Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

06 July 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

53bfe15e91
[Firefox:417 hits: 06-17 to 07-05]
73f1082158
[Firefox:192 hits: 06-18 to 07-05] none[4]
73f1082158[1] WinXP
Win2K-f 0 of 32 05:00:06 23:57:29 15 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

53bfe15e91
[Firefox:417 hits: 06-17 to 07-05] none[4] Win2K-f
WinXP 33 of 33 00:23:37 23:57:29 33 none none:none
tElock| none trace

dfbaaf577c
[Firefox: 5 hits: 06-18 to 07-03]
f504b4af20
[Firefox: 5 hits: 06-18 to 07-03] none[4]
f504b4af20[1] WinXP 29 of 33 04:15:58 04:15:58 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

392d2a4da6
NEW none[none] WinXP 24 of 32 13:21:19 13:21:19 1 none none:none
none|none none none

53bfe15e91
[Firefox:417 hits: 06-17 to 07-05]
b7082104e4
[Firefox:27 hits: 06-18 to 07-05] none[4]
none [4] Win2K-f 8 of 33 18:02:16 18:02:16 1 none none:none
none:none
tElock|
tElock| none
none trace
trace

02cab5983b
[Firefox: 2 hits: 06-18 to 07-01] none[4] Win2K-f 31 of 33 03:55:04 03:55:04 1 none none:none
tElock| none trace

4c3df24b32
[Firefox:56 hits: 06-17 to 07-05]
8390780c27
[Firefox: 7 hits: 06-18 to 07-05] 4c3df24b32 [1]
none [4] Win2K-f 30 of 32 19:14:52 19:14:52 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

ea5389d425
NEW none[none] Win2K-f
WinXP 19 of 33 18:31:44 23:06:33 14 none none:none
none|none none none

8a93930ea8
NEW
bc94f66052
NEW none[none]
none [none] WinXP
Win2K-f 32 of 33 05:14:55 13:22:11 2 none none:none
none:none
none|none
none|none none
none none
none

0b6af9e88a
[Firefox: 3 hits: 05-31 to 06-01]
fff4c1e935
NEW 24b6fb10de [0]
none [none] Win2K-f 7 of 32 12:23:07 12:23:07 1 none ASM:Graph
none:none
StarForce|
none|none lines=1106
embedded dns
none trace
none

4b18edffbf
NEW
78a2aad449
NEW none[none]
none [none] Win2K-f 9 of 33 02:08:14 02:08:14 1 none none:none
none:none
none|none
none|none none
none none
none

168aab35a3
[Firefox:38 hits: 06-17 to 07-05] none[4] WinXP 31 of 33 14:47:14 21:00:59 2 none none:none
tElock| none trace

996c9c3a01
[Firefox: 7 hits: 04-03 to 05-30] 4b6453fcf3 [0] Win2K-f 32 of 32 02:45:05 02:45:05 1 none ASM:Graph
MEW| 0% lines=5 trace

d42c1cc7c0
[Firefox:312 hits: 05-01 to 07-04] af9ca5bed1 [0] WinXP 29 of 29 14:08:11 14:08:11 1 none ASM:Graph
PolyEnE| 100% lines=54 trace

b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
bca9e0fb5f
[Firefox: 8 hits: 06-18 to 07-05] b5919931fe [1]
none [4] Win2K-f 31 of 32 07:12:57 07:12:57 1 none ASM:Graph
none:none
ASProtect|
PolyEnE| lines=90
none trace
trace

a12cab51ef
[Firefox:1099 hits: 05-01 to 07-05] 40f7f463c4 [0] WinXP 29 of 29 07:14:45 23:03:21 3 none ASM:Graph
ASPack| 54% lines=281
embedded dns trace

1b94c1cc14
NEW none[none] Win2K-f 31 of 33 14:57:01 14:57:01 1 none none:none
none|none none none

9183352b97
NEW none[none] Win2K-f 31 of 33 20:53:32 20:53:32 1 none none:none
none|none none none

03f912899b
[Firefox:30 hits: 12-14 to 07-04] 83893bd25d [0] WinXP 32 of 32 04:48:24 04:48:24 1 none ASM:Graph
none|none 100% lines=65 trace

9d571adc3c
NEW
a704164588
NEW none[none]
none [none] Win2K-f 31 of 33 03:11:59 03:11:59 1 none none:none
none:none
none|none
none|none none
none none
none

420b49c3b1
NEW none[none] Win2K-f 32 of 33 18:49:29 18:49:29 1 none none:none
none|none none none

4c3df24b32
[Firefox:56 hits: 06-17 to 07-05] 4c3df24b32 [1] Win2K-f
WinXP 0 of 33 10:27:40 19:14:52 3 none ASM:Graph
Armadillo| 47% lines=81 trace

9d07de7076
NEW
9e4de1fdb9
NEW none[none]
none [none] Win2K-f 31 of 33 22:21:17 22:21:17 1 none none:none
none:none
none|none
none|none none
none none
none

4d244a981f
NEW b66b85d85f [0] WinXP 30 of 31 05:30:18 05:30:18 1 none ASM:Graph
PolyEnE| 100% lines=129 trace

741e3b03b3
[Firefox:108 hits: 09-28 to 07-05] e0197e8a64 [0] WinXP 31 of 32 03:48:35 23:24:22 3 none ASM:Graph
none|none 100% lines=62 trace

2949152a24
NEW none[none] WinXP 30 of 32 14:08:14 14:08:14 1 none none:none
none|none none none

1df71b6767
NEW none[none] WinXP 30 of 33 11:31:54 11:31:54 1 none none:none
none|none none none

831f4ee0a7
[Firefox:679 hits: 07-11 to 07-05] eb7546c600 [0] WinXP 29 of 29 07:33:36 07:33:36 1 none ASM:Graph
none|none 100% lines=61 trace

f9bf3a1e43
[Firefox: 2 hits: 06-23 to 07-04] f9bf3a1e43 [1] Win2K-f 0 of 0 03:38:11 03:38:11 1 none ASM:Graph
Armadillo| 47% lines=81 trace

8a93930ea8
NEW none[none] WinXP
Win2K-f 24 of 33 05:14:55 13:22:11 2 none none:none
none|none none none

17028f1eda
[Firefox:16 hits: 09-29 to 07-05] none[3] WinXP 31 of 32 05:49:04 05:49:04 1 none none:none
tElock| none trace

65494b4a08
NEW
b5919931fe
[Firefox:68 hits: 06-20 to 07-05] none[none]
b5919931fe[1] Win2K-f 0 of 32 02:08:14 22:36:03 11 none none:none
ASM:Graph
none|none
ASProtect| 48% none
lines=90 none
trace

cc30d2f7c3
NEW none[none] Win2K-f 31 of 33 23:32:19 23:32:19 1 none none:none
none|none none none

5aeab33849
NEW none[none] WinXP 29 of 33 08:28:12 08:28:12 1 none none:none
none|none none none

dd98c3c108
[Firefox: 4 hits: 06-24 to 07-05] dd98c3c108 [1] WinXP 29 of 33 21:20:30 21:20:30 1 none ASM:Graph
Armadillo| 47% lines=82 trace

57ce4acac2
[Firefox:36 hits: 06-17 to 07-05] 57ce4acac2 [1] Win2K-f
WinXP 0 of 33 04:29:47 23:17:30 3 none ASM:Graph
Armadillo| 47% lines=81 trace

420b49c3b1
NEW
b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
c87b5f785d
NEW none[none]
b5919931fe[1]
none [none] Win2K-f 30 of 33 18:49:29 18:49:29 1 none none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

4ca3056804
[Firefox: 3 hits: 06-18 to 07-05] 4ca3056804 [1] Win2K-f 1 of 33 21:27:58 21:27:58 1 none ASM:Graph
Armadillo| 47% lines=81 trace

3632feac9a
NEW
a014934a72
[Firefox:59 hits: 06-28 to 07-05] none[none]
none [none] Win2K-f
WinXP 27 of 33 02:08:14 21:48:36 4 none none:none
none:none
none|none
none|none none
none none
none

53bfe15e91
[Firefox:417 hits: 06-17 to 07-05]
a08f3b74a4
[Firefox:140 hits: 06-18 to 07-05] none[4]
a08f3b74a4[1] Win2K-f
WinXP 0 of 33 00:23:37 19:57:47 13 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

65494b4a08
NEW none[none] Win2K-f 30 of 33 08:02:28 22:36:03 2 none none:none
none|none none none

2520af202e
NEW none[none] WinXP 29 of 33 17:46:33 17:46:33 1 none none:none
none|none none none

9b82db3489
[Firefox: 2 hits: 07-15 to 06-28] none[none] WinXP 29 of 29 15:25:52 15:25:52 1 none none:none
none|none none none

a0139d7ad8
[Firefox:449 hits: 05-02 to 07-02] d9e9662db1 [0] WinXP 29 of 29 08:46:31 08:46:31 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

dd98c3c108
[Firefox: 4 hits: 06-24 to 07-05]
e98746deb1
[Firefox: 4 hits: 06-24 to 07-05] dd98c3c108 [1]
none [4] WinXP 31 of 33 21:20:30 21:20:30 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

5364c612fa
NEW none[none] WinXP 30 of 32 08:13:42 08:13:42 1 none none:none
none|none none none

dfbaaf577c
[Firefox: 5 hits: 06-18 to 07-03] none[4] WinXP 31 of 33 04:15:58 04:15:58 1 none none:none
tElock| none trace

0ce8fd0298
NEW none[none] WinXP 28 of 33 04:54:27 04:54:27 1 none none:none
none|none none none

e19fa0dfad
[Firefox: 2 hits: 06-24 to 07-01] none[4] WinXP 32 of 33 19:06:23 19:06:23 1 none none:none
PolyEnE| none trace

0ce8fd0298
NEW
9dab37e63b
NEW none[none]
none [none] WinXP 30 of 33 04:54:27 04:54:27 1 none none:none
none:none
none|none
none|none none
none none
none

ad0c5ff63e
NEW none[none] WinXP 31 of 33 05:56:17 05:56:17 1 none none:none
none|none none none

03b90a9d15
NEW none[none] WinXP 31 of 33 15:18:06 15:18:06 1 none none:none
none|none none none

3373948767
[Firefox: 2 hits: 07-03 to 07-05]
c73f738c30
[Firefox: 2 hits: 07-03 to 07-05] none[none]
none [none] WinXP 29 of 33 04:05:21 15:18:08 2 none none:none
none:none
none|none
none|none none
none none
none

5ed8a3de6e
[Firefox: 2 hits: 05-18 to 07-01] none[4] WinXP 0 of 0 01:55:49 01:55:49 1 none none:none
ASPack| none trace

d16355e15b
NEW none[4] Win2K-f 33 of 33 09:40:44 09:40:44 1 none none:none
ASPack| none trace

1b94c1cc14
NEW
62728ad1cd
NEW none[none]
none [none] Win2K-f 29 of 33 14:57:01 14:57:01 1 none none:none
none:none
none|none
none|none none
none none
none

c05385e600
[Firefox:19 hits: 06-24 to 06-19] 6a383b021d [0] WinXP 29 of 29 10:12:14 10:12:14 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

8a79fbda68
[Firefox: 2 hits: 06-26 to 07-03] none[none] WinXP 32 of 33 10:49:34 10:49:36 2 none none:none
none|none none none

27b945de66
[Firefox: 8 hits: 06-20 to 06-30] none[4] WinXP 31 of 32 05:56:41 05:56:41 1 none none:none
none|none none trace

396656c83c
[Firefox: 3 hits: 08-20 to 05-03] none[4] WinXP 21 of 32 10:15:28 10:15:28 1 none none:none
PolyEnE| none trace

65494b4a08
NEW
b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
eeb51a6e9e
NEW none[none]
b5919931fe[1]
none [none] Win2K-f 29 of 33 08:02:28 22:36:03 2 none none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

b12e5dfed0
[Firefox: 2 hits: 06-21 to 07-05]
dc92683d9a
[Firefox: 4 hits: 06-19 to 07-05] none[4]
dc92683d9a[1] WinXP 29 of 33 12:32:16 12:32:16 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
bca9e0fb5f
[Firefox: 8 hits: 06-18 to 07-05]
e53a9ea82e
[Firefox: 8 hits: 06-18 to 07-05] b5919931fe [1]
none [4]
e53a9ea82e[1] Win2K-f 23 of 33 07:12:57 07:12:57 1 none ASM:Graph
none:none
ASM:Graph
ASProtect|
PolyEnE|
Armadillo| 47% lines=90
none
lines=81 trace
trace
trace

ce46f7ab87
NEW none[none] Win2K-f 1 of 33 00:49:13 00:49:13 1 none none:none
none|none none none

53bfe15e91
[Firefox:417 hits: 06-17 to 07-05]
73f1082158
[Firefox:192 hits: 06-18 to 07-05]
e07c29c4ae
[Firefox:65 hits: 06-19 to 07-05] none[4]
73f1082158[1]
e07c29c4ae[1] WinXP 0 of 33 04:54:27 16:28:52 6 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| 48% none
lines=81
lines=92 trace
trace
trace

2949152a24
NEW
f1a10a0d85
NEW none[none]
none [none] WinXP 30 of 33 14:08:14 14:08:14 1 none none:none
none:none
none|none
none|none none
none none
none

2520af202e
NEW
c54a16b53c
NEW none[none]
none [none] WinXP 32 of 33 17:46:33 17:46:33 1 none none:none
none:none
none|none
none|none none
none none
none

3632feac9a
NEW none[none] Win2K-f 31 of 32 21:48:36 21:48:36 1 none none:none
none|none none none

5bbb751422
NEW none[none] WinXP 31 of 33 21:59:27 21:59:27 1 none none:none
none|none none none

4b18edffbf
NEW none[none] Win2K-f 31 of 33 02:08:14 02:08:14 1 none none:none
none|none none none

02cab5983b
[Firefox: 2 hits: 06-18 to 07-01]
76e6f343c5
[Firefox: 2 hits: 06-18 to 07-01] none[4]
76e6f343c5[1] Win2K-f 30 of 33 03:55:04 03:55:04 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

f2b1e6ea6f
NEW none[none] WinXP 15 of 33 19:11:44 19:11:44 1 none none:none
none|none none none

ad8ae25c08
NEW none[none] Win2K-f 15 of 32 18:35:36 18:35:36 1 none none:none
none|none none none

fbacdd87c0
NEW none[4] WinXP 24 of 32 04:29:56 04:29:56 1 none none:none
none|none none trace

57ce4acac2
[Firefox:36 hits: 06-17 to 07-05]
83f26f5044
[Firefox: 4 hits: 06-20 to 07-01] 57ce4acac2 [1]
none [4] Win2K-f 29 of 32 23:17:30 23:17:30 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

7f60162c2c
[Firefox:1384 hits: 12-31 to 07-05] 1aad8e4632 [0] WinXP 25 of 25 04:39:38 20:54:48 6 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

9d07de7076
NEW none[none] Win2K-f 29 of 33 22:21:17 22:21:17 1 none none:none
none|none none none

9a1383bb4a
NEW
b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
bc466d941c
NEW none[4]
b5919931fe[1]
bc466d941c[1] Win2K-f 29 of 33 22:27:14 22:27:14 1 none none:none
ASM:Graph
ASM:Graph
tElock|
ASProtect|
Armadillo| 47% none
lines=90
lines=82 trace
trace
trace

3373948767
[Firefox: 2 hits: 07-03 to 07-05] none[none] WinXP 30 of 33 04:05:21 15:18:08 2 none none:none
none|none none none

b12e5dfed0
[Firefox: 2 hits: 06-21 to 07-05] none[4] WinXP 30 of 33 12:32:16 12:32:16 1 none none:none
tElock| none trace

9183352b97
NEW
b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
d711e38d6d
NEW none[none]
b5919931fe[1]
none [none] Win2K-f 30 of 33 20:53:32 20:53:32 1 none none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

3ae357d17b
[Firefox:731 hits: 05-01 to 07-05] 462a7be171 [0] WinXP 29 of 29 14:51:58 14:51:58 1 none ASM:Graph
PolyEnE| 99% lines=73 trace

ce46f7ab87
NEW
d7dc1e3bea
NEW none[none]
none [none] Win2K-f 32 of 33 00:49:13 00:49:13 1 none none:none
none:none
none|none
none|none none
none none
none

3632feac9a
NEW
a014934a72
[Firefox:59 hits: 06-28 to 07-05]
b5919931fe
[Firefox:68 hits: 06-20 to 07-05]
e9aac571dd
NEW none[none]
none [none]
b5919931fe[1]
none [none] Win2K-f 29 of 32 21:48:36 21:48:36 1 none none:none
none:none
ASM:Graph
none:none
none|none
none|none
ASProtect|
none|none none
none
lines=90
none none
none
trace
none

b54b4cb17c
NEW none[none] Win2K-f 29 of 33 19:13:06 19:13:06 1 none none:none
none|none none none

7d99b0e910
[Firefox:3144 hits: 12-31 to 07-05] 7a70e1b592 [0] WinXP 26 of 28 02:35:46 20:28:31 9 none ASM:Graph
PolyEnE| 99% lines=68 trace

1df71b6767
NEW
33378033f2
NEW none[none]
none [none] WinXP 30 of 33 11:31:54 11:31:54 1 none none:none
none:none
none|none
none|none none
none none
none

bf14e246e6
NEW none[none] Win2K-f
WinXP 19 of 33 18:33:12 20:43:37 4 none none:none
none|none none none

9a1383bb4a
NEW none[4] Win2K-f 29 of 32 22:27:14 22:27:14 1 none none:none
tElock| none trace

366148f7b7
NEW none[none] WinXP 31 of 33 14:24:03 14:24:03 1 none none:none
none|none none none

168aab35a3
[Firefox:38 hits: 06-17 to 07-05]
a014934a72
[Firefox:59 hits: 06-28 to 07-05]
f62373a83b
NEW none[4]
none [none]
none [none] WinXP 30 of 33 21:00:59 21:00:59 1 none none:none
none:none
none:none
tElock|
none|none
none|none none
none
none trace
none
none

9d571adc3c
NEW none[none] Win2K-f 31 of 33 03:11:59 03:11:59 1 none none:none
none|none none none

65275a1614
[Firefox: 2 hits: 06-21 to 07-04] 65275a1614 [1] Win2K-f
WinXP 29 of 33 00:37:01 11:34:28 2 none ASM:Graph
Armadillo| 47% lines=82 trace

0b6af9e88a
[Firefox: 3 hits: 05-31 to 06-01] 24b6fb10de [0] Win2K-f
WinXP 5 of 31 12:23:07 22:09:06 3 none ASM:Graph
StarForce| 59% lines=1106
embedded dns trace

ab5e47bf8d
[Firefox:56 hits: 05-10 to 07-03] none[3] WinXP 29 of 29 05:02:53 05:02:53 1 none none:none
ASPack| none trace

4c3df24b32
[Firefox:56 hits: 06-17 to 07-05]
58408136a4
NEW 4c3df24b32 [1]
none [none] Win2K-f 32 of 33 10:27:40 10:27:40 1 none ASM:Graph
none:none
Armadillo|
none|none lines=81
none trace
none

69f9a09ec3
NEW none[none] WinXP 32 of 32 21:45:51 21:45:51 1 none none:none
none|none none none

65275a1614
[Firefox: 2 hits: 06-21 to 07-04]
ec0d7783de
[Firefox: 2 hits: 06-21 to 07-04] 65275a1614 [1]
none [4] Win2K-f
WinXP 30 of 32 00:37:01 11:34:28 2 none ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

c1758dd1f7
NEW none[none] WinXP 33 of 33 05:11:39 05:11:39 1 none none:none
none|none none none