Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

08 May 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

fc9addab43
NEW none[4] WinXP 21 of 31 23:32:38 23:32:38 1 none none:none
none|none none trace

64b36642a6
[Firefox: 3 hits: 04-28 to 05-07] none[4] Win2K-f 26 of 32 02:06:13 02:06:13 1 none none:none
none|none none trace

0197c6c127
[Firefox: 3 hits: 04-27 to 05-07] none[4] Win2K-f 28 of 32 11:12:25 11:12:25 1 none none:none
none|none none trace

e97b88e501
NEW 8f8dac80bb [0] WinXP 27 of 32 01:08:32 01:08:32 1 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

a2e1102c10
NEW a2e1102c10 [1] Win2K-f 19 of 31 07:35:08 07:35:08 1 none ASM:Graph
FSG| 50% lines=6 trace

4d83955c32
NEW none[4] WinXP 29 of 31 07:11:37 07:11:37 1 none none:none
none|none none trace

fd5013ce19
NEW none[4] Win2K-f 26 of 31 16:20:58 16:20:58 1 none none:none
none|none none trace

986b59708d
[Firefox:285 hits: 05-03 to 04-15] 8a00217866 [0] WinXP 29 of 29 16:28:17 16:28:17 1 none ASM:Graph
PolyEnE| 100% lines=57 trace

76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] WinXP 12 of 30 18:04:16 18:04:16 1 none none:none
none|none none trace

93282471f7
[Firefox: 9 hits: 04-28 to 05-07] 95951dee58 [0] Win2K-f 19 of 30 06:28:37 06:28:37 1 none ASM:Graph
ASProtect| 0% lines=0 trace

14ef234ad3
[Firefox: 7 hits: 04-29 to 05-07] none[4] Win2K-f 23 of 31 20:45:37 20:45:37 1 none none:none
none|none none trace

0ada72d805
[Firefox:29 hits: 05-17 to 05-05] 239ec78f15 [0] WinXP 29 of 29 16:33:33 16:33:33 1 none ASM:Graph
ASPack| 54% lines=281
embedded dns trace

3f5ec58a6b
[Firefox: 9 hits: 04-24 to 05-05] 4a77430a59 [0] WinXP 30 of 32 01:19:54 18:29:37 3 none ASM:Graph
PolyEnE| 99% lines=70 trace

d6df3972a0
[Firefox:212 hits: 05-02 to 04-20] 39eeef52a4 [0] WinXP 29 of 29 09:14:21 09:16:15 2 none ASM:Graph
PolyEnE| 100% lines=65 trace

af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] WinXP
Win2K-f 20 of 31 03:38:29 20:36:15 2 none ASM:Graph
ASProtect| 57% lines=422
embedded dns trace

79a906bd32
NEW none[4] WinXP 26 of 31 12:38:54 12:38:54 1 none none:none
none|none none trace

d42c1cc7c0
[Firefox:271 hits: 05-01 to 05-07] af9ca5bed1 [0] WinXP 29 of 29 14:19:02 14:19:02 1 none ASM:Graph
PolyEnE| 100% lines=54 trace

cebfb1dd8a
[Firefox: 4 hits: 04-14 to 04-24] 296a85750b [0] WinXP 30 of 32 10:41:48 10:41:48 1 none ASM:Graph
PolyEnE| 100% lines=154
embedded dns trace

a12cab51ef
[Firefox:1008 hits: 05-01 to 05-07] 40f7f463c4 [0] WinXP 29 of 29 08:53:18 08:53:18 1 none ASM:Graph
ASPack| 54% lines=281
embedded dns trace

55b6cdd920
NEW none[4] Win2K-f 27 of 31 11:34:41 11:34:41 1 none none:none
none|none none trace

0330af1285
[Firefox: 5 hits: 05-02 to 05-07] none[4] WinXP 19 of 31 01:22:39 01:22:39 1 none none:none
none|none none trace

1ab4d3d7b6
[Firefox: 6 hits: 04-10 to 05-04] cc366b3f6c [0] WinXP 29 of 32 16:08:24 16:08:24 1 none ASM:Graph
none|none 54% lines=287
embedded dns trace

a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] Win2K-f
WinXP 14 of 32 00:48:44 22:07:33 15 none none:none
none|none none trace

4c9e048796
NEW none[4] Win2K-f 27 of 32 17:15:45 17:15:45 1 none none:none
none|none none trace

53123fadcc
[Firefox:35 hits: 01-26 to 05-07] none[4] Win2K-f 13 of 32 22:44:14 22:44:14 1 none none:none
none|none none trace

639a247ece
[Firefox:24 hits: 04-28 to 05-06] 29d53eec72 [0] Win2K-f
WinXP 10 of 32 01:00:26 23:18:27 2 none ASM:Graph
StarForce| 77% lines=132 trace

7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] WinXP
Win2K-f 25 of 28 11:05:23 21:50:09 5 none ASM:Graph
FSG| 95% lines=1933
embedded dns trace

7f60162c2c
[Firefox:1274 hits: 12-31 to 05-07] 1aad8e4632 [0] WinXP 25 of 25 04:54:35 04:54:35 1 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

042774a2b7
[Firefox:135 hits: 05-01 to 05-03] 1c9a472cd7 [0] WinXP 29 of 29 18:22:10 18:22:10 1 none ASM:Graph
PolyEnE| 0% lines=71
embedded dns trace

98ce60a3b5
NEW none[4] WinXP 26 of 31 06:51:21 06:51:21 1 none none:none
none|none none trace

52fdb89225
NEW 901902cf1e [0] Win2K-f 25 of 31 08:43:03 08:43:03 1 none ASM:Graph
none|none 57% lines=411
embedded dns trace

aeaa10cc8d
[Firefox: 2 hits: 04-30 to 05-07] none[4] Win2K-f 15 of 30 12:38:12 12:38:12 1 none none:none
none|none none trace

9192428c13
NEW none[4] WinXP 30 of 31 10:00:18 10:00:45 2 none none:none
PolyEnE| none trace

ea1868674b
NEW none[4] Win2K-f 26 of 31 13:33:23 13:33:23 1 none none:none
none|none none trace

1584ac8057
NEW none[4] Win2K-f 28 of 31 03:09:36 03:09:36 1 none none:none
ASPack| none trace

831f4ee0a7
[Firefox:576 hits: 07-11 to 05-06] eb7546c600 [0] WinXP 29 of 29 02:07:09 06:12:39 2 none ASM:Graph
none|none 100% lines=61 trace

ee7d50483a
NEW none[4] Win2K-f 27 of 31 11:52:56 11:52:56 1 none none:none
none|none none trace

3ae357d17b
[Firefox:697 hits: 05-01 to 05-07] 462a7be171 [0] WinXP 29 of 29 19:58:48 19:58:48 1 none ASM:Graph
PolyEnE| 99% lines=73 trace

5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] Win2K-f
WinXP 21 of 32 00:09:24 23:53:25 64 none ASM:Graph
none|none 46% lines=4 trace

4620861e2d
[Firefox: 7 hits: 04-27 to 05-03] none[4] Win2K-f
WinXP 11 of 31 08:43:30 15:06:04 2 none none:none
StarForce| none trace

9dbe3c7646
NEW none[4] Win2K-f 20 of 31 15:14:49 15:14:49 1 none none:none
none|none none trace

e37555c26e
[Firefox: 2 hits: 05-06 to 05-07] none[4] Win2K-f 27 of 31 10:00:34 10:00:34 1 none none:none
Xtreme-Pr| none trace

7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] WinXP 26 of 28 04:39:41 16:25:43 4 none ASM:Graph
PolyEnE| 99% lines=68 trace

5cae136844
NEW none[4] Win2K-f 29 of 31 01:18:12 01:18:12 1 none none:none
none|none none trace

36d24c4769
NEW none[4] Win2K-f 28 of 31 03:12:44 03:12:44 1 none none:none
none|none none trace

92734aa6f5
NEW none[4] Win2K-f 27 of 31 06:20:23 06:20:23 1 none none:none
none|none none trace

dc8e1c63cd
[Firefox:77 hits: 12-27 to 05-07] e0eb8646ee [0] Win2K-f 22 of 32 06:50:09 06:50:09 1 none ASM:Graph
none|none 62% lines=601
embedded dns trace

36a1bf4777
NEW none[4] WinXP 29 of 31 23:09:12 23:09:12 1 none none:none
PolyEnE| none trace

688281495d
NEW none[4] WinXP
Win2K-f 28 of 31 06:57:23 07:21:10 2 none none:none
FSG| none trace

1a2c0e6130
[Firefox:372 hits: 12-31 to 05-07] 048df78048 [0] WinXP 29 of 29 13:59:07 19:07:37 2 none ASM:Graph
none|none 100% lines=61 trace

8be304341b
[Firefox: 4 hits: 05-06 to 05-07] 51c0a74ab9 [0] Win2K-f 23 of 32 18:29:04 18:29:04 1 none ASM:Graph
ASPack| 47% lines=4773
embedded dns trace

4f887ca272
[Firefox:33 hits: 01-26 to 05-07] 4f887ca272 [1] Win2K-f 0 of 0 15:02:48 15:02:48 1 none ASM:Graph
Stranik| 36% lines=6 trace

b82d9bcbfc
NEW 076c58f365 [0] WinXP 27 of 31 03:25:54 03:25:54 1 none ASM:Graph
ASPack| 54% lines=294
embedded dns trace

839dd0a7c5
NEW none[4] Win2K-f 25 of 31 02:58:44 02:58:44 1 none none:none
none|none none trace

3471fe5f22
NEW none[4] Win2K-f 26 of 32 06:38:00 06:38:00 1 none none:none
none|none none trace

7ba07d0fc6
NEW none[4] WinXP 19 of 31 12:39:58 12:39:58 1 none none:none
none|none none trace

e5d062be59
[Firefox: 2 hits: 12-28 to 12-31] none[4] Win2K-f 11 of 32 18:39:05 18:39:05 1 none none:none
ASPack| none trace

fd0bf48a75
[Firefox: 7 hits: 04-28 to 05-07] none[3] Win2K-f 20 of 32 21:53:19 21:53:19 1 none none:none
ASProtect| none trace

8f367186c3
[Firefox:61 hits: 12-27 to 05-05] 01a06977c4 [0] Win2K-f 14 of 32 14:33:29 14:33:29 1 none ASM:Graph
TXT2COM| 0% lines=0 trace