DOCSLIB.ORG

OLE and the SAS System for Windows Release 6.12

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
OLE and the SAS System for Windows Release 6.12 OLE and the SAS System for Windows Release 6.12 Jennifer Clegg and Carol Rigsbee, SAS Institute Inc., Cary, NC ABSTRACT information about its use within the SAS System. This paper describes the OLE support within the SAS System for Windows Release 6.12. This support includes BASIC CONTAINER SUPPORT OLE container, OLE automation con- troller, and OLE automation server func- Overview of OLE tionality. OLE container and OLE con- The SAS System’s basic container sup- troller support is available in SAS/AF ports the creation of Linked and Embed- FRAME entries and SAS/EIS applica- ded objects, drag and drop, and visual tions. OLE automation server support is editing. available with base SAS software. Objects can be Linked or Embedded de- pending on your needs. Use Linked ob- INTRODUCTION jects when you want the data in the con- tainer to update dynamically when the This paper provides an overview of the source changes. Use Embedded objects OLE support in the SAS System. For if you want to edit the object within the more details on OLE in general, see the container or if a link would be unavail- documentation for the Microsoft Win- able later. dows operating environment. For further details on OLE support within the SAS Drag and drop provides an easy way to System, refer to the online documenta- create an Embedded or Linked object tion for the SAS Companion. within a container. Drag and drop sup- ports keyboard modifiers to alter the be- OLE facilitates the exchange of informa- havior of a drop. By default, dragging tion between applications. OLE contain- an object moves the object. To copy an ers include objects and controls from object, hold down the Ctrl key when you other applications. Through OLE auto- drop the object in the container. The mation, OLE controllers script objects in cursor will change to an arrow with a other applications. OLE servers are the box and a plus (+) sign. To create a link applications that provide these objects. to the object data, hold down the Ctrl and Shift keys when you perform the OLE functionality within the SAS Sys- drop. The cursor will become an arrow tem falls into three categories: basic with a box and an equals (=) sign. If the container support, OLE automation sup- target area is not a valid drop site or the port, and OLE controls support. Each operation is not supported, the cursor section of this paper discusses the par- will change to the not (∅) sign. ticular OLE feature followed by specific Visual editing allows you to edit an ob- gion to designate the size of the object. ject within the context of its container. When using MAKE, the server determines The container takes on the user interface the default size of the object. For bitmaps of the server. The menus, toolbars, and and other objects that do not scale well, status line switch to the ones normally MAKE is preferable because the object re- provided by the server. Below is an ex- tains its appearance. ample of a Microsoft Word object being visually edited in the SAS container. The SAS System creates HSERVICE entries in SAS Catalogs to store the nec- essary information about Linked and Embedded objects. These entries are only portable to other Windows plat- forms. Creating OLE Objects in FRAME One of the ways you can create OLE objects in FRAME is to use the Insert Object dialog. To access this dialog, se- Not all servers support visual editing. lect MAKE or FILL from the frame’s Some servers may support open editing popup menu. Scroll through the list of where the server launches as a separate items and select OLE - Insert Object. application and all editing occurs in that The dialog is below. application’s window. By design, Linked objects only support open editing. Em- bedded objects may support visual edit- ing or open editing depending on the server. Overview of OLE and the SAS System There are multiple ways to create Em- bedded and Linked objects with the SAS Notice that there are three radio buttons System. First, you need to bring up the in this dialog. The first one is Create SAS BUILD:DISPLAY window so you New. Selecting this button will display a can create a FRAME entry that will list of available object types. This list contain your OLE objects. To do this will vary based on the OLE-capable ap- submit the following statement: plications on your machine. Selecting an proc build c=sasuser.ole.demo.frame; run; object type from this list and pressing OK will result in the creation of an Embed- To create OLE objects you can select ded object. Since this is a new instance FILL or MAKE from the frame’s popup of an object, the server starts the object menu. To access the popup menu, posi- in edit mode, either visual editing or open tion your mouse in the BUILD window editing, depending on what the server and click the right mouse button. When supports. Click outside the object, else- using FILL, you must first drag out a re- 2 where on the frame, to end visual editing. Metafile, Device Independent Bitmap, or Exit the server to end open editing. Bitmap. Select the desired choice and click the Paste button to create any If you select the second radio button, type of object except Linked. You must Create from File, the dialog allows select the Paste Link radio button to you to create an object based on the create a Linked object. Metafile, Device contents of a file. The dialog prompts Independent Bitmap, and Bitmap are all you for the filename. The Insert Object static data representations of an object. dialog with this option selected is below. You may view these objects in a con- tainer but not edit them. Another way to create an object is to read an existing object from a SAS cata- log. To read an object from a catalog select OLE - Read Object from the MAKE or FILL menus. Enter the HSERVICE entry name of the object you want to read. Reading an object If you do not know the filename, you can from a catalog is equivalent to copying browse for the file to use to create this an object. This method allows you to ac- object. Using this method will create an cess objects in other frames. You must Embedded object based on the contents change the name of the HSERVICE en- of the file. To create a Linked object, try in the Object Attributes dialog after click the Link check box to select it. you create the object if you want to save the object as a separate catalog entry. The OLE Controls section describes the third radio button, Insert Control. You can also use drag and drop to create a new object based on an existing object Another way to create a Linked or Em- or data in an application. bedded object is to use the Paste Special dialog. This dialog is available from the OLE Verbs MAKE or FILL menus as OLE - Paste One important feature of OLE objects is Special. that they expose verbs. Verbs are ac- tions that can be performed on an object. Each OLE object has a default verb as- sociated with it. Most objects expose “Edit” as the default verb. Some objects, such as media clip, expose “Play” as the default verb. The default verb is impor- tant because double-clicking an object in TESTAF executes this action. Most ob- jects have more than one verb. The Paste Special dialog allows you to create an object based on data from the To access all the verbs for an object in clipboard. You may create objects of the BUILD, click on the object with the right following types: Embedded, Linked, 3 mouse button to access the frame’s date of a link, edit the source of a link, or menu. The name of the OLE object is break a link. Breaking the link will the last item on the menu. This menu change the object to a static representa- contains a list of selections available with tion. The Links dialog displays all this object. Below is a fragment of the Linked objects in the current frame. You frame’s menu showing the object’s menu. can access the Links dialog by typing DLGLINKS on a command line or by using SCL to pass DLGLINKS as a verb to the object using the _EXECUTE_ method. In BUILD you can also access the Links dialog from the object’s menu. The first set of selections (before the separator) is the list of verbs. The first selection is the default verb. You can select any of these verbs to execute that The Convert dialog allows you to specify action. Additional selections available an alternate editor for an object when the from this menu include the Links and original server is unavailable. If you Convert dialogs. convert an object, it permanently be- comes an object of the new type. You You can also view the list of verbs for an can also use this dialog to activate an object by invoking the Object Attributes object as an object of another type. The dialog and selecting the Associated storage for the object is unaltered and all Verbs item. Using SCL, you can pro- objects of this type on your system will grammatically execute verbs using the now use the new application for editing. _EXECUTE_ method. An example is Conversion and activation support de- below: pends on the servers installed on your system.
Load more

Recommended publications
  • Microsoft Patches Were Evaluated up to and Including CVE-2020-1587
    Honeywell Commercial Security 2700 Blankenbaker Pkwy, Suite 150 Louisville, KY 40299 Phone: 1-502-297-5700 Phone: 1-800-323-4576 Fax: 1-502-666-7021 https://www.security.honeywell.com The purpose of this document is to identify the patches that have been delivered by Microsoft® which have been tested against Pro-Watch. All the below listed patches have been tested against the current shipping version of Pro-Watch with no adverse effects being observed. Microsoft Patches were evaluated up to and including CVE-2020-1587. Patches not listed below are not applicable to a Pro-Watch system. 2020 – Microsoft® Patches Tested with Pro-Watch CVE-2020-1587 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2020-1584 Windows dnsrslvr.dll Elevation of Privilege Vulnerability CVE-2020-1579 Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability CVE-2020-1578 Windows Kernel Information Disclosure Vulnerability CVE-2020-1577 DirectWrite Information Disclosure Vulnerability CVE-2020-1570 Scripting Engine Memory Corruption Vulnerability CVE-2020-1569 Microsoft Edge Memory Corruption Vulnerability CVE-2020-1568 Microsoft Edge PDF Remote Code Execution Vulnerability CVE-2020-1567 MSHTML Engine Remote Code Execution Vulnerability CVE-2020-1566 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-1565 Windows Elevation of Privilege Vulnerability CVE-2020-1564 Jet Database Engine Remote Code Execution Vulnerability CVE-2020-1562 Microsoft Graphics Components Remote Code Execution Vulnerability
    [Show full text]
  • 4. Simulation Software: Current
    4. SIMULATION SOFTWARE : CURRENT EXPERIENCES AND THE DOT NET SIM PROJECT Chapter overview 64 4.1. Current experiences in simulation software: 66 4.1.1. Process Simulator TM 67 4.1.2. Micro Saint Sharp TM 69 4.1.3. HighMast TM 71 4.2. An alternative vision for simulation software 73 4.3. The idea of DotNetSim 79 4.4. The DotNetSim computing technological background 81 4.4.1. The Microsoft Automation 81 4.4.2. The Microsoft .NET Framework 83 4.4.3. .NET Framework’s Architectural components 85 4.4.4. Multiplatform and multiple lingual integration 88 4.4.5. Integration of Microsoft Office with the .NET Framework 90 4.5. The DotNetSim prototype 91 4.5.1. DotNetSim and other developments 93 4.6. The Chapter in context 96 CHAPTER OVERVIEW The successive advances in computer science have constantly increased the 64 CHAPTER 4 - SIMULATION SOFTWARE : CURRENT EXPERIENCES AND THE DOT NET SIM expectations of the users and developers of application software, simulation software applications in our case. The early expectations and concerns with the proper processing of the input data were replaced by concerns over the portability, usability, extension and integration of software. Nowadays, correct functioning, portability and ease of use are taken for granted. It is also taken for granted that simulation packages are extensible to meet specific needs and that data can flow in and out of different packages. Current expectations and concerns are diverse, but focus mainly on the ease and speed of customisation. However, it is likely that, some time in the future, developers, builders or end users may want tools that let them select, modify and assemble only the functionality that each simulation solution requires.
    [Show full text]
  • Open Excel Spreadsheet Using C
    Open Excel Spreadsheet Using C Assayable Jens dingo very discretionally while Anders remains itchiest and pitchier. Carlyle usually rainproofs psychically or syndicating appetizingly when indeterminate Herold buccaneers undutifully and sedately. Lily-white Lex bowse his placket disinherits pitapat. A Simple reward to Read on Excel Spreadsheet Let us start than opening form sample spreadsheet from openpyxl import loadworkbook. Never shot out touch the latest updates and handy tips for getting the most fell of Google Docs. Places the bitch in the worksheet header. Follow the options in effect from the compress function designed for the file extension is. Created in asp. While traveling outside, i keep it could be relied on this process to do this. The Google Sheets you friend with added security and overlap for teams. Excel evaluate the client machine. LibXL is enterprise library for whole reading precise writing the Excel files xlsxlsx without OLE automation and Microsoft Excel Supports C C CNET Delphi PHP. What excel spreadsheets using the use to us by opening a worksheet? The spreadsheet using a better in a good future of opening a string columns have used on which you need that we make the formula of. Curated by its Real Python team. SpreadsheetOpenCMyModelsSales Numbersxls ExcelWorkbook. Make it open spreadsheet using open excel spreadsheet as column headers and csv file which office access. This programming language has gained traction over recent years. How quite i like an excel file using C UNIX and Linux Forums. C code to update excel became The ASPNET Forums. There appear not be literally tens of thousands of them.
    [Show full text]
  • Using SAS® Data to Drive Microsoft Office Darren Key and David Shamlin, SAS Institute, Cary, NC
    NESUG 15 Emerging Technologies Using SAS® Data To Drive Microsoft Office Darren Key and David Shamlin, SAS Institute, Cary, NC Office applications expose groups of related features through ABSTRACT automation interfaces. An interface is a collection of functions (also called methods) and attributes (also called properties) that Microsoft Office provides tools for integrating its suite of can be called from other application code. In one of our case programs with other vendors’ data sources. There are a variety of studies, we use a special automation interface that allows Excel ways to do this using various ActiveX components and VBA and Access to call custom data import and export wizards scripting techniques. While the number of choices available can implemented as COM add-ins. The interface is called add to the complexity of creating a customized solution, the IDTExtensibility2 and contains five methods: basics of integrating with SAS data sources can be simplified with some basic code patterns for migrating data and reports between • Microsoft Office and SAS. OnAddInsUpdate • OnBeginShutdown We will outline basic patterns for importing SAS data into • OnConnection Microsoft Office documents as well as exporting data back to • OnDisconnetion SAS. The paper gives implementations of these patterns in the • OnStartupComplete form of Visual Basic code that can be customized for site-specific usage scenarios. We will demonstrate the application of these Each of these methods is called by the Office application (also techniques to tasks involving the migration of data between SAS called the host application) running the add-in during different data sets and Microsoft Office and Outlook applications.
    [Show full text]
  • (Forte 4GL) Integrating with External Systems, Version
    Integrating with External Systems Release 3.5 of Forte™ 4GL Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303 U.S.A. 1-800-786-7638 Part No. 806-6672-01 October 2000, Revision A Copyright 2000 Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, California 94303, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in this product. In particular, and without limitation, these intellectual property rights include U.S. Patent 5,457,797 and may include one or more additional patents or pending patent applications in the U.S. or other countries. This product is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. c-tree Plus is licensed from, and is a trademark of, FairCom Corporation. Xprinter and HyperHelp Viewer are licensed from Bristol Technology, Inc. Regents of the University of California. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun Logo, Forte, and Forte Fusion are trademarks or registered trademarks of Sun Microsystems, Inc.
    [Show full text]
  • Intranet-Based Management of CAN Devices
    Intranet-Based Management of CAN Devices Dr.-Ing. Martin Wollschlaeger, Dipl.-Ing. Stefan Wehrmann With the steadily growing use of CAN devices within complex automation systems, the need for effective management solutions becomes more and more obvious. The spreading integration of CAN systems into Local Area Networks (LAN) provides the opportunity to build such solutions on intranet-based technologies like HTTP or COM/DCOM. Particularly the chances of a link between the intranet-stored information and the fieldbus layer let the development of a new generation of management tools be more than likely. Based on the illustration of principles for connecting fieldbus and LAN new concepts for the representation of CAN Higher Layer Protocol structures and data by intranet-based objects are introduced. Examples of practical realizations of the concepts for managing CAN modules prove the feasibility and show the prospects. 1. Introduction providing easy access to manufacturing related data from standard office One of the most outstanding trends in in- environment. This offers a starting point formation technology’s recent develop- for the implementation of management ments is the trend towards network-centric functions for the underlying fieldbus and its systems. Special attention has to be paid components, that are accessible from any to the overwhelming development of the point within the process information Internet and its enabling technologies in system. hard- and software, like TCP/IP, compo- nentware, browser technology, Java etc. 2. Integration concepts Using these technologies in an Intranet on There are different scenarios for the inte- top of a LAN enables the integration of gration of fieldbus systems into LANs different hard- and software platforms, as (Figure 1).
    [Show full text]
  • Developing ADO.NET and OLE DB Applications
    DB2 ® DB2 Version 9 for Linux, UNIX, and Windows Developing ADO.NET and OLE DB Applications SC10-4230-00 DB2 ® DB2 Version 9 for Linux, UNIX, and Windows Developing ADO.NET and OLE DB Applications SC10-4230-00 Before using this information and the product it supports, be sure to read the general information under Notices. Edition Notice This document contains proprietary information of IBM. It is provided under a license agreement and is protected by copyright law. The information contained in this publication does not include any product warranties, and any statements provided in this manual should not be interpreted as such. You can order IBM publications online or through your local IBM representative. v To order publications online, go to the IBM Publications Center at www.ibm.com/shop/publications/order v To find your local IBM representative, go to the IBM Directory of Worldwide Contacts at www.ibm.com/ planetwide To order DB2 publications from DB2 Marketing and Sales in the United States or Canada, call 1-800-IBM-4YOU (426-4968). When you send information to IBM, you grant IBM a nonexclusive right to use or distribute the information in any way it believes appropriate without incurring any obligation to you. © Copyright International Business Machines Corporation 2006. All rights reserved. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Chapter 1. ADO.NET development for .NET common language runtime (CLR) routines . .57 Supported .NET CLR routine development software 58 DB2 databases . .1 Support for external routine development in ADO.NET application development .
    [Show full text]
  • Microsoft Excel Demo
    Oracle COM Automation Developer’s Guide Release 8.1.6 for Windows NT January 2000 Part No. A73027-01 Oracle COM Automation Developer’s Guide, Release 8.1.6 for Windows NT Part No. A73027-01 Copyright © 1999, 2000 Oracle Corporation. All rights reserved. Contributors: Eric Belden, Kin Lau, Kian Fai Leong, Barmak Meftah, Steve Norall, Jeff Stein The Programs (which include both the software and documentation) contain proprietary information of Oracle Corporation; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. Oracle Corporation does not warrant that this document is error free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Oracle Corporation. If the Programs are delivered to the U.S. Government or anyone licensing or using the programs on behalf of the U.S. Government, the following notice is applicable: Restricted Rights Notice Programs delivered subject to the DOD FAR Supplement are "commercial computer software" and use, duplication, and disclosure of the Programs, including documentation, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement.
    [Show full text]
  • Hyperion® System 9 BI + Interactive Reporting Object Model And
    HYPERION® SYSTEM™ 9 BI+™ INTERACTIVE REPORTING™ RELEASE 9.2 OBJECT MODEL AND DASHBOARD DEVELOPMENT SERVICES DEVELOPER’S GUIDE VOLUME I: DASHBOARD DESIGN GUIDE Copyright 1989-2006 Hyperion Solutions Corporation. All rights reserved. “Hyperion,” the Hyperion logo, and Hyperion’s product names are trademarks of Hyperion. References to other companies and their products use trademarks owned by the respective companies and are for reference purpose only. No portion hereof may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose other than the recipient’s personal use, without the express written permission of Hyperion. The information contained herein is subject to change without notice. Hyperion shall not be liable for errors contained herein or consequential damages in connection with the furnishing, performance, or use hereof. Any Hyperion software described herein is licensed exclusively subject to the conditions set forth in the Hyperion license agreement. Use, duplication or disclosure by the U.S. Government is subject to restrictions set forth in the applicable Hyperion license agreement and as provided in DFARS 227.7202-1(a) and 227.7202-3(a) (1995), DFARS 252.227-7013(c)(1)(ii) (Oct 1988), FAR 12.212(a) (1995), FAR 52.227-19, or FAR 52.227-14, as applicable. Hyperion Solutions Corporation 5450 Great America Parkway Santa Clara, California 95054 Printed in the U.S.A. Contents Preface . ix Audience . x Document Structure . x Related Documents . x Where to Find Documentation . xi Help Menu Commands . xi Conventions . xii Additional Support .
    [Show full text]
  • Proficy Ifix 6.5 OPC Client Driver
    Proficy iFIX 6.5 OPC Client Driver GE Digital Proficy Historian and Operations Hub: Data Analysis in Context 1 Proprietary Notice The information contained in this publication is believed to be accurate and reliable. However, General Electric Company assumes no responsibilities for any errors, omissions or inaccuracies. Information contained in the publication is subject to change without notice. No part of this publication may be reproduced in any form, or stored in a database or retrieval system, or transmitted or distributed in any form by any means, electronic, mechanical photocopying, recording or otherwise, without the prior written permission of General Electric Company. Information contained herein is subject to change without notice. © 2021, General Electric Company. All rights reserved. Trademark Notices GE, the GE Monogram, and Predix are either registered trademarks or trademarks of General Electric Company. Microsoft® is a registered trademark of Microsoft Corporation, in the United States and/or other countries. All other trademarks are the property of their respective owners. We want to hear from you. If you have any comments, questions, or suggestions about our documentation, send them to the following email address: [email protected] Table of Contents OPC Client Driver 1 OPC I/O Driver Overview 1 About the OPC Client Driver 1 OLE Automation Technology 2 Integration with iFIX 2 Event-Driven Architecture 2 OPC Compliance 2 How the I/O Driver Works 2 1. I/O Server 3 2. I/O Server Objects 3 3. OLE Interfaces 4 4. I/O DLL 4 5. Common Memory DLL 4 6. NIO DLL 4 7.
    [Show full text]
  • The Best of Sqlservercentral.Com Vol. 3
    The Best of SQLServerCentral.com — 3 Vol. In April 2001 six geeks banded together to form a more perfect site. Three years and 140,000+ members later, SQLServerCentral.com is one of the premier SQL Server communities in the world. We’ve got over 1,000 articles, 100s of scripts and FAQs, everything you would need as a SQL Server DBA or developer, and all The Best of at a great price — free. This book contains the best material published on the site from 2004. It’s a SQLServerCentral.com variety of topics from administration to advanced querying. XML to DTS, security to performance tuning. And of course, the famous White Board, Flip Chart, or Notepad debate. Vol. 3 So why print a book containing material you can get for free? Take a minute, read the introduction and find out! Essays and Ideas from the SQL Server Community Ameet Phadnis, Amit Jethra, Andre Vigneau, Andy Warren, Anthony Bressi, Ashish Kaushal, Brian Kelley, Brian Knight, Bruce Szabo, Chris Cathers, Chris Kempster, Christoffer Hedgate, Dale Elizabeth Corey, David Poole, Denny Figuerres, Dinesh Asanka, Dinesh Priyankara, Don Peterson, Eli Leiba, G Vijayakumar, Goce Smilevski, Haidong Ji, James Luetkehoelter, James Travis, Jeff Moden, Jeffrey Yao, Joe Sack, Jon Reade, Jon Winer, Joseph Gama, Keith Henry, Kevin O’Donovan, Krishna Sonti, Leo Peyasakhovich, Mark Nash, Nicholas Cain, Patryk Nowakowski, Paul Ibison, Randy Dyess, Ramesh Gummadi, Ramunas Balukonis, Robert Marda, Robert Pearl, Robin Back, Sanket Naik, Santveer Singh, Sharad Nandwani, Shiv Kumar, Sotiris Filippidis, Stefan Popovski, Stephen Lasham, Steve Jones, Sureshkumar Ramakrishnan, Vinod Kumar, Wayne Fillis, Wes Brown Shelving: Database/SQL Server $19.95 USA The Best of SQLServerCentral.com – Vol.
    [Show full text]
  • Automated Malware Analysis Report for 18-02-22-(K-Irie).Xls
    ID: 47598 Sample Name: 18-02-22-(k- irie).xls Cookbook: defaultwindowsofficecookbook.jbs Time: 01:30:58 Date: 23/02/2018 Version: 21.0.0 Table of Contents Table of Contents 2 Analysis Report 4 Overview 4 General Information 4 Detection 4 Confidence 5 Classification 5 Analysis Advice 5 Signature Overview 6 AV Detection: 6 Software Vulnerabilities: 6 Networking: 6 Data Obfuscation: 6 Spreading: 6 System Summary: 6 HIPS / PFW / Operating System Protection Evasion: 7 Anti Debugging: 7 Malware Analysis System Evasion: 7 Hooking and other Techniques for Hiding and Protection: 7 Language, Device and Operating System Detection: 7 Behavior Graph 7 Simulations 8 Behavior and APIs 8 Antivirus Detection 8 Initial Sample 8 Dropped Files 8 Unpacked PE Files 8 Domains 9 Yara Overview 9 Initial Sample 9 PCAP (Network Traffic) 9 Dropped Files 9 Memory Dumps 9 Unpacked PEs 9 Joe Sandbox View / Context 9 IPs 9 Domains 9 ASN 9 Dropped Files 10 Screenshot 10 Startup 11 Created / dropped Files 11 Contacted Domains/Contacted IPs 12 Contacted Domains 12 Contacted IPs 12 Static File Info 13 General 13 File Icon 13 Static OLE Info 13 General 13 OLE File "18-02-22-(k-irie).xls" 14 Indicators 14 Summary 14 Document Summary 14 Streams with VBA 14 Copyright Joe Security LLC 2018 Page 2 of 23 VBA File Name: Sheet1.cls, Stream Size: 977 14 General 14 VBA Code Keywords 14 VBA Code 14 VBA File Name: ThisWorkbook.cls, Stream Size: 5760 14 General 14 VBA Code Keywords 15 VBA Code 16 Streams 16 Stream Path: \x1CompObj, File Type: data, Stream Size: 107 16 General 16 Stream
    [Show full text]