On this page... (hide)

Explanation

This page shows a different type of analysis done to each of the different binaries that we gather and have gathered in. Most malicious programs are packed with different technologies in the hopes of obfuscating their existing from different detection mechanisms, but to also increase the difficulty in either reverse engineering the binary, or to analyze what exact functions and purposes it may have. While there are many well used and semi-public packers in use, there is a trend for more private and custom packers being used to increase the effectiveness of their concealment.

The tool that we use to make the determination for identification is from Sigbuster by Toni Koivunen (toni <AT> teamfurry.com)/Teamfurry.com. Sigbuster is a cross-platform tool for detecting exe-packers.

Notes

There are minor discrepancies in the percentages, and this is an artifact from the numbers being compared to a set of five in the pie chart verses a set of ten in the table.

↑ Contents

Updates

The graph are updated once a day.

↑ Contents

Charts and Graphs

Daily Statistics (Last 24-hours)

Packer Count Percent
UPX All_Versions 342 57.29%
NullSoft_NSIS Generic 197 33.00%
ASPack v2.12 31 5.19%
ASProtect v1.2x-1.3x 7 1.17%
Crunch_PE vna 6 1.01%
Crypto_Lock v2.02(Eng) 3 0.50%
Swizzor_test vna 2 0.34%
unknown_5 2 0.34%
Crunch_PE v1.0.x.x 2 0.34%
Alloy v4.x 1 0.17%

Weekly Statistics (Last 7-Days)

Packer Count Percent
UPX All_Versions 73180 75.08%
NullSoft_NSIS Generic 11636 11.94%
ASPack v2.1 2031 2.08%
ASPack v2.12 1072 1.10%
Swizzor_test vna 906 0.93%
PE_Compact v2.X 692 0.71%
Allaple_Polymorphic_Packer vna 625 0.64%
NullSoft_PiMP_SFX vna 583 0.60%
UPX V2.9-3.X 555 0.57%
NsPack All_Versions 480 0.49%

Monthly Statistics (Last 30-days)

Packer Count Percent
UPX All_Versions 364772 70.13%
NullSoft_NSIS Generic 78611 15.11%
tElock v0.98 29673 5.71%
ASPack v2.12 4188 0.81%
Allaple_Polymorphic_Packer vna 3837 0.74%
Swizzor_test vna 3639 0.70%
ASPack v2.1 3625 0.70%
UPX V2.9-3.X 3039 0.58%
NullSoft_PiMP_SFX vna 2876 0.55%
PE_Compact v2.X 2435 0.47%

Bi-Monthly Statistics (Last 60-days)

Packer Count Percent
UPX All_Versions 860124 65.56%
NullSoft_NSIS Generic 167267 12.75%
ASPack v2.1 105086 8.01%
tElock v0.98 46085 3.51%
Allaple_Polymorphic_Packer vna 23187 1.77%
ASPack v2.12 12517 0.95%
Swizzor_test vna 11421 0.87%
UPX V2.9-3.X 7787 0.59%
PE_Compact v2.X 6940 0.53%
NullSoft_PiMP_SFX vna 6121 0.47%

Tri-Monthly Statistics (Last 90-days)

Packer Count Percent
UPX All_Versions 1238481 66.21%
NullSoft_NSIS Generic 235611 12.60%
ASPack v2.1 121445 6.49%
Allaple_Polymorphic_Packer vna 56176 3.00%
tElock v0.98 46645 2.49%
PE_Compact V2.X 30210 1.62%
Swizzor_test vna 20351 1.09%
ASPack v2.12 15271 0.82%
UPX V2.9-3.X 10436 0.56%
NullSoft_PiMP_SFX vna 8266 0.44%

Semi-Yearly Statistics (Last 180-days)

Packer Count Percent
UPX All_Versions 1921427 59.05%
NullSoft_NSIS Generic 358893 11.03%
ASPack v2.1 320722 9.86%
Allaple_Polymorphic_Packer vna 135869 4.18%
PE_Compact v2.X 72378 2.22%
Swizzor_test vna 70374 2.16%
UPX V2.9-3.X 58542 1.80%
tElock v0.98 48085 1.48%
ASPack v2.12 38090 1.17%
NullSoft_PiMP_SFX vna 24435 0.75%

Yearly Statistics (Last 12-Months)

Packer Count Percent
Allaple_Polymorphic_Packer vna 26634587 47.36%
UPX All_Versions 11881379 21.13%
MEW v11SEv1.2 10662456 18.96%
ASPack v2.1 3323465 5.91%
FSG V1.3x 1266879 2.25%
ASPack v2.12 429381 0.76%
NullSoft_NSIS Generic 414785 0.74%
PE_Compact v2.X 183402 0.33%
Armadillo v1.xx-v2.xx 141260 0.25%
Swizzor_test vna 108634 0.19%

↑ Contents

<< Sandbox Graphs | Statistics | Scans >>