Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,722,042            
  Programs Skipped                              3,448,588       92.7%
  Programs Analyzed                               273,454        7.3%
    Completed Analysis Runs                       268,730       98.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                4,724        1.7%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       196,919       73.3%
  Programs using HTTP                              87,420       44.4%
    URLs captured                                 418,537            
  Programs using FTP                                1,711        0.9%
  Programs using SMTP                               1,059        0.5%
  Programs using IRC                                  794        0.4%
Programs that sent UDP data                       247,230       92.0%
  Programs that made DNS requests                 247,230      100.0%
Programs that made P2P connections                      6        0.0%
    Programs using bittorrent                           4       66.7%
    Programs using edonkey                              1       16.7%
    Programs using gnutella                             1       16.7%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             10,382,921            
  Programs Skipped                              9,310,779       89.7%
  Programs Analyzed                             1,072,142       10.3%
    Completed Analysis Runs                     1,065,449       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                  305        0.0%
    Invalid Binaries                                6,388        0.6%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       993,231       93.2%
  Programs using HTTP                             437,047       44.0%
    URLs captured                               3,315,287            
  Programs using FTP                                8,914        0.9%
  Programs using SMTP                               2,706        0.3%
  Programs using IRC                                3,479        0.4%
Programs that sent UDP data                     1,039,878       97.6%
  Programs that made DNS requests               1,039,878      100.0%
Programs that made P2P connections                     27        0.0%
    Programs using bittorrent                          23       85.2%
    Programs using edonkey                              2        7.4%
    Programs using gnutella                             1        3.7%
    Programs using winmx                                1        3.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             17,898,206            
  Programs Skipped                             15,410,027       86.1%
  Programs Analyzed                             2,488,179       13.9%
    Completed Analysis Runs                     2,476,031       99.5%
    Failed Analysis Runs                              546        0.0%
    Programs Retried                                2,508        0.1%
    Invalid Binaries                                9,094        0.4%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,151,093       86.9%
  Programs using HTTP                           1,040,091       48.4%
    URLs captured                               8,583,002            
  Programs using FTP                               18,964        0.9%
  Programs using SMTP                               6,416        0.3%
  Programs using IRC                                9,048        0.4%
Programs that sent UDP data                     2,416,606       97.6%
  Programs that made DNS requests               2,416,606      100.0%
Programs that made P2P connections                     73        0.0%
    Programs using bittorrent                          62       84.9%
    Programs using edonkey                              4        5.5%
    Programs using gnutella                             5        6.8%
    Programs using winmx                                2        2.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             28,089,426            
  Programs Skipped                             24,690,164       87.9%
  Programs Analyzed                             3,399,262       12.1%
    Completed Analysis Runs                     3,355,486       98.7%
    Failed Analysis Runs                            2,564        0.1%
    Programs Retried                               25,579        0.8%
    Invalid Binaries                               15,633        0.5%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,579,933       76.9%
  Programs using HTTP                           1,348,352       52.3%
    URLs captured                              11,711,963            
  Programs using FTP                               23,786        0.9%
  Programs using SMTP                               9,170        0.4%
  Programs using IRC                               11,450        0.4%
Programs that sent UDP data                     3,274,954       97.6%
  Programs that made DNS requests               3,274,954      100.0%
Programs that made P2P connections                    121        0.0%
    Programs using bittorrent                         106       87.6%
    Programs using edonkey                              4        3.3%
    Programs using gnutella                             9        7.4%
    Programs using winmx                                2        1.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             57,646,041            
  Programs Skipped                             51,314,195       89.0%
  Programs Analyzed                             6,331,846       11.0%
    Completed Analysis Runs                     6,180,983       97.6%
    Failed Analysis Runs                            8,889        0.1%
    Programs Retried                              119,968        1.9%
    Invalid Binaries                               22,006        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,169,996       67.5%
  Programs using HTTP                           2,255,978       54.1%
    URLs captured                              20,378,809            
  Programs using FTP                               36,703        0.9%
  Programs using SMTP                              18,083        0.4%
  Programs using IRC                               16,802        0.4%
Programs that sent UDP data                     6,032,639       97.6%
  Programs that made DNS requests               6,032,639      100.0%
Programs that made P2P connections                    225        0.0%
    Programs using bittorrent                         176       78.2%
    Programs using edonkey                              9        4.0%
    Programs using gnutella                            37       16.4%
    Programs using winmx                                3        1.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             104,310,432            
  Programs Skipped                              90,729,046       87.0%
  Programs Analyzed                             13,581,386       13.0%
    Completed Analysis Runs                     13,344,768       98.3%
    Failed Analysis Runs                            16,130        0.1%
    Programs Retried                               195,985        1.4%
    Invalid Binaries                                24,503        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      7,248,967       54.3%
  Programs using HTTP                            3,969,239       54.8%
    URLs captured                               40,466,200            
  Programs using FTP                                74,407        1.0%
  Programs using SMTP                               30,139        0.4%
  Programs using IRC                                25,152        0.3%
Programs that sent UDP data                     13,024,493       97.6%
  Programs that made DNS requests               13,024,493      100.0%
Programs that made P2P connections                   1,145        0.0%
    Programs using bittorrent                          956       83.5%
    Programs using edonkey                              33        2.9%
    Programs using gnutella                            101        8.8%
    Programs using winmx                                55        4.8%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             164,391,406            
  Programs Skipped                             134,796,958       82.0%
  Programs Analyzed                             29,594,448       18.0%
    Completed Analysis Runs                     27,411,986       92.6%
    Failed Analysis Runs                           590,942        2.0%
    Programs Retried                             1,566,016        5.3%
    Invalid Binaries                                25,504        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     11,553,702       42.1%
  Programs using HTTP                            6,875,273       59.5%
    URLs captured                               67,127,645            
  Programs using FTP                               102,570        0.9%
  Programs using SMTP                               59,113        0.5%
  Programs using IRC                                68,023        0.6%
Programs that sent UDP data                     26,754,098       97.6%
  Programs that made DNS requests               26,754,098      100.0%
Programs that made P2P connections                   1,729        0.0%
    Programs using bittorrent                        1,303       75.4%
    Programs using edonkey                              87        5.0%
    Programs using gnutella                            263       15.2%
    Programs using winmx                                76        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               2,441,912        8.9%
Programs that made VMWare registry checks            4,802        0.0%
Programs that made SoftICE checks                   32,125        0.1%
Programs that made Wine checks                      37,856        0.1%
Programs that made Time checks                       1,612        0.0%
Programs that supress Compatibility Warnings     4,848,196       17.7%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            612        0.0%
Programs that installed a Rootkit                    1,068        0.0%
Programs that installed a startup entry          1,028,763        3.8%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   83,935        0.3%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>