Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,431,516            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,431,516      100.0%
    Completed Analysis Runs                     1,421,740       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                6,536        0.5%
    Invalid Binaries                                3,240        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       729,810       51.3%
  Programs using HTTP                             223,070       30.6%
    URLs captured                                       0            
  Programs using FTP                                  318        0.0%
  Programs using SMTP                               6,702        0.9%
  Programs using IRC                                6,770        0.9%
Programs that sent UDP data                       961,948       67.7%
  Programs that made DNS requests                 431,743       44.9%
Programs that made P2P connections                     47        0.0%
    Programs using bittorrent                          13       27.7%
    Programs using edonkey                              4        8.5%
    Programs using gnutella                            29       61.7%
    Programs using winmx                                1        2.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              4,224,783            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             4,224,783      100.0%
    Completed Analysis Runs                     4,199,883       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               16,806        0.4%
    Invalid Binaries                                8,094        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,196,972       52.3%
  Programs using HTTP                             610,441       27.8%
    URLs captured                                       0            
  Programs using FTP                                  836        0.0%
  Programs using SMTP                              22,684        1.0%
  Programs using IRC                               21,164        1.0%
Programs that sent UDP data                     2,904,449       69.2%
  Programs that made DNS requests               1,232,566       42.4%
Programs that made P2P connections                    113        0.0%
    Programs using bittorrent                          33       29.2%
    Programs using edonkey                              5        4.4%
    Programs using gnutella                            70       61.9%
    Programs using winmx                                5        4.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              8,445,552            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             8,445,552      100.0%
    Completed Analysis Runs                     8,374,334       99.2%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               56,920        0.7%
    Invalid Binaries                               14,298        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,207,827       50.2%
  Programs using HTTP                           1,207,996       28.7%
    URLs captured                                       0            
  Programs using FTP                                1,901        0.0%
  Programs using SMTP                              30,391        0.7%
  Programs using IRC                               30,067        0.7%
Programs that sent UDP data                     5,636,618       67.3%
  Programs that made DNS requests               2,427,298       43.1%
Programs that made P2P connections                    201        0.0%
    Programs using bittorrent                          86       42.8%
    Programs using edonkey                              6        3.0%
    Programs using gnutella                            94       46.8%
    Programs using winmx                               15        7.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             11,973,768            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            11,973,768      100.0%
    Completed Analysis Runs                    11,873,842       99.2%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               69,754        0.6%
    Invalid Binaries                               30,172        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,045,078       50.9%
  Programs using HTTP                           1,744,268       28.9%
    URLs captured                                       0            
  Programs using FTP                                2,527        0.0%
  Programs using SMTP                              38,070        0.6%
  Programs using IRC                               35,604        0.6%
Programs that sent UDP data                     8,144,888       68.6%
  Programs that made DNS requests               3,441,448       42.3%
Programs that made P2P connections                    303        0.0%
    Programs using bittorrent                         142       46.9%
    Programs using edonkey                              8        2.6%
    Programs using gnutella                           123       40.6%
    Programs using winmx                               30        9.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             26,287,420            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            26,287,420      100.0%
    Completed Analysis Runs                    26,107,316       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              123,928        0.5%
    Invalid Binaries                               56,176        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    13,867,728       53.1%
  Programs using HTTP                           4,094,253       29.5%
    URLs captured                                       0            
  Programs using FTP                                5,423        0.0%
  Programs using SMTP                             121,708        0.9%
  Programs using IRC                               71,391        0.5%
Programs that sent UDP data                    18,067,058       69.2%
  Programs that made DNS requests               7,719,478       42.7%
Programs that made P2P connections                  1,437        0.0%
    Programs using bittorrent                       1,131       78.7%
    Programs using edonkey                             31        2.2%
    Programs using gnutella                           209       14.5%
    Programs using winmx                               66        4.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             49,847,675            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            49,847,675      100.0%
    Completed Analysis Runs                    49,522,132       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              214,908        0.4%
    Invalid Binaries                              110,635        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    25,148,967       50.8%
  Programs using HTTP                           7,312,689       29.1%
    URLs captured                                       0            
  Programs using FTP                                8,916        0.0%
  Programs using SMTP                             192,940        0.8%
  Programs using IRC                              317,454        1.3%
Programs that sent UDP data                    32,104,881       64.8%
  Programs that made DNS requests              14,528,846       45.3%
Programs that made P2P connections                  2,057        0.0%
    Programs using bittorrent                       1,537       74.7%
    Programs using edonkey                             74        3.6%
    Programs using gnutella                           331       16.1%
    Programs using winmx                              115        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             76,962,516            
  Programs Skipped                             11,149,969       14.5%
  Programs Analyzed                            65,812,547       85.5%
    Completed Analysis Runs                    65,386,462       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              298,472        0.5%
    Invalid Binaries                              127,613        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    33,380,836       51.1%
  Programs using HTTP                          11,481,058       34.4%
    URLs captured                                       0            
  Programs using FTP                               12,095        0.0%
  Programs using SMTP                             201,135        0.6%
  Programs using IRC                              384,501        1.2%
Programs that sent UDP data                    43,807,702       67.0%
  Programs that made DNS requests              21,530,636       49.1%
Programs that made P2P connections                  2,246        0.0%
    Programs using bittorrent                       1,678       74.7%
    Programs using edonkey                             89        4.0%
    Programs using gnutella                           354       15.8%
    Programs using winmx                              125        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>