Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

30 August 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

3db95ff5ed
NEW none[none] Win2K-f 24 of 35 02:27:03 02:44:23 2 none none:none
none|none none none

53bfe15e91
[Firefox:1954 hits: 06-17 to 08-29]
73f1082158
[Firefox:977 hits: 06-18 to 08-29] none[4]
73f1082158[1] Win2K-f
WinXP 0 of 32 00:33:55 21:35:21 21 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

5ee0619bf1
NEW none[none] WinXP 0 of 36 10:56:28 10:56:28 1 none none:none
none|none none none

7f6ea12654
[Firefox:20 hits: 07-13 to 08-13] none[none] WinXP 32 of 33 06:50:13 06:50:13 1 none none:none
none|none none none

53bfe15e91
[Firefox:1954 hits: 06-17 to 08-29] none[4] Win2K-f
WinXP 33 of 33 00:33:55 22:36:37 38 none none:none
tElock| none trace

1951eee0cd
[Firefox: 4 hits: 06-18 to 08-24]
76284cc80d
NEW
b5919931fe
[Firefox:518 hits: 06-20 to 08-29]
e5e0dbde57
[Firefox: 4 hits: 06-18 to 08-24] 1951eee0cd [1]
none [none]
b5919931fe[1]
none [4] Win2K-f 31 of 33 21:24:46 21:24:46 1 none ASM:Graph
none:none
ASM:Graph
none:none
Armadillo|
none|none
ASProtect|
tElock| lines=82
none
lines=90
none trace
none
trace
trace

76284cc80d
NEW
b5919931fe
[Firefox:518 hits: 06-20 to 08-29]
dfbaaf577c
[Firefox: 9 hits: 06-18 to 08-20]
f504b4af20
[Firefox: 9 hits: 06-18 to 08-20] none[none]
b5919931fe[1]
none [4]
f504b4af20[1] Win2K-f 29 of 33 21:01:33 21:01:33 1 none none:none
ASM:Graph
none:none
ASM:Graph
none|none
ASProtect|
tElock|
Armadillo| 47% none
lines=90
none
lines=82 none
trace
trace
trace

53bfe15e91
[Firefox:1954 hits: 06-17 to 08-29]
b7082104e4
[Firefox:119 hits: 06-18 to 08-29] none[4]
none [4] WinXP 8 of 33 06:58:52 06:58:52 1 none none:none
none:none
tElock|
tElock| none
none trace
trace

1951eee0cd
[Firefox: 4 hits: 06-18 to 08-24] 1951eee0cd [1] Win2K-f 27 of 33 21:24:46 21:24:46 1 none ASM:Graph
Armadillo| 47% lines=82 trace

168aab35a3
[Firefox:123 hits: 06-17 to 08-29] none[4] WinXP 31 of 33 11:52:23 11:52:23 1 none none:none
tElock| none trace

e8d4d8cde1
[Firefox:605 hits: 03-31 to 08-29] fda109a6fd [0] WinXP
Win2K-f 13 of 31 01:57:09 18:06:00 92 none ASM:Graph
ASProtect| 64% lines=583
embedded dns trace

bca9e0fb5f
[Firefox:25 hits: 06-18 to 08-26] none[4] WinXP 31 of 32 19:25:46 19:25:46 1 none none:none
PolyEnE| none trace

0c3d1ec2df
[Firefox: 3 hits: 08-11 to 08-26]
76284cc80d
NEW none[none]
none [none] WinXP
Win2K-f 28 of 35 11:52:23 21:47:22 12 none none:none
none:none
none|none
none|none none
none none
none

5ee0619bf1
NEW
a12cab51ef
[Firefox:496 hits: 01-01 to 08-29] none[none]
40f7f463c4[0] WinXP 29 of 29 06:34:19 10:56:28 4 none none:none
ASM:Graph
none|none
ASPack| 54% none
lines=281
embedded dns none
trace

2180dd939c
NEW
954a98c971
[Firefox: 9 hits: 06-09 to 08-17]
9b09258622
[Firefox:12 hits: 08-05 to 08-29] none[none]
none [4]
none [none] Win2K-f 14 of 36 01:46:33 01:46:33 1 none none:none
none:none
none:none
none|none
FSG|
none|none none
none
none none
trace
none

03f912899b
[Firefox:109 hits: 01-08 to 08-27] 83893bd25d [0] WinXP 32 of 32 20:42:21 22:33:01 2 none ASM:Graph
none|none 100% lines=65 trace

ae4bed1aa9
[Firefox: 7 hits: 06-21 to 07-23]
b5919931fe
[Firefox:518 hits: 06-20 to 08-29]
bc51bd8226
[Firefox: 7 hits: 06-21 to 07-23] ae4bed1aa9 [1]
b5919931fe[1]
none [4] Win2K-f 29 of 32 07:20:05 07:20:05 1 none ASM:Graph
ASM:Graph
none:none
Armadillo|
ASProtect|
PolyEnE| lines=81
lines=90
none trace
trace
trace

2263d117b1
NEW none[none] Win2K-f 32 of 36 00:09:59 00:09:59 1 none none:none
none|none none none

4f317cdb58
NEW
a12cab51ef
[Firefox:496 hits: 01-01 to 08-29]
f8deae8a30
NEW none[none]
40f7f463c4[0]
none [none] WinXP 0 of 35 06:34:19 06:34:19 1 none none:none
ASM:Graph
none:none
none|none
ASPack|
none|none none
lines=281
embedded dns
none none
trace
none

aa8b4c41e2
NEW none[none] WinXP 36 of 36 00:25:14 00:25:14 1 none none:none
none|none none none

168aab35a3
[Firefox:123 hits: 06-17 to 08-29]
667f0c59f3
[Firefox:21 hits: 07-04 to 08-27] none[4]
none [none] WinXP 31 of 33 11:52:23 11:52:23 1 none none:none
none:none
tElock|
none|none none
none trace
none

741e3b03b3
[Firefox:342 hits: 01-05 to 08-27] e0197e8a64 [0] WinXP 31 of 32 00:07:42 00:42:09 2 none ASM:Graph
none|none 100% lines=62 trace

02c3f4a6f5
NEW
3b6cda60f6
NEW
4c9db01aba
NEW none[none]
3b6cda60f6[1]
none [4] WinXP 30 of 33 06:31:25 06:31:25 1 none none:none
ASM:Graph
none:none
none|none
Armadillo|
tElock| none
lines=81
none none
trace
trace

831f4ee0a7
[Firefox:520 hits: 01-01 to 08-29] eb7546c600 [0] WinXP 29 of 29 00:27:40 19:59:12 4 none ASM:Graph
none|none 100% lines=61 trace

2180dd939c
NEW
954a98c971
[Firefox: 9 hits: 06-09 to 08-17]
9b09258622
[Firefox:12 hits: 08-05 to 08-29]
9f6d05a60b
NEW
f922fdc9fd
NEW none[none]
none [4]
none [none]
none [none]
none [none] Win2K-f 23 of 36 01:46:33 01:46:33 1 none none:none
none:none
none:none
none:none
none:none
none|none
FSG|
none|none
none|none
none|none none
none
none
none
none none
trace
none
none
none

cd75030ece
[Firefox:19 hits: 07-29 to 08-26] none[none] WinXP 18 of 35 06:32:39 10:07:24 2 none none:none
none|none none none

4f317cdb58
NEW none[none] WinXP 0 of 36 06:34:19 06:34:19 1 none none:none
none|none none none

53bfe15e91
[Firefox:1954 hits: 06-17 to 08-29]
a08f3b74a4
[Firefox:657 hits: 06-18 to 08-29]
b5919931fe
[Firefox:518 hits: 06-20 to 08-29] none[4]
a08f3b74a4[1]
b5919931fe[1] Win2K-f 0 of 32 01:20:32 22:36:37 13 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| 48% none
lines=81
lines=90 trace
trace
trace

6ec2a8994b
[Firefox:19 hits: 06-18 to 08-25]
76284cc80d
NEW
bcf66a38c8
[Firefox: 6 hits: 07-30 to 08-25] none[4]
none [none]
none [none] Win2K-f 2 of 35 16:40:13 16:40:13 1 none none:none
none:none
none:none
tElock|
none|none
none|none none
none
none trace
none
none

11bd87fadb
NEW none[none] WinXP 34 of 35 10:19:10 10:20:45 2 none none:none
none|none none none

57ce4acac2
[Firefox:165 hits: 06-17 to 08-29] 57ce4acac2 [1] Win2K-f
WinXP 0 of 33 01:20:32 22:43:22 5 none ASM:Graph
Armadillo| 47% lines=81 trace

1a2c0e6130
[Firefox:374 hits: 12-31 to 08-27] 048df78048 [0] WinXP 29 of 29 06:46:01 20:35:43 3 none ASM:Graph
none|none 100% lines=61 trace

53bfe15e91
[Firefox:1954 hits: 06-17 to 08-29]
a08f3b74a4
[Firefox:657 hits: 06-18 to 08-29] none[4]
a08f3b74a4[1] WinXP
Win2K-f 0 of 33 01:23:37 22:36:37 12 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

41065f98ee
[Firefox: 2 hits: 08-04 to 08-11] none[none] WinXP 36 of 36 16:21:15 18:03:00 2 none none:none
none|none none none

381e3033c0
[Firefox: 2 hits: 08-25 to 08-25] none[none] Win2K-f 2 of 36 07:42:17 07:42:17 1 none none:none
none|none none none

562b826815
NEW
6dfdf3d693
NEW none[none]
none [none] WinXP 0 of 36 06:41:02 06:41:02 1 none none:none
none:none
none|none
none|none none
none none
none

2180dd939c
NEW none[none] Win2K-f 16 of 36 01:46:33 01:46:33 1 none none:none
none|none none none

33db90e243
NEW none[none] WinXP 28 of 36 21:02:05 21:02:05 1 none none:none
none|none none none

0c01728b7e
NEW none[none] Win2K-f 36 of 36 06:24:54 06:24:54 1 none none:none
none|none none none

a0139d7ad8
[Firefox:96 hits: 01-03 to 08-29] d9e9662db1 [0] WinXP 29 of 29 06:30:29 06:30:29 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

ae77764fc7
NEW none[none] WinXP 31 of 36 16:26:47 16:26:47 1 none none:none
none|none none none

8ae058b2d0
[Firefox:12 hits: 05-01 to 08-27] e6a9383b75 [0] WinXP 30 of 32 01:50:01 01:50:01 1 none ASM:Graph
none|none 97% lines=59 trace

76284cc80d
NEW
b5919931fe
[Firefox:518 hits: 06-20 to 08-29]
dfbaaf577c
[Firefox: 9 hits: 06-18 to 08-20] none[none]
b5919931fe[1]
none [4] Win2K-f 31 of 33 21:01:33 21:01:33 1 none none:none
ASM:Graph
none:none
none|none
ASProtect|
tElock| none
lines=90
none none
trace
trace

607b60ad51
[Firefox:30 hits: 06-20 to 08-27]
e07c29c4ae
[Firefox:396 hits: 06-19 to 08-29]
e5c7bce70e
[Firefox:28 hits: 06-20 to 08-26] none[4]
e07c29c4ae[1]
e5c7bce70e[1] WinXP 2 of 32 12:25:05 12:25:05 1 none none:none
ASM:Graph
ASM:Graph
tElock|
FSG|
Armadillo| 47% none
lines=92
lines=81 trace
trace
trace

40a4fd1ff2
NEW none[none] WinXP 10 of 33 14:29:44 14:29:44 1 none none:none
none|none none none

3373948767
[Firefox:20 hits: 07-03 to 08-29]
c73f738c30
[Firefox:20 hits: 07-03 to 08-29] none[none]
none [none] WinXP 29 of 33 02:30:47 02:30:47 1 none none:none
none:none
none|none
none|none none
none none
none

e30fb27bda
[Firefox: 6 hits: 07-07 to 08-29] none[none] WinXP 33 of 33 21:56:40 21:56:40 1 none none:none
none|none none none

6ec2a8994b
[Firefox:19 hits: 06-18 to 08-25] none[4] Win2K-f 30 of 33 16:40:13 16:40:13 1 none none:none
tElock| none trace

158e5fdb15
NEW
df17a625ee
[Firefox:228 hits: 01-01 to 08-29] none[none]
9bbdd086c5[0] WinXP 29 of 29 03:31:15 09:14:13 2 none none:none
ASM:Graph
none|none
ASPack| 49% none
lines=186
embedded dns none
trace

3ce03798f4
NEW none[none] Win2K-f 32 of 36 19:54:00 19:54:00 1 none none:none
none|none none none

bca9e0fb5f
[Firefox:25 hits: 06-18 to 08-26]
e07c29c4ae
[Firefox:396 hits: 06-19 to 08-29]
e53a9ea82e
[Firefox:25 hits: 06-18 to 08-26] none[4]
e07c29c4ae[1]
e53a9ea82e[1] WinXP 23 of 33 19:25:46 19:25:46 1 none none:none
ASM:Graph
ASM:Graph
PolyEnE|
FSG|
Armadillo| 47% none
lines=92
lines=81 trace
trace
trace

50f889782d
[Firefox: 3 hits: 08-26 to 08-29] none[none] WinXP 31 of 36 02:37:02 17:03:53 3 none none:none
none|none none none

0c3d1ec2df
[Firefox: 3 hits: 08-11 to 08-26] none[none] Win2K-f 32 of 36 21:46:40 21:47:22 2 none none:none
none|none none none

bca9e0fb5f
[Firefox:25 hits: 06-18 to 08-26]
e07c29c4ae
[Firefox:396 hits: 06-19 to 08-29] none[4]
e07c29c4ae[1] WinXP 0 of 33 01:30:28 19:25:46 15 none none:none
ASM:Graph
PolyEnE|
FSG| 48% none
lines=92 trace
trace

0fe5f1c811
NEW none[none] WinXP
Win2K-f 5 of 36 05:07:42 05:10:08 2 none none:none
none|none none none

ca47a36342
[Firefox: 4 hits: 02-16 to 08-06] c3a58f69c6 [0] WinXP 26 of 28 08:43:57 08:43:57 1 none ASM:Graph
PolyEnE| 100% lines=89
embedded dns trace

141012d570
NEW none[none] WinXP 33 of 34 14:10:52 14:10:52 1 none none:none
none|none none none

02c3f4a6f5
NEW
3b6cda60f6
NEW
4c9db01aba
NEW
5c6c664c09
[Firefox:13 hits: 08-29 to 08-29] none[none]
3b6cda60f6[1]
none [4]
none [none] Win2K-f
WinXP 30 of 36 00:09:59 06:31:25 3 none none:none
ASM:Graph
none:none
none:none
none|none
Armadillo|
tElock|
none|none none
lines=81
none
none none
trace
trace
none

40a4fd1ff2
NEW
6e91805d97
NEW none[none]
none [none] WinXP 35 of 36 14:29:44 14:29:44 1 none none:none
none:none
none|none
none|none none
none none
none

562b826815
NEW none[none] WinXP 0 of 36 06:41:02 06:41:02 1 none none:none
none|none none none

170bd28bd5
NEW
3690b64ca2
[Firefox: 6 hits: 06-18 to 08-19] none[none]
none [4] Win2K-f 32 of 33 14:06:36 14:06:36 1 none none:none
none:none
none|none
PolyEnE| none
none none
trace

7f60162c2c
[Firefox:521 hits: 12-31 to 08-29] 1aad8e4632 [0] WinXP 25 of 25 01:37:15 11:02:23 3 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

dbbc586732
[Firefox:30 hits: 07-28 to 08-27] none[none] WinXP 35 of 35 22:14:34 22:14:34 1 none none:none
none|none none none

2180dd939c
NEW
954a98c971
[Firefox: 9 hits: 06-09 to 08-17] none[none]
none [4] Win2K-f 31 of 33 01:46:33 01:46:33 1 none none:none
none:none
none|none
FSG| none
none none
trace

2263d117b1
NEW
5c6c664c09
[Firefox:13 hits: 08-29 to 08-29]
b6b225d886
NEW none[none]
none [none]
none [none] Win2K-f 35 of 36 00:09:59 00:09:59 1 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

170bd28bd5
NEW
3690b64ca2
[Firefox: 6 hits: 06-18 to 08-19]
76284cc80d
NEW
a6fb77fd26
[Firefox: 6 hits: 06-18 to 08-19] none[none]
none [4]
none [none]
a6fb77fd26[1] Win2K-f 30 of 33 14:06:36 14:06:36 1 none none:none
none:none
none:none
ASM:Graph
none|none
PolyEnE|
none|none
Armadillo| 47% none
none
none
lines=82 none
trace
none
trace

3373948767
[Firefox:20 hits: 07-03 to 08-29] none[none] WinXP 30 of 33 02:30:47 02:30:47 1 none none:none
none|none none none

8a4c9446ac
NEW none[none] WinXP 36 of 36 16:38:42 16:38:42 1 none none:none
none|none none none

0c3d1ec2df
[Firefox: 3 hits: 08-11 to 08-26]
76284cc80d
NEW
8de905030e
[Firefox: 3 hits: 08-11 to 08-26] none[none]
none [none]
none [none] Win2K-f 34 of 36 21:46:40 21:47:22 2 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

a219ed3aeb
[Firefox:22 hits: 08-02 to 08-29] none[none] WinXP 36 of 36 13:30:06 15:45:13 2 none none:none
none|none none none

d370fa2826
[Firefox: 5 hits: 04-24 to 07-03] d4427d3b1e [0] WinXP 31 of 32 05:49:32 05:49:32 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

ae4bed1aa9
[Firefox: 7 hits: 06-21 to 07-23] ae4bed1aa9 [1] Win2K-f 29 of 33 07:20:05 07:20:05 1 none ASM:Graph
Armadillo| 47% lines=81 trace

7d99b0e910
[Firefox:1038 hits: 12-31 to 08-29] 7a70e1b592 [0] WinXP 26 of 28 06:06:38 14:12:55 3 none ASM:Graph
PolyEnE| 99% lines=68 trace

170bd28bd5
NEW none[none] Win2K-f 14 of 36 14:06:36 14:06:36 1 none none:none
none|none none none

3e209ce796
[Firefox: 2 hits: 06-19 to 07-04] none[4] WinXP 32 of 33 19:59:11 19:59:11 1 none none:none
none|none none trace

a29a91a2bf
NEW none[none] WinXP 34 of 34 12:09:40 12:09:40 1 none none:none
none|none none none

02c3f4a6f5
NEW none[none] WinXP 14 of 36 06:31:25 06:31:25 1 none none:none
none|none none none

02c3f4a6f5
NEW
3b6cda60f6
NEW none[none]
3b6cda60f6[1] WinXP 29 of 33 06:31:25 06:31:25 1 none none:none
ASM:Graph
none|none
Armadillo| 47% none
lines=81 none
trace

562b826815
NEW
6dfdf3d693
NEW
a12cab51ef
[Firefox:496 hits: 01-01 to 08-29]
aebea13d48
NEW
d0448bd874
NEW none[none]
none [none]
40f7f463c4[0]
none [none]
none [none] WinXP 0 of 36 06:41:02 06:41:02 1 none none:none
none:none
ASM:Graph
none:none
none:none
none|none
none|none
ASPack|
none|none
none|none none
none
lines=281
embedded dns
none
none none
none
trace
none
none

76284cc80d
NEW
ab74e24581
NEW none[none]
none [none] Win2K-f 34 of 36 16:22:04 16:22:04 1 none none:none
none:none
none|none
none|none none
none none
none

c9d01112a8
[Firefox: 6 hits: 08-06 to 08-24] none[none] WinXP 35 of 36 08:34:35 08:34:35 1 none none:none
none|none none none

a1ae461b68
NEW none[none] WinXP 1 of 36 00:41:29 00:41:29 1 none none:none
none|none none none

607b60ad51
[Firefox:30 hits: 06-20 to 08-27] none[4] WinXP 31 of 32 12:25:05 12:25:05 1 none none:none
tElock| none trace

158e5fdb15
NEW none[none] WinXP 0 of 36 09:14:13 09:14:13 1 none none:none
none|none none none

2180dd939c
NEW
954a98c971
[Firefox: 9 hits: 06-09 to 08-17]
9b09258622
[Firefox:12 hits: 08-05 to 08-29]
9f6d05a60b
NEW none[none]
none [4]
none [none]
none [none] Win2K-f 22 of 36 01:46:33 01:46:33 1 none none:none
none:none
none:none
none:none
none|none
FSG|
none|none
none|none none
none
none
none none
trace
none
none

562b826815
NEW
6dfdf3d693
NEW
a12cab51ef
[Firefox:496 hits: 01-01 to 08-29]
aebea13d48
NEW none[none]
none [none]
40f7f463c4[0]
none [none] WinXP 0 of 36 06:41:02 06:41:02 1 none none:none
none:none
ASM:Graph
none:none
none|none
none|none
ASPack|
none|none none
none
lines=281
embedded dns
none none
none
trace
none