooks.info Contents at a Glance About the Author................................................................................................
    [Show full text]
  • RSTEP GNR Proposal Review Team Report
    ICANN Registry Services Technical Evaluation Panel Report on Internet Security and Stability Implications of the Global Name Registry, LTD Proposal for the Limited Release of Initially Reserved Two-Character Names December 4, 2006 Preface This report presents the findings of a technical evaluation of the proposal1 by Global Name Registry, LTD for the limited release of initially reserved two-character Second Level Domain (SLD) names into the .name unsponsored generic Top-Level Domain (TLD). On 8 November 2005 ICANN adopted2 a consensus policy developed by its Generic Names Supporting Organization (GNSO) concerning the review and approval of requests by gTLD registry operators for new registry services.3 This policy was implemented on 25 July 20064 as the Registry Services Evaluation Policy.5 The policy provides for the evaluation of a proposed registry service by a team of experts selected from a standing Registry Service Technical Evaluation Panel (RSTEP)6 when ICANN determines that the service could raise significant security or stability issues. The process begins with a preliminary determination by ICANN that an RSTEP review is or is not required for a particular proposed registry service.7 If ICANN determines that a review is required, an RSTEP review team investigates and evaluates the proposed service with respect to its potential impact on security or stability, as defined by the consensus policy: Security—An effect on security by the proposed Registry Service shall mean (a) the unauthorized disclosure, alteration, insertion, or destruction of Registry Data, or (b) the unauthorized access to or disclosure of information or resources on the Internet by systems operating in accordance with all applicable standards.
    [Show full text]
  • How to Add a Favicon to Your Website
    How to Add a Favicon to Your Website STEP 1: Create your favicon image using a photo editing system or favicon generator. Your final favicon dimensions should be 16 x 16 pixels. In this tutorial, we will be using a free online favicon generator called Favicon.cc ( http://www.favicon.cc ). Sub-Step A: Click “ Import image ” Tutorial Compliments of JHC. www.JonesHouseCreative.com Page 1 of 3 Sub-Step B: Click “ Choose File ” and browse to the desired image on your computer. Select the “Keep dimensions ” radio button and click “ Upload .” Sub-Step C: Preview your image. When ready, click “ Download Favicon .” Save the image (titled favicon.ico ) to your desktop or other easy to navigate location. Tutorial Compliments of JHC. www.JonesHouseCreative.com Page 2 of 3 STEP 2: Open your FTP client. (If you are unfamiliar with FTP clients, please see our instructions on using FTP before transferring files at the server level.) STEP 3: Transfer the favicon.ico to your web server in two places. (1) On your website server side, browse to public_html. From your computer side, highlight and transfer the favicon.ico file into the site server side. (2) Browse to public_html > wp-content > themes > Your Active Theme Name > images. Once again, highlight the .ico file on your computer side and transfer to the images folder. STEP 4: From your Wordpress dashboard, hover over “ Appearance ” and select “ Editor .” Open the file titled “ Header ” or “ Header.php .” STEP 5: Press Ctrl+F to search and look for a line of code starting with: <link rel=“shortcut icon” and ending with /favicon.icon” /> .
    [Show full text]