Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                491,310            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               491,310      100.0%
    Completed Analysis Runs                       491,308      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                    2        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       389,482       79.3%
  Programs using HTTP                             272,917       70.1%
    URLs captured                                       0            
  Programs using FTP                                  112        0.0%
  Programs using SMTP                                 668        0.2%
  Programs using IRC                                2,830        0.7%
Programs that sent UDP data                       479,516       97.6%
  Programs that made DNS requests                 343,885       71.7%
Programs that made P2P connections                      4        0.0%
    Programs using bittorrent                           3       75.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1       25.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,030,665            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,030,665      100.0%
    Completed Analysis Runs                     1,030,499      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  166        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       822,512       79.8%
  Programs using HTTP                             569,586       69.2%
    URLs captured                                       0            
  Programs using FTP                                  278        0.0%
  Programs using SMTP                               1,135        0.1%
  Programs using IRC                                7,338        0.9%
Programs that sent UDP data                     1,005,767       97.6%
  Programs that made DNS requests                 662,741       65.9%
Programs that made P2P connections                      9        0.0%
    Programs using bittorrent                           7       77.8%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             2       22.2%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,398,730            
  Programs Skipped                              1,338,186       39.4%
  Programs Analyzed                             2,060,544       60.6%
    Completed Analysis Runs                     2,049,026       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.5%
    Invalid Binaries                                  204        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,543,814       75.3%
  Programs using HTTP                           1,062,685       68.8%
    URLs captured                                       0            
  Programs using FTP                                  557        0.0%
  Programs using SMTP                               2,789        0.2%
  Programs using IRC                               14,423        0.9%
Programs that sent UDP data                     1,999,849       97.6%
  Programs that made DNS requests               1,499,049       75.0%
Programs that made P2P connections                     18        0.0%
    Programs using bittorrent                          11       61.1%
    Programs using edonkey                              1        5.6%
    Programs using gnutella                             5       27.8%
    Programs using winmx                                1        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              7,125,620            
  Programs Skipped                              4,408,714       61.9%
  Programs Analyzed                             2,716,906       38.1%
    Completed Analysis Runs                     2,705,277       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.4%
    Invalid Binaries                                  315        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,140,919       79.1%
  Programs using HTTP                           1,559,973       72.9%
    URLs captured                                       0            
  Programs using FTP                                  766        0.0%
  Programs using SMTP                               3,319        0.2%
  Programs using IRC                               20,017        0.9%
Programs that sent UDP data                     2,640,350       97.6%
  Programs that made DNS requests               2,409,766       91.3%
Programs that made P2P connections                     23        0.0%
    Programs using bittorrent                          15       65.2%
    Programs using edonkey                              1        4.3%
    Programs using gnutella                             6       26.1%
    Programs using winmx                                1        4.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             26,244,240            
  Programs Skipped                             20,118,430       76.7%
  Programs Analyzed                             6,125,810       23.3%
    Completed Analysis Runs                     6,109,651       99.7%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.2%
    Invalid Binaries                                4,845        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     5,317,965       87.0%
  Programs using HTTP                           3,337,990       62.8%
    URLs captured                                       0            
  Programs using FTP                                3,055        0.1%
  Programs using SMTP                               7,121        0.1%
  Programs using IRC                               42,708        0.8%
Programs that sent UDP data                     5,963,019       97.6%
  Programs that made DNS requests               5,963,019      100.0%
Programs that made P2P connections                     79        0.0%
    Programs using bittorrent                          63       79.7%
    Programs using edonkey                              5        6.3%
    Programs using gnutella                             7        8.9%
    Programs using winmx                                4        5.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             105,807,531            
  Programs Skipped                              90,445,812       85.5%
  Programs Analyzed                             15,361,719       14.5%
    Completed Analysis Runs                     15,325,349       99.8%
    Failed Analysis Runs                               546        0.0%
    Programs Retried                                13,824        0.1%
    Invalid Binaries                                22,000        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     13,490,444       88.0%
  Programs using HTTP                            7,525,415       55.8%
    URLs captured                                8,766,006            
  Programs using FTP                                52,827        0.4%
  Programs using SMTP                               22,019        0.2%
  Programs using IRC                                81,930        0.6%
Programs that sent UDP data                     14,957,540       97.6%
  Programs that made DNS requests               14,957,540      100.0%
Programs that made P2P connections                     259        0.0%
    Programs using bittorrent                          212       81.9%
    Programs using edonkey                              15        5.8%
    Programs using gnutella                             21        8.1%
    Programs using winmx                                11        4.2%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             203,384,303            
  Programs Skipped                             174,915,299       86.0%
  Programs Analyzed                             28,469,004       14.0%
    Completed Analysis Runs                     28,179,221       99.0%
    Failed Analysis Runs                            18,553        0.1%
    Programs Retried                               232,889        0.8%
    Invalid Binaries                                38,341        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     19,371,084       68.7%
  Programs using HTTP                           11,023,192       56.9%
    URLs captured                               45,044,156            
  Programs using FTP                               114,691        0.6%
  Programs using SMTP                               55,583        0.3%
  Programs using IRC                               101,187        0.5%
Programs that sent UDP data                     27,502,919       97.6%
  Programs that made DNS requests               27,502,919      100.0%
Programs that made P2P connections                   1,535        0.0%
    Programs using bittorrent                        1,296       84.4%
    Programs using edonkey                              45        2.9%
    Programs using gnutella                            125        8.1%
    Programs using winmx                                69        4.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>