Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,959,827            
  Programs Skipped                              3,403,861       86.0%
  Programs Analyzed                               555,966       14.0%
    Completed Analysis Runs                       554,633       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,333        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       501,034       90.3%
  Programs using HTTP                             284,461       56.8%
    URLs captured                                       0            
  Programs using FTP                                  124        0.0%
  Programs using SMTP                               1,986        0.4%
  Programs using IRC                                1,813        0.4%
Programs that sent UDP data                       541,321       97.6%
  Programs that made DNS requests                 541,321      100.0%
Programs that made P2P connections                     11        0.0%
    Programs using bittorrent                          11      100.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             13,908,368            
  Programs Skipped                             12,289,898       88.4%
  Programs Analyzed                             1,618,470       11.6%
    Completed Analysis Runs                     1,616,069       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,401        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,039,026       64.3%
  Programs using HTTP                             637,074       61.3%
    URLs captured                                       0            
  Programs using FTP                                  263        0.0%
  Programs using SMTP                               3,403        0.3%
  Programs using IRC                                3,802        0.4%
Programs that sent UDP data                     1,192,872       73.8%
  Programs that made DNS requests               1,192,872      100.0%
Programs that made P2P connections                     17        0.0%
    Programs using bittorrent                          16       94.1%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                1        5.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             31,497,720            
  Programs Skipped                             28,731,575       91.2%
  Programs Analyzed                             2,766,145        8.8%
    Completed Analysis Runs                     2,759,233       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                6,912        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,098,822       76.1%
  Programs using HTTP                           1,453,891       69.3%
    URLs captured                                       0            
  Programs using FTP                                  560        0.0%
  Programs using SMTP                               4,032        0.2%
  Programs using IRC                               10,600        0.5%
Programs that sent UDP data                     2,296,493       83.2%
  Programs that made DNS requests               2,296,493      100.0%
Programs that made P2P connections                     18        0.0%
    Programs using bittorrent                          16       88.9%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1        5.6%
    Programs using winmx                                1        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             41,582,451            
  Programs Skipped                             37,704,108       90.7%
  Programs Analyzed                             3,878,343        9.3%
    Completed Analysis Runs                     3,868,311       99.7%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                  326        0.0%
    Invalid Binaries                                9,706        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,182,461       82.3%
  Programs using HTTP                           1,944,185       61.1%
    URLs captured                               3,599,312            
  Programs using FTP                                9,803        0.3%
  Programs using SMTP                               6,824        0.2%
  Programs using IRC                               14,167        0.4%
Programs that sent UDP data                     3,538,685       91.5%
  Programs that made DNS requests               3,538,685      100.0%
Programs that made P2P connections                     45        0.0%
    Programs using bittorrent                          39       86.7%
    Programs using edonkey                              2        4.4%
    Programs using gnutella                             2        4.4%
    Programs using winmx                                2        4.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             68,663,235            
  Programs Skipped                             61,377,740       89.4%
  Programs Analyzed                             7,285,495       10.6%
    Completed Analysis Runs                     7,222,294       99.1%
    Failed Analysis Runs                            3,997        0.1%
    Programs Retried                               38,430        0.5%
    Invalid Binaries                               20,774        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     5,408,447       74.9%
  Programs using HTTP                           3,353,446       62.0%
    URLs captured                              16,387,117            
  Programs using FTP                               31,770        0.6%
  Programs using SMTP                              19,229        0.4%
  Programs using IRC                               24,592        0.5%
Programs that sent UDP data                     7,048,958       97.6%
  Programs that made DNS requests               7,048,958      100.0%
Programs that made P2P connections                    177        0.0%
    Programs using bittorrent                         155       87.6%
    Programs using edonkey                              6        3.4%
    Programs using gnutella                            13        7.3%
    Programs using winmx                                3        1.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             119,947,907            
  Programs Skipped                             105,918,701       88.3%
  Programs Analyzed                             14,029,206       11.7%
    Completed Analysis Runs                     13,815,043       98.5%
    Failed Analysis Runs                            14,077        0.1%
    Programs Retried                               172,325        1.2%
    Invalid Binaries                                27,761        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      8,474,863       61.3%
  Programs using HTTP                            4,867,016       57.4%
    URLs captured                               35,526,012            
  Programs using FTP                                64,304        0.8%
  Programs using SMTP                               31,725        0.4%
  Programs using IRC                                33,356        0.4%
Programs that sent UDP data                     13,483,481       97.6%
  Programs that made DNS requests               13,483,481      100.0%
Programs that made P2P connections                     680        0.0%
    Programs using bittorrent                          522       76.8%
    Programs using edonkey                              18        2.6%
    Programs using gnutella                             90       13.2%
    Programs using winmx                                50        7.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             189,233,598            
  Programs Skipped                             159,888,890       84.5%
  Programs Analyzed                             29,344,708       15.5%
    Completed Analysis Runs                     27,740,796       94.5%
    Failed Analysis Runs                           373,815        1.3%
    Programs Retried                             1,201,315        4.1%
    Invalid Binaries                                28,782        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     12,925,720       46.6%
  Programs using HTTP                            7,843,420       60.7%
    URLs captured                               62,561,073            
  Programs using FTP                                99,296        0.8%
  Programs using SMTP                               57,735        0.4%
  Programs using IRC                                70,493        0.5%
Programs that sent UDP data                     27,075,016       97.6%
  Programs that made DNS requests               27,075,016      100.0%
Programs that made P2P connections                   1,664        0.0%
    Programs using bittorrent                        1,288       77.4%
    Programs using edonkey                              76        4.6%
    Programs using gnutella                            226       13.6%
    Programs using winmx                                74        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               1,730,362        6.2%
Programs that made VMWare registry checks            4,413        0.0%
Programs that made SoftICE checks                   27,105        0.1%
Programs that made Wine checks                      30,771        0.1%
Programs that made Time checks                       1,343        0.0%
Programs that supress Compatibility Warnings     3,888,668       14.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            537        0.0%
Programs that installed a Rootkit                      743        0.0%
Programs that installed a startup entry            795,166        2.9%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   64,544        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>