Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page


27 June 2009

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.



Packed
MD5 		UnPacket
MD5 		Victim
OS 		AntiVirus
Hit-Cnt 		First
Encounter 		Last
Encounter 		Freq
Cnt 		Behavioral
Clusters 		Unpacked
Egg.asm 		Packer
Fingerprint 		API
Resolution 		String
Cnt 		Syscall
Trace
1a6c7da535
NEW		 1d04d6dc84 [0] WinXP
Win2K-f		 30 of 39 02:03:10 10:57:44 4 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
53bfe15e91
NEW
73f1082158
NEW		 1473091351 [0]
none [0]		 Win2K-f
WinXP		 0 of 32 10:22:14 21:12:39 8 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
379a6daa0d
NEW		 1d04d6dc84 [0] WinXP 39 of 40 01:45:00 01:45:00 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
dc331fb791
NEW		 none[3] Win2K-f 3 of 37 05:47:50 23:38:27 4 none none:none
 UPX| none trace
53bfe15e91
NEW		 1473091351 [0] WinXP
Win2K-f		 33 of 33 06:13:08 21:24:35 13 none ASM:Graph
 tElock| 96% lines=75
embedded dns		 trace
7417aba821
NEW		 cd4b74c275 [0] WinXP 37 of 41 12:34:35 12:34:35 1 none none:none
 none|none none trace
8ae30bb838
NEW		 63f1e5f4c7 [0] Win2K-f
WinXP		 40 of 41 09:08:47 09:54:18 2 none none:none
 ASPack| none trace
1b3d8e9fe7
NEW		 1d04d6dc84 [0] Win2K-f 39 of 41 01:04:18 13:22:10 6 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
47d3548e36
NEW
d8722af110
NEW		 ab13346633 [0]
ab30a55931[0]		 Win2K-f 36 of 40 18:26:54 18:26:54 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
4ceccaec21
NEW		 6ffedb8be7 [0] WinXP 40 of 41 07:41:58 07:41:58 1 none none:none
 PolyEnE| none trace
a0f9032000
NEW		 efd993fa2a [0] WinXP 36 of 40 10:42:04 10:42:04 1 none none:none
 tElock| none trace
25d726bb10
NEW		 4fadf3fb74 [0] Win2K-f 39 of 40 07:11:00 07:11:00 1 none none:none
 ASPack| none trace
4dd4197eb4
NEW		 1d04d6dc84 [0] Win2K-f
WinXP		 37 of 40 01:52:38 05:55:43 2 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
aab88c1c51
NEW		 cf93cc0212 [0] Win2K-f 35 of 41 12:41:26 12:41:26 1 none none:none
 none|none none trace
4c3df24b32
NEW		 none[0] WinXP 0 of 33 06:13:08 06:13:08 1 none ASM:Graph
 Armadillo| 47% lines=81 trace
50cdd5c6cf
NEW		 1d04d6dc84 [0] Win2K-f 37 of 40 08:12:11 08:12:11 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
6306024fe3
NEW		 4fadf3fb74 [0] Win2K-f 40 of 41 00:50:13 00:50:13 1 none none:none
 ASPack| none trace
92f1d0587c
NEW		 80711d78b0 [0] Win2K-f 37 of 41 13:02:13 13:02:13 1 none none:none
 none|none none trace
f8724de9d7
NEW		 733be76411 [0] Win2K-f 36 of 41 15:26:48 15:26:48 1 none none:none
 none|none none trace
53bfe15e91
NEW
57ce4acac2
NEW		 1473091351 [0]
none [0]		 Win2K-f 0 of 33 08:54:24 08:54:24 1 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
084b71b74d
NEW		 8a425894ca [0] WinXP 38 of 41 01:19:53 08:01:37 2 none none:none
 pex| none trace
af3984706f
NEW		 2ce58e077a [0] Win2K-f 16 of 41 00:19:09 00:19:09 1 none none:none
 tElock| none trace
53bfe15e91
NEW
a08f3b74a4
NEW		 1473091351 [0]
none [0]		 Win2K-f 0 of 33 07:08:52 21:24:35 3 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
8bdfceaf84
NEW		 8a510bc571 [0] WinXP 40 of 41 01:19:34 01:19:34 1 none none:none
 ASPack| none trace
d8e60db98a
NEW		 6991257f56 [0] WinXP 37 of 40 04:27:53 04:27:53 1 none none:none
 pex| none trace
7587773eea
NEW		 none[3] Win2K-f 7 of 37 01:16:17 01:26:14 2 none none:none
 StarForce| none trace
a1fba8d205
NEW		 1fd5e5ad53 [0] WinXP 41 of 41 10:35:58 10:35:58 1 none none:none
 PolyEnE| none trace
e3faefa56a
NEW		 1d04d6dc84 [0] WinXP 40 of 41 02:46:39 02:46:39 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
1cc99ef6ae
NEW		 08c137bf4d [0] Win2K-f 36 of 41 15:25:52 15:25:52 1 none none:none
 none|none none trace
ce2c5789bf
NEW		 256b62a824 [0] WinXP 37 of 41 12:33:33 12:33:33 1 none none:none
 none|none none trace
013a5ba10e
NEW		 1d04d6dc84 [0] Win2K-f 40 of 40 01:07:09 02:56:16 3 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
32a0d7d0e0
NEW		 none[0] WinXP 29 of 29 19:16:15 19:16:15 1 none ASM:Graph
 tElock| 100% lines=81
embedded dns		 trace
388adefa62
NEW		 b020897a42 [0] WinXP 36 of 41 12:08:50 12:08:50 1 none none:none
 none|none none trace
64870e6cf9
NEW		 d0956e26bb [0] WinXP 36 of 40 14:00:06 14:00:06 1 none none:none
 none|none none trace
053e25e2e4
NEW		 1e4ad6cdb1 [0] WinXP 38 of 41 01:44:55 05:04:52 3 none none:none
 ASPack| none trace
7b313206a2
NEW		 0c866c8cce [0] WinXP 38 of 41 05:06:54 05:06:54 1 none none:none
 none|none none trace
372b880eb1
NEW		 164314a8cc [0] Win2K-f 4 of 41 06:33:23 06:33:23 1 none none:none
 Armadillo| none trace
a72398081f
NEW		 3f0ad45d1c [0] Win2K-f 34 of 40 00:30:14 00:30:14 1 none none:none
 tElock| none trace
3490e2ea15
NEW		 1d04d6dc84 [0] WinXP
Win2K-f		 38 of 40 02:52:07 17:36:08 4 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
a0f9032000
NEW
c6c22b482f
NEW		 efd993fa2a [0]
ea912a7756[0]		 WinXP 37 of 41 10:42:04 10:42:04 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
trace
67a66839f7
NEW		 7b1fc808a3 [0] Win2K-f
WinXP		 37 of 41 12:09:24 16:26:22 7 none none:none
 none|none none trace
f534041536
NEW		 1d04d6dc84 [0] Win2K-f 40 of 41 02:55:10 02:55:10 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
e59bd3cf96
NEW		 f978f8c5c6 [0] Win2K-f 37 of 41 02:32:16 02:32:16 1 none none:none
 ASPack| none trace
986b59708d
NEW		 none[0] WinXP 29 of 29 09:18:05 09:18:05 1 none none:none
 PolyEnE| 100% lines=57 trace
8ce32ded17
NEW		 none[3] Win2K-f 4 of 37 02:49:28 02:49:28 1 none none:none
 Armadillo| none trace
d6df3972a0
NEW		 none[0] WinXP 29 of 29 18:27:20 18:27:20 1 none ASM:Graph
 PolyEnE| 100% lines=65 trace
f75c895158
NEW		 afaf06d6cd [0] Win2K-f 36 of 41 03:32:14 03:32:14 1 none none:none
 pex| none trace
372b880eb1
NEW
4efa213b79
NEW		 164314a8cc [0]
9e7dff694f[0]		 Win2K-f 18 of 41 06:33:23 06:33:23 1 none none:none
none:none
 Armadillo|
none|none		 none
none		 trace
trace
372b880eb1
NEW
4efa213b79
NEW
8a75955033
NEW		 164314a8cc [0]
9e7dff694f[0]
2bf3e548b9[0]		 Win2K-f 29 of 32 06:33:23 06:33:23 1 none none:none
none:none
ASM:Graph
 Armadillo|
none|none
tElock|		 96% none
none
lines=126
embedded dns		 trace
trace
trace
3d6c0ae7fa
NEW		 0c29ac518d [0] Win2K-f 37 of 41 12:57:14 12:57:14 1 none none:none
 none|none none trace
954a98c971
NEW		 cdd769f7a4 [0] Win2K-f 31 of 33 06:35:13 06:35:13 1 none none:none
 FSG| none trace
acbb7393ca
NEW		 a8d3e7d79d [0] WinXP 34 of 41 16:12:18 16:12:18 1 none none:none
 none|none none trace
3a1bb83dcd
NEW		 d316b1a994 [0] WinXP 40 of 41 04:36:46 04:36:46 1 none none:none
 ASPack| none trace
c00b8f7dba
NEW		 ab49b49a1e [0] WinXP 39 of 40 03:50:25 03:50:25 1 none none:none
 ASPack| none trace
372b880eb1
NEW
4efa213b79
NEW
8a75955033
NEW
f1bb8174e3
NEW		 164314a8cc [0]
9e7dff694f[0]
2bf3e548b9[0]
ff7d442dd1[0]		 Win2K-f 24 of 40 00:19:09 06:33:23 2 none none:none
none:none
ASM:Graph
none:none
 Armadillo|
none|none
tElock|
none|none		 none
none
lines=126
embedded dns
none		 trace
trace
trace
trace
47d3548e36
NEW		 ab13346633 [0] Win2K-f 37 of 41 18:26:54 18:26:54 1 none none:none
 Armadillo| none trace
8128405d8c
NEW		 1d04d6dc84 [0] Win2K-f
WinXP		 40 of 41 00:39:03 08:21:02 8 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
9b2c7d1c22
NEW		 1e4ad6cdb1 [0] WinXP 39 of 41 02:53:10 02:53:10 1 none none:none
 ASPack| none trace
372b880eb1
NEW
4efa213b79
NEW
8a75955033
NEW
f1bb8174e3
NEW
f37b5a8f0c
NEW		 164314a8cc [0]
9e7dff694f[0]
2bf3e548b9[0]
ff7d442dd1[0]
dce19a471e[0]		 Win2K-f 19 of 40 00:19:09 06:33:23 2 none none:none
none:none
ASM:Graph
none:none
none:none
 Armadillo|
none|none
tElock|
none|none
none|none		 none
none
lines=126
embedded dns
none
none		 trace
trace
trace
trace
trace
3e4b76d228
NEW		 ca3349caad [0] Win2K-f 33 of 41 06:11:14 06:11:14 1 none none:none
 ASPack| none trace
bf2378bf7d
NEW		 c8f689a5f0 [0] WinXP 38 of 41 19:01:30 19:01:30 1 none none:none
 none|none none trace
4720a9e8e1
NEW		 14ce89722f [0] Win2K-f 39 of 41 14:42:39 14:42:39 1 none none:none
 none|none none trace
d04034a8b3
NEW		 cbf5aba1bb [0] WinXP 39 of 41 11:14:56 11:14:56 1 none none:none
 none|none none trace
d5e59c2ed7
NEW		 1d04d6dc84 [0] Win2K-f 34 of 41 01:06:04 01:06:04 1 none ASM:Graph
 ASPack| 41% lines=3292
embedded dns		 trace
07f9735f14
NEW		 a66b2cb30b [0] WinXP 38 of 41 01:04:20 01:04:20 1 none none:none
 FSG| none trace
25ef2f5f6d
NEW		 9399e2ac48 [0] WinXP 40 of 41 09:44:46 09:44:46 1 none none:none
 ASPack| none trace
98b01b5433
NEW		 d2dd40e849 [0] WinXP 39 of 41 00:29:13 00:29:13 1 none none:none
 ASPack| none trace
bd81d71c06
NEW		 1993ba73cd [0] WinXP 39 of 40 02:40:14 06:52:26 2 none none:none
 PolyEnE| none trace
b9490144af
NEW		 4c4890cc1f [0] WinXP 37 of 41 14:04:02 14:04:02 1 none none:none
 ASProtect| none trace
d9cb288f31
NEW		 45603a001c [0] Win2K-f 3 of 37 05:03:51 22:43:36 6 none ASM:Graph
 UPX| 92% lines=174
embedded dns		 trace
00c4fc2fd0
NEW		 1e4ad6cdb1 [0] Win2K-f 40 of 41 01:32:04 01:32:04 1 none none:none
 ASPack| none trace
9bb68450cd
NEW		 c2d5ac2315 [0] WinXP 34 of 36 08:45:17 08:45:17 1 none ASM:Graph
 PolyEnE| 100% lines=73
embedded dns		 trace
ccae625eb1
NEW		 f2dcac5dcd [0] Win2K-f 38 of 41 12:21:10 12:21:10 1 none none:none
 none|none none trace