Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,570,368            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,570,368      100.0%
    Completed Analysis Runs                     1,559,069       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,280        0.7%
    Invalid Binaries                                   19        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       865,058       55.5%
  Programs using HTTP                             204,211       23.6%
    URLs captured                                       0            
  Programs using FTP                                  303        0.0%
  Programs using SMTP                               2,763        0.3%
  Programs using IRC                                2,073        0.2%
Programs that sent UDP data                     1,145,623       73.5%
  Programs that made DNS requests                 446,278       39.0%
Programs that made P2P connections                     25        0.0%
    Programs using bittorrent                          19       76.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             4       16.0%
    Programs using winmx                                2        8.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              4,437,404            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             4,437,404      100.0%
    Completed Analysis Runs                     4,392,612       99.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               42,096        0.9%
    Invalid Binaries                                2,696        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,206,042       50.2%
  Programs using HTTP                             615,682       27.9%
    URLs captured                                       0            
  Programs using FTP                                  840        0.0%
  Programs using SMTP                               8,960        0.4%
  Programs using IRC                                8,546        0.4%
Programs that sent UDP data                     2,938,643       66.9%
  Programs that made DNS requests               1,242,982       42.3%
Programs that made P2P connections                     76        0.0%
    Programs using bittorrent                          47       61.8%
    Programs using edonkey                              1        1.3%
    Programs using gnutella                            20       26.3%
    Programs using winmx                                8       10.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              7,989,407            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             7,989,407      100.0%
    Completed Analysis Runs                     7,916,849       99.1%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               51,967        0.7%
    Invalid Binaries                               20,591        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,980,831       50.3%
  Programs using HTTP                           1,166,088       29.3%
    URLs captured                                       0            
  Programs using FTP                                1,707        0.0%
  Programs using SMTP                              16,019        0.4%
  Programs using IRC                               14,461        0.4%
Programs that sent UDP data                     5,431,290       68.6%
  Programs that made DNS requests               2,304,078       42.4%
Programs that made P2P connections                    181        0.0%
    Programs using bittorrent                         102       56.4%
    Programs using edonkey                              3        1.7%
    Programs using gnutella                            52       28.7%
    Programs using winmx                               24       13.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             11,696,533            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            11,696,533      100.0%
    Completed Analysis Runs                    11,596,156       99.1%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               68,609        0.6%
    Invalid Binaries                               31,768        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     5,861,619       50.5%
  Programs using HTTP                           1,747,138       29.8%
    URLs captured                                       0            
  Programs using FTP                                2,404        0.0%
  Programs using SMTP                              29,767        0.5%
  Programs using IRC                               21,611        0.4%
Programs that sent UDP data                     7,812,896       67.4%
  Programs that made DNS requests               3,289,053       42.1%
Programs that made P2P connections                    280        0.0%
    Programs using bittorrent                         176       62.9%
    Programs using edonkey                              9        3.2%
    Programs using gnutella                            67       23.9%
    Programs using winmx                               28       10.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             27,476,119            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            27,476,119      100.0%
    Completed Analysis Runs                    27,299,861       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              126,814        0.5%
    Invalid Binaries                               49,444        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    14,984,996       54.9%
  Programs using HTTP                           4,410,211       29.4%
    URLs captured                                       0            
  Programs using FTP                                5,283        0.0%
  Programs using SMTP                             130,860        0.9%
  Programs using IRC                               63,493        0.4%
Programs that sent UDP data                    19,293,527       70.7%
  Programs that made DNS requests               8,141,034       42.2%
Programs that made P2P connections                  1,438        0.0%
    Programs using bittorrent                       1,169       81.3%
    Programs using edonkey                             31        2.2%
    Programs using gnutella                           167       11.6%
    Programs using winmx                               71        4.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             48,633,321            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            48,633,321      100.0%
    Completed Analysis Runs                    48,314,034       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              212,290        0.4%
    Invalid Binaries                              106,997        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    23,967,940       49.6%
  Programs using HTTP                           6,927,158       28.9%
    URLs captured                                       0            
  Programs using FTP                                8,519        0.0%
  Programs using SMTP                             172,707        0.7%
  Programs using IRC                              303,005        1.3%
Programs that sent UDP data                    30,451,389       63.0%
  Programs that made DNS requests              13,813,799       45.4%
Programs that made P2P connections                  1,999        0.0%
    Programs using bittorrent                       1,545       77.3%
    Programs using edonkey                             75        3.8%
    Programs using gnutella                           269       13.5%
    Programs using winmx                              110        5.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             80,514,221            
  Programs Skipped                             17,361,445       21.6%
  Programs Analyzed                            63,152,776       78.4%
    Completed Analysis Runs                    62,748,041       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              283,815        0.4%
    Invalid Binaries                              120,920        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    32,397,260       51.6%
  Programs using HTTP                          11,429,927       35.3%
    URLs captured                                       0            
  Programs using FTP                               11,565        0.0%
  Programs using SMTP                             181,124        0.6%
  Programs using IRC                              375,406        1.2%
Programs that sent UDP data                    42,458,530       67.7%
  Programs that made DNS requests              21,526,638       50.7%
Programs that made P2P connections                  2,161        0.0%
    Programs using bittorrent                       1,668       77.2%
    Programs using edonkey                             85        3.9%
    Programs using gnutella                           287       13.3%
    Programs using winmx                              121        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>