Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page


26 June 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.



Packed
MD5 		UnPacket
MD5 		Victim
OS 		AntiVirus
Hit-Cnt 		First
Encounter 		Last
Encounter 		Freq
Cnt 		Behavioral
Clusters 		Unpacked
Egg.asm 		Packer
Fingerprint 		API
Resolution 		String
Cnt 		Syscall
Trace
6ec2a8994b
[Firefox: 2 hits: 06-18 to 06-24]
857b781ca9
[Firefox: 2 hits: 06-18 to 06-24]		 none[4]
857b781ca9[1]		 WinXP 29 of 33 04:39:18 04:39:18 1 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=82		 trace
trace
e4adeadeca
NEW		 none[none] WinXP 31 of 33 12:29:46 12:29:46 1 none none:none
 none|none none none
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25]		 none[4]
73f1082158[1]		 WinXP
Win2K-f		 0 of 32 00:16:24 17:34:47 9 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]		 none[4] WinXP
Win2K-f		 33 of 33 00:16:24 22:29:07 26 none none:none
 tElock| none trace
3f0a5b2ebe
[Firefox: 3 hits: 06-18 to 06-20]
c6bfb5f0f2
[Firefox: 3 hits: 06-18 to 06-20]		 none[4]
c6bfb5f0f2[1]		 WinXP 28 of 32 03:13:15 03:13:15 1 none none:none
ASM:Graph
 PolyEnE|
Armadillo|		 47% none
lines=81		 trace
trace
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
b7082104e4
[Firefox: 9 hits: 06-18 to 06-24]		 none[4]
none [4]		 Win2K-f
WinXP		 8 of 33 00:38:45 14:04:32 5 none none:none
none:none
 tElock|
tElock|		 none
none		 trace
trace
68bda5c857
NEW		 none[none] WinXP
Win2K-f		 1 of 33 01:41:42 01:42:23 2 none none:none
 none|none none none
77e8c157d9
NEW		 none[none] WinXP 32 of 33 07:44:39 07:44:39 1 none none:none
 none|none none none
9068b365f2
NEW		 none[none] Win2K-f 31 of 33 19:18:35 19:18:35 1 none none:none
 none|none none none
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
9755a5d861
[Firefox: 3 hits: 06-21 to 06-25]		 none[4]
9755a5d861[1]		 WinXP 29 of 33 16:40:06 16:40:06 1 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
168aab35a3
[Firefox:13 hits: 06-17 to 06-22]		 none[4] Win2K-f 31 of 33 10:06:26 18:44:06 2 none none:none
 tElock| none trace
e8d4d8cde1
[Firefox:291 hits: 03-31 to 06-13]		 fda109a6fd [0] WinXP 13 of 31 18:27:54 18:34:42 2 none ASM:Graph
 ASProtect| 64% lines=583
embedded dns		 trace
73ce2b74da
NEW		 73ce2b74da [1] Win2K-f 3 of 33 11:07:46 11:07:46 1 none ASM:Graph
 Armadillo| 47% lines=81 trace
d42c1cc7c0
[Firefox:305 hits: 05-01 to 06-25]		 af9ca5bed1 [0] WinXP 29 of 29 23:42:31 23:42:35 2 none ASM:Graph
 PolyEnE| 100% lines=54 trace
a12cab51ef
[Firefox:1066 hits: 05-01 to 06-25]		 40f7f463c4 [0] WinXP 29 of 29 07:25:23 18:28:24 4 none ASM:Graph
 ASPack| 54% lines=281
embedded dns		 trace
849a9ea382
NEW		 none[none] WinXP 32 of 33 20:25:41 20:25:41 1 none none:none
 none|none none none
e4adeadeca
NEW
e6a2c2e247
NEW		 none[none]
none [none]		 WinXP 29 of 33 12:29:46 12:29:46 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
168aab35a3
[Firefox:13 hits: 06-17 to 06-22]
4c3df24b32
[Firefox:21 hits: 06-17 to 06-23]		 none[4]
4c3df24b32[1]		 Win2K-f 0 of 33 10:06:26 18:44:06 2 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25]		 10862ea8b8 [0] WinXP
Win2K-f		 25 of 28 00:19:21 21:12:21 11 none ASM:Graph
 FSG| 95% lines=1933
embedded dns		 trace
9963e9c1ff
NEW		 none[none] WinXP 32 of 33 02:01:22 02:01:22 1 none none:none
 none|none none none
f783b1c9c7
NEW		 none[none] Win2K-f 31 of 33 18:38:35 18:38:35 1 none none:none
 none|none none none
6d86a1ff5a
NEW		 none[none] WinXP 28 of 33 13:52:40 13:52:40 1 none none:none
 none|none none none
741e3b03b3
[Firefox:72 hits: 09-28 to 06-25]		 e0197e8a64 [0] WinXP 31 of 32 02:22:33 20:42:47 5 none ASM:Graph
 none|none 100% lines=62 trace
6d86a1ff5a
NEW
7f6e032fc0
NEW		 none[none]
none [none]		 WinXP 31 of 33 13:52:40 13:52:40 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
831f4ee0a7
[Firefox:656 hits: 07-11 to 06-24]		 eb7546c600 [0] WinXP 29 of 29 03:06:53 18:50:32 4 none ASM:Graph
 none|none 100% lines=61 trace
5f78ff609d
[Firefox:1532 hits: 04-27 to 06-25]		 d4a06bdc3a [0] Win2K-f 21 of 32 15:26:18 16:54:47 2 none ASM:Graph
 none|none 46% lines=4 trace
3f0a5b2ebe
[Firefox: 3 hits: 06-18 to 06-20]		 none[4] WinXP 32 of 33 03:13:15 03:13:15 1 none none:none
 PolyEnE| none trace
17028f1eda
[Firefox:14 hits: 09-29 to 06-25]		 none[3] WinXP 31 of 32 16:38:38 16:38:38 1 none none:none
 tElock| none trace
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25]
b5919931fe
[Firefox:31 hits: 06-20 to 06-25]		 none[4]
a08f3b74a4[1]
b5919931fe[1]		 Win2K-f 0 of 32 00:55:26 17:15:44 3 none none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
ASProtect|		 48% none
lines=81
lines=90		 trace
trace
trace
1514bbf1d6
NEW		 none[none] WinXP
Win2K-f		 32 of 33 04:48:27 06:44:10 2 none none:none
 none|none none none
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
57ce4acac2
[Firefox:22 hits: 06-17 to 06-25]		 none[4]
57ce4acac2[1]		 Win2K-f
WinXP		 0 of 33 13:40:05 22:29:07 2 none none:none
ASM:Graph
 tElock|
Armadillo|		 47% none
lines=81		 trace
trace
2ef2f78792
[Firefox: 3 hits: 06-21 to 06-22]
b7a332eb7c
[Firefox: 3 hits: 06-21 to 06-22]		 2ef2f78792 [1]
none [4]		 Win2K-f 30 of 33 15:09:41 15:09:41 1 none ASM:Graph
none:none
 Armadillo|
tElock|		 lines=82
none		 trace
trace
af79e0c602
[Firefox:10 hits: 07-19 to 06-11]		 none[4] WinXP 29 of 30 07:12:12 07:12:12 1 none none:none
 ASPack| none trace
f5704d7334
NEW		 none[4] Win2K-f 29 of 32 12:00:41 12:00:41 1 none none:none
 StarForce| none trace
1a2c0e6130
[Firefox:438 hits: 12-31 to 06-25]		 048df78048 [0] WinXP 29 of 29 06:21:04 06:21:04 1 none ASM:Graph
 none|none 100% lines=61 trace
12df83cb4f
[Firefox: 3 hits: 06-19 to 06-24]		 12df83cb4f [1] Win2K-f 28 of 33 19:23:45 19:23:45 1 none ASM:Graph
 Armadillo| 47% lines=82 trace
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25]		 a08f3b74a4 [1] WinXP
Win2K-f		 0 of 33 04:51:29 21:16:00 10 none ASM:Graph
 Armadillo| 47% lines=81 trace
12df83cb4f
[Firefox: 3 hits: 06-19 to 06-24]
2e7dc3f066
[Firefox: 3 hits: 06-19 to 06-24]		 12df83cb4f [1]
none [4]		 Win2K-f 30 of 33 19:23:45 19:23:45 1 none ASM:Graph
none:none
 Armadillo|
tElock|		 lines=82
none		 trace
trace
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25]
ddd2a2b264
NEW		 a08f3b74a4 [1]
none [4]		 WinXP 31 of 33 21:16:00 21:16:00 1 none ASM:Graph
none:none
 Armadillo|
tElock|		 lines=81
none		 trace
trace
a0139d7ad8
[Firefox:442 hits: 05-02 to 06-23]		 d9e9662db1 [0] WinXP 29 of 29 16:37:54 16:37:54 1 none ASM:Graph
 PolyEnE| 99% lines=68 trace
2f5a49b768
NEW		 none[4] WinXP 29 of 32 08:30:02 08:30:02 1 none none:none
 FSG| none trace
1e5df7ba74
[Firefox:24 hits: 03-24 to 06-18]		 a5331b711f [0] WinXP 31 of 32 02:18:17 02:18:17 1 none ASM:Graph
 PolyEnE| 99% lines=68 trace
16874933ea
[Firefox: 8 hits: 06-18 to 06-25]
76ee340669
[Firefox: 8 hits: 06-18 to 06-25]		 16874933ea [1]
none [4]		 WinXP
Win2K-f		 33 of 33 05:04:04 09:35:49 2 none ASM:Graph
none:none
 Armadillo|
PolyEnE|		 lines=82
none		 trace
trace
68bda5c857
NEW
f611613956
NEW		 none[none]
none [none]		 WinXP
Win2K-f		 31 of 33 01:41:42 01:42:23 2 none none:none
none:none
 none|none
none|none		 none
none		 none
none
6ec2a8994b
[Firefox: 2 hits: 06-18 to 06-24]		 none[4] WinXP 30 of 33 04:39:18 04:39:18 1 none none:none
 tElock| none trace
df17a625ee
[Firefox:473 hits: 05-04 to 06-24]		 9bbdd086c5 [0] WinXP 29 of 29 09:11:30 09:11:30 1 none ASM:Graph
 ASPack| 49% lines=186
embedded dns		 trace
986b59708d
[Firefox:301 hits: 05-03 to 06-24]		 8a00217866 [0] WinXP 29 of 29 11:19:40 11:19:40 1 none ASM:Graph
 PolyEnE| 100% lines=57 trace
8a79fbda68
NEW		 none[none] WinXP 32 of 33 13:02:52 13:02:52 1 none none:none
 none|none none none
9963e9c1ff
NEW
a647a60592
NEW		 none[none]
none [none]		 WinXP 30 of 33 02:01:22 02:01:22 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
0a2b1894da
NEW		 none[none] Win2K-f 30 of 33 01:01:04 01:01:04 1 none none:none
 none|none none none
27b945de66
[Firefox: 3 hits: 06-20 to 06-22]		 none[4] WinXP 31 of 32 04:05:08 08:07:58 3 none none:none
 none|none none trace
d7b333c3a4
NEW		 none[none] Win2K-f 31 of 33 21:41:42 21:41:42 1 none none:none
 none|none none none
16874933ea
[Firefox: 8 hits: 06-18 to 06-25]		 16874933ea [1] WinXP
Win2K-f		 29 of 33 05:04:04 09:35:49 2 none ASM:Graph
 Armadillo| 48% lines=82 trace
10e9845a09
NEW		 none[none] WinXP 29 of 33 10:16:58 10:16:58 1 none none:none
 none|none none none
53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
9755a5d861
[Firefox: 3 hits: 06-21 to 06-25]
e07c29c4ae
[Firefox:33 hits: 06-19 to 06-25]		 none[4]
9755a5d861[1]
e07c29c4ae[1]		 WinXP 0 of 33 01:41:42 16:40:06 3 none none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
FSG|		 48% none
lines=81
lines=92		 trace
trace
trace
aa152fbe50
NEW		 none[none] WinXP 28 of 33 19:38:05 19:38:05 1 none none:none
 none|none none none
0a2b1894da
NEW
414b95a784
NEW		 none[none]
none [none]		 Win2K-f 32 of 33 01:01:04 01:01:04 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
7f60162c2c
[Firefox:1355 hits: 12-31 to 06-25]		 1aad8e4632 [0] WinXP 25 of 25 05:23:33 12:12:17 3 none ASM:Graph
 PolyEnE| 100% lines=93
embedded dns		 trace
47d63d7107
NEW		 none[none] Win2K-f 29 of 33 20:03:06 20:03:06 1 none none:none
 none|none none none
47d63d7107
NEW
5fc82b3c06
NEW		 none[none]
none [none]		 Win2K-f 0 of 0 20:03:06 20:03:06 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
fef22f6b67
NEW		 none[none] WinXP 28 of 33 16:12:22 16:12:22 1 none none:none
 none|none none none
dc20b6fe59
[Firefox: 2 hits: 06-23 to 06-25]		 dc20b6fe59 [1] Win2K-f 0 of 0 15:09:17 15:09:17 1 none ASM:Graph
 Armadillo| 47% lines=81 trace
0655ae8aff
NEW		 none[none] WinXP 31 of 33 17:45:41 17:45:41 1 none none:none
 none|none none none
7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25]		 7a70e1b592 [0] WinXP 26 of 28 04:26:35 21:59:55 7 none ASM:Graph
 PolyEnE| 99% lines=68 trace
73ce2b74da
NEW
79c01ec060
[Firefox: 2 hits: 06-18 to 06-19]		 73ce2b74da [1]
none [4]		 Win2K-f 33 of 33 11:07:46 11:07:46 1 none ASM:Graph
none:none
 Armadillo|
tElock|		 lines=81
none		 trace
trace
dc20b6fe59
[Firefox: 2 hits: 06-23 to 06-25]
f97070ef2b
[Firefox: 2 hits: 06-23 to 06-25]		 dc20b6fe59 [1]
none [4]		 Win2K-f 0 of 0 15:09:17 15:09:17 1 none ASM:Graph
none:none
 Armadillo|
PolyEnE|		 lines=81
none		 trace
trace
1a3a423319
NEW		 none[none] WinXP 32 of 33 15:47:09 15:47:09 1 none none:none
 none|none none none
1a3a423319
NEW
d4c7af762e
NEW		 none[none]
none [none]		 WinXP 29 of 33 15:47:09 15:47:09 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
7e28dac8de
[Firefox:27 hits: 04-27 to 06-06]		 none[4] Win2K-f 18 of 32 17:25:27 17:25:27 1 none none:none
 none|none none trace
aa152fbe50
NEW
c8509af349
NEW		 none[none]
none [none]		 WinXP 30 of 33 19:38:05 19:38:05 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
10e9845a09
NEW
e0faf35825
NEW		 none[none]
none [none]		 WinXP 31 of 33 10:16:58 10:16:58 1 none none:none
none:none
 none|none
none|none		 none
none		 none
none
ab5e47bf8d
[Firefox:52 hits: 05-10 to 06-23]		 none[3] WinXP 29 of 29 20:38:47 20:38:47 1 none none:none
 ASPack| none trace
2ef2f78792
[Firefox: 3 hits: 06-21 to 06-22]		 2ef2f78792 [1] Win2K-f 29 of 33 15:09:41 15:09:41 1 none ASM:Graph
 Armadillo| 48% lines=82 trace