Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,349,693            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,349,693      100.0%
    Completed Analysis Runs                     1,343,012       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                5,765        0.4%
    Invalid Binaries                                  916        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       682,350       50.8%
  Programs using HTTP                             205,897       30.2%
    URLs captured                                       0            
  Programs using FTP                                  266        0.0%
  Programs using SMTP                              10,561        1.5%
  Programs using IRC                                6,951        1.0%
Programs that sent UDP data                       858,067       63.9%
  Programs that made DNS requests                 401,950       46.8%
Programs that made P2P connections                     27        0.0%
    Programs using bittorrent                          11       40.7%
    Programs using edonkey                              3       11.1%
    Programs using gnutella                             9       33.3%
    Programs using winmx                                4       14.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,597,060            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             3,597,060      100.0%
    Completed Analysis Runs                     3,569,773       99.2%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               13,777        0.4%
    Invalid Binaries                               13,510        0.4%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,877,981       52.6%
  Programs using HTTP                             570,492       30.4%
    URLs captured                                       0            
  Programs using FTP                                  700        0.0%
  Programs using SMTP                              14,288        0.8%
  Programs using IRC                               39,820        2.1%
Programs that sent UDP data                     2,363,271       66.2%
  Programs that made DNS requests               1,141,805       48.3%
Programs that made P2P connections                     86        0.0%
    Programs using bittorrent                          46       53.5%
    Programs using edonkey                              5        5.8%
    Programs using gnutella                            30       34.9%
    Programs using winmx                                5        5.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              6,977,860            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             6,977,860      100.0%
    Completed Analysis Runs                     6,928,830       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               30,395        0.4%
    Invalid Binaries                               18,635        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,689,842       53.3%
  Programs using HTTP                           1,066,139       28.9%
    URLs captured                                       0            
  Programs using FTP                                1,293        0.0%
  Programs using SMTP                              16,296        0.4%
  Programs using IRC                               60,900        1.7%
Programs that sent UDP data                     4,703,833       67.9%
  Programs that made DNS requests               2,205,581       46.9%
Programs that made P2P connections                    212        0.0%
    Programs using bittorrent                         127       59.9%
    Programs using edonkey                             14        6.6%
    Programs using gnutella                            53       25.0%
    Programs using winmx                               18        8.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              9,272,455            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             9,272,455      100.0%
    Completed Analysis Runs                     9,210,321       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               42,356        0.5%
    Invalid Binaries                               19,778        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,762,872       51.7%
  Programs using HTTP                           1,387,585       29.1%
    URLs captured                                       0            
  Programs using FTP                                1,685        0.0%
  Programs using SMTP                              16,823        0.4%
  Programs using IRC                               77,495        1.6%
Programs that sent UDP data                     6,152,582       66.8%
  Programs that made DNS requests               2,894,084       47.0%
Programs that made P2P connections                    288        0.0%
    Programs using bittorrent                         187       64.9%
    Programs using edonkey                             16        5.6%
    Programs using gnutella                            59       20.5%
    Programs using winmx                               26        9.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             19,109,474            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            19,109,474      100.0%
    Completed Analysis Runs                    18,968,173       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               84,064        0.4%
    Invalid Binaries                               57,237        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     7,663,576       40.4%
  Programs using HTTP                           2,067,380       27.0%
    URLs captured                                       0            
  Programs using FTP                                2,707        0.0%
  Programs using SMTP                              23,138        0.3%
  Programs using IRC                              226,336        3.0%
Programs that sent UDP data                     9,476,882       50.0%
  Programs that made DNS requests               4,883,114       51.5%
Programs that made P2P connections                    504        0.0%
    Programs using bittorrent                         346       68.7%
    Programs using edonkey                             36        7.1%
    Programs using gnutella                            88       17.5%
    Programs using winmx                               34        6.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             27,403,810            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            27,403,810      100.0%
    Completed Analysis Runs                    27,196,676       99.2%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              140,242        0.5%
    Invalid Binaries                               66,892        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    11,158,539       41.0%
  Programs using HTTP                           3,500,981       31.4%
    URLs captured                                       0            
  Programs using FTP                                4,217        0.0%
  Programs using SMTP                              26,273        0.2%
  Programs using IRC                              260,266        2.3%
Programs that sent UDP data                    14,663,014       53.9%
  Programs that made DNS requests               6,671,149       45.5%
Programs that made P2P connections                    587        0.0%
    Programs using bittorrent                         407       69.3%
    Programs using edonkey                             42        7.2%
    Programs using gnutella                            98       16.7%
    Programs using winmx                               40        6.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             131,543,553            
  Programs Skipped                              88,886,706       67.6%
  Programs Analyzed                             42,656,847       32.4%
    Completed Analysis Runs                     42,414,419       99.4%
    Failed Analysis Runs                               546        0.0%
    Programs Retried                               153,815        0.4%
    Invalid Binaries                                88,067        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     24,616,178       58.0%
  Programs using HTTP                           10,967,525       44.6%
    URLs captured                                7,313,854            
  Programs using FTP                                55,656        0.2%
  Programs using SMTP                               47,622        0.2%
  Programs using IRC                               343,001        1.4%
Programs that sent UDP data                     31,287,385       73.8%
  Programs that made DNS requests               22,408,784       71.6%
Programs that made P2P connections                     834        0.0%
    Programs using bittorrent                          610       73.1%
    Programs using edonkey                              56        6.7%
    Programs using gnutella                            117       14.0%
    Programs using winmx                                51        6.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>