Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

16 September 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

0242a9175c
NEW none[none] WinXP 34 of 36 16:51:05 16:51:05 1 none none:none
none|none none none

79fdac8c50
NEW none[none] WinXP 34 of 36 03:02:09 03:02:09 1 none none:none
none|none none none

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15]
73f1082158
[Firefox:1067 hits: 06-18 to 09-15] none[4]
73f1082158[1] WinXP
Win2K-f 0 of 32 04:20:52 23:56:55 25 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

22999be88c
[Firefox:18 hits: 04-05 to 09-14] eda2056971 [0] WinXP 31 of 32 03:43:36 03:43:36 1 none ASM:Graph
PolyEnE| 100% lines=154
embedded dns trace

1fcc146d70
[Firefox:36 hits: 01-02 to 09-15] 258fafe892 [0] WinXP 29 of 29 17:46:19 17:46:19 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15] none[4] Win2K-f
WinXP 33 of 33 00:37:47 23:56:55 45 none none:none
tElock| none trace

634153f0c6
NEW none[none] WinXP 34 of 36 15:30:08 15:30:08 1 none none:none
none|none none none

29a1b9503b
NEW none[none] WinXP 35 of 36 04:48:48 04:48:51 2 none none:none
none|none none none

623e0b5433
[Firefox: 2 hits: 09-14 to 09-14] none[none] WinXP 34 of 36 03:22:00 03:22:00 1 none none:none
none|none none none

27aab4187c
NEW
3cd1361df4
NEW
a65dda48ec
NEW
c025f08a76
NEW none[none]
none [none]
none [none]
none [none] Win2K-f
WinXP 10 of 36 18:56:20 19:47:17 2 none none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none none
none
none
none none
none
none
none

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15]
b7082104e4
[Firefox:130 hits: 06-18 to 09-15] none[4]
none [4] Win2K-f
WinXP 8 of 33 00:37:47 01:11:42 2 none none:none
none:none
tElock|
tElock| none
none trace
trace

5378ab9d2d
[Firefox: 6 hits: 06-28 to 09-15] none[none] WinXP 31 of 32 14:30:37 14:30:37 1 none none:none
none|none none none

8ef9e03ad3
NEW none[none] WinXP 34 of 36 10:41:17 10:41:17 1 none none:none
none|none none none

27aab4187c
NEW
3cd1361df4
NEW none[none]
none [none] Win2K-f
WinXP 16 of 36 18:56:20 19:47:17 2 none none:none
none:none
none|none
none|none none
none none
none

27aab4187c
NEW
3cd1361df4
NEW
a65dda48ec
NEW none[none]
none [none]
none [none] Win2K-f
WinXP 20 of 36 18:56:20 19:47:17 2 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

2e04b06527
[Firefox: 7 hits: 06-18 to 09-12]
5c054291de
[Firefox: 7 hits: 06-18 to 09-12] none[4]
5c054291de[1] Win2K-f 30 of 33 07:42:41 07:42:41 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

1b7ec6ce60
NEW none[none] WinXP 35 of 36 02:05:30 02:05:52 2 none none:none
none|none none none

27aab4187c
NEW none[none] Win2K-f
WinXP 19 of 36 18:56:20 19:47:17 2 none none:none
none|none none none

1e24e409d6
NEW none[none] WinXP 34 of 36 01:11:12 01:11:12 1 none none:none
none|none none none

533d15b5ce
[Firefox:22 hits: 06-21 to 09-14] none[4] WinXP
Win2K-f 30 of 33 00:53:51 09:08:13 3 none none:none
tElock| none trace

d6138624e3
NEW none[none] WinXP 35 of 36 07:03:25 07:03:25 1 none none:none
none|none none none

a12cab51ef
[Firefox:519 hits: 01-01 to 09-15] 40f7f463c4 [0] WinXP 29 of 29 06:46:06 16:57:51 2 none ASM:Graph
ASPack| 54% lines=281
embedded dns trace

03f912899b
[Firefox:120 hits: 01-08 to 09-15] 83893bd25d [0] WinXP 32 of 32 02:12:36 18:54:53 4 none ASM:Graph
none|none 100% lines=65 trace

571e381ed4
[Firefox: 3 hits: 09-14 to 09-15] none[none] WinXP 35 of 36 21:30:25 21:30:25 1 none none:none
none|none none none

93d173f2af
NEW none[none] WinXP 35 of 36 18:30:43 18:30:43 1 none none:none
none|none none none

b5919931fe
[Firefox:571 hits: 06-20 to 09-15]
ba4637f8f0
[Firefox: 9 hits: 07-01 to 08-23]
d02ae67164
[Firefox: 9 hits: 07-01 to 08-23] b5919931fe [1]
none [none]
none [none] Win2K-f 31 of 33 20:01:20 20:01:20 1 none ASM:Graph
none:none
none:none
ASProtect|
none|none
none|none lines=90
none
none trace
none
none

4c3df24b32
[Firefox:183 hits: 06-17 to 09-15] 4c3df24b32 [1] Win2K-f 0 of 33 06:48:39 21:35:56 2 none ASM:Graph
Armadillo| 47% lines=81 trace

741e3b03b3
[Firefox:360 hits: 01-05 to 09-15] e0197e8a64 [0] WinXP 31 of 32 00:44:31 17:24:08 3 none ASM:Graph
none|none 100% lines=62 trace

2d6c8c447f
NEW none[none] WinXP 36 of 36 08:53:36 08:53:37 2 none none:none
none|none none none

831f4ee0a7
[Firefox:534 hits: 01-01 to 09-15] eb7546c600 [0] WinXP 29 of 29 04:41:50 17:47:48 2 none ASM:Graph
none|none 100% lines=61 trace

533d15b5ce
[Firefox:22 hits: 06-21 to 09-14]
58c343a8d8
[Firefox:24 hits: 06-21 to 09-14] none[4]
58c343a8d8[1] WinXP
Win2K-f 28 of 33 00:53:51 09:08:13 4 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

aa9a5814b5
[Firefox: 2 hits: 08-18 to 09-12]
d65dae6c35
[Firefox: 2 hits: 08-18 to 09-12] none[none]
none [none] Win2K-f 33 of 36 09:12:58 09:12:58 1 none none:none
none:none
none|none
none|none none
none none
none

eec7cce07c
[Firefox: 5 hits: 08-15 to 09-15] none[none] WinXP 29 of 29 09:03:59 09:06:37 2 none none:none
none|none none none

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15]
a08f3b74a4
[Firefox:722 hits: 06-18 to 09-15]
b5919931fe
[Firefox:571 hits: 06-20 to 09-15] none[4]
a08f3b74a4[1]
b5919931fe[1] Win2K-f 0 of 32 01:06:50 20:22:56 10 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| 48% none
lines=81
lines=90 trace
trace
trace

2204fd4d17
[Firefox: 2 hits: 09-15 to 09-15] none[none] Win2K-f 35 of 36 17:22:12 17:22:12 1 none none:none
none|none none none

aaeb594dfa
NEW none[none] WinXP 35 of 36 12:59:38 12:59:42 2 none none:none
none|none none none

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15]
57ce4acac2
[Firefox:180 hits: 06-17 to 09-15] none[4]
57ce4acac2[1] WinXP
Win2K-f 0 of 33 04:21:26 15:50:47 3 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

af79e0c602
[Firefox: 6 hits: 01-08 to 08-26] none[4] WinXP 29 of 30 11:37:00 11:37:00 1 none none:none
ASPack| none trace

1a2c0e6130
[Firefox:388 hits: 12-31 to 09-15] 048df78048 [0] WinXP 29 of 29 12:31:15 18:41:58 5 none ASM:Graph
none|none 100% lines=61 trace

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15]
a08f3b74a4
[Firefox:722 hits: 06-18 to 09-15] none[4]
a08f3b74a4[1] Win2K-f
WinXP 0 of 33 01:06:50 20:22:56 16 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

b872c76081
[Firefox: 2 hits: 09-13 to 09-15] none[none] WinXP 36 of 36 12:49:14 12:49:14 1 none none:none
none|none none none

125dcbabd0
NEW none[none] WinXP 35 of 36 19:00:54 19:00:54 1 none none:none
none|none none none

41065f98ee
[Firefox: 4 hits: 08-04 to 08-30] none[none] WinXP 36 of 36 18:31:50 18:31:59 2 none none:none
none|none none none

6dcb69f95a
NEW none[none] Win2K-f 11 of 36 00:24:16 21:02:55 2 none none:none
none|none none none

32a0d7d0e0
[Firefox:20 hits: 01-11 to 07-17] d791762796 [0] WinXP 29 of 29 02:02:35 02:02:35 1 none ASM:Graph
tElock| 100% lines=81
embedded dns trace

9bd024b012
NEW none[none] WinXP 35 of 36 16:51:49 16:51:49 1 none none:none
none|none none none

ba6f48b79a
[Firefox: 3 hits: 09-15 to 09-15] none[none] WinXP 34 of 36 00:17:43 13:08:00 2 none none:none
none|none none none

a84ffdf670
NEW none[none] WinXP 36 of 36 11:47:18 11:47:18 1 none none:none
none|none none none

71d5528293
NEW none[none] WinXP 35 of 36 01:53:59 01:53:59 1 none none:none
none|none none none

12a5bcc0f8
NEW none[none] Win2K-f 2 of 36 19:35:00 19:35:00 1 none none:none
none|none none none

4c3df24b32
[Firefox:183 hits: 06-17 to 09-15]
6a4845ca11
[Firefox:10 hits: 06-27 to 08-26] 4c3df24b32 [1]
none [none] Win2K-f 0 of 0 21:35:56 21:35:56 1 none ASM:Graph
none:none
Armadillo|
none|none lines=81
none trace
none

e30fb27bda
[Firefox: 7 hits: 07-07 to 08-30] none[none] WinXP 33 of 33 22:08:23 22:08:23 1 none none:none
none|none none none

5ed8a3de6e
[Firefox: 4 hits: 05-18 to 08-26] none[4] WinXP 0 of 0 07:14:42 07:14:42 1 none none:none
ASPack| none trace

df17a625ee
[Firefox:231 hits: 01-01 to 09-14] 9bbdd086c5 [0] WinXP 29 of 29 08:56:28 14:03:46 2 none ASM:Graph
ASPack| 49% lines=186
embedded dns trace

2204fd4d17
[Firefox: 2 hits: 09-15 to 09-15]
eb0857e1b1
[Firefox: 2 hits: 09-15 to 09-15] none[none]
none [none] Win2K-f 32 of 36 17:22:12 17:22:12 1 none none:none
none:none
none|none
none|none none
none none
none

5182077bab
[Firefox: 2 hits: 01-24 to 06-10] none[4] WinXP 31 of 32 10:50:55 10:50:55 1 none none:none
PolyEnE| none trace

53bfe15e91
[Firefox:2133 hits: 06-17 to 09-15]
a08f3b74a4
[Firefox:722 hits: 06-18 to 09-15]
e07c29c4ae
[Firefox:444 hits: 06-19 to 09-15] none[4]
a08f3b74a4[1]
e07c29c4ae[1] WinXP 0 of 33 00:53:51 16:21:41 3 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| 48% none
lines=81
lines=92 trace
trace
trace

cf2dccf188
NEW none[none] WinXP 35 of 36 07:47:24 07:47:24 1 none none:none
none|none none none

ca47a36342
[Firefox: 6 hits: 02-16 to 09-15] c3a58f69c6 [0] WinXP 26 of 28 11:13:54 11:13:54 1 none ASM:Graph
PolyEnE| 100% lines=89
embedded dns trace

eca9a5fa95
[Firefox: 9 hits: 08-09 to 09-15] none[none] WinXP 36 of 36 13:23:07 23:25:33 2 none none:none
none|none none none

d9c778eaa4
NEW none[none] WinXP 35 of 36 18:37:08 18:37:08 1 none none:none
none|none none none

aa9a5814b5
[Firefox: 2 hits: 08-18 to 09-12] none[none] Win2K-f 34 of 36 09:12:58 09:12:58 1 none none:none
none|none none none

7865eae7b9
NEW none[none] WinXP 36 of 36 13:55:44 13:55:44 1 none none:none
none|none none none

7f60162c2c
[Firefox:542 hits: 12-31 to 09-15] 1aad8e4632 [0] WinXP 25 of 25 07:31:29 21:49:23 12 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

27aab4187c
NEW
3cd1361df4
NEW
954a98c971
[Firefox:10 hits: 06-09 to 08-30] none[none]
none [none]
none [4] Win2K-f 31 of 33 18:56:20 18:56:20 1 none none:none
none:none
none:none
none|none
none|none
FSG| none
none
none none
none
trace

b5f1e70e73
NEW none[none] WinXP 35 of 36 17:51:58 17:51:58 1 none none:none
none|none none none

b5919931fe
[Firefox:571 hits: 06-20 to 09-15]
ba4637f8f0
[Firefox: 9 hits: 07-01 to 08-23] b5919931fe [1]
none [none] Win2K-f 28 of 33 20:01:20 20:01:20 1 none ASM:Graph
none:none
ASProtect|
none|none lines=90
none trace
none

b9cdf4ca69
[Firefox: 4 hits: 06-18 to 07-28] none[4] Win2K-f 31 of 33 19:56:18 19:56:18 1 none none:none
none|none none trace

f10855e3e1
[Firefox: 4 hits: 06-19 to 08-06]
f7f799f818
[Firefox: 5 hits: 06-19 to 08-06] f10855e3e1 [1]
none [4] WinXP 29 of 32 05:58:44 05:58:44 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

6cf11d6364
[Firefox: 4 hits: 09-12 to 09-15] none[none] WinXP 36 of 36 06:35:07 20:19:21 5 none none:none
none|none none none

7d99b0e910
[Firefox:1076 hits: 12-31 to 09-15] 7a70e1b592 [0] WinXP 26 of 28 00:18:51 16:05:02 8 none ASM:Graph
PolyEnE| 99% lines=68 trace

26e3526604
NEW none[none] WinXP 34 of 36 08:44:06 08:44:06 1 none none:none
none|none none none

27aab4187c
NEW
3cd1361df4
NEW
a65dda48ec
NEW
c025f08a76
NEW
c3bc2b7d23
NEW none[none]
none [none]
none [none]
none [none]
none [none] WinXP 29 of 36 19:47:17 19:47:17 1 none none:none
none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none
none|none none
none
none
none
none none
none
none
none
none

2e04b06527
[Firefox: 7 hits: 06-18 to 09-12] none[4] Win2K-f 30 of 33 07:42:41 07:42:41 1 none none:none
tElock| none trace

cdf8cd94a9
[Firefox: 2 hits: 09-14 to 09-15] none[none] WinXP 35 of 36 12:49:30 12:49:54 2 none none:none
none|none none none

f10855e3e1
[Firefox: 4 hits: 06-19 to 08-06] f10855e3e1 [1] WinXP 30 of 33 05:58:44 05:58:44 1 none ASM:Graph
Armadillo| 47% lines=82 trace

8823501675
NEW none[none] WinXP 35 of 36 16:51:51 16:51:51 1 none none:none
none|none none none

5378ab9d2d
[Firefox: 6 hits: 06-28 to 09-15]
60a6e7e23c
[Firefox: 6 hits: 06-28 to 09-15] none[none]
none [none] WinXP 29 of 33 14:30:37 14:30:37 1 none none:none
none:none
none|none
none|none none
none none
none