Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page


12 September 2009

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.



Packed
MD5 		UnPacket
MD5 		Victim
OS 		AntiVirus
Hit-Cnt 		First
Encounter 		Last
Encounter 		Freq
Cnt 		Behavioral
Clusters 		Unpacked
Egg.asm 		Packer
Fingerprint 		API
Resolution 		String
Cnt 		Syscall
Trace
c89b154681
NEW
d2b40c91a1
NEW		 58d02dbffa [0]
fbaa414397[0]
fbaa414397[0]		 WinXP 37 of 41 15:34:16 15:34:16 1 none:none
none:none
 StarForce|
Armadillo|		 none
none		 trace
trace
53bfe15e91
NEW
73f1082158
NEW		 1473091351 [0]
none [0]		 Win2K-f
WinXP		 0 of 32 01:17:36 21:15:07 4 ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
38e8f258e7
NEW
80a65838c6
NEW
95ca496b37
NEW		 871a2e904e [0]
5a961ecaa3[0]
9c39a10179[0]
9c39a10179[0]		 Win2K-f
WinXP		 19 of 41 16:41:54 23:15:07 2 none:none
none:none
none:none
 none|none
tElock|
none|none		 none
none
none		 trace
trace
trace
53bfe15e91
NEW		 1473091351 [0] Win2K-f
WinXP		 33 of 33 01:17:36 22:59:09 8 ASM:Graph
 tElock| 96% lines=75
embedded dns		 trace
682a384fe9
NEW		 none [3] Win2K-f 31 of 41 22:40:23 22:40:23 1 none:none
 none|none none trace
38e8f258e7
NEW
8a75955033
NEW
9276c8b36b
NEW		 871a2e904e [0]
2bf3e548b9[0]
2bf3e548b9[0]
none [0]		 Win2K-f 28 of 32 16:41:54 16:41:54 1 none:none
ASM:Graph
ASM:Graph
 none|none
tElock|
Armadillo|		 47% none
lines=126
embedded dns
lines=81		 trace
trace
trace
38e8f258e7
NEW
6ec2a8994b
NEW		 871a2e904e [0]
398aab9636[0]
398aab9636[0]		 Win2K-f 30 of 33 09:07:20 09:07:20 1 none:none
none:none
 none|none
tElock|		 none
none		 trace
trace
df17a625ee
NEW		 none [0] WinXP 29 of 29 06:42:58 06:42:58 1 none:none
 ASPack| 72% lines=298
embedded dns		 trace
3e30dc90de
NEW		 d5e7d16040 [0] Win2K-f 38 of 41 02:14:49 02:14:49 1 none:none
 StarForce| none trace
74c3429921
NEW		 1265c25f7f [0] WinXP 40 of 41 02:50:48 02:50:48 1 none:none
 PolyEnE| none trace
38e8f258e7
NEW
80a65838c6
NEW
95ca496b37
NEW
f82d977dc5
NEW		 871a2e904e [0]
5a961ecaa3[0]
9c39a10179[0]
7e2c966516[0]
7e2c966516[0]		 WinXP 40 of 41 23:15:07 23:15:07 1 none:none
none:none
none:none
none:none
 none|none
tElock|
none|none
Armadillo|		 none
none
none
none		 trace
trace
trace
trace
38e8f258e7
NEW
533d15b5ce
NEW		 871a2e904e [0]
c67adf46e2[0]
c67adf46e2[0]		 Win2K-f 30 of 33 21:46:14 21:46:14 1 none:none
ASM:Graph
 none|none
tElock|		 96% none
lines=126
embedded dns		 trace
trace
a12cab51ef
NEW		 none [0] WinXP 29 of 29 08:01:02 21:38:28 3 none:none
 ASPack| 54% lines=281
embedded dns		 trace
38e8f258e7
NEW
9ba2752f0b
NEW		 871a2e904e [0]
none [3]		 Win2K-f
WinXP		 1 of 40 09:07:20 09:36:27 2 none:none
none:none
 none|none
UPX|		 none
none		 trace
trace
38e8f258e7
NEW
8a75955033
NEW		 871a2e904e [0]
2bf3e548b9[0]
2bf3e548b9[0]		 Win2K-f 29 of 32 16:41:54 16:41:54 1 none:none
ASM:Graph
 none|none
tElock|		 96% none
lines=126
embedded dns		 trace
trace
218ce30f5c
NEW		 none [3] WinXP 18 of 35 23:56:26 23:56:26 1 none:none
 none|none none trace
38e8f258e7
NEW		 871a2e904e [0] Win2K-f
WinXP		 12 of 40 09:07:20 23:15:07 5 none:none
 none|none none trace
616f21b486
NEW		 348063e1c2 [0] Win2K-f 39 of 41 14:07:55 14:07:55 1 none:none
 StarForce| none trace
9716d7995a
NEW		 c3a5354b6f [0] WinXP 35 of 35 04:42:24 04:42:24 1 none:none
 PolyEnE| none trace
3842e66ff7
NEW
39336e51eb
NEW
524bc0f75c
NEW		 fc7c8aaf10 [0]
3f5ab71d39[0]
d3e9510bb3[0]
d3e9510bb3[0]		 Win2K-f 32 of 38 03:39:31 03:39:31 1 none:none
none:none
none:none
 EXECrypto|
Neolite|
PENinja S|		 none
none
none		 trace
trace
trace
38e8f258e7
NEW
9ba2752f0b
NEW
dab4da4e21
NEW		 871a2e904e [0]
none [3]
e63b813015[0]
e63b813015[0]		 WinXP 37 of 39 09:36:27 09:36:27 1 none:none
none:none
ASM:Graph
 none|none
UPX|
PolyEnE|		 100% none
none
lines=134		 trace
trace
trace
96511f48b8
NEW		 none [3] Win2K-f 33 of 41 10:52:01 10:52:01 1 none:none
 none|none none trace
7f38ca84af
NEW		 89991cf07f [0] WinXP 39 of 41 11:45:22 11:45:22 1 none:none
 PolyEnE| none trace
8459377032
NEW
8c3fbe8572
NEW		 2f809ba47f [0]
6d017d228b[0]
6d017d228b[0]		 WinXP 39 of 41 11:45:32 11:45:32 1 none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
38e8f258e7
NEW
533d15b5ce
NEW
58c343a8d8
NEW		 871a2e904e [0]
c67adf46e2[0]
c67adf46e2[0]
none [0]		 Win2K-f 28 of 33 21:46:14 21:46:14 1 none:none
ASM:Graph
none:none
 none|none
tElock|
Armadillo|		 0% none
lines=126
embedded dns
lines=91		 trace
trace
trace
3842e66ff7
NEW
39336e51eb
NEW		 fc7c8aaf10 [0]
3f5ab71d39[0]
3f5ab71d39[0]		 Win2K-f 29 of 41 03:39:31 03:39:31 1 none:none
none:none
 EXECrypto|
Neolite|		 none
none		 trace
trace
3f136c55b3
NEW		 f4e18974f3 [0] WinXP 39 of 41 04:11:21 04:11:21 1 none:none
 tElock| none trace
38e8f258e7
NEW
80a65838c6
NEW		 871a2e904e [0]
5a961ecaa3[0]
5a961ecaa3[0]		 WinXP 40 of 41 23:15:07 23:15:07 1 none:none
none:none
 none|none
tElock|		 none
none		 trace
trace
770a04a72c
NEW		 none [3] Win2K-f 15 of 41 19:17:39 19:17:39 1 none:none
 none|none none trace
38e8f258e7
NEW
6ec2a8994b
NEW
9ba2752f0b
NEW
bcf66a38c8
NEW		 871a2e904e [0]
398aab9636[0]
none [3]
570133b348[0]
570133b348[0]		 Win2K-f 2 of 35 09:07:20 09:07:20 1 none:none
none:none
none:none
none:none
 none|none
tElock|
UPX|
Armadillo|		 none
none
none
none		 trace
trace
trace
trace
3842e66ff7
NEW		 fc7c8aaf10 [0] Win2K-f 40 of 41 03:39:31 03:39:31 1 none:none
 EXECrypto| none trace
218ce30f5c
NEW
a08f3b74a4
NEW		 none [3]
none [0]		 WinXP
Win2K-f		 0 of 33 10:33:48 23:56:26 6 none:none
none:none
 none|none
Armadillo|		 0% none
lines=90		 trace
trace
b27d73bfcb
NEW		 473c6454ce [0] WinXP 35 of 36 07:54:38 07:54:38 1 ASM:Graph
 PolyEnE| 100% lines=68 trace
c89b154681
NEW		 58d02dbffa [0] WinXP 40 of 41 15:34:16 15:34:16 1 none:none
 StarForce| none trace
38e8f258e7
NEW
6ec2a8994b
NEW
9ba2752f0b
NEW
bcf66a38c8
NEW
deca0a71d7
NEW		 871a2e904e [0]
398aab9636[0]
none [3]
570133b348[0]
6e7c1a39e4[0]
6e7c1a39e4[0]		 Win2K-f 15 of 41 09:07:20 09:07:20 1 none:none
none:none
none:none
none:none
none:none
 none|none
tElock|
UPX|
Armadillo|
tElock|		 none
none
none
none
none		 trace
trace
trace
trace
trace
3f136c55b3
NEW
ac394d7d5f
NEW		 f4e18974f3 [0]
c9a79e75f5[0]
c9a79e75f5[0]		 WinXP 38 of 41 04:11:21 04:11:21 1 none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
trace
8459377032
NEW		 2f809ba47f [0] WinXP 38 of 41 11:45:32 11:45:32 1 none:none
 Armadillo| none trace
9bb68450cd
NEW		 c2d5ac2315 [0] WinXP 34 of 36 16:45:30 16:45:30 1 ASM:Graph
 PolyEnE| 100% lines=73
embedded dns		 trace