Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page


21 June 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.



Packed
MD5 		UnPacket
MD5 		Victim
OS 		AntiVirus
Hit-Cnt 		First
Encounter 		Last
Encounter 		Freq
Cnt 		Behavioral
Clusters 		Unpacked
Egg.asm 		Packer
Fingerprint 		API
Resolution 		String
Cnt 		Syscall
Trace
e759d2b517
NEW		 none[none] WinXP 0 of 0 19:52:52 19:52:52 1 none none:none
 PolyEnE| none none
05ea62612c
NEW
3a0107380f
NEW		 none[4]
3a0107380f[1]		 WinXP 30 of 33 02:46:14 02:52:43 2 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=82		 trace
trace
53bfe15e91
[Firefox:105 hits: 06-17 to 06-20]
73f1082158
[Firefox:34 hits: 06-18 to 06-20]		 none[4]
73f1082158[1]		 Win2K-f
WinXP		 0 of 32 00:08:00 21:23:13 9 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
dd5b183a77
NEW		 none[4] WinXP 29 of 32 09:46:03 09:46:03 1 none none:none
 none|none none trace
24f45a0bf5
NEW
b5919931fe
[Firefox: 8 hits: 06-20 to 06-20]
d24a1d8a6f
NEW		 none[none]
b5919931fe[1]
none [none]		 Win2K-f 0 of 0 13:36:53 13:36:53 1 none none:none
ASM:Graph
none:none
 tElock|
ASProtect|
Armadillo|		 none
lines=90
none		 none
trace
none
53bfe15e91
[Firefox:105 hits: 06-17 to 06-20]		 none[4] Win2K-f
WinXP		 33 of 33 00:08:00 21:23:13 18 none none:none
 tElock| none trace
5558f5601e
NEW		 none[none] Win2K-f 0 of 0 12:12:45 12:12:45 1 none none:none
 tElock| none none
a12cab51ef
[Firefox:1061 hits: 05-01 to 06-20]
b15bf89f3b
NEW
c6283ef9ea
NEW		 40f7f463c4 [0]
none [none]
none [none]		 WinXP 0 of 0 06:01:30 06:01:30 1 none ASM:Graph
none:none
none:none
 ASPack|
none|none
none|none		 lines=281
embedded dns
none
none		 trace
none
none
69be040d0b
NEW		 none[none] Win2K-f 0 of 0 23:02:31 23:02:31 1 none none:none
 tElock| none trace
61af27625e
NEW		 none[none] WinXP 0 of 0 05:32:37 05:32:37 1 none none:none
 none|none none none
0d416b2208
NEW		 none[none] Win2K-f 0 of 0 02:35:31 02:35:31 1 none none:none
 none|none none none
0537139fe7
NEW		 none[4] Win2K-f
WinXP		 0 of 0 21:25:25 23:03:48 2 none none:none
 PolyEnE| none trace
4c3df24b32
[Firefox:10 hits: 06-17 to 06-20]
8390780c27
[Firefox: 2 hits: 06-18 to 06-20]		 4c3df24b32 [1]
none [4]		 Win2K-f 30 of 32 15:04:33 15:04:33 1 none ASM:Graph
none:none
 Armadillo|
tElock|		 lines=81
none		 trace
trace
69be040d0b
NEW
81bbbeac34
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 23:02:31 23:02:31 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
trace
53bfe15e91
[Firefox:105 hits: 06-17 to 06-20]
9755a5d861
NEW		 none[4]
none [none]		 WinXP 0 of 0 00:13:08 00:13:08 1 none none:none
none:none
 tElock|
none|none		 none
none		 trace
none
168aab35a3
[Firefox: 5 hits: 06-17 to 06-20]		 none[4] WinXP
Win2K-f		 31 of 33 00:54:15 20:45:51 7 none none:none
 tElock| none trace
0022c74e8a
NEW		 none[none] WinXP 0 of 0 03:18:50 03:18:50 1 none none:none
 none|none none none
34213821e8
NEW		 none[none] Win2K-f 0 of 0 14:09:16 14:09:16 1 none none:none
 FSG| none none
d42c1cc7c0
[Firefox:298 hits: 05-01 to 06-20]		 af9ca5bed1 [0] WinXP 29 of 29 09:53:10 13:19:56 3 none ASM:Graph
 PolyEnE| 100% lines=54 trace
533d15b5ce
NEW		 none[none] Win2K-f 0 of 0 08:35:43 08:35:43 1 none none:none
 none|none none none
196b916474
NEW		 none[4] Win2K-f 31 of 32 08:16:53 08:16:53 1 none none:none
 tElock| none trace
a12cab51ef
[Firefox:1061 hits: 05-01 to 06-20]		 40f7f463c4 [0] WinXP 29 of 29 06:01:30 20:14:40 3 none ASM:Graph
 ASPack| 54% lines=281
embedded dns		 trace
03f912899b
[Firefox:16 hits: 12-14 to 06-20]		 83893bd25d [0] WinXP 32 of 32 11:45:40 15:57:12 2 none ASM:Graph
 none|none 100% lines=65 trace
cce9566ceb
[Firefox: 6 hits: 06-12 to 06-19]		 none[4] WinXP 31 of 32 09:52:44 12:59:42 3 none none:none
 PolyEnE| none trace
ae4bed1aa9
NEW
bc51bd8226
NEW		 none[none]
none [none]		 WinXP 0 of 0 12:13:49 12:13:49 1 none none:none
none:none
 Armadillo|
PolyEnE|		 none
none		 none
none
0537139fe7
NEW
49b6f2dd5d
NEW		 none[4]
49b6f2dd5d[1]		 Win2K-f
WinXP		 0 of 0 21:25:25 23:03:48 2 none none:none
none:none
 PolyEnE|
Armadillo|		 none
none		 trace
trace
7fdfe363d5
[Firefox:2667 hits: 12-31 to 06-20]		 10862ea8b8 [0] Win2K-f
WinXP		 25 of 28 06:48:08 22:40:13 12 none ASM:Graph
 FSG| 95% lines=1933
embedded dns		 trace
168aab35a3
[Firefox: 5 hits: 06-17 to 06-20]
4c3df24b32
[Firefox:10 hits: 06-17 to 06-20]		 none[4]
4c3df24b32[1]		 WinXP
Win2K-f		 0 of 33 00:54:15 19:41:11 6 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
0022c74e8a
NEW
f7eec61c8e
NEW		 none[none]
none [none]		 WinXP 0 of 0 03:18:50 03:18:50 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
48bc07f9ed
NEW
a5308d87d0
NEW		 none[none]
none [none]		 WinXP 0 of 0 16:43:39 16:43:39 1 none none:none
none:none
 PolyEnE|
Armadillo|		 none
none		 none
none
741e3b03b3
[Firefox:44 hits: 09-28 to 06-20]		 e0197e8a64 [0] WinXP 31 of 32 03:43:03 21:57:12 8 none ASM:Graph
 none|none 100% lines=62 trace
4960618323
NEW
c7cd332f22
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 05:47:33 05:47:33 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
3b6cda60f6
NEW
4c9db01aba
NEW		 none[none]
none [none]		 WinXP 0 of 0 00:43:04 00:43:04 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
831f4ee0a7
[Firefox:651 hits: 07-11 to 06-20]		 eb7546c600 [0] WinXP 29 of 29 06:54:27 19:28:14 2 none ASM:Graph
 none|none 100% lines=61 trace
533d15b5ce
NEW
58c343a8d8
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 08:35:43 08:35:43 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
396e4fc150
NEW
4722406ddf
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 11:18:56 11:18:56 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 none
none
48bc07f9ed
NEW		 none[none] WinXP 0 of 0 16:43:39 16:43:39 1 none none:none
 PolyEnE| none none
4ab5b0788c
[Firefox: 9 hits: 04-21 to 06-19]		 272da55ef8 [0] WinXP 29 of 31 06:36:13 10:24:36 3 none ASM:Graph
 PolyEnE| 100% lines=114 trace
322cbf18f3
NEW		 none[4] WinXP 0 of 0 23:37:53 23:39:55 2 none none:none
 PolyEnE| none trace
168aab35a3
[Firefox: 5 hits: 06-17 to 06-20]
acd2a6266d
NEW		 none[4]
acd2a6266d[1]		 Win2K-f 0 of 0 20:45:51 20:45:51 1 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=82		 trace
trace
01f8daa481
NEW
1d443bea90
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 18:04:21 18:04:21 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 none
none
168aab35a3
[Firefox: 5 hits: 06-17 to 06-20]
acd2a6266d
NEW
b5919931fe
[Firefox: 8 hits: 06-20 to 06-20]		 none[4]
acd2a6266d[1]
b5919931fe[1]		 Win2K-f 0 of 0 01:17:40 20:45:51 9 none none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
ASProtect|		 48% none
lines=82
lines=90		 trace
trace
trace
17028f1eda
[Firefox:10 hits: 09-29 to 06-20]		 none[3] WinXP 31 of 32 05:50:29 05:50:29 1 none none:none
 tElock| none trace
4670cbaa61
NEW
7b2dec4d44
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 21:43:50 21:43:50 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 none
none
53bfe15e91
[Firefox:105 hits: 06-17 to 06-20]
57ce4acac2
[Firefox:16 hits: 06-17 to 06-20]		 none[4]
57ce4acac2[1]		 WinXP 0 of 33 15:21:37 15:21:37 1 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
ae43bb721a
NEW		 ae43bb721a [1] Win2K-f 0 of 0 23:19:13 23:19:13 1 none ASM:Graph
 Armadillo| 47% lines=81 trace
2ef2f78792
NEW
b5919931fe
[Firefox: 8 hits: 06-20 to 06-20]
b7a332eb7c
NEW		 none[none]
b5919931fe[1]
none [none]		 Win2K-f 0 of 0 15:51:16 15:51:16 1 none none:none
ASM:Graph
none:none
 Armadillo|
ASProtect|
tElock|		 none
lines=90
none		 none
trace
none
24f45a0bf5
NEW		 none[none] Win2K-f 0 of 0 13:36:53 13:36:53 1 none none:none
 tElock| none none
f5704d7334
NEW		 none[none] Win2K-f 0 of 0 01:39:49 01:39:49 1 none none:none
 none|none none none
1a2c0e6130
[Firefox:429 hits: 12-31 to 06-20]		 048df78048 [0] WinXP 29 of 29 03:15:25 14:49:49 4 none ASM:Graph
 none|none 100% lines=61 trace
706e697ed5
NEW		 none[none] WinXP 0 of 0 18:36:40 18:36:40 1 none none:none
 PolyEnE| none none
53bfe15e91
[Firefox:105 hits: 06-17 to 06-20]
a08f3b74a4
[Firefox:34 hits: 06-18 to 06-20]		 none[4]
a08f3b74a4[1]		 Win2K-f
WinXP		 0 of 33 02:13:30 18:42:45 7 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
05ea62612c
NEW		 none[4] WinXP 31 of 33 02:46:14 02:52:43 2 none none:none
 tElock| none trace
d5c5a963d4
NEW		 none[none] Win2K-f 0 of 0 08:02:25 08:02:25 1 none none:none
 none|none none none
61af27625e
NEW
da373bd1bc
NEW		 none[none]
none [none]		 WinXP 0 of 0 05:32:37 05:32:37 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
a0139d7ad8
[Firefox:440 hits: 05-02 to 06-20]		 d9e9662db1 [0] WinXP 29 of 29 21:30:29 21:30:29 1 none ASM:Graph
 PolyEnE| 99% lines=68 trace
194e0b013d
NEW
2a12badf92
NEW		 none[none]
none [none]		 WinXP 0 of 0 01:20:03 01:20:03 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
4670cbaa61
NEW		 none[none] Win2K-f 0 of 0 21:43:50 21:43:50 1 none none:none
 tElock| none none
133401d618
NEW		 none[4] Win2K-f 31 of 33 20:04:34 20:04:34 1 none none:none
 tElock| none trace
ea9787a186
NEW		 none[4] WinXP 0 of 0 11:06:20 11:06:20 1 none none:none
 PolyEnE| none trace
8ae058b2d0
[Firefox: 3 hits: 05-01 to 06-16]		 e6a9383b75 [0] WinXP 30 of 32 12:59:49 12:59:49 1 none ASM:Graph
 none|none 97% lines=59 trace
196b916474
NEW
b5919931fe
[Firefox: 8 hits: 06-20 to 06-20]
d0ad254fd0
NEW		 none[4]
b5919931fe[1]
d0ad254fd0[1]		 Win2K-f 29 of 33 08:16:53 08:16:53 1 none none:none
ASM:Graph
ASM:Graph
 tElock|
ASProtect|
Armadillo|		 47% none
lines=90
lines=81		 trace
trace
trace
0d3fafbf29
NEW
d401773a07
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 09:49:48 09:49:48 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
7d7131b259
NEW		 none[none] WinXP 0 of 0 07:16:27 07:16:27 1 none none:none
 none|none none none
16874933ea
[Firefox: 4 hits: 06-18 to 06-20]
76ee340669
[Firefox: 4 hits: 06-18 to 06-20]		 16874933ea [1]
none [4]		 Win2K-f
WinXP		 33 of 33 01:17:40 06:11:19 2 none ASM:Graph
none:none
 Armadillo|
PolyEnE|		 lines=82
none		 trace
trace
0d3fafbf29
NEW		 none[none] Win2K-f 0 of 0 09:49:48 09:49:48 1 none none:none
 none|none none none
df17a625ee
[Firefox:469 hits: 05-04 to 06-19]		 9bbdd086c5 [0] WinXP 29 of 29 23:29:51 23:29:51 1 none ASM:Graph
 ASPack| 49% lines=186
embedded dns		 trace
b56dba1704
NEW		 none[none] WinXP 0 of 0 04:25:47 04:25:47 1 none none:none
 none|none none none
4960618323
NEW		 none[none] Win2K-f 0 of 0 05:47:33 05:47:33 1 none none:none
 none|none none none
a732992479
NEW		 none[none] WinXP 0 of 0 14:22:24 14:22:24 1 none none:none
 FASM| none none
b12e5dfed0
NEW
dc92683d9a
[Firefox: 2 hits: 06-19 to 06-20]		 none[none]
dc92683d9a[1]		 Win2K-f 0 of 0 06:56:03 06:56:03 1 none none:none
ASM:Graph
 none|none
Armadillo|		 47% none
lines=82		 none
trace
16874933ea
[Firefox: 4 hits: 06-18 to 06-20]		 16874933ea [1] Win2K-f
WinXP		 29 of 33 01:17:40 06:11:19 2 none ASM:Graph
 Armadillo| 48% lines=82 trace
90d02b6b68
NEW		 none[4] WinXP 0 of 0 20:22:42 20:22:42 1 none none:none
 PolyEnE| none trace
53bfe15e91
[Firefox:105 hits: 06-17 to 06-20]
73f1082158
[Firefox:34 hits: 06-18 to 06-20]
e07c29c4ae
[Firefox:12 hits: 06-19 to 06-20]		 none[4]
73f1082158[1]
e07c29c4ae[1]		 WinXP 0 of 0 00:43:04 21:23:13 10 none none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
FSG|		 48% none
lines=81
lines=92		 trace
trace
trace
a12cab51ef
[Firefox:1061 hits: 05-01 to 06-20]
b15bf89f3b
NEW		 40f7f463c4 [0]
none [none]		 WinXP 0 of 0 06:01:30 06:01:30 1 none ASM:Graph
none:none
 ASPack|
none|none		 lines=281
embedded dns
none		 trace
none
fe22b8315f
NEW		 none[4] Win2K-f 0 of 0 10:21:36 10:21:36 1 none none:none
 StarForce| none trace
21e5edb96d
[Firefox: 2 hits: 06-19 to 06-20]		 none[4] WinXP 0 of 0 18:19:15 18:19:15 1 none none:none
 none|none none trace
15d4d85dc0
NEW		 none[4] WinXP 32 of 32 14:40:10 14:40:10 1 none none:none
 StarForce| none trace
3690b64ca2
NEW		 none[4] WinXP 32 of 33 09:14:44 09:14:44 1 none none:none
 PolyEnE| none trace
7f60162c2c
[Firefox:1340 hits: 12-31 to 06-19]		 1aad8e4632 [0] WinXP 25 of 25 12:23:29 20:55:55 3 none ASM:Graph
 PolyEnE| 100% lines=93
embedded dns		 trace
042774a2b7
[Firefox:141 hits: 05-01 to 06-18]		 1c9a472cd7 [0] WinXP 29 of 29 03:57:47 03:59:35 2 none ASM:Graph
 PolyEnE| 0% lines=71
embedded dns		 trace
9a1383bb4a
NEW
bc466d941c
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 14:53:50 14:53:50 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 none
none
396e4fc150
NEW		 none[none] Win2K-f 0 of 0 11:18:56 11:18:56 1 none none:none
 tElock| none none
3690b64ca2
NEW
a6fb77fd26
NEW		 none[4]
a6fb77fd26[1]		 WinXP 30 of 33 09:14:44 09:14:44 1 none none:none
ASM:Graph
 PolyEnE|
Armadillo|		 47% none
lines=82		 trace
trace
b12e5dfed0
NEW		 none[none] Win2K-f 0 of 0 06:56:03 06:56:03 1 none none:none
 none|none none none
d3c8b52b45
NEW		 none[none] WinXP 0 of 0 04:23:05 04:23:05 1 none none:none
 none|none none none
3ae357d17b
[Firefox:717 hits: 05-01 to 06-20]		 462a7be171 [0] WinXP 29 of 29 02:55:24 14:49:09 2 none ASM:Graph
 PolyEnE| 99% lines=73 trace
ae4bed1aa9
NEW		 none[none] WinXP 0 of 0 12:13:49 12:13:49 1 none none:none
 Armadillo| none none
e58c71aeda
NEW		 none[none] WinXP 0 of 0 06:58:24 06:58:24 1 none none:none
 none|none none none
7d99b0e910
[Firefox:3071 hits: 12-31 to 06-20]		 7a70e1b592 [0] WinXP 26 of 28 07:35:08 19:54:38 6 none ASM:Graph
 PolyEnE| 99% lines=68 trace
01f8daa481
NEW		 none[none] Win2K-f 0 of 0 18:04:21 18:04:21 1 none none:none
 Armadillo| none none
9a1383bb4a
NEW		 none[none] Win2K-f 0 of 0 14:53:50 14:53:50 1 none none:none
 tElock| none none
ae43bb721a
NEW
b5a9a8f575
NEW		 ae43bb721a [1]
none [4]		 Win2K-f 0 of 0 23:19:13 23:19:13 1 none ASM:Graph
none:none
 Armadillo|
StarForce|		 lines=81
none		 trace
trace
2595d6e010
NEW		 none[4] Win2K-f 0 of 0 18:38:11 18:38:11 1 none none:none
 none|none none trace
65275a1614
NEW		 none[none] Win2K-f 0 of 0 15:06:53 15:06:53 1 none none:none
 Armadillo| none none
3b6cda60f6
NEW		 none[none] WinXP 0 of 0 00:43:04 00:43:04 1 none none:none
 none|none none none
133401d618
NEW
7819d05bbf
NEW		 none[4]
none [none]		 Win2K-f 0 of 0 20:04:34 20:04:34 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
none
194e0b013d
NEW		 none[none] WinXP 0 of 0 01:20:03 01:20:03 1 none none:none
 none|none none none
5558f5601e
NEW
8c0d3d722b
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 12:12:45 12:12:45 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 none
none
65275a1614
NEW
b5919931fe
[Firefox: 8 hits: 06-20 to 06-20]
ec0d7783de
NEW		 none[none]
b5919931fe[1]
none [none]		 Win2K-f 0 of 0 15:06:53 15:06:53 1 none none:none
ASM:Graph
none:none
 Armadillo|
ASProtect|
tElock|		 none
lines=90
none		 none
trace
none
2ef2f78792
NEW		 none[none] Win2K-f 0 of 0 15:51:16 15:51:16 1 none none:none
 Armadillo| none none
168aab35a3
[Firefox: 5 hits: 06-17 to 06-20]
4e7324b204
NEW		 none[4]
none [none]		 Win2K-f 0 of 0 04:01:32 04:01:32 1 none none:none
none:none
 tElock|
none|none		 none
none		 trace
none