Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

08 August 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

6ec2a8994b
[Firefox:10 hits: 06-18 to 08-07]
857b781ca9
[Firefox: 7 hits: 06-18 to 07-29] none[4]
857b781ca9[1] Win2K-f 29 of 33 09:08:51 20:33:19 2 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

45900d6d85
NEW none[none] WinXP 33 of 36 00:49:40 00:49:40 1 none none:none
none|none none none

da00a8e7a1
[Firefox: 2 hits: 08-05 to 08-05]
f685f8e027
[Firefox: 6 hits: 06-18 to 08-05] none[none]
f685f8e027[1] WinXP 28 of 33 23:40:11 23:40:11 1 none none:none
ASM:Graph
none|none
Armadillo| 48% none
lines=82 none
trace

177159de26
NEW none[none] Win2K-f 32 of 36 23:02:38 23:02:38 1 none none:none
none|none none none

19459b6d9a
NEW
215317b391
[Firefox: 2 hits: 06-28 to 07-19] none[none]
none [none] Win2K-f 25 of 33 09:22:46 09:22:46 1 none none:none
none:none
none|none
none|none none
none none
none

53bfe15e91
[Firefox:1217 hits: 06-17 to 08-07]
73f1082158
[Firefox:613 hits: 06-18 to 08-07] none[4]
73f1082158[1] WinXP
Win2K-f 0 of 32 00:21:33 21:04:29 16 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

378a4bac36
[Firefox: 4 hits: 07-01 to 07-26]
b5919931fe
[Firefox:255 hits: 06-20 to 08-07]
d11b4c2e19
[Firefox: 4 hits: 07-01 to 07-26] none[none]
b5919931fe[1]
none [none] Win2K-f 29 of 33 11:26:20 11:26:20 1 none none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

7452c8448d
[Firefox: 9 hits: 06-17 to 08-04]
b08a2fea36
NEW none[4]
none [none] Win2K-f 33 of 36 11:02:27 11:02:27 1 none none:none
none:none
PolyEnE|
none|none none
none trace
none

7f6ea12654
[Firefox:14 hits: 07-13 to 08-07] none[none] WinXP 32 of 33 07:13:57 23:12:04 2 none none:none
none|none none none

53bfe15e91
[Firefox:1217 hits: 06-17 to 08-07] none[4] WinXP
Win2K-f 33 of 33 00:21:33 23:37:48 27 none none:none
tElock| none trace

0bfa79dc19
[Firefox: 5 hits: 07-22 to 08-07] none[none] Win2K-f 31 of 33 17:29:49 17:29:49 1 none none:none
none|none none none

55d0af189c
[Firefox: 2 hits: 07-11 to 07-29] none[none] WinXP 32 of 32 07:44:22 07:44:22 1 none none:none
none|none none none

1460b28ea0
NEW none[none] WinXP 0 of 35 18:59:56 18:59:56 1 none none:none
none|none none none

865455fb95
NEW none[none] WinXP 19 of 36 19:59:11 19:59:11 1 none none:none
none|none none none

53bfe15e91
[Firefox:1217 hits: 06-17 to 08-07]
b7082104e4
[Firefox:73 hits: 06-18 to 08-07] none[4]
none [4] WinXP 8 of 33 18:57:18 21:39:37 2 none none:none
none:none
tElock|
tElock| none
none trace
trace

644b2a1105
[Firefox: 2 hits: 08-01 to 08-02] none[none] Win2K-f 34 of 36 14:28:48 14:28:48 1 none none:none
none|none none none

69c9084fdb
NEW none[none] WinXP 34 of 35 02:50:45 02:50:48 2 none none:none
none|none none none

93afd0b12c
NEW none[none] WinXP 36 of 36 09:57:50 09:57:50 1 none none:none
none|none none none

1460b28ea0
NEW
398f61300b
NEW
a12cab51ef
[Firefox:441 hits: 01-01 to 08-07]
e251e1eb70
NEW none[none]
none [none]
40f7f463c4[0]
none [none] WinXP 0 of 36 18:59:56 18:59:56 1 none none:none
none:none
ASM:Graph
none:none
none|none
none|none
ASPack|
none|none none
none
lines=281
embedded dns
none none
none
trace
none

73ce2b74da
[Firefox: 4 hits: 06-18 to 07-03] 73ce2b74da [1] Win2K-f 3 of 33 15:30:25 15:30:25 1 none ASM:Graph
Armadillo| 47% lines=81 trace

d42c1cc7c0
[Firefox:120 hits: 01-01 to 08-06] af9ca5bed1 [0] WinXP 29 of 29 07:56:57 09:20:07 2 none ASM:Graph
PolyEnE| 100% lines=54 trace

804659ed67
NEW
a12cab51ef
[Firefox:441 hits: 01-01 to 08-07] none[none]
40f7f463c4[0] WinXP 29 of 29 14:24:10 20:50:43 5 none none:none
ASM:Graph
none|none
ASPack| 54% none
lines=281
embedded dns none
trace

c0c2087cb7
NEW none[none] WinXP
Win2K-f 33 of 36 20:30:09 20:38:04 2 none none:none
none|none none none

7452c8448d
[Firefox: 9 hits: 06-17 to 08-04] none[4] Win2K-f 30 of 32 11:02:27 11:02:27 1 none none:none
PolyEnE| none trace

45900d6d85
NEW
c68521cfa6
NEW none[none]
none [none] WinXP 33 of 36 00:49:40 00:49:40 1 none none:none
none:none
none|none
none|none none
none none
none

177159de26
NEW
9c50aa3c45
NEW none[none]
none [none] Win2K-f 34 of 36 23:02:38 23:02:38 1 none none:none
none:none
none|none
none|none none
none none
none

9dab636a01
NEW none[none] WinXP 29 of 29 04:59:54 04:59:54 1 none none:none
none|none none none

c78281a815
[Firefox: 4 hits: 06-20 to 07-16] none[4] WinXP 29 of 32 01:42:04 01:42:04 1 none none:none
PolyEnE| none trace

03f912899b
[Firefox:76 hits: 01-08 to 08-07] 83893bd25d [0] WinXP 32 of 32 11:14:32 11:14:32 1 none ASM:Graph
none|none 100% lines=65 trace

2e235a1c0e
NEW none[none] Win2K-f 29 of 33 08:01:39 08:01:39 1 none none:none
none|none none none

53bfe15e91
[Firefox:1217 hits: 06-17 to 08-07]
a86bdb31d3
[Firefox: 3 hits: 07-03 to 08-06] none[4]
none [none] WinXP 29 of 33 12:08:33 12:08:33 1 none none:none
none:none
tElock|
none|none none
none trace
none

01ef605039
NEW none[none] Win2K-f 32 of 33 03:16:24 03:16:24 1 none none:none
none|none none none

37f41fd8ab
[Firefox:41 hits: 07-24 to 08-07] none[none] Win2K-f 19 of 35 08:26:12 09:37:56 3 none none:none
none|none none none

4c3df24b32
[Firefox:131 hits: 06-17 to 08-07] 4c3df24b32 [1] Win2K-f 0 of 33 08:25:20 08:25:28 2 none ASM:Graph
Armadillo| 47% lines=81 trace

31526418ab
NEW
63892cce35
NEW
a12cab51ef
[Firefox:441 hits: 01-01 to 08-07]
bdb0c548c9
NEW none[none]
none [none]
40f7f463c4[0]
none [none] WinXP 0 of 34 20:37:32 20:37:32 1 none none:none
none:none
ASM:Graph
none:none
none|none
none|none
ASPack|
none|none none
none
lines=281
embedded dns
none none
none
trace
none

741e3b03b3
[Firefox:247 hits: 01-05 to 08-07] e0197e8a64 [0] WinXP 31 of 32 06:17:40 08:24:32 2 none ASM:Graph
none|none 100% lines=62 trace

0bfa79dc19
[Firefox: 5 hits: 07-22 to 08-07]
8dfb3b619f
[Firefox: 6 hits: 07-22 to 08-07] none[none]
none [none] Win2K-f 29 of 34 17:29:49 17:29:49 1 none none:none
none:none
none|none
none|none none
none none
none

b4b2ce01ca
NEW none[none] Win2K-f 34 of 36 02:53:10 02:53:10 1 none none:none
none|none none none

9e9916a2b5
NEW none[none] WinXP 35 of 36 06:46:41 06:46:41 1 none none:none
none|none none none

062635b70e
NEW none[none] WinXP 36 of 36 12:50:48 12:50:48 1 none none:none
none|none none none

31526418ab
NEW none[none] WinXP 0 of 36 20:37:32 20:37:32 1 none none:none
none|none none none

2098aa9ef9
NEW none[none] WinXP 33 of 34 10:50:47 10:50:49 2 none none:none
none|none none none

177159de26
NEW
9c50aa3c45
NEW
b5919931fe
[Firefox:255 hits: 06-20 to 08-07] none[none]
none [none]
b5919931fe[1] Win2K-f 0 of 32 02:15:25 23:02:38 10 none none:none
none:none
ASM:Graph
none|none
none|none
ASProtect| 48% none
none
lines=90 none
none
trace

804659ed67
NEW none[none] WinXP 0 of 36 20:50:43 20:50:43 1 none none:none
none|none none none

bfec7d0b0b
[Firefox: 2 hits: 08-06 to 08-07] none[none] WinXP 35 of 36 15:17:44 15:18:07 2 none none:none
none|none none none

1501ca09e5
NEW none[none] WinXP 27 of 36 01:48:55 01:48:55 1 none none:none
none|none none none

53bfe15e91
[Firefox:1217 hits: 06-17 to 08-07]
57ce4acac2
[Firefox:100 hits: 06-17 to 08-07] none[4]
57ce4acac2[1] Win2K-f 0 of 33 22:29:19 22:29:19 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

6ec2a8994b
[Firefox:10 hits: 06-18 to 08-07]
bcf66a38c8
NEW none[4]
none [none] Win2K-f 2 of 35 19:52:53 19:52:53 1 none none:none
none:none
tElock|
none|none none
none trace
none

72545efc4f
NEW none[none] WinXP
Win2K-f 18 of 36 17:56:45 20:17:26 6 none none:none
none|none none none

1460b28ea0
NEW
398f61300b
NEW none[none]
none [none] WinXP 0 of 36 18:59:56 18:59:56 1 none none:none
none:none
none|none
none|none none
none none
none

1a2c0e6130
[Firefox:299 hits: 12-31 to 08-07] 048df78048 [0] WinXP 29 of 29 04:22:11 11:54:26 2 none ASM:Graph
none|none 100% lines=61 trace

53bfe15e91
[Firefox:1217 hits: 06-17 to 08-07]
a08f3b74a4
[Firefox:407 hits: 06-18 to 08-07] none[4]
a08f3b74a4[1] Win2K-f
WinXP 0 of 33 02:15:25 23:37:48 5 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

92c8e458d8
[Firefox: 2 hits: 02-24 to 06-16] 4ba645ac3a [0] WinXP 32 of 32 16:10:28 16:10:28 1 none ASM:Graph
none|none 100% lines=62 trace

a3f358bd55
[Firefox: 7 hits: 06-10 to 08-07] none[4] WinXP 32 of 32 20:42:07 20:42:07 1 none none:none
PolyEnE| none trace

c1c39e83e2
NEW none[none] Win2K-f 16 of 36 19:40:36 19:40:36 1 none none:none
none|none none none

f18b228c5d
NEW none[none] Win2K-f 27 of 35 11:56:31 11:56:31 1 none none:none
none|none none none

19459b6d9a
NEW
215317b391
[Firefox: 2 hits: 06-28 to 07-19]
c4cbb2e5e5
[Firefox: 2 hits: 06-28 to 07-19] none[none]
none [none]
none [none] Win2K-f 17 of 33 09:22:46 09:22:46 1 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

04d3700af1
NEW none[none] Win2K-f 32 of 36 16:07:01 16:07:01 1 none none:none
none|none none none

9b9e5dcb18
NEW none[none] WinXP 36 of 36 21:02:31 21:02:31 1 none none:none
none|none none none

0dbe638eb4
NEW
2765878b0a
NEW none[none]
none [none] WinXP 29 of 33 22:26:49 22:26:49 1 none none:none
none:none
none|none
none|none none
none none
none

37f41fd8ab
[Firefox:41 hits: 07-24 to 08-07]
5ab0a45f63
[Firefox:52 hits: 07-24 to 08-07] none[none]
none [none] Win2K-f 17 of 35 08:26:12 09:37:56 3 none none:none
none:none
none|none
none|none none
none none
none

658eedd3de
NEW none[none] WinXP
Win2K-f 31 of 35 19:54:04 20:00:40 2 none none:none
none|none none none

7a1bcbbe62
NEW none[none] Win2K-f 35 of 36 01:09:38 01:09:38 1 none none:none
none|none none none

25d78144c5
[Firefox: 4 hits: 08-01 to 08-06] none[none] WinXP 35 of 36 18:58:25 18:58:25 1 none none:none
none|none none none

8a75955033
[Firefox:17 hits: 06-20 to 08-05]
9276c8b36b
[Firefox:17 hits: 06-20 to 08-05] none[4]
9276c8b36b[1] WinXP 28 of 32 05:38:13 05:38:13 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

0dbe638eb4
NEW none[none] WinXP 32 of 33 22:26:49 22:26:49 1 none none:none
none|none none none

df17a625ee
[Firefox:199 hits: 01-01 to 08-07] 9bbdd086c5 [0] WinXP 29 of 29 00:59:59 23:52:30 4 none ASM:Graph
ASPack| 49% lines=186
embedded dns trace

6ec2a8994b
[Firefox:10 hits: 06-18 to 08-07] none[4] Win2K-f 30 of 33 09:08:51 20:33:19 3 none none:none
tElock| none trace

01ef605039
NEW
ab3b3379d1
NEW none[none]
none [none] Win2K-f 24 of 33 03:16:24 03:16:24 1 none none:none
none:none
none|none
none|none none
none none
none

986b59708d
[Firefox:48 hits: 01-14 to 08-07] 8a00217866 [0] WinXP 29 of 29 15:31:25 15:31:25 1 none ASM:Graph
PolyEnE| 100% lines=57 trace

1f59c01aef
NEW none[none] WinXP 34 of 36 05:14:12 05:14:12 1 none none:none
none|none none none

48f8b1a711
[Firefox:10 hits: 06-19 to 08-07] none[4] Win2K-f 31 of 33 06:12:46 06:12:46 1 none none:none
PolyEnE| none trace

9a3fb3ba8c
NEW none[none] WinXP 34 of 36 17:09:20 17:09:20 1 none none:none
none|none none none

1f59c01aef
NEW
dc92683d9a
[Firefox: 7 hits: 06-19 to 08-01] none[none]
dc92683d9a[1] WinXP 29 of 33 05:14:12 05:14:12 1 none none:none
ASM:Graph
none|none
Armadillo| 47% none
lines=82 none
trace

382279b44f
[Firefox:99 hits: 05-22 to 08-07] 049e62d55b [0] Win2K-f
WinXP 19 of 32 04:16:26 22:57:44 7 none ASM:Graph
Armadillo| 50% lines=192 trace

0dbe638eb4
NEW
2765878b0a
NEW
e07c29c4ae
[Firefox:186 hits: 06-19 to 08-07] none[none]
none [none]
e07c29c4ae[1] WinXP 0 of 33 00:49:40 22:26:49 6 none none:none
none:none
ASM:Graph
none|none
none|none
FSG| 48% none
none
lines=92 none
none
trace

8a75955033
[Firefox:17 hits: 06-20 to 08-05] none[4] WinXP 29 of 32 05:38:13 05:38:13 1 none none:none
tElock| none trace

378a4bac36
[Firefox: 4 hits: 07-01 to 07-26] none[none] Win2K-f 30 of 33 11:26:20 11:26:20 1 none none:none
none|none none none

7f60162c2c
[Firefox:413 hits: 12-31 to 08-07] 1aad8e4632 [0] WinXP 25 of 25 05:22:47 22:15:31 3 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

dbbc586732
[Firefox: 6 hits: 07-28 to 08-07] none[none] WinXP 35 of 35 01:10:49 09:51:17 3 none none:none
none|none none none

2f8bd7bad0
NEW none[none] WinXP 36 of 36 06:34:40 06:34:40 1 none none:none
none|none none none

2e235a1c0e
NEW
8ff288ba5a
NEW none[none]
none [none] Win2K-f 35 of 36 08:01:39 08:01:39 1 none none:none
none:none
none|none
none|none none
none none
none

48f8b1a711
[Firefox:10 hits: 06-19 to 08-07]
aecf2a5fc9
[Firefox: 8 hits: 06-19 to 08-07] none[4]
aecf2a5fc9[1] Win2K-f 1 of 33 06:12:46 06:12:46 1 none none:none
ASM:Graph
PolyEnE|
Armadillo| 47% none
lines=81 trace
trace

19459b6d9a
NEW none[none] Win2K-f 0 of 36 09:22:46 09:22:46 1 none none:none
none|none none none

a219ed3aeb
[Firefox: 5 hits: 08-02 to 08-07] none[none] WinXP 36 of 36 19:09:57 21:59:08 2 none none:none
none|none none none

da00a8e7a1
[Firefox: 2 hits: 08-05 to 08-05] none[none] WinXP 34 of 36 23:40:11 23:40:11 1 none none:none
none|none none none

001b6f7107
[Firefox: 3 hits: 07-29 to 08-02] none[none] WinXP 35 of 35 06:59:06 06:59:06 1 none none:none
none|none none none

37f41fd8ab
[Firefox:41 hits: 07-24 to 08-07]
5ab0a45f63
[Firefox:52 hits: 07-24 to 08-07]
8d7113c2ce
[Firefox:31 hits: 08-01 to 08-07] none[none]
none [none]
none [none] Win2K-f 20 of 36 08:26:12 09:37:56 3 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

7d99b0e910
[Firefox:923 hits: 12-31 to 08-07] 7a70e1b592 [0] WinXP 26 of 28 09:57:29 22:12:26 5 none ASM:Graph
PolyEnE| 99% lines=68 trace

644b2a1105
[Firefox: 2 hits: 08-01 to 08-02]
9c9ab20965
[Firefox: 2 hits: 08-01 to 08-02] none[none]
none [none] Win2K-f 33 of 36 14:28:48 14:28:48 1 none none:none
none:none
none|none
none|none none
none none
none

73ce2b74da
[Firefox: 4 hits: 06-18 to 07-03]
79c01ec060
[Firefox:13 hits: 06-18 to 08-05] 73ce2b74da [1]
none [4] Win2K-f 33 of 33 15:30:25 15:30:25 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

1509c8d024
[Firefox:16 hits: 06-17 to 08-07]
b5919931fe
[Firefox:255 hits: 06-20 to 08-07]
f23b040440
[Firefox: 7 hits: 06-22 to 08-07] none[4]
b5919931fe[1]
f23b040440[1] Win2K-f 30 of 32 08:02:36 08:02:36 1 none none:none
ASM:Graph
ASM:Graph
tElock|
ASProtect|
Armadillo| 47% none
lines=90
lines=82 trace
trace
trace

e3d90a3753
[Firefox: 3 hits: 07-20 to 08-05] none[none] WinXP 32 of 33 08:13:08 08:13:08 1 none none:none
none|none none none

1509c8d024
[Firefox:16 hits: 06-17 to 08-07] none[4] Win2K-f 31 of 33 08:02:36 08:02:36 1 none none:none
tElock| none trace

c91ee8dcc5
NEW none[none] Win2K-f 2 of 36 12:06:51 12:06:51 1 none none:none
none|none none none

04d3700af1
NEW
6b338df2df
NEW none[none]
none [none] Win2K-f 34 of 36 16:07:01 16:07:01 1 none none:none
none:none
none|none
none|none none
none none
none

31526418ab
NEW
63892cce35
NEW none[none]
none [none] WinXP 0 of 36 20:37:32 20:37:32 1 none none:none
none:none
none|none
none|none none
none none
none

883ebad119
[Firefox: 4 hits: 03-26 to 07-29] 11cb10abde [0] WinXP 31 of 32 00:09:45 00:09:45 1 none ASM:Graph
PolyEnE| 99% lines=68 trace