Automated Malware Analysis Report For

Total Page:16

File Type:pdf, Size:1020Kb

Automated Malware Analysis Report For ID: 142877 Cookbook: browseurl.jbs Time: 14:46:27 Date: 18/06/2019 Version: 26.0.0 Aquamarine Table of Contents Table of Contents 2 Analysis Report http://ftp.webolton.com/ 4 Overview 4 General Information 4 Detection 5 Confidence 5 Classification 5 Analysis Advice 6 Mitre Att&ck Matrix 6 Signature Overview 7 Phishing: 7 Networking: 7 System Summary: 7 Behavior Graph 7 Simulations 8 Behavior and APIs 8 Antivirus and Machine Learning Detection 8 Initial Sample 8 Dropped Files 8 Unpacked PE Files 8 Domains 8 URLs 8 Yara Overview 9 Initial Sample 9 PCAP (Network Traffic) 9 Dropped Files 9 Memory Dumps 9 Unpacked PEs 9 Joe Sandbox View / Context 9 IPs 9 Domains 9 ASN 9 JA3 Fingerprints 9 Dropped Files 10 Screenshots 10 Thumbnails 10 Startup 10 Created / dropped Files 11 Domains and IPs 29 Contacted Domains 29 Contacted URLs 29 URLs from Memory and Binaries 29 Contacted IPs 31 Public 31 Static File Info 31 No static file info 31 Network Behavior 31 Network Port Distribution 31 TCP Packets 32 UDP Packets 33 DNS Queries 35 DNS Answers 35 HTTP Request Dependency Graph 35 HTTP Packets 36 HTTPS Packets 38 Code Manipulations 41 Statistics 41 Copyright Joe Security LLC 2019 Page 2 of 43 Behavior 41 System Behavior 41 Analysis Process: iexplore.exe PID: 4196 Parent PID: 692 41 General 41 File Activities 42 Registry Activities 42 Analysis Process: iexplore.exe PID: 2372 Parent PID: 4196 42 General 42 File Activities 42 Registry Activities 42 Disassembly 42 Copyright Joe Security LLC 2019 Page 3 of 43 Analysis Report http://ftp.webolton.com/ Overview General Information Joe Sandbox Version: 26.0.0 Aquamarine Analysis ID: 142877 Start date: 18.06.2019 Start time: 14:46:27 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 4m 45s Hypervisor based Inspection enabled: false Report type: light Cookbook file name: browseurl.jbs Sample URL: ftp.webolton.com/ Analysis system description: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113 Number of analysed new started processes analysed: 8 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies: EGA enabled AMSI enabled Analysis stop reason: Timeout Detection: SUS Classification: sus21.phis.win@3/66@7/8 Cookbook Comments: Adjust boot time Enable AMSI Browsing link: http://chrome.google.com/ Browsing link: http://www.getfirefox.com/ Warnings: Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, ielowutil.exe, WMIADAP.exe, conhost.exe, CompatTelRunner.exe TCP Packets have been reduced to 100 Excluded IPs from analysis (whitelisted): 2.20.221.85, 216.58.211.110, 172.217.168.196, 172.217.168.206, 172.217.17.131, 172.217.17.72, 172.217.17.78, 172.217.168.238, 104.16.40.2, 104.16.41.2, 72.21.81.200, 152.199.19.161, 23.10.249.50, 23.10.249.17, 205.185.216.42, 205.185.216.10, 67.27.233.254, 67.27.159.126, 8.253.204.249, 8.253.204.120, 67.26.75.254, 93.184.221.240 Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, www.mozilla.org.cdn.cloudflare.net, adservice.google.com, wu.azureedge.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, www.googletagmanager.com, audownload.windowsupdate.nsatc.net, au.download.windowsupdate.com.hwcdn.net, cs11.wpc.v0cdn.net, hlb.apr-52dd2- 0.edgecastdns.net, www.google.com, www.gstatic.com, auto.au.download.windowsupdate.com.c.footprint.n et, wu.wpc.apr-52dd2.edgecastdns.net, www.google-analytics.com, www-google- analytics.l.google.com, ie9comview.vo.msecnd.net, www-googletagmanager.l.google.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, cds.d2s7q6s2.hwcdn.net, www3.l.google.com, go.microsoft.com.edgekey.net, tools.l.google.com, chrome.google.com, www.mozilla.org, tools.google.com, cs9.wpc.v0cdn.net Report size getting too big, too many NtDeviceIoControlFile calls found. Copyright Joe Security LLC 2019 Page 4 of 43 Detection Strategy Score Range Reporting Whitelisted Detection Threshold 21 0 - 100 false Confidence Strategy Score Range Further Analysis Required? Confidence Threshold 4 0 - 5 false Classification Copyright Joe Security LLC 2019 Page 5 of 43 Ransomware Miner Spreading mmaallliiiccciiioouusss malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious cccllleeaann clean Exploiter Banker Spyware Trojan / Bot Adware Analysis Advice Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis Mitre Att&ck Matrix Privilege Defense Credential Lateral Command and Initial Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration Control Valid Windows Valid Valid Valid Input File and Remote File Data from Local Data Standard Accounts 1 Remote Accounts 1 Accounts 1 Accounts 1 Prompt 1 Directory Copy 1 System Encrypted 1 Cryptographic Management Discovery 1 Protocol 2 Replication Service Port Monitors Accessibility Binary Padding Network Application Remote Data from Exfiltration Over Standard Non- Through Execution Features Sniffing Window Services Removable Other Network Application Removable Discovery Media Medium Layer Media Protocol 3 Drive-by Windows Accessibility Path Rootkit Input Query Registry Windows Data from Automated Standard Compromise Management Features Interception Capture Remote Network Shared Exfiltration Application Instrumentation Management Drive Layer Protocol 3 Copyright Joe Security LLC 2019 Page 6 of 43 Privilege Defense Credential Lateral Command and Initial Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration Control Exploit Public- Scheduled Task System DLL Search Obfuscated Credentials System Network Logon Scripts Input Capture Data Encrypted Remote File Facing Firmware Order Hijacking Files or in Files Configuration Copy 1 Application Information Discovery Signature Overview • Phishing • Networking • System Summary Click to jump to signature section Phishing: Ask for current and new password Found iframes HTML body contains low number of good links None HTTPS page querying sensitive user data (password, username or email) META author tag missing META copyright tag missing Networking: Downloads files from webservers via HTTP Found strings which match to known social media urls Performs DNS lookups Urls found in memory or binary data Uses HTTPS System Summary: Classification label Creates files inside the user directory Creates temporary files Reads ini files Spawns processes Found graphical window changes (likely an installer) Uses new MSVCR Dlls Behavior Graph Copyright Joe Security LLC 2019 Page 7 of 43 Hide Legend Behavior Graph Legend: ID: 142877 Process URL: http://ftp.webolton.com/ Signature Startdate: 18/06/2019 Created File Architecture: WINDOWS DNS/IP Info Score: 21 Is Dropped Is Windows Process Number of created Registry Values Ask for current and started new password Number of created Files Visual Basic Delphi iexplore.exe Java .Net C# or VB.NET C, C++ or other language 10 84 Is malicious Internet started iexplore.exe 5 119 pagead46.l.doubleclick.net www.google.ch 172.217.17.98, 443, 49746, 49747 172.217.20.67, 443, 49744, 49745 10 other IPs or domains unknown unknown United States United States Simulations Behavior and APIs No simulations Antivirus and Machine Learning Detection Initial Sample Source Detection Scanner Label Link ftp.webolton.com/ 0% virustotal Browse Dropped Files No Antivirus matches Unpacked PE Files No Antivirus matches Domains Source Detection Scanner Label Link ftp.webolton.com 0% virustotal Browse URLs Copyright Joe Security LLC 2019 Page 8 of 43 Source Detection Scanner Label Link ftp.webolton.com/WebInterface/login.html 0% virustotal Browse ftp.webolton.com/WebInterface/login.html 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/jQuery/js/jquery.blockUI.js 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/login.html/chrome/face/login.htmlRoot 0% Avira URL Cloud safe ftp.webolton.com/favicon.ico 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/jQuery/images/button-bg.png 0% Avira URL Cloud safe ftp.weboltRoot 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/login.htmlRoot 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/login.htmlg/en-US/firefox/new/?redirect_soon.com/WebInterface/l 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/jQuery/js/jquery-ui-1.8.2.custom.min.js 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/images/wheel.gif 0% Avira URL Cloud safe ftp.webolton.com/favicon.ico~ 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/jQuery/js/jquery-1.4.2.min.js 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/images/bolton-logo.JPG 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/login.html.Bolton 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/jQuery/css/login.css 0% Avira URL Cloud safe ftp.webolton.com/ 0% virustotal Browse ftp.webolton.com/ 0% Avira URL Cloud safe ftp.webolton.com/WebInterface/login.htmlon.com/WebInterface/login.html 0% Avira URL Cloud safe Yara Overview Initial Sample No yara matches PCAP (Network Traffic) No yara matches Dropped Files No yara matches Memory Dumps No yara matches Unpacked PEs No yara matches Joe Sandbox View / Context IPs No context Domains No context ASN No context JA3 Fingerprints Copyright Joe Security LLC 2019 Page 9 of 43 No context Dropped Files No context Screenshots Thumbnails This section contains all screenshots as thumbnails, including those
Recommended publications
  • Latest Code, You’Ll Need to Update Other Things
    Ichnaea Release 2.0 unknown Jul 09, 2021 CONTENTS 1 Table of contents 3 1.1 User documentation...........................................3 1.2 Development/Deployment documentation................................ 20 1.3 Algorithms................................................ 69 1.4 Changelog................................................ 80 1.5 Glossary................................................. 108 2 Indices 111 3 Source code and license 113 4 About the name 115 Index 117 i ii Ichnaea, Release 2.0 Ichnaea is a service to provide geolocation coordinates from other sources of data (Bluetooth, cell or WiFi networks, GeoIP, etc.). It uses both Cell-ID and Wi-Fi based positioning (WPS) approaches. Mozilla hosts an instance of this service, called the Mozilla Location Service( MLS). You can interact with the service in two ways: • If you know where you are, submit information about the radio environment to the service to increase its quality. • or locate yourself, based on the radio environment around you. CONTENTS 1 Ichnaea, Release 2.0 2 CONTENTS CHAPTER ONE TABLE OF CONTENTS 1.1 User documentation This section covers information for using the APIs directly as well as through applications and libraries. 1.1.1 Services API The service APIs accept data submission for geolocation stumbling as well as reporting a location based on IP ad- dresses, cell, or WiFi networks. New client developments should use the Region: /v1/country, Geolocate: /v1/geolocate, or Geosubmit Version 2: /v2/geosubmit APIs. Requesting an API Key The api key has a set daily usage limit of about 100,000 requests. As we aren’t offering a commercial service, please note that we do not make any guarantees about the accuracy of the results or the availability of the service.
    [Show full text]
  • DING a MAGAZINE ABOUT the INTERNET and THINGS #1 AUTUMN 2017 Ding
    DING A MAGAZINE ABOUT THE INTERNET AND THINGS #1 AUTUMN 2017 Ding A magazine about the Internet and things Contents 04 Viewpoint John Thackara 10 Briefing Decentralization 12 Dispatches ThingsCon 14 Interview Gillian Crampton Smith 20 Life & Death Vladan Joler 32 Typographic Craft Pete Thomas & Sean Dooley 43 The Internet as a Lota Jayne Wallace 48 A Medieval Crash Andrew Prescott 54 A Gandhian Dream Babitha George & Romit Raj 61 Evolutionary Craft Justin Marshall 1 Words Images Letter from the Editor John Thackara writes about live Vladan Joler directs the Share Eleni Kalorkoti graduated from Welcome to the first issue of DING, our electronics to the cartels that shorten examples of what a sustainable future Foundation and is a professor at the Edinburgh College of Art in 2007, will be like. These projects, with a focus New Media department at University before training in screenprinting at a magazine about the Internet and things. the lifespan of everyday objects, we begin on social and ecological design, feature of Novi Sad. He investigates invisible Edinburgh Printmakers. She can now We founded this magazine because we saw to see the invisible forces that are making in his Doors of Perception workshops. aspects of technology and recently be found drawing pictures and making He once drove a London bus (routes 73 researched Facebook’s algorithms. things in south London. a gap in the practice of slow, considered IoT a costly endeavor. and 134). making and the breakneck speed of Jayne Wallace is a craft and design Alun Callender is a photographer Solana Larsen edits Mozilla’s Internet professor at Northumbria University.
    [Show full text]
  • IKE Brand Story
    IKE Brand Story ike4.ikegps.com Introduction p 2 Why this? It’s time for us to go hard, This brand standards book aligns with a critical and smart, on how we own point in IKE history. Our brand has been “the narrative of our brand. presented with a market opportunity that can significantly impact the growth trajectory of our company. It’s time for us to go hard, and smart, on how we own the narrative of our brand. Influencers, sponsors, and buyers of IKE products either already have, or will soon have, an impression of what IKE is. We have limited time for impression making. This book is a living guide to help us maximize our brand story and assets, so our team can be more efficient and more effective every time we connect and educate our audience about the solutions our brand provides. This cookbook will describe our standards and point to a brand system that will enable us to build on-brand communications both online and offline. This is a brand systems cookbook that accompanies our story and connects to a system of resources that have been carefully planned to help us automate and expedite our communications. Introduction p 3 The Story of IKE Spoiler Alert IKE is winning hearts and minds with the biggest names in the communications and utilities industry. Companies such as AT&T and Verizon have monumental targets to bring fiber to every human being in the United States. The process for provisioning fiber to one utility pole requires the attention of multiple entities, is hazardous to field workers, is inaccurate, and may take many weeks - a tremendous risk and barrier to the plan.
    [Show full text]
  • D7.1: Public Project Website
    H2020 Bergamot, D7.1: Public Project website Project: Bergamot (Grant Agreement number 825303) “Browser-based Multilingual Translation” Funding Scheme: Research and Innovation Action Theme: ICT-29-2018 “A multilingual Next Generation Internet” Date of latest Annex I: 22/10/2018 D7.1: Public Project website Project Coordinator (PC): Kenneth Heafield Tel.: +44 131 650 2871 Email: [email protected] PC Organization Name: University of Edinburgh Lead Partner for Deliverable: MZ Denmark APS Deliverable Due Date: 31/03/2019 Deliverable Issue Date: 01/01/2019 Document History (Revisions – Amendments) Version and date Changes 1.0 – 27/02/2019 First version Dissemination Level PU Public X PP Restricted to other program participants (including the EC Services) RE Restricted to a group specified by the consortium (including the EC Services) CO Confidential, only for members of the consortium (including the EC) Version: 1.0 Page !1 of !8 H2020 Bergamot, D7.1: Public Project website The Bergamot project will add and improve client-side machine translation in a web browser. Unlike current cloud-based options, running directly on users' machines empowers citizens to preserve their privacy and increases the uptake of language technologies in Europe in various sectors that require confidentiality. Free software integrated with an open-source web browser, such as Mozilla Firefox, will enable bottom-up adoption by non-experts, resulting in cost savings for private and public sector users who would otherwise procure translation or operate monolingually. To understand and support non-expert users, our user experience work package researches their needs and creates the user interface. Rather than simply translating text, this interface will expose improved quality estimates, addressing the rising public debate on algorithmic trust.
    [Show full text]
  • 03.02 Bibliography & Digital Dérive
    GRADUATION RESEARCH PROJECT BIBIOGRAPHY & DIGITAL DÉRIVE MASTER ART EDUCATION, PIET ZWART INSTITUTE, WILLEM DE KOONING ACADEMY fig. 03.02 Invisible Tracks and Short Cuts GRADUATION RESEARCH PROJECT Angiama, S., Butcher, C., Documenta 14 Laufmappe. Available at: Cramer, F., What is Post - digital?. Available at: http:// http://www.documenta14.de/en/public-education/25631/ www.aprja.net/what-is-post-digital/?pdf=1318 [Accessed April 16, laufmappe [Accessed April 16, 2018] 2018] Cranford Teague, Jason. (2011) ‘Program or be Programmed: The Barnes, B., (2001). "The Macro/Micro Problem and the Problem of Structure and Agency." pp. 339-352 in Handbook of Social Theory, GeekDad Interview With Douglas Rushkoff’. Wired Magazine, 29 edited by George Ritzer and Barry Smart. London: SAGE July 2011. Available at: https:/www.wired.com/2011/07/douglas- Publications. rushkoff/ [Accessed: 21 Nov 2017]. Burckhardt, L. (1996). Strollological Observations on Perception of Dawes, B., (2006). Analog In, Digital Out: Brendan Dawes on the Environment and the Tasks Facing Our Generation.( 2012). Interaction Design. New Riders. Burrington, I., Networked Land. Available at: http://lifewinning.com/ Dawes, B., (2012). Find Something Else: Brendan Dawes at projects/networks-land/ [Accessed April 16, 2018] TEDxManchester Available at: http://brendandawes.com/projects/ Burrington, I., Seeing Networks. Available at: http:// tedxmanchester [Accessed: 01 June 2018]. seeingnetworks.in/nyc/#cameras [Accessed April 16, 2018] Debord, G. (1958). Theory of the Dérive, Les Lèvres Nues #9 Burrington, I., (2016). Networks of New York. Melville House (November 1956) reprinted in Internationale Situationniste #2 Publishing. New York. (December 1958) Translated by Ken Knabb. Corner, J., (1999). The Agency of Mapping: Speculation, Critique and Invention.
    [Show full text]
  • Elektronski Smeti Obranimo? Kako Sejihlahko STRAN
    SLOVENSKA MOZILLA Cena: 1100 SIT februar 2003 IBM Lotus Archos Dell 3100MP Notes/ Jukebox Dellov ultra lahki Domino 6.0 Multimedia 20 projektor zmore ločljivost 1600 × 1200 Lotusov zmogljivi Predvajalnik in pik in svetlobni tok programski paket za snemalnik MP3, 1050 lumnov. STRAN 38 elektronsko pošto in STRAN 42 predvajalnik filmov DivX STRAN 40 skupinsko delo. ter prenosni disk. DISKI Disk je eden najpomembnejših delov računalnika. Preizkusili in primerjali smo diske iz več različnih skupin – v od IDE prek SCSI do USB – ki so na Smeti voljo na slovenskem trgu. STRAN 52 Black Black DISKI • SMETENJE ELEKTRONSKE POŠTE Yellow Yellow elektronski TABLIČNI Magenta Magenta RAČUNALNIKI pošti STRAN 62 Cyan Cyan Prenosni računalniki se pojavljajo tudi v obliki tabličnih izvedb z nekaj strojnimi in nekaj Kako se jih lahko programskimi posebnostmi. obranimo? Preverili smo, koliko je tehnologija zrela in ali gre res za tako velik premik v tehnologiji, kakor trdijo nekateri protagonisti. STRAN 34 CES 2003 Za razliko od zadnjega Comdexa, ki je bil precejšnje razočaranje, se je na prireditvi CES (Consumer Electronics Show) v Las Vegasu zbralo več razstavljavcev in obiskovalcev kakor prejšnja leta. STRAN 14 VSEBINA FEBRUAR 2003 48 Še vedno se vrti Peter Šepetavc Diski so zaradi gibljivih ali vrtečih se sestavnih delov Ahilova peta, kar zadeva zanesljivost delovanja računalnikov. Po svoje je paradoksalno, da prav najmanj odpornemu sestavnemu delu zaupamo shranjevanje podatkov. Kljub iskanju alternativnih tehnologij, ki se vleče že desetletja, pa lahko rečemo, da bomo tudi v prihodnje podatke zaupali škatlicam z vrtečimi se ploščami. Zlati Monitor ............................................ 53 USB 2.0 proti EIDE .................................. 54 Pregled diskov ........................................
    [Show full text]
  • A Gentle Introduction to Albatross
    What flavour is it? A gentle introduction to Albatross Island of TEX Version 0.3.0 – January 13, 2021 1 Introduction Albatross! Albatross! Albatross! Monty Python Albatross is a command line tool for finding fonts that contain a given Unicode glyph. It relies on Fontconfig, a library for configuring and cus- tomizing font access. The tool is written in Kotlin and requires a Java virtual machine to run. 2 Requirements Two choc-ices please. Monty Python Albatross has two hard requirements: a Java virtual machine (at least version 8.0, from any vendor) and the fc-list tool provided by the Font- config library, available in the system path. Linux and MacOS areknown to have this library. For Windows, note that the TEX Live distribution con- tains Fontconfig tools. It is also highly recommended to use a terminal with Unicode support, as Albatross will try to render the given glyphs. 1 3 Basic use I haven’t got choc-ices. I only got the albatross. Albatross! Monty Python The tool is a typical command line application, so we need to invoke it by typing albatross in the terminal: __ __ __ .---.-.| | |--.---.-.| |_.----.-----.-----.-----. | _ || | _ | _ || _| _| _ |__ --|__ --| |___._||__|_____|___._||____|__| |_____|_____|_____| Usage: albatross [OPTIONS] glyphs... Options: -s, --show-styles Show available font styles -d, --detailed Show a detailed font list -a, --ansi-level [n|a16|a256|tc] Set the default ANSI level -b, --border-style [1|2|3|4|5|6] Set the border style -o, --or Look for each glyph separately -V, --version Show the version and exit -h, --help Show this message and exit Provided that Albatross is properly available in the underlying operating system, we will get the help message listing all the available options and the tool usage.
    [Show full text]
  • Dizajn Interaktivnih Medija 1
    Dizajn interaktivnih medija 1 1 Poglavlja 4 5 5. poglavlje U petom poglavlju je za body text odarbano pismo Roboto slab koje ima pretežno mehaničku konstrukciju, ali u isto vrijeme nije pretje- rano geometrijski oblikovano što ga čini ugodnim za dugo čitanje. Veličina pisma je 14 px, a prored iznosi 1.6em. Prored je malo veći nego uobičajeno iz razloga što pismo ima viši x-height stoga traži više prostora među redovima. Boja slova nije čista crna nego malo svijetlija, tamno siva (#111111). Boja teksta je odabrana prema poza- dinskoj boji koja također nije nije čisto bijela već ima primjese plave boje (#f6fbff). Sve te boje su uvjetovane pozadinskom slikoma koja je većinom u tamnomodrim i plavim tonovima te kako bi se izbijegli veliki kontrasti između modre, bijele i ponovno crne, boje su lagano prigušene i više harmonične. Što na kraju doprinosi što ugodnojem čitanju ovoga teksta. Kako je peto poglavlje vrlo duga potrebno je unijeti određenu dinamiku u tekst da bi bilo zanimljivije za čitanje. Tako su dva dijela teksta na određen način izadvojena. Prvi izdvojeni dio obuhvača “tekst”, u biti govor iz knjige “The Hitchhiker’s Guide to the Galaxy”. Kako je to električna knjiga s time uvelike drugačija od naše uobi- čajene percepcije knjige, ideja je bila spoj jednog i drugog. Tako je taj dio teksta u pismu Josefin Slab iako je slab pismo jednako kao Roboto slab postoje znatne razlike među njima. Josefin Slab je daleko manje ugodnija za dugo čitanje zbog svog vrlo niskog x-he- ighta i velike razlike između visine verzala i kurenata.
    [Show full text]
  • Brand Identity Guidelines
    For those who manage to make a difference.™ Brand identity guidelines July 2019 1 Table of contents How to use this document 3 Brand attributes 4 Our brand voice 5 Trademark and terminology usage 7 Our tagline 9 Our logo 10 Logo spacing and size 11 Incorrect logo usage 12 Logo variations 13 Certification logos 16 Ancillary logos 17 Color palette 18 Typography 21 Imagery 24 Application examples 28 2 How to use this document These guidelines help us create a unified IREM® brand. Building a strong brand identity requires consistency and time. This document is your reference manual for developing IREM (Institute of Real Estate Management) marketing and communication materials that embody the true essence of our institute, every time. You’ll learn about the elements of our visual expression—from our logo and color palette to typography and photography style. You’ll discover our verbal expression—including our brand voice and sample copywriting. And, you’ll see how to bring it all together with directions and examples. This document and other related brand tools like templates and logos are available on the Marketing Resources page on the Chapter Services section at irem.org. Just click “Brand Guidelines, Logos, and Fonts” or “Templates” to find them. For additional questions about implementing the IREM brand, please contact the IREM Headquarters marketing department at [email protected]. Note: Only the first written mention of the IREM name in this document (above) is accompanied by the superscripted registration mark. More about our new “first mention” policy on page 7. 3 Brand attributes What guides our brand expression The IREM brand attributes are descriptors that guide every visual/verbal expression and behavior of our brand.
    [Show full text]
  • Morfemizacija Krnjih Leksičkih Osnova U NS Engleskom Jeziku: Leksikološki I Leksikografski Aspekti
    Univerzitet u Novom Sadu Filozofski fakultet Mr GORDANA LALIĆ-KRSTIN MORFEMIZACIJA KRNJIH LEKSIČKIH OSNOVA U SAVREMENOM ENGLESKOM JEZIKU: LEKSIKOLOŠKI I LEKSIKOGRAFSKI ASPEKTI doktorska disertacija mentor: prof. dr Tvrtko Prćić NOVI SAD, 2016. UNIVERZITET U NOVOM SADU FILOZOFSKI FAKULTET KLJUČNA DOKUMENTACIJSKA INFORMACIJA Redni broj: RBR Identifikacioni broj: IBR Tip dokumentacije: monografska dokumentacija TD Tip zapisa: tekstualni štampani materijal TZ Vrsta rada: doktorska disertacija VR Autor: mr Gordana Lalić-Krstin AU Mentor / komentor: prof. dr Tvrtko Prćić MN Naslov rada: Morfemizacija krnjih leksičkih osnova u NS engleskom jeziku: leksikološki i leksikografski aspekti Jezik publikacije: srpski JZ Jezik izvoda: srpski, engleski JI Zemlja publikovanja: Srbija ZP Uže geografsko područje: Vojvodina UGP Godina: 2016. GO Izdavač: autorski otisak IZ Mesto i adresa: MS Fizički opis rada: A4, 293 strane, 4 poglavlja, 410 FO bibliografskih jedinica Naučna oblast: lingvistika OB Naučna disciplina: morfologija, tvorba reči, leksikologija, DI leksikografija Predmetna odrednica / Ključne reči: lingvistika, morfologija, tvorba reči, PO leksikologija, leksikografija / engleski jezik, morfemizacija, krnja osnova, leksičko slivanje, leksikologija, leksikografija, rečnik slivenica UDK: Čuva se u: Univerzitet u Novom Sadu, Filozofski ČU fakultet Važna napomena: VN Izvod: Ova disertacija se bavi procesom IZ morfemizacije krnjih osnova koje su nastale od leksičkihslivenica. Rekurzivinim slivanjem s različitim inicijalnim elementima, ove osnove se
    [Show full text]
  • Download Digilogic Brandguide
    DIGILOGIC CONTACT ONLINE Prototipi Nigeria Team www.digilogic.eu January 2021 THE FIRST PAN EU-AFRICA SUSTAINABLE NETWORK OF DIGITAL INNOVATION HUBS (DIHS) FOCUSSING ON SMART LOGISTIC Brand DIGILOGIC project is funded by the EU’s Horizon2020 programme under Grant Agreement number 101016583 Guidelines Welcome to the brand guide of DIGILOGIC. Contents © 2021-2023 DIGILOGIC 3 01 THE LOGO 02 THE COLOUR 03 TYPOGRAPHY 04 EC RECOGNITION DIGILOGIC Welcome WHY USE THESE GUIDELINES to DIGILOGIC We are very proud of our brand DIGILOGIC, and would like to see our brand expressed correctly throughout all styles of communication; electronic and printed visual media. From Nigeria to Italy, we may use the brand in different executions but the visual language is the same. This uniformity creates familiarity, and with it, admiration. 4 BRAND GUIDELINES Our OUR MISSION The vision of DIGILOGIC is to boost the cooperation and strategic partnership Foundational between European and African Digital Innovation Hubs (DIHs) paving the way for startups, SMEs and innovators to jointly develop smart logistics solutions, in close Principle cooperation with industries and ventures, securing sustainability and success. OUR PURPOSE The motivation that drives the EU-Africa DIGILOGIC project (hereafter abbreviated to “DIGILOGIC”) is to facilitate and stimulate the unleashing of the innovation potential within Africa’s young engineers and entrepreneurs. It achieves this through the creation of the first Pan EU-Africa sustainable network of Digital Innovation Hubs (DIHs), focussing on the topic of smart logistics. VOLUME 01 © 2021-2023 DIGILOGIC 5 01 The Logo 01. FINAL LOGO 02. LOGO CLEARSPACE 7 The highlight of the logo is the African Hare.
    [Show full text]
  • Font Family Clicker Script STIX Two STIX
    Font Family Clicker Script STIX Two STIX (A new version—STIX Two— was released in Dec 2016. Recommend using STIX Two for all new material) Source Code Pro Source Sans Pro DejaVu Bitstream Vera Liberation (version 2.00.
    [Show full text]