Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

23 July 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

3db2c812c0
NEW none[none] WinXP 31 of 33 01:00:31 01:00:31 1 none none:none
none|none none none

53bfe15e91
[Firefox:850 hits: 06-17 to 07-22]
73f1082158
[Firefox:417 hits: 06-18 to 07-22] none[4]
73f1082158[1] WinXP
Win2K-f 0 of 32 01:11:17 23:10:51 23 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

53bfe15e91
[Firefox:850 hits: 06-17 to 07-22] none[4] WinXP
Win2K-f 33 of 33 01:11:17 23:10:51 28 none none:none
tElock| none trace

53bfe15e91
[Firefox:850 hits: 06-17 to 07-22]
b7082104e4
[Firefox:57 hits: 06-18 to 07-22] none[4]
none [4] WinXP 8 of 33 16:26:15 16:26:15 1 none none:none
none:none
tElock|
tElock| none
none trace
trace

3db2c812c0
NEW
797fdec34a
NEW none[none]
none [none] WinXP 30 of 35 01:00:31 01:00:31 1 none none:none
none:none
none|none
none|none none
none none
none

32fdc78338
NEW
8390780c27
[Firefox:21 hits: 06-18 to 07-21] none[none]
none [4] WinXP 30 of 32 02:08:19 02:08:19 1 none none:none
none:none
none|none
tElock| none
none none
trace

168aab35a3
[Firefox:63 hits: 06-17 to 07-22] none[4] WinXP
Win2K-f 31 of 33 02:16:47 23:40:18 3 none none:none
tElock| none trace

7b7b595678
NEW none[none] WinXP 1 of 35 08:01:29 08:01:29 1 none none:none
none|none none none

533d15b5ce
[Firefox: 8 hits: 06-21 to 07-22] none[4] Win2K-f 30 of 33 22:31:50 22:31:50 1 none none:none
tElock| none trace

d42c1cc7c0
[Firefox:320 hits: 05-01 to 07-19] af9ca5bed1 [0] WinXP 29 of 29 09:34:46 09:34:46 1 none ASM:Graph
PolyEnE| 100% lines=54 trace

a12cab51ef
[Firefox:1131 hits: 05-01 to 07-22] 40f7f463c4 [0] WinXP 29 of 29 15:47:28 15:47:28 1 none ASM:Graph
ASPack| 54% lines=281
embedded dns trace

89cff2075d
NEW none[none] WinXP 11 of 35 05:03:27 05:03:27 1 none none:none
none|none none none

f502585714
[Firefox:99 hits: 05-03 to 07-22] ae590430c5 [0] WinXP 29 of 29 19:18:48 19:18:48 1 none ASM:Graph
PolyEnE| 100% lines=63 trace

03f912899b
[Firefox:54 hits: 12-14 to 07-21] 83893bd25d [0] WinXP 32 of 32 00:29:17 01:25:56 2 none ASM:Graph
none|none 100% lines=65 trace

f17cd31eda
NEW none[none] WinXP 35 of 35 08:45:35 10:38:51 2 none none:none
none|none none none

cce9566ceb
[Firefox:33 hits: 06-12 to 07-22] none[4] WinXP 31 of 32 05:11:57 05:11:57 1 none none:none
PolyEnE| none trace

ae4bed1aa9
[Firefox: 5 hits: 06-21 to 07-09]
bc51bd8226
[Firefox: 5 hits: 06-21 to 07-09] ae4bed1aa9 [1]
none [4] WinXP 29 of 32 09:10:42 09:13:04 2 none ASM:Graph
none:none
Armadillo|
PolyEnE| lines=81
none trace
trace

ba4637f8f0
NEW
d02ae67164
NEW none[none]
none [none] Win2K-f 31 of 33 06:22:29 06:22:29 1 none none:none
none:none
none|none
none|none none
none none
none

168aab35a3
[Firefox:63 hits: 06-17 to 07-22]
4c3df24b32
[Firefox:106 hits: 06-17 to 07-22] none[4]
4c3df24b32[1] WinXP 0 of 33 02:16:47 02:16:47 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

3ed16ae12d
[Firefox: 7 hits: 06-19 to 07-21] 3ed16ae12d [1] Win2K-f 3 of 33 14:15:42 14:15:42 1 none ASM:Graph
Armadillo| 47% lines=81 trace

dabbc1ee56
NEW none[none] Win2K-f 31 of 33 14:40:56 14:40:56 1 none none:none
none|none none none

390c9c834a
NEW
474312616d
NEW
62376cb971
NEW
954a98c971
[Firefox: 4 hits: 06-09 to 07-07]
f82e1a0066
NEW none[none]
none [none]
none [none]
none [4]
none [none] WinXP 13 of 35 10:01:21 10:01:21 1 none none:none
none:none
none:none
none:none
none:none
none|none
none|none
none|none
FSG|
none|none none
none
none
none
none none
none
none
trace
none

168aab35a3
[Firefox:63 hits: 06-17 to 07-22]
667f0c59f3
[Firefox: 4 hits: 07-04 to 07-16] none[4]
none [none] Win2K-f 31 of 33 07:39:48 07:39:48 1 none none:none
none:none
tElock|
none|none none
none trace
none

6d86a1ff5a
[Firefox:18 hits: 06-25 to 07-22] none[none] WinXP 28 of 33 19:08:41 19:08:41 1 none none:none
none|none none none

741e3b03b3
[Firefox:197 hits: 09-28 to 07-22] e0197e8a64 [0] WinXP 31 of 32 02:08:50 20:17:24 2 none ASM:Graph
none|none 100% lines=62 trace

390c9c834a
NEW none[none] WinXP 13 of 33 10:01:21 10:01:21 1 none none:none
none|none none none

6d86a1ff5a
[Firefox:18 hits: 06-25 to 07-22]
7f6e032fc0
[Firefox:18 hits: 06-25 to 07-22] none[none]
none [none] WinXP 31 of 33 19:08:41 19:08:41 1 none none:none
none:none
none|none
none|none none
none none
none

831f4ee0a7
[Firefox:731 hits: 07-11 to 07-22] eb7546c600 [0] WinXP 29 of 29 06:18:40 22:34:36 8 none ASM:Graph
none|none 100% lines=61 trace

533d15b5ce
[Firefox: 8 hits: 06-21 to 07-22]
58c343a8d8
[Firefox: 9 hits: 06-21 to 07-22] none[4]
58c343a8d8[1] Win2K-f 28 of 33 22:31:50 22:31:50 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

6f1691e3b3
NEW none[4] WinXP 31 of 32 16:52:08 16:52:08 1 none none:none
PolyEnE| none trace

5f78ff609d
[Firefox:1544 hits: 04-27 to 06-28] d4a06bdc3a [0] Win2K-f 21 of 32 11:09:08 11:09:08 1 none ASM:Graph
none|none 46% lines=4 trace

533d15b5ce
[Firefox: 8 hits: 06-21 to 07-22]
58c343a8d8
[Firefox: 9 hits: 06-21 to 07-22]
b5919931fe
[Firefox:144 hits: 06-20 to 07-22] none[4]
58c343a8d8[1]
b5919931fe[1] Win2K-f 0 of 32 05:47:24 22:31:50 3 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| 48% none
lines=82
lines=90 trace
trace
trace

0d379c44c0
NEW none[none] Win2K-f 32 of 35 04:51:06 04:51:06 1 none none:none
none|none none none

93385541f3
[Firefox:13 hits: 06-22 to 07-22] none[4] WinXP 32 of 32 07:16:29 07:16:29 1 none none:none
none|none none trace

3dffacd270
[Firefox: 4 hits: 06-20 to 07-20]
d5bf17f14e
[Firefox: 4 hits: 06-20 to 07-20] 3dffacd270 [1]
none [4] WinXP 30 of 32 04:52:11 04:52:11 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

57ce4acac2
[Firefox:73 hits: 06-17 to 07-22] 57ce4acac2 [1] WinXP 0 of 33 07:39:07 17:35:59 2 none ASM:Graph
Armadillo| 47% lines=81 trace

1a2c0e6130
[Firefox:498 hits: 12-31 to 07-22] 048df78048 [0] WinXP 29 of 29 02:08:54 07:23:24 2 none ASM:Graph
none|none 100% lines=61 trace

53bfe15e91
[Firefox:850 hits: 06-17 to 07-22]
a08f3b74a4
[Firefox:278 hits: 06-18 to 07-22] none[4]
a08f3b74a4[1] WinXP
Win2K-f 0 of 33 01:30:24 17:33:04 5 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

7b7b595678
NEW
aca9884a43
NEW
ffb4e72760
NEW none[none]
none [none]
none [none] WinXP 1 of 35 08:01:29 08:01:29 1 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

a483ba8aa1
[Firefox:10 hits: 07-09 to 07-22] none[none] WinXP 33 of 33 06:56:44 06:56:44 1 none none:none
none|none none none

d2ff2be779
NEW none[none] WinXP 35 of 35 22:26:21 22:26:21 1 none none:none
none|none none none

a41d9d371e
[Firefox: 4 hits: 04-21 to 06-02] c2640d398b [0] WinXP 30 of 32 03:30:32 03:30:32 1 none ASM:Graph
PolyEnE| 99% lines=129 trace

a0139d7ad8
[Firefox:454 hits: 05-02 to 07-21] d9e9662db1 [0] WinXP 29 of 29 02:08:05 09:43:06 2 none ASM:Graph
PolyEnE| 99% lines=68 trace

3874ef05b8
NEW none[none] WinXP 35 of 35 15:23:40 15:23:40 1 none none:none
none|none none none

4afb021245
NEW
c7b0b9b33f
NEW none[none]
none [none] Win2K-f 32 of 35 08:18:41 08:18:41 1 none none:none
none:none
none|none
none|none none
none none
none

7993524bb8
NEW
b5919931fe
[Firefox:144 hits: 06-20 to 07-22]
ed3c1c5e49
NEW none[none]
b5919931fe[1]
none [none] Win2K-f 34 of 35 13:20:22 13:20:22 1 none none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

32fdc78338
NEW none[none] WinXP 32 of 35 02:08:19 02:08:19 1 none none:none
none|none none none

2d76ff4e53
NEW none[none] WinXP 34 of 35 22:43:55 22:43:55 1 none none:none
none|none none none

1e5df7ba74
[Firefox:31 hits: 03-24 to 07-19] a5331b711f [0] WinXP 31 of 32 12:24:48 12:24:48 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

63bb8d0ddf
NEW
f2f692a719
NEW none[none]
none [none] WinXP 30 of 35 00:31:49 00:31:49 1 none none:none
none:none
none|none
none|none none
none none
none

df17a625ee
[Firefox:493 hits: 05-04 to 07-22] 9bbdd086c5 [0] WinXP 29 of 29 10:22:00 10:22:00 1 none ASM:Graph
ASPack| 49% lines=186
embedded dns trace

390c9c834a
NEW
474312616d
NEW
62376cb971
NEW none[none]
none [none]
none [none] WinXP 8 of 35 10:01:21 10:01:21 1 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

986b59708d
[Firefox:309 hits: 05-03 to 07-21] 8a00217866 [0] WinXP 29 of 29 22:41:15 23:15:44 3 none ASM:Graph
PolyEnE| 100% lines=57 trace

168aab35a3
[Firefox:63 hits: 06-17 to 07-22]
86a0085851
NEW none[4]
none [none] Win2K-f 30 of 33 23:40:18 23:40:18 1 none none:none
none:none
tElock|
none|none none
none trace
none

390c9c834a
NEW
474312616d
NEW none[none]
none [none] WinXP 16 of 35 10:01:21 10:01:21 1 none none:none
none:none
none|none
none|none none
none none
none

dabbc1ee56
NEW
f4f090debc
NEW none[none]
none [none] Win2K-f 31 of 33 14:40:56 14:40:56 1 none none:none
none:none
none|none
none|none none
none none
none

57ce4acac2
[Firefox:73 hits: 06-17 to 07-22]
83f26f5044
[Firefox:13 hits: 06-20 to 07-22]
e07c29c4ae
[Firefox:109 hits: 06-19 to 07-21] 57ce4acac2 [1]
none [4]
e07c29c4ae[1] WinXP 0 of 33 01:11:17 17:35:59 6 none ASM:Graph
none:none
ASM:Graph
Armadillo|
tElock|
FSG| 48% lines=81
none
lines=92 trace
trace
trace

a16ffae822
NEW none[none] WinXP 30 of 33 09:17:42 09:17:42 1 none none:none
none|none none none

7993524bb8
NEW none[none] Win2K-f 32 of 35 13:20:22 13:20:22 1 none none:none
none|none none none

a2a036466a
[Firefox:271 hits: 05-05 to 06-27] none[4] Win2K-f 14 of 32 16:33:20 16:33:20 1 none none:none
none|none none trace

63bb8d0ddf
NEW none[none] WinXP 30 of 33 00:31:49 00:31:49 1 none none:none
none|none none none

0d379c44c0
NEW
cf46b15c58
NEW none[none]
none [none] Win2K-f 2 of 33 04:51:06 04:51:06 1 none none:none
none:none
none|none
none|none none
none none
none

7b7b595678
NEW
aca9884a43
NEW none[none]
none [none] WinXP 33 of 35 08:01:29 08:01:29 1 none none:none
none:none
none|none
none|none none
none none
none

57ce4acac2
[Firefox:73 hits: 06-17 to 07-22]
83f26f5044
[Firefox:13 hits: 06-20 to 07-22] 57ce4acac2 [1]
none [4] WinXP 29 of 32 07:39:07 17:35:59 2 none ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

7f60162c2c
[Firefox:1439 hits: 12-31 to 07-22] 1aad8e4632 [0] WinXP 25 of 25 08:56:47 16:30:17 5 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

390c9c834a
NEW
474312616d
NEW
62376cb971
NEW
954a98c971
[Firefox: 4 hits: 06-09 to 07-07] none[none]
none [none]
none [none]
none [4] WinXP 31 of 33 10:01:21 10:01:21 1 none none:none
none:none
none:none
none:none
none|none
none|none
none|none
FSG| none
none
none
none none
none
none
trace

152b723195
NEW none[none] Win2K-f 32 of 35 16:01:00 16:01:00 1 none none:none
none|none none none

7db5d5aa97
NEW none[none] Win2K-f 34 of 35 18:32:39 18:32:39 1 none none:none
none|none none none

ea096a2bdf
[Firefox: 9 hits: 07-12 to 07-22] none[none] WinXP 31 of 32 09:57:53 09:58:16 2 none none:none
none|none none none

b9184fc7f3
NEW
e07c29c4ae
[Firefox:109 hits: 06-19 to 07-21]
fd9b49840f
[Firefox: 5 hits: 06-23 to 07-21] none[none]
e07c29c4ae[1]
fd9b49840f[1] WinXP 0 of 0 13:46:23 13:46:23 1 none none:none
ASM:Graph
ASM:Graph
none|none
FSG|
Armadillo| 47% none
lines=92
lines=81 none
trace
trace

3ae357d17b
[Firefox:741 hits: 05-01 to 07-21] 462a7be171 [0] WinXP 29 of 29 13:42:26 13:42:26 1 none ASM:Graph
PolyEnE| 99% lines=73 trace

ba4637f8f0
NEW none[none] Win2K-f 28 of 33 06:22:29 06:22:29 1 none none:none
none|none none none

4afb021245
NEW none[none] Win2K-f 30 of 35 08:18:41 08:18:41 1 none none:none
none|none none none

ae4bed1aa9
[Firefox: 5 hits: 06-21 to 07-09] ae4bed1aa9 [1] WinXP 29 of 33 09:10:42 09:13:04 2 none ASM:Graph
Armadillo| 47% lines=81 trace

2d76ff4e53
NEW
7df1377ee3
NEW none[none]
none [none] WinXP 32 of 35 22:43:55 22:43:55 1 none none:none
none:none
none|none
none|none none
none none
none

7d99b0e910
[Firefox:3236 hits: 12-31 to 07-22] 7a70e1b592 [0] WinXP 26 of 28 09:30:49 20:10:01 5 none ASM:Graph
PolyEnE| 99% lines=68 trace

3ed16ae12d
[Firefox: 7 hits: 06-19 to 07-21]
79c01ec060
[Firefox:11 hits: 06-18 to 07-21] 3ed16ae12d [1]
none [4] Win2K-f 33 of 33 14:15:42 14:15:42 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

b9184fc7f3
NEW none[none] WinXP 31 of 33 13:46:23 13:46:23 1 none none:none
none|none none none

b81b9e9be1
NEW none[none] WinXP 35 of 35 16:13:31 16:16:17 2 none none:none
none|none none none

152b723195
NEW
2c3d295f63
NEW none[none]
none [none] Win2K-f 34 of 35 16:01:00 16:01:00 1 none none:none
none:none
none|none
none|none none
none none
none

3dffacd270
[Firefox: 4 hits: 06-20 to 07-20] 3dffacd270 [1] WinXP 28 of 32 04:52:11 04:52:11 1 none ASM:Graph
Armadillo| 47% lines=82 trace