Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page


21 June 2009

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.



Packed
MD5 		UnPacket
MD5 		Victim
OS 		AntiVirus
Hit-Cnt 		First
Encounter 		Last
Encounter 		Freq
Cnt 		Behavioral
Clusters 		Unpacked
Egg.asm 		Packer
Fingerprint 		API
Resolution 		String
Cnt 		Syscall
Trace
1a6c7da535
NEW		 1d04d6dc84 [0] Win2K-f
WinXP		 30 of 39 04:21:29 11:32:12 3 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
379a6daa0d
NEW		 1d04d6dc84 [0] Win2K-f 39 of 40 05:28:33 05:28:33 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
b7a2732226
NEW		 4fadf3fb74 [0] Win2K-f 39 of 40 04:19:48 04:19:48 1 none none:none
 ASPack| none trace
73f1082158
NEW		 none[0] Win2K-f
WinXP		 0 of 32 01:16:26 08:58:04 3 none none:none
 Armadillo| 0% lines=90 trace
dc331fb791
NEW		 none[3] Win2K-f 3 of 37 08:08:29 16:11:23 4 none none:none
 UPX| none trace
a205366bef
NEW
efaef2451a
NEW		 82bbbe4789 [0]
5382f9a037[0]		 Win2K-f 37 of 41 08:38:10 08:38:10 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
trace
1fcc146d70
NEW		 none[0] WinXP 29 of 29 21:36:52 21:36:52 1 none none:none
 PolyEnE| 99% lines=68 trace
53bfe15e91
NEW		 1473091351 [0] Win2K-f
WinXP		 33 of 33 00:22:26 23:13:10 13 none ASM:Graph
 tElock| 96% lines=75
embedded dns		 trace
449e681a46
NEW		 a9ed9b3845 [0] WinXP 40 of 41 02:01:29 02:01:29 1 none none:none
 PolyEnE| none trace
450ad1b683
NEW		 1e4ad6cdb1 [0] WinXP 39 of 41 04:47:13 04:47:13 1 none none:none
 ASPack| none trace
d5966f5d2c
NEW		 30f4c38c14 [0] WinXP 38 of 40 22:30:38 22:30:38 1 none none:none
 none|none none trace
bb7681eca8
NEW		 none[3] WinXP 32 of 32 17:47:47 17:47:47 1 none none:none
 tElock| none trace
53bfe15e91
NEW
b7082104e4
NEW		 1473091351 [0]
c5b49e7b82[0]		 Win2K-f 8 of 33 16:18:31 21:51:20 2 none ASM:Graph
ASM:Graph
 tElock|
tElock|		 100% lines=75
embedded dns
lines=41		 trace
trace
367ce61cff
NEW		 48128671a8 [0] Win2K-f
WinXP		 25 of 39 17:06:36 17:39:36 2 none ASM:Graph
 StarForce| 62% lines=52 trace
f691b990eb
NEW		 c9c19a2c94 [0] Win2K-f 37 of 41 15:46:27 15:46:27 1 none none:none
 StarForce| none trace
1b3d8e9fe7
NEW		 1d04d6dc84 [0] WinXP
Win2K-f		 39 of 41 05:10:02 05:32:40 2 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
47d3548e36
NEW
d8722af110
NEW		 ab13346633 [0]
ab30a55931[0]		 Win2K-f 36 of 40 12:22:15 12:22:15 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
7623c942a9
NEW		 1e7e1e0e5d [0] WinXP 29 of 29 08:17:08 08:17:08 1 none none:none
 tElock| none trace
a12cab51ef
NEW		 none[0] WinXP 29 of 29 08:16:03 08:54:57 2 none none:none
 ASPack| 54% lines=281
embedded dns		 trace
f502585714
NEW		 none[0] WinXP 29 of 29 20:00:51 20:00:51 1 none none:none
 PolyEnE| 100% lines=63 trace
4dd4197eb4
NEW		 1d04d6dc84 [0] WinXP 37 of 40 05:38:55 05:38:55 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
a3c93c5544
NEW		 010bdb8a13 [0] WinXP 37 of 41 08:35:42 08:35:42 1 none none:none
 PENinja S| none trace
741e3b03b3
NEW		 none[0] WinXP 31 of 32 06:53:06 06:53:06 1 none none:none
 none|none 32% lines=61 trace
831f4ee0a7
NEW		 none[0] WinXP 29 of 29 06:23:38 11:46:18 3 none ASM:Graph
 none|none 100% lines=61 trace
c61078e573
NEW		 670955f966 [0] WinXP 31 of 41 02:52:40 02:52:40 1 none none:none
 Armadillo| none trace
97d5230e3f
NEW		 2deaf62cb7 [0] WinXP 38 of 41 13:34:05 13:34:05 1 none none:none
 tElock| none trace
f14fd68756
NEW		 f14fd68756 [1] WinXP 37 of 40 04:19:46 04:19:46 1 none ASM:Graph
 pex| 42% lines=19 trace
29b1147e8c
NEW
45d0b04679
NEW		 cb0cdc25cb [0]
d2d218b6e3[0]		 Win2K-f 38 of 41 11:39:01 11:39:01 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
bfea3ef3ff
NEW		 59e13ba7ac [0] WinXP 40 of 41 17:32:40 17:32:40 1 none none:none
 PolyEnE| none trace
29b1147e8c
NEW		 cb0cdc25cb [0] Win2K-f 36 of 40 11:39:01 11:39:01 1 none none:none
 Armadillo| none trace
53bfe15e91
NEW
57ce4acac2
NEW		 1473091351 [0]
none [0]		 Win2K-f 0 of 33 09:10:50 09:10:50 1 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
1a2c0e6130
NEW		 none[0] WinXP 29 of 29 07:50:15 07:50:15 1 none none:none
 none|none 33% lines=60 trace
53bfe15e91
NEW
a08f3b74a4
NEW		 1473091351 [0]
none [0]		 Win2K-f
WinXP		 0 of 33 00:22:26 23:13:10 7 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
7587773eea
NEW		 none[3] Win2K-f 7 of 37 08:36:19 09:32:32 3 none none:none
 StarForce| none trace
38ed850a0e
NEW
b9297745a1
NEW		 46990f37cd [0]
4294884d84[0]		 WinXP 35 of 38 15:01:31 15:01:31 1 none ASM:Graph
ASM:Graph
 Armadillo|
tElock|		 96% lines=91
lines=64
embedded dns		 trace
trace
5285741560
NEW		 60590b8b67 [0] WinXP 37 of 40 16:27:40 16:27:40 1 none ASM:Graph
 none|none 55% lines=59 trace
013a5ba10e
NEW		 1d04d6dc84 [0] WinXP
Win2K-f		 40 of 40 04:48:27 09:57:46 4 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
c13a6c3da5
NEW		 1d04d6dc84 [0] Win2K-f 40 of 41 07:58:22 07:58:22 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
33d254ac09
NEW		 c417b03f6a [0] WinXP 39 of 40 17:15:19 17:15:19 1 none none:none
 ASPack| none trace
3490e2ea15
NEW		 1d04d6dc84 [0] Win2K-f
WinXP		 38 of 40 04:33:52 06:00:18 3 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
367ce61cff
NEW
820b27d4c6
NEW		 48128671a8 [0]
1102de0215[0]		 WinXP 38 of 41 17:39:36 17:39:36 1 none ASM:Graph
none:none
 StarForce|
Armadillo|		 lines=52
none		 trace
trace
c91c60dd02
NEW		 acfce17a48 [0] WinXP 39 of 41 00:12:22 00:12:22 1 none none:none
 PolyEnE| none trace
8a75955033
NEW
9276c8b36b
NEW		 2bf3e548b9 [0]
none [0]		 WinXP 28 of 32 23:12:22 23:12:22 1 none ASM:Graph
ASM:Graph
 tElock|
Armadillo|		 47% lines=126
embedded dns
lines=81		 trace
trace
07fabc79ef
NEW		 none[0] Win2K-f 0 of 32 02:30:33 02:30:33 1 none ASM:Graph
 Armadillo| 47% lines=81 trace
f534041536
NEW		 1d04d6dc84 [0] Win2K-f 40 of 41 05:01:11 05:01:11 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
d7265c89b6
NEW		 4fadf3fb74 [0] WinXP 40 of 40 04:31:08 04:31:08 1 none none:none
 ASPack| none trace
2d16d63f91
NEW		 27cb26ee14 [0] WinXP 38 of 41 20:36:40 20:36:40 1 none none:none
 PolyEnE| none trace
68180361d9
NEW		 b905f36581 [0] Win2K-f 37 of 41 06:17:09 06:17:09 1 none none:none
 ASPack| none trace
a205366bef
NEW		 82bbbe4789 [0] Win2K-f 38 of 41 08:38:10 08:38:10 1 none none:none
 tElock| none trace
97d5230e3f
NEW
dfb19bde14
NEW		 2deaf62cb7 [0]
7d7d4ab834[0]		 WinXP 36 of 41 13:34:05 13:34:05 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
trace
f373adb964
NEW		 4fadf3fb74 [0] Win2K-f 35 of 41 14:05:22 14:05:22 1 none none:none
 ASPack| none trace
38ed850a0e
NEW		 46990f37cd [0] WinXP 34 of 38 15:01:31 15:01:31 1 none ASM:Graph
 Armadillo| 0% lines=91 trace
a1684ab682
NEW		 6d883c8d11 [0] WinXP 27 of 32 13:28:58 13:28:58 1 none none:none
 eXPressor| none trace
d60e538e72
NEW		 none[3] Win2K-f 2 of 37 23:36:03 23:45:43 2 none none:none
 UPX| none trace
8a75955033
NEW		 2bf3e548b9 [0] WinXP 29 of 32 23:12:22 23:12:22 1 none ASM:Graph
 tElock| 96% lines=126
embedded dns		 trace
05cfbe0bc5
NEW		 6e704f13e9 [0] Win2K-f 39 of 40 04:32:11 12:09:07 2 none ASM:Graph
 FSG| 89% lines=48 trace
15d4d85dc0
NEW		 4c95ae4b3d [0] Win2K-f 32 of 32 08:42:18 08:42:18 1 none ASM:Graph
 StarForce| 98% lines=212
embedded dns		 trace
6639fffb75
NEW		 631ae2f910 [0] Win2K-f 40 of 41 05:08:45 05:08:45 1 none none:none
 ASPack| none trace
7f60162c2c
NEW		 none[0] WinXP 25 of 25 11:30:06 15:13:23 2 none none:none
 PolyEnE| 100% lines=93
embedded dns		 trace
367ce61cff
NEW
a894e6640a
NEW		 48128671a8 [0]
2a62540340[0]		 Win2K-f 38 of 41 17:06:36 17:06:36 1 none ASM:Graph
none:none
 StarForce|
PolyEnE|		 lines=52
none		 trace
trace
dcbed1ebef
NEW		 1f5958f55f [0] Win2K-f 40 of 41 04:43:27 04:43:27 1 none none:none
 ASPack| none trace
47d3548e36
NEW		 ab13346633 [0] Win2K-f 37 of 41 12:22:15 12:22:15 1 none none:none
 Armadillo| none trace
8128405d8c
NEW		 1d04d6dc84 [0] Win2K-f
WinXP		 40 of 41 05:59:51 09:46:31 3 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
35acca05f7
NEW		 7a644ea4e9 [0] Win2K-f 40 of 41 16:20:42 16:20:42 1 none none:none
 ASPack| none trace
16b4707df9
NEW		 7b7781c1c1 [0] Win2K-f 36 of 40 20:20:04 20:20:04 1 none none:none
 Armadillo| none trace
16b4707df9
NEW
b8607fc9ba
NEW		 7b7781c1c1 [0]
b4d672329d[0]		 Win2K-f 37 of 40 20:20:04 20:20:04 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
223d8089f8
NEW		 none[3] Win2K-f 2 of 37 02:10:15 02:19:07 2 none none:none
 StarForce| none trace
73f1082158
NEW
cdfb41a2d1
NEW		 none[0]
none [3]		 WinXP 13 of 41 08:58:04 08:58:04 1 none none:none
none:none
 Armadillo|
none|none		 lines=90
none		 trace
trace
c61078e573
NEW
d80521c9d9
NEW		 670955f966 [0]
6d39f1a62e[0]		 WinXP 38 of 41 02:52:40 02:52:40 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
d9cb288f31
NEW		 45603a001c [0] Win2K-f 3 of 37 03:51:41 21:41:23 13 none ASM:Graph
 UPX| 92% lines=174
embedded dns		 trace