Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

24 October 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

a84ffdf670
[Firefox:17 hits: 09-14 to 10-10] none[none] WinXP 36 of 36 17:25:06 17:25:06 1 none none:none
none|none none none

53bfe15e91
[Firefox:3321 hits: 06-17 to 10-22]
73f1082158
[Firefox:1638 hits: 06-18 to 10-22] none[4]
73f1082158[1] Win2K-f
WinXP 0 of 32 15:50:50 23:46:52 11 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

074bc0e111
NEW none[none] Win2K-f 32 of 36 18:03:24 18:03:24 1 none none:none
none|none none none

53bfe15e91
[Firefox:3321 hits: 06-17 to 10-22] none[4] Win2K-f
WinXP 33 of 33 15:50:50 23:46:52 17 none none:none
tElock| none trace

b07d6955cd
NEW none[none] WinXP 34 of 36 21:16:40 21:16:40 1 none none:none
none|none none none

45d3b6bd28
[Firefox: 2 hits: 10-15 to 10-21] none[none] WinXP 34 of 36 18:04:37 18:04:37 1 none none:none
none|none none none

644ab77c01
NEW none[none] WinXP 34 of 36 22:18:34 22:18:34 1 none none:none
none|none none none

53bfe15e91
[Firefox:3321 hits: 06-17 to 10-22]
b7082104e4
[Firefox:220 hits: 06-18 to 10-22] none[4]
none [4] Win2K-f
WinXP 8 of 33 19:09:24 21:17:45 2 none none:none
none:none
tElock|
tElock| none
none trace
trace

7ca2287333
[Firefox: 2 hits: 10-03 to 10-11] none[none] Win2K-f 35 of 36 17:17:27 17:17:27 1 none none:none
none|none none none

7f89b38665
[Firefox:29 hits: 08-02 to 10-22] none[none] Win2K-f 32 of 36 16:15:59 16:15:59 1 none none:none
none|none none none

a98417e0fd
NEW none[none] WinXP 24 of 36 22:52:37 22:52:37 1 none none:none
none|none none none

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07]
0c87a74ebe
[Firefox: 4 hits: 09-22 to 10-07]
72f02bd342
NEW none[none]
none [none]
none [none] Win2K-f 22 of 36 22:15:03 22:15:03 1 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

986b59708d
[Firefox:110 hits: 01-14 to 10-20] 8a00217866 [0] WinXP 29 of 29 16:36:13 16:36:13 1 none ASM:Graph
PolyEnE| 100% lines=57 trace

a0012f058f
[Firefox: 3 hits: 10-20 to 10-22] none[none] WinXP 36 of 36 17:35:41 17:35:41 1 none none:none
none|none none none

5555eea43b
NEW none[none] WinXP 34 of 36 18:56:16 18:56:16 1 none none:none
none|none none none

f3440caba1
NEW none[none] WinXP 35 of 36 22:08:42 22:08:42 1 none none:none
none|none none none

49cf7deac1
NEW none[none] WinXP 33 of 36 21:18:26 21:18:26 1 none none:none
none|none none none

96d089e522
[Firefox:22 hits: 10-08 to 10-22] none[none] WinXP 34 of 36 14:54:02 14:54:27 2 none none:none
none|none none none

a8d74af6d5
[Firefox: 3 hits: 10-04 to 10-21] none[none] WinXP 35 of 36 21:41:50 21:41:50 1 none none:none
none|none none none

b23ffca78e
NEW none[none] WinXP 34 of 36 18:19:25 18:19:25 1 none none:none
none|none none none

0e5f51ee8e
[Firefox: 7 hits: 10-11 to 10-15] none[none] WinXP 33 of 36 16:59:06 16:59:06 1 none none:none
none|none none none

b5919931fe
[Firefox:899 hits: 06-20 to 10-22]
b6c47a5781
NEW
b9881a6247
NEW b5919931fe [1]
none [none]
none [none] Win2K-f 34 of 36 21:34:20 21:34:20 1 none ASM:Graph
none:none
none:none
ASProtect|
none|none
none|none lines=90
none
none trace
none
none

6b3beaea1a
[Firefox: 4 hits: 10-21 to 10-22] none[none] WinXP 35 of 36 17:27:46 17:27:46 1 none none:none
none|none none none

7ca2287333
[Firefox: 2 hits: 10-03 to 10-11]
95ccd6eb89
[Firefox: 2 hits: 10-03 to 10-11] none[none]
none [none] Win2K-f 32 of 36 17:17:27 17:17:27 1 none none:none
none:none
none|none
none|none none
none none
none

519def95b1
NEW none[none] WinXP 32 of 36 18:46:27 18:46:27 1 none none:none
none|none none none

7f06d6ebfa
NEW none[none] WinXP 35 of 36 16:21:38 16:32:32 2 none none:none
none|none none none

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07]
0c87a74ebe
[Firefox: 4 hits: 09-22 to 10-07]
e07c29c4ae
[Firefox:673 hits: 06-19 to 10-22] none[none]
none [none]
e07c29c4ae[1] WinXP 0 of 33 16:51:22 22:50:43 7 none none:none
none:none
ASM:Graph
none|none
none|none
FSG| 48% none
none
lines=92 none
none
trace

b52d214d08
[Firefox:21 hits: 10-05 to 10-22] none[none] WinXP 35 of 36 16:58:20 21:20:26 8 none none:none
none|none none none

4e14a0bb6c
NEW none[none] WinXP 35 of 36 22:55:32 22:55:32 1 none none:none
none|none none none

4c934f9489
[Firefox: 5 hits: 10-07 to 10-22] none[none] WinXP 36 of 36 22:53:10 22:53:10 1 none none:none
none|none none none

48b1b31d93
NEW
6bd53e0271
NEW none[none]
none [none] Win2K-f 33 of 36 19:38:21 19:38:21 1 none none:none
none:none
none|none
none|none none
none none
none

4ed031d88c
[Firefox: 2 hits: 10-20 to 10-21] none[none] WinXP 35 of 36 15:51:05 15:51:05 1 none none:none
none|none none none

7f60162c2c
[Firefox:773 hits: 12-31 to 10-22] 1aad8e4632 [0] WinXP 25 of 25 16:15:28 18:59:17 2 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

57ce4acac2
[Firefox:286 hits: 06-17 to 10-22]
83f26f5044
[Firefox:30 hits: 06-20 to 10-21] 57ce4acac2 [1]
none [4] WinXP
Win2K-f 29 of 32 16:51:22 19:25:45 2 none ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07]
0c87a74ebe
[Firefox: 4 hits: 09-22 to 10-07]
72f02bd342
NEW
b5919931fe
[Firefox:899 hits: 06-20 to 10-22]
dabddee32a
NEW
fb8f82fcb3
NEW none[none]
none [none]
none [none]
b5919931fe[1]
none [none]
none [none] WinXP
Win2K-f 11 of 36 20:52:06 22:15:03 2 none none:none
none:none
none:none
ASM:Graph
none:none
none:none
none|none
none|none
none|none
ASProtect|
none|none
none|none none
none
none
lines=90
none
none none
none
none
trace
none
none

632e315db2
[Firefox:19 hits: 10-03 to 10-21] none[none] WinXP 35 of 36 16:01:00 23:33:17 4 none none:none
none|none none none

71b183b0c8
[Firefox:33 hits: 09-17 to 10-22] none[none] WinXP 36 of 36 16:00:45 16:00:45 1 none none:none
none|none none none

b5919931fe
[Firefox:899 hits: 06-20 to 10-22]
b6c47a5781
NEW b5919931fe [1]
none [none] Win2K-f 32 of 36 21:34:20 21:34:20 1 none ASM:Graph
none:none
ASProtect|
none|none lines=90
none trace
none

831f4ee0a7
[Firefox:619 hits: 01-01 to 10-22] eb7546c600 [0] WinXP 29 of 29 20:18:51 22:24:10 3 none ASM:Graph
none|none 100% lines=61 trace

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07]
0c87a74ebe
[Firefox: 4 hits: 09-22 to 10-07] none[none]
none [none] WinXP
Win2K-f 0 of 0 20:52:06 22:50:43 3 none none:none
none:none
none|none
none|none none
none none
none

1bda547787
NEW none[none] WinXP 15 of 32 16:36:59 16:36:59 1 none none:none
none|none none none

48b1b31d93
NEW none[none] Win2K-f 31 of 36 19:38:21 19:38:21 1 none none:none
none|none none none

7d99b0e910
[Firefox:1367 hits: 12-31 to 10-22] 7a70e1b592 [0] WinXP 26 of 28 16:45:11 23:33:56 6 none ASM:Graph
PolyEnE| 99% lines=68 trace

53bfe15e91
[Firefox:3321 hits: 06-17 to 10-22]
73f1082158
[Firefox:1638 hits: 06-18 to 10-22]
b5919931fe
[Firefox:899 hits: 06-20 to 10-22] none[4]
73f1082158[1]
b5919931fe[1] Win2K-f 0 of 32 17:17:27 23:46:52 14 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| 48% none
lines=81
lines=90 trace
trace
trace

7e8bfa9b49
[Firefox:18 hits: 10-01 to 10-17] none[none] WinXP 35 of 36 18:04:13 18:04:13 1 none none:none
none|none none none

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07]
0c87a74ebe
[Firefox: 4 hits: 09-22 to 10-07]
72f02bd342
NEW
b5919931fe
[Firefox:899 hits: 06-20 to 10-22]
dabddee32a
NEW none[none]
none [none]
none [none]
b5919931fe[1]
none [none] Win2K-f 13 of 36 22:15:03 22:15:03 1 none none:none
none:none
none:none
ASM:Graph
none:none
none|none
none|none
none|none
ASProtect|
none|none none
none
none
lines=90
none none
none
none
trace
none

57ce4acac2
[Firefox:286 hits: 06-17 to 10-22] 57ce4acac2 [1] WinXP
Win2K-f 0 of 33 16:51:22 21:09:45 3 none ASM:Graph
Armadillo| 47% lines=81 trace

0617ab2cf7
[Firefox: 3 hits: 08-05 to 09-29] none[none] WinXP 32 of 36 23:36:20 23:36:20 1 none none:none
none|none none none

53bfe15e91
[Firefox:3321 hits: 06-17 to 10-22]
a08f3b74a4
[Firefox:1196 hits: 06-18 to 10-22] none[4]
a08f3b74a4[1] WinXP
Win2K-f 0 of 33 22:49:03 23:44:36 4 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07] none[none] WinXP
Win2K-f 0 of 0 20:52:06 22:50:43 3 none none:none
none|none none none

b27d73bfcb
NEW none[none] WinXP 35 of 36 20:47:01 20:47:01 1 none none:none
none|none none none

a2d01a2465
NEW none[none] WinXP 34 of 36 20:07:05 20:07:05 1 none none:none
none|none none none

c91dfdf79a
[Firefox: 2 hits: 10-20 to 10-20] none[none] WinXP 34 of 36 21:09:27 21:09:27 1 none none:none
none|none none none

c9d01112a8
[Firefox:13 hits: 08-06 to 10-07] none[none] WinXP 35 of 36 19:50:12 19:50:19 2 none none:none
none|none none none

7f89b38665
[Firefox:29 hits: 08-02 to 10-22]
a51a50404e
[Firefox:29 hits: 08-02 to 10-22] none[none]
none [none] Win2K-f 34 of 36 16:15:59 16:15:59 1 none none:none
none:none
none|none
none|none none
none none
none

5555eea43b
NEW
e07c29c4ae
[Firefox:673 hits: 06-19 to 10-22]
fe125e6415
NEW none[none]
e07c29c4ae[1]
none [none] WinXP 34 of 36 18:56:16 18:56:16 1 none none:none
ASM:Graph
none:none
none|none
FSG|
none|none none
lines=92
none none
trace
none

a0139d7ad8
[Firefox:174 hits: 01-03 to 10-22] d9e9662db1 [0] WinXP 29 of 29 23:32:51 23:32:51 1 none ASM:Graph
PolyEnE| 99% lines=68 trace

05b1ed9c9c
[Firefox: 4 hits: 09-22 to 10-07]
0c87a74ebe
[Firefox: 4 hits: 09-22 to 10-07]
2bd4f7f555
NEW none[none]
none [none]
none [none] WinXP 17 of 36 20:52:06 20:52:06 1 none none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none