Friday, October 19, 2018

Five Best Coincidences Between Sachin and Sehwag

Openers and opening partnership are a very important part in any cricket match, across the formats. Many opening batting pair get the attraction from the spectators that one partner chooses to play anchor role and another one smash. When word 'SMASH' pronounced by cricket fans, they probably think about Virender Sehwag. Sehwag is a hard working person that is the whole reason he got the chance to open the batting with his own mentor/Guru, Sachin Tendulkar. Today, October 20, marks the birthday of Sehwag, so we created an interesting post between Sachin and Sehwag.

1) Same Number Of Double Centuries

Both Sachin & Sehwag Smashed 1 Double Century In ODI Cricket

Sachin (200* vs SA)
Sehwag (219 vs WI)



Both Sachin & Sehwag Smashed 6 Double Centuries In Test Cricket

Sachin (248*, 241*, 217, 214, 203, 201)
Sehwag (319, 309, 293, 254, 201, 201*)

2) Debut & Last Match In ODI Against the Same Opponent

Sachin Played His 1st ODI Match vs Pak (1989)
Sehwag Played His 1st ODI Match vs Pak (1999)

Sachin Played His Last ODI Match vs Pak (2012)
Sehwag Played His Last ODI Match vs Pak (2013)

3) 1st ODI Century at Same City

Sachin Smashed 1st ODI Century at Colombo (110 vs Aus)
Sehwag Smashed 1st ODI Century at Colombo (100 vs NZ)

4) In IPL

Sachin Scored 12 Runs In His Debut IPL Match (vs CSK)
Sehwag Scored 12 Runs In His Debut IPL Match (vs RR)

Sachin Won His Last IPL M.O.M Award at Wankhede Stadium (vs KKR)
Sehwag Won His Last IPL M.O.M Award at Wankhede Stadium (vs CSK)

5) Double Centuries at Same City

Sachin Smashed 1 Double Century at Colombo & at Bangalore
(203 vs SL at Colombo)
(214 vs Aus at Bangalore)


Sehwag Smashed 1 Double Century at Colombo & at Bangalore
(201* vs SL at Colombo)
(201 vs Pak at Bangalore)


Outside the field

And the relationship between Sachin and Sehwag is a really fantastic one. You want to see how real it was, have a look at this interview:

Post made by
newWorld team and Mohammed Shebas


Related Posts are:

10 The best coincidence between Sachin and Ganguly: http://www.edison-newworld.com/2018/10/10-best-coincidences-between-sachin.html

Five Cricketing Legends Who Picked Only One Indian Cricketer (Sachin Tendulkar) In Their All Time XI:
http://www.edison-newworld.com/2018/09/five-cricketing-legends-who-picked-only.html

Sachin Tendulkar and Virat Kohli - Coincidence: Interesting Facts which will blow your mind:
http://www.edison-newworld.com/2018/09/coincidence-between-sachin-tendulkar.html

Top Ten Quotes on Sachin Tendulkar:
http://www.edison-newworld.com/2018/09/top-ten-quotes-on-sachin-tendulkar.html

List of hundreds scored by Sachin Tendulkar’s in Test cricket:
http://www.edison-newworld.com/2013/12/list-of-hundreds-scored-by-sachin.html

Secret Ingredient for Success (part I): 
http://www.edison-newworld.com/2013/11/secret-ingredient-for-success-part-i.html

Monday, October 8, 2018

10 Best Coincidences Between Sachin Tendulkar & Sourav Ganguly: Interesting Facts which will blow your mind:

Sachin Tendulkar is the greatest batsman ever played for India and the greatest of all time cricketer. His closest companion in the field is Sourav Ganguly. Ganguly is often regarded as the best captain who headed India ever. Sachin and Ganguly were regarded as most successful right/left opening combination the world cricket ever seen. Let's see the mind-blowing coincidence of the two greatest players:


1) Sachin Right Handed Batsman, But Writes With Left Hand

Ganguly Left Handed Batsman, But Writes With Right Hand

2) Sachin Won M.O.M Award, When Ind 1st Time Scored 300+ In Odi

Ganguly Won M.O.M Award, When Ind 1st Time Chased 300+ In Odi

3) Sachin's 1st Intl Century vs Eng In Eng (14 Aug 1990)

Ganguly's 1st Intl Century vs Eng In Eng (20 June 1996)


4) Sachin Smashed 1st ODI Century at R. Premadasa Stadium, Colombo (9 Sep 1994)

Ganguly Smashed 1st ODI Century at R. Premadasa Stadium, Colombo (20 Aug 1997)

5) Sachin Picked 1st ODI Wicket against SL & Last ODI Wicket Against Pak

Ganguly Picked 1st ODI Wicket against SL & Last ODI Wicket Against Pak

6) Sachin & Ganguly Both Had two times five-wicket Hauls in ODI Cricket
(Among Them 1 is against Pak)

7) Sachin & Ganguly Both Smashed one Double Century at Bangalore
(Sachin On 11 Oct 2010
Ganguly On 8 Dec 2007)

8) Sachin & Ganguly Both Smashed 22nd ODI Century Against Kenya (Coincidently Both are In WC)

Sachin's 22nd ODI Century 140* vs Ken (1999WC)
Ganguly's 22nd ODI Century 111* vs Ken (2003WC)

9) Sachin & Ganguly Both Duck Out Only 4 Times in IPL

When Sachin Got out duck 1st Time In IPL (Opponents are KKR, Captain Is Ganguly)

When Ganguly Got out duck 1st Time In IPL
(Opponents are MI, Captain is Sachin)

10) Sachin & Ganguly Both Lost Their 1st Match as Captain.


Post made by
newWorld team and Mohammed Shebas


Related Posts are:

Five Cricketing Legends Who Picked Only One Indian Cricketer (Sachin Tendulkar) In Their All Time XI:
http://www.edison-newworld.com/2018/09/five-cricketing-legends-who-picked-only.html

Sachin Tendulkar and Virat Kohli - Coincidence: Interesting Facts which will blow your mind:
http://www.edison-newworld.com/2018/09/coincidence-between-sachin-tendulkar.html

Top Ten Quotes on Sachin Tendulkar:
http://www.edison-newworld.com/2018/09/top-ten-quotes-on-sachin-tendulkar.html

List of hundreds scored by Sachin Tendulkar’s in Test cricket:
http://www.edison-newworld.com/2013/12/list-of-hundreds-scored-by-sachin.html

Secret Ingredient for Success (part I): 
http://www.edison-newworld.com/2013/11/secret-ingredient-for-success-part-i.html

Tuesday, October 2, 2018

Analysis of recent Swizzor variant (aka) Stealer:

Overview

Trojan Swizzor variants having detection since early 2004 and it works by downloading and executing malicious files from the Internet on the infected machine. The primary channel of infection for Swizzor family is the internet. And it is known for stealing of personal data. In this case, our researcher monitored a malicious traffic and spotted the Swizzor binary as the downloaded file.

Analysis

While monitoring the traffic, we got an alert triggered by suspicious website communication. The suspicious websites are stored in our threat intelligence malicious website list which triggered by our rule.
Our rule picked the communication happened in the following URL:


hxxp://Judoalmoradi(.)com/LOGOS/puttyupdate45


So we managed to perform incident response activity in the host machine which connects to the malicious URL. We gathered the timeline analysis information from the host machine. During the timeline analysis, we spotted the process puttyupdate459.exe is found in the memory. The sample is taken for malware analysis:
File Hash: d85fa670e482083d83c7cfdea08b65729378b02b2dc31f009350f6385a459809
File Size: 227.5 KB 

Figure 1 Compiled using VC++

We are done with the execution of the specimen in the controlled environment and observer its behavior. The malicious process started querying general information on the file system and registry system.

Figure 2 Execution of malware - loaded in memory and starts querying
Then it creates a thread and which got the exit. That creation of a thread is logged as an event and we checked the properties of the event. 

Figure 3 Thread creation

Figure 4 Thread creation event
This unknown module in the stack appears to be suspicious and didn’t have any file path. The malicious process is creating a file in the temp location and writing the content to the file ‘A45F.bin’.

Figure 5 puttyupdate459.exe queries the computer name details and it creates a file in Temp location
It also queries for the presence of certain registry keys as follows, but they are not found:


puttyupdate459.exe      992         RegOpenKey     HKCU\Software\Classes\AppID\puttyupdate459.exe
NAME NOT FOUND         Desired Access: Read
puttyupdate459.exe      992         RegOpenKey     HKCR\AppID\puttyupdate459.exe          
NAME NOT FOUND         Desired Access: Read

This is due to the fact there will be a parent file which usually registers the entries for the downloaded malware. We open the .bin file in the temp location and it contains the following details:
Figure 6 A45F.bin file in the temp location



It keeps gets incremented the lines ‘LdrLoadFile’ and also we noticed each time iexplorer.exe loaded in the memory and get terminated. Each time the termination happen the increment of lines in bin file at temp location. 

Timeline analysis

With this analysis, we unable to observe complete behavior. So our incident response team run the redline script and collected the analysis session of the infected machine. During the redline analysis, we found the parent file which contains the above malicious URL: 
hxxp://Judoalmoradi(.)com/LOGOS/puttyupdate459

This malicious URL was used to download the puttyupdate459.exe file. The parent file details are:
SHA256: 21fc447f95143fd8595d364e526bb726d2e3e52983aebe2c1ae5d49d4e6e96f5

Figure 7 Parent file - Ursnif/Swizzor/Password Stealer

The parent file got password stealer, Pws (PSW), Swizzor and Ursnif detection. It is very much clear that our team made better incident response activity and found the file.

Reason for file not detected by AV?

Most of the AV vendors are detecting the parent file (SHA256: 21fc447f95143fd8595d364e526bb726d2e3e52983aebe2c1ae5d49d4e6e96f5) and downloaded file (puttyupdate459.exe). But when we found that the infected network infrastructure didn’t follow many best practices and the AV database where failed in definition update for several weeks. And we also collected their AV logs for log analysis, the AV actually triggered the alert on termination of on-access scan and AV shield processes. 
If they followed the best practices and proper monitoring facility, this infection could be avoided. 


Research and post were done by


IOC details:

URL
  • Judoalmoradi(.)com/LOGOS/puttyupdate45


File Hashes
  • 21fc447f95143fd8595d364e526bb726d2e3e52983aebe2c1ae5d49d4e6e96f5
  • d85fa670e482083d83c7cfdea08b65729378b02b2dc31f009350f6385a459809

Four New Assassin's Creed Game

  Assassin's creed Mirage protagonist Basim AKA LOKI Game happening in Baghdad 20 years before Assassin's creed Valhalla basically g...