Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page


01 November 2009

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.



Packed
MD5 		UnPacket
MD5 		Victim
OS 		AntiVirus
Hit-Cnt 		First
Encounter 		Last
Encounter 		Freq
Cnt 		Behavioral
Clusters 		Unpacked
Egg.asm 		Packer
Fingerprint 		API
Resolution 		String
Cnt 		Syscall
Trace
05e29fd1f0
NEW
1c5e79f5f4
NEW
24e59ab043
NEW
5abc9b8012
NEW
83192a6119
NEW
96efa8fdf5
NEW
a0e59e4658
NEW
b715292e04
NEW
e1cdc5a168
NEW
f725e57065
NEW
ff2150aa95
NEW		 none[4]
none [4]
778da26bf3[0]
376edb026c[0]
fdc95e1fab[0]
acab6295e1[0]
none [4]
569c05a15f[0]
none [4]
3f11911aa9[0]
6e55004755[0]		 WinXP 30 of 33 03:53:29 03:53:29 1 none none:none
none:none
none:none
none:none
none:none
none:none
none:none
none:none
none:none
none:none
none:none
 none|none
FSG|
Armadillo|
Neolite|
none|none
StarForce|
Obsidium|
PE-PACK|
ASProtect|
tElock|
tElock|		 none
none
none
none
none
none
none
none
none
none
none		 trace
trace
trace
trace
trace
trace
trace
trace
trace
trace
trace
7b313206a2
NEW		 0c866c8cce [0] WinXP 38 of 41 01:02:46 01:02:46 1 none none:none
 none|none none trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW
83192a6119
NEW
a3e18e89b8
NEW
b480c6365e
NEW
b64d7999db
NEW
e1cdc5a168
NEW
f725e57065
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]
fdc95e1fab[0]
a3e18e89b8[1]
none [4]
584147788c[0]
none [4]
3f11911aa9[0]		 WinXP 13 of 41 03:53:29 22:12:06 3 none none:none
none:none
none:none
none:none
ASM:Graph
none:none
none:none
none:none
none:none
 FSG|
StarForce|
none|none
none|none
StarForce|
none|none
Neolite|
ASProtect|
tElock|		 none
none
none
none
lines=5
none
none
none
none		 trace
trace
trace
trace
trace
trace
trace
trace
trace
53bfe15e91
NEW
73f1082158
NEW		 1473091351 [0]
none [0]		 Win2K-f
WinXP		 0 of 32 02:03:34 20:34:01 3 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW
83192a6119
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]
fdc95e1fab[0]		 WinXP 15 of 41 03:53:29 22:12:06 3 none none:none
none:none
none:none
none:none
 FSG|
StarForce|
none|none
none|none		 none
none
none
none		 trace
trace
trace
trace
53bfe15e91
NEW		 1473091351 [0] WinXP
Win2K-f		 33 of 33 00:49:37 23:29:45 14 none ASM:Graph
 tElock| 96% lines=75
embedded dns		 trace
05e29fd1f0
NEW
1c5e79f5f4
NEW
24e59ab043
NEW
5abc9b8012
NEW		 none[4]
none [4]
778da26bf3[0]
376edb026c[0]		 WinXP 7 of 41 03:53:29 03:53:29 1 none none:none
none:none
none:none
none:none
 none|none
FSG|
Armadillo|
Neolite|		 none
none
none
none		 trace
trace
trace
trace
1c5e79f5f4
NEW
6a4845ca11
NEW		 none[4]
c23d00870b[0]		 WinXP 0 of 0 06:02:32 06:02:32 1 none none:none
none:none
 FSG|
tElock|		 none
none		 trace
trace
07fabc79ef
NEW		 none[0] WinXP
Win2K-f		 0 of 32 00:49:37 17:44:59 3 none ASM:Graph
 Armadillo| 47% lines=81 trace
df17a625ee
NEW		 none[0] WinXP 29 of 29 14:25:29 14:25:29 1 none none:none
 ASPack| 72% lines=298
embedded dns		 trace
bb7681eca8
NEW		 none[3] WinXP 32 of 32 14:33:04 14:33:04 1 none none:none
 tElock| none trace
8b41cb7a41
NEW		 ef18d720f3 [0] WinXP 3 of 41 00:05:23 00:05:23 1 none none:none
 Armadillo| none trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW
83192a6119
NEW
a3e18e89b8
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]
fdc95e1fab[0]
a3e18e89b8[1]		 WinXP 7 of 41 22:12:06 22:12:06 1 none none:none
none:none
none:none
none:none
ASM:Graph
 FSG|
StarForce|
none|none
none|none
StarForce|		 17% none
none
none
none
lines=5		 trace
trace
trace
trace
trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW
83192a6119
NEW
a3e18e89b8
NEW
b480c6365e
NEW
b64d7999db
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]
fdc95e1fab[0]
a3e18e89b8[1]
none [4]
584147788c[0]		 WinXP 5 of 41 22:12:06 22:12:06 1 none none:none
none:none
none:none
none:none
ASM:Graph
none:none
none:none
 FSG|
StarForce|
none|none
none|none
StarForce|
none|none
Neolite|		 none
none
none
none
lines=5
none
none		 trace
trace
trace
trace
trace
trace
trace
75af48afe4
NEW		 7a25f9e3cf [0] WinXP 22 of 41 12:37:20 12:37:20 1 none none:none
 StarForce| none trace
07f6a0160b
NEW		 ce3cb771cc [0] Win2K-f 39 of 41 03:09:26 03:09:26 1 none none:none
 Armadillo| none trace
1c5e79f5f4
NEW
420513a6be
NEW		 none[4]
1a4b1b325f[0]		 WinXP 3 of 41 22:12:06 22:12:06 1 none none:none
none:none
 FSG|
StarForce|		 none
none		 trace
trace
b578280b18
NEW		 b69a6b100c [0] Win2K-f 39 of 40 01:16:34 01:16:34 1 none none:none
 StarForce| none trace
4512a2e99b
NEW		 b89876c3b9 [0] WinXP 40 of 41 03:01:17 03:01:17 1 none none:none
 none|none none trace
96d089e522
NEW		 b9dd25bdfb [0] WinXP 34 of 36 12:39:24 12:39:24 1 none ASM:Graph
 PolyEnE| 100% lines=93
embedded dns		 trace
1c5e79f5f4
NEW
6a4845ca11
NEW
83192a6119
NEW
9e4a539611
NEW		 none[4]
c23d00870b[0]
fdc95e1fab[0]
405940d276[0]		 WinXP 7 of 41 06:02:32 06:02:32 1 none none:none
none:none
none:none
none:none
 FSG|
tElock|
none|none
none|none		 none
none
none
none		 trace
trace
trace
trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW
83192a6119
NEW
a3e18e89b8
NEW
b480c6365e
NEW
b64d7999db
NEW
e1cdc5a168
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]
fdc95e1fab[0]
a3e18e89b8[1]
none [4]
584147788c[0]
none [4]		 WinXP 16 of 41 03:53:29 22:12:06 2 none none:none
none:none
none:none
none:none
ASM:Graph
none:none
none:none
none:none
 FSG|
StarForce|
none|none
none|none
StarForce|
none|none
Neolite|
ASProtect|		 none
none
none
none
lines=5
none
none
none		 trace
trace
trace
trace
trace
trace
trace
trace
8b41cb7a41
NEW
97fef473b9
NEW		 ef18d720f3 [0]
ff4e7d6992[0]		 WinXP 33 of 33 00:05:23 00:05:23 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
ed386522c7
NEW		 d7cdf28efd [0] WinXP 40 of 41 04:43:48 04:43:48 1 none none:none
 PolyEnE| none trace
38ed850a0e
NEW		 46990f37cd [0] WinXP 34 of 38 14:43:45 14:43:45 1 none ASM:Graph
 Armadillo| 0% lines=91 trace
eb07c59faa
NEW		 e7d4027969 [0] WinXP 39 of 41 18:03:54 18:03:54 1 none none:none
 PolyEnE| none trace
1c5e79f5f4
NEW
6a4845ca11
NEW
83192a6119
NEW
9e4a539611
NEW
f725e57065
NEW
ffafd341d9
NEW		 none[4]
c23d00870b[0]
fdc95e1fab[0]
405940d276[0]
3f11911aa9[0]
294fb27545[0]		 WinXP 38 of 40 06:02:32 06:02:32 1 none none:none
none:none
none:none
none:none
none:none
ASM:Graph
 FSG|
tElock|
none|none
none|none
tElock|
Armadillo|		 0% none
none
none
none
none
lines=91		 trace
trace
trace
trace
trace
trace
03f912899b
NEW		 none[0] WinXP 32 of 32 11:47:07 11:47:07 1 none none:none
 none|none 32% lines=64 trace
05e29fd1f0
NEW		 none[4] WinXP 0 of 41 03:53:29 03:53:29 1 none none:none
 none|none none trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW
83192a6119
NEW
a3e18e89b8
NEW
b480c6365e
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]
fdc95e1fab[0]
a3e18e89b8[1]
none [4]		 WinXP 0 of 41 22:12:06 22:12:06 1 none none:none
none:none
none:none
none:none
ASM:Graph
none:none
 FSG|
StarForce|
none|none
none|none
StarForce|
none|none		 none
none
none
none
lines=5
none		 trace
trace
trace
trace
trace
trace
7f60162c2c
NEW		 none[0] WinXP 25 of 25 01:10:18 01:10:18 1 none none:none
 PolyEnE| 100% lines=93
embedded dns		 trace
4640a4ccd3
NEW		 9d9f2a02f5 [0] Win2K-f 40 of 41 11:42:56 11:42:56 1 none none:none
 tElock| none trace
741e3b03b3
NEW		 none[0] WinXP 31 of 32 08:08:16 14:59:25 3 none none:none
 none|none 32% lines=61 trace
05e29fd1f0
NEW
1c5e79f5f4
NEW
24e59ab043
NEW
5abc9b8012
NEW
83192a6119
NEW
96efa8fdf5
NEW		 none[4]
none [4]
778da26bf3[0]
376edb026c[0]
fdc95e1fab[0]
acab6295e1[0]		 WinXP 2 of 41 03:53:29 03:53:29 1 none none:none
none:none
none:none
none:none
none:none
none:none
 none|none
FSG|
Armadillo|
Neolite|
none|none
StarForce|		 none
none
none
none
none
none		 trace
trace
trace
trace
trace
trace
05e29fd1f0
NEW
1c5e79f5f4
NEW
24e59ab043
NEW
5abc9b8012
NEW
83192a6119
NEW
96efa8fdf5
NEW
a0e59e4658
NEW
b715292e04
NEW		 none[4]
none [4]
778da26bf3[0]
376edb026c[0]
fdc95e1fab[0]
acab6295e1[0]
none [4]
569c05a15f[0]		 WinXP 14 of 41 03:53:29 03:53:29 1 none none:none
none:none
none:none
none:none
none:none
none:none
none:none
none:none
 none|none
FSG|
Armadillo|
Neolite|
none|none
StarForce|
Obsidium|
PE-PACK|		 none
none
none
none
none
none
none
none		 trace
trace
trace
trace
trace
trace
trace
trace
07f6a0160b
NEW
105267869b
NEW		 ce3cb771cc [0]
9ed962793a[0]		 Win2K-f 40 of 41 03:09:26 03:09:26 1 none none:none
none:none
 Armadillo|
tElock|		 none
none		 trace
trace
1c5e79f5f4
NEW
420513a6be
NEW
7bc8d57d8c
NEW		 none[4]
1a4b1b325f[0]
be025ab204[0]		 WinXP 38 of 40 22:12:06 22:12:06 1 none none:none
none:none
none:none
 FSG|
StarForce|
none|none		 none
none
none		 trace
trace
trace
831f4ee0a7
NEW		 none[0] WinXP 29 of 29 02:03:35 02:03:35 1 none ASM:Graph
 none|none 100% lines=61 trace
7d99b0e910
NEW		 none[0] WinXP 26 of 28 01:16:21 01:16:21 1 none none:none
 PolyEnE| 99% lines=68 trace
05e29fd1f0
NEW
1c5e79f5f4
NEW
24e59ab043
NEW
5abc9b8012
NEW
83192a6119
NEW
96efa8fdf5
NEW
a0e59e4658
NEW		 none[4]
none [4]
778da26bf3[0]
376edb026c[0]
fdc95e1fab[0]
acab6295e1[0]
none [4]		 WinXP 15 of 41 03:53:29 03:53:29 1 none none:none
none:none
none:none
none:none
none:none
none:none
none:none
 none|none
FSG|
Armadillo|
Neolite|
none|none
StarForce|
Obsidium|		 none
none
none
none
none
none
none		 trace
trace
trace
trace
trace
trace
trace
53bfe15e91
NEW
57ce4acac2
NEW		 1473091351 [0]
none [0]		 Win2K-f 0 of 33 23:16:07 23:16:07 1 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
a1f992a08e
NEW		 75ca0b4a8f [0] WinXP 40 of 41 05:19:54 05:19:54 1 none none:none
 PolyEnE| none trace
1c5e79f5f4
NEW		 none[4] WinXP 17 of 41 03:53:29 22:12:06 3 none none:none
 FSG| none trace
1a2c0e6130
NEW		 none[0] WinXP 29 of 29 15:58:08 15:58:08 1 none none:none
 none|none 33% lines=60 trace
53bfe15e91
NEW
a08f3b74a4
NEW		 1473091351 [0]
none [0]		 Win2K-f
WinXP		 0 of 33 02:31:38 23:29:45 7 none ASM:Graph
none:none
 tElock|
Armadillo|		 0% lines=75
embedded dns
lines=90		 trace
trace
7e809b1bc9
NEW		 14a46167a5 [0] WinXP 39 of 41 19:58:23 19:58:23 1 none none:none
 StarForce| none trace
4640a4ccd3
NEW
518025c884
NEW		 9d9f2a02f5 [0]
e811756e2b[0]		 Win2K-f 39 of 41 11:42:56 11:42:56 1 none none:none
none:none
 tElock|
Armadillo|		 none
none		 trace
trace
10980f4df2
NEW		 1fd3385a95 [0] Win2K-f 39 of 40 07:18:21 07:18:21 1 none ASM:Graph
 none|none 97% lines=556 trace
38ed850a0e
NEW
b9297745a1
NEW		 46990f37cd [0]
4294884d84[0]		 WinXP 35 of 38 14:43:45 14:43:45 1 none ASM:Graph
ASM:Graph
 Armadillo|
tElock|		 96% lines=91
lines=64
embedded dns		 trace
trace
ed96c03ca8
NEW		 c0028e9e98 [0] WinXP 39 of 41 23:44:34 23:44:34 1 none none:none
 PolyEnE| none trace
5285741560
NEW		 60590b8b67 [0] WinXP 37 of 40 00:35:00 23:02:51 3 none ASM:Graph
 none|none 55% lines=59 trace
05e29fd1f0
NEW
1c5e79f5f4
NEW
24e59ab043
NEW		 none[4]
none [4]
778da26bf3[0]		 WinXP 34 of 36 03:53:29 03:53:29 1 none none:none
none:none
none:none
 none|none
FSG|
Armadillo|		 none
none
none		 trace
trace
trace