On this page... (hide)
- Explanation
- Updates
- Sandbox Processing
- Sandbox Statistics (10-Day Rolling Report)
- Sandbox Statistics (30-Day Rolling Report)
- Sandbox Statistics (60-Day Rolling Report)
- Sandbox Statistics (90-Day Rolling Report)
- Sandbox Statistics (180-Day Rolling Report)
- Sandbox Statistics (One-Year Rolling Report)
- Sandbox Statistics (Two-Year Rolling Report)
Explanation
The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:
Programs Processed - How many binaries went through the system
- Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
- Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
- Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
- Failed Analysis Runs - Binaries that would not run and create a valid report
- Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
- Invalid Binaries - How many program that would not execute or were not proper Windows binaries
- Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
- Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
- Malicious Activity - What activity local to the system will the programs take
Updates
The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.
Sandbox Processing
FTP Results
HTTP Results
IRC Results
P2P Results
SMTP Results
Sandbox Statistics (10-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 570,190
Programs Skipped 215,036 37.7%
Programs Analyzed 355,154 62.3%
Completed Analysis Runs 254,242 71.6%
Failed Analysis Runs 13,244 3.7%
Programs Retried 87,668 24.7%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 171,787 67.6%
Programs using HTTP 114,476 66.6%
URLs captured 168,671
Programs using FTP 249 0.1%
Programs using SMTP 212 0.1%
Programs using IRC 476 0.3%
Programs that sent UDP data 171,708 67.5%
Programs that made DNS requests 171,708 100.0%
Programs that made P2P connections 23 0.0%
Programs using bittorrent 5 21.7%
Programs using edonkey 1 4.3%
Programs using gnutella 17 73.9%
Programs using winmx 0 0.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 16,421 6.5%
Programs that made VMWare registry checks 10 0.0%
Programs that made SoftICE checks 432 0.2%
Programs that made Wine checks 673 0.3%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 181,783 71.5%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 17 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 154,259 60.7%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 452 0.2%
Programs that called taskkill 0 0.0%
Sandbox Statistics (30-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 1,931,829
Programs Skipped 690,651 35.8%
Programs Analyzed 1,241,178 64.2%
Completed Analysis Runs 983,162 79.2%
Failed Analysis Runs 18,165 1.5%
Programs Retried 239,851 19.3%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 666,629 67.8%
Programs using HTTP 512,376 76.9%
URLs captured 772,300
Programs using FTP 561 0.1%
Programs using SMTP 534 0.1%
Programs using IRC 24,988 3.7%
Programs that sent UDP data 666,761 67.8%
Programs that made DNS requests 666,761 100.0%
Programs that made P2P connections 54 0.0%
Programs using bittorrent 12 22.2%
Programs using edonkey 1 1.9%
Programs using gnutella 41 75.9%
Programs using winmx 0 0.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 27,162 2.8%
Programs that made VMWare registry checks 18 0.0%
Programs that made SoftICE checks 1,074 0.1%
Programs that made Wine checks 1,713 0.2%
Programs that made Time checks 23 0.0%
Programs that supress Compatibility Warnings 741,676 75.4%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 56 0.0%
Programs that installed a Rootkit 29 0.0%
Programs that installed a startup entry 540,489 55.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 1,180 0.1%
Programs that called taskkill 0 0.0%
Sandbox Statistics (60-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 3,766,444
Programs Skipped 1,684,631 44.7%
Programs Analyzed 2,081,813 55.3%
Completed Analysis Runs 1,666,697 80.1%
Failed Analysis Runs 25,845 1.2%
Programs Retried 389,271 18.7%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 822,694 49.4%
Programs using HTTP 638,659 77.6%
URLs captured 1,082,013
Programs using FTP 1,045 0.1%
Programs using SMTP 1,269 0.2%
Programs using IRC 30,503 3.7%
Programs that sent UDP data 822,229 49.3%
Programs that made DNS requests 822,229 100.0%
Programs that made P2P connections 104 0.0%
Programs using bittorrent 26 25.0%
Programs using edonkey 2 1.9%
Programs using gnutella 75 72.1%
Programs using winmx 1 1.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 43,446 2.6%
Programs that made VMWare registry checks 190 0.0%
Programs that made SoftICE checks 2,626 0.2%
Programs that made Wine checks 3,979 0.2%
Programs that made Time checks 148 0.0%
Programs that supress Compatibility Warnings 1,066,657 64.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 119 0.0%
Programs that installed a Rootkit 311 0.0%
Programs that installed a startup entry 723,871 43.4%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 2,382 0.1%
Programs that called taskkill 0 0.0%
Sandbox Statistics (90-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 6,041,787
Programs Skipped 2,942,766 48.7%
Programs Analyzed 3,099,021 51.3%
Completed Analysis Runs 2,447,509 79.0%
Failed Analysis Runs 36,902 1.2%
Programs Retried 614,610 19.8%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 1,243,656 50.8%
Programs using HTTP 974,712 78.4%
URLs captured 2,212,613
Programs using FTP 1,333 0.1%
Programs using SMTP 1,593 0.1%
Programs using IRC 32,206 2.6%
Programs that sent UDP data 1,244,634 50.9%
Programs that made DNS requests 1,244,634 100.0%
Programs that made P2P connections 117 0.0%
Programs using bittorrent 31 26.5%
Programs using edonkey 2 1.7%
Programs using gnutella 83 70.9%
Programs using winmx 1 0.9%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 51,206 2.1%
Programs that made VMWare registry checks 205 0.0%
Programs that made SoftICE checks 3,123 0.1%
Programs that made Wine checks 4,846 0.2%
Programs that made Time checks 152 0.0%
Programs that supress Compatibility Warnings 1,563,563 63.9%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 145 0.0%
Programs that installed a Rootkit 311 0.0%
Programs that installed a startup entry 1,050,766 42.9%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 3,011 0.1%
Programs that called taskkill 0 0.0%
Sandbox Statistics (180-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 14,398,258
Programs Skipped 5,174,351 35.9%
Programs Analyzed 9,223,907 64.1%
Completed Analysis Runs 7,494,922 81.3%
Failed Analysis Runs 66,341 0.7%
Programs Retried 1,662,644 18.0%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 4,177,321 55.7%
Programs using HTTP 3,317,728 79.4%
URLs captured 7,904,139
Programs using FTP 4,326 0.1%
Programs using SMTP 4,324 0.1%
Programs using IRC 42,753 1.0%
Programs that sent UDP data 4,312,429 57.5%
Programs that made DNS requests 4,312,429 100.0%
Programs that made P2P connections 319 0.0%
Programs using bittorrent 101 31.7%
Programs using edonkey 12 3.8%
Programs using gnutella 201 63.0%
Programs using winmx 5 1.6%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 113,066 1.5%
Programs that made VMWare registry checks 308 0.0%
Programs that made SoftICE checks 7,519 0.1%
Programs that made Wine checks 10,598 0.1%
Programs that made Time checks 163 0.0%
Programs that supress Compatibility Warnings 5,175,831 69.1%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 363 0.0%
Programs that installed a Rootkit 312 0.0%
Programs that installed a startup entry 3,994,464 53.3%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 326,918 4.4%
Programs that called taskkill 0 0.0%
Sandbox Statistics (One-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 26,475,254
Programs Skipped 13,038,995 49.2%
Programs Analyzed 13,436,259 50.8%
Completed Analysis Runs 10,660,399 79.3%
Failed Analysis Runs 163,919 1.2%
Programs Retried 2,611,941 19.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 4,819,535 45.2%
Programs using HTTP 3,860,671 80.1%
URLs captured 12,181,292
Programs using FTP 6,276 0.1%
Programs using SMTP 8,094 0.2%
Programs using IRC 51,930 1.1%
Programs that sent UDP data 4,963,778 46.6%
Programs that made DNS requests 4,963,778 100.0%
Programs that made P2P connections 422 0.0%
Programs using bittorrent 143 33.9%
Programs using edonkey 19 4.5%
Programs using gnutella 253 60.0%
Programs using winmx 7 1.7%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 159,699 1.5%
Programs that made VMWare registry checks 668 0.0%
Programs that made SoftICE checks 8,944 0.1%
Programs that made Wine checks 13,108 0.1%
Programs that made Time checks 5,258 0.0%
Programs that supress Compatibility Warnings 6,558,787 61.5%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 578 0.0%
Programs that installed a Rootkit 3,207 0.0%
Programs that installed a startup entry 4,515,103 42.4%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 403,158 3.8%
Programs that called taskkill 0 0.0%
Sandbox Statistics (Two-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 52,188,425
Programs Skipped 27,677,160 53.0%
Programs Analyzed 24,511,265 47.0%
Completed Analysis Runs 20,342,485 83.0%
Failed Analysis Runs 225,438 0.9%
Programs Retried 3,943,342 16.1%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 5,425,513 26.7%
Programs using HTTP 4,327,421 79.8%
URLs captured 13,624,369
Programs using FTP 9,383 0.2%
Programs using SMTP 18,955 0.3%
Programs using IRC 97,903 1.8%
Programs that sent UDP data 9,587,842 47.1%
Programs that made DNS requests 9,587,842 100.0%
Programs that made P2P connections 701 0.0%
Programs using bittorrent 193 27.5%
Programs using edonkey 34 4.9%
Programs using gnutella 463 66.0%
Programs using winmx 11 1.6%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 250,767 1.2%
Programs that made VMWare registry checks 1,157 0.0%
Programs that made SoftICE checks 14,619 0.1%
Programs that made Wine checks 20,700 0.1%
Programs that made Time checks 5,902 0.0%
Programs that supress Compatibility Warnings 14,263,962 70.1%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 722 0.0%
Programs that installed a Rootkit 3,222 0.0%
Programs that installed a startup entry 7,541,845 37.1%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 422,528 2.1%
Programs that called taskkill 0 0.0%
<< Malware | Statistics | Sandbox Graphs >>
