Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,117,103            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             2,117,103      100.0%
    Completed Analysis Runs                     2,108,639       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                6,016        0.3%
    Invalid Binaries                                2,448        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,236,200       58.6%
  Programs using HTTP                             320,919       26.0%
    URLs captured                                       0            
  Programs using FTP                                  307        0.0%
  Programs using SMTP                              13,486        1.1%
  Programs using IRC                                4,581        0.4%
Programs that sent UDP data                     1,565,413       74.2%
  Programs that made DNS requests                 641,672       41.0%
Programs that made P2P connections                    457        0.0%
    Programs using bittorrent                         431       94.3%
    Programs using edonkey                              4        0.9%
    Programs using gnutella                            13        2.8%
    Programs using winmx                                9        2.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              6,264,159            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             6,264,159      100.0%
    Completed Analysis Runs                     6,241,055       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               18,689        0.3%
    Invalid Binaries                                4,415        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,933,653       63.0%
  Programs using HTTP                           1,070,943       27.2%
    URLs captured                                       0            
  Programs using FTP                                  879        0.0%
  Programs using SMTP                              47,292        1.2%
  Programs using IRC                               14,655        0.4%
Programs that sent UDP data                     4,873,811       78.1%
  Programs that made DNS requests               1,956,780       40.1%
Programs that made P2P connections                    726        0.0%
    Programs using bittorrent                         655       90.2%
    Programs using edonkey                              9        1.2%
    Programs using gnutella                            45        6.2%
    Programs using winmx                               17        2.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             11,265,447            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            11,265,447      100.0%
    Completed Analysis Runs                    11,224,404       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               34,922        0.3%
    Invalid Binaries                                6,121        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,613,931       58.9%
  Programs using HTTP                           1,920,354       29.0%
    URLs captured                                       0            
  Programs using FTP                                1,809        0.0%
  Programs using SMTP                              81,726        1.2%
  Programs using IRC                               36,241        0.5%
Programs that sent UDP data                     8,302,533       74.0%
  Programs that made DNS requests               3,473,074       41.8%
Programs that made P2P connections                    833        0.0%
    Programs using bittorrent                         716       86.0%
    Programs using edonkey                             18        2.2%
    Programs using gnutella                            69        8.3%
    Programs using winmx                               30        3.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             14,753,856            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            14,753,856      100.0%
    Completed Analysis Runs                    14,686,247       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               47,994        0.3%
    Invalid Binaries                               19,615        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     8,437,203       57.4%
  Programs using HTTP                           2,474,632       29.3%
    URLs captured                                       0            
  Programs using FTP                                2,487        0.0%
  Programs using SMTP                              94,430        1.1%
  Programs using IRC                               75,670        0.9%
Programs that sent UDP data                    10,597,818       72.2%
  Programs that made DNS requests               4,584,257       43.3%
Programs that made P2P connections                    918        0.0%
    Programs using bittorrent                         762       83.0%
    Programs using edonkey                             23        2.5%
    Programs using gnutella                            99       10.8%
    Programs using winmx                               34        3.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             24,204,433            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            24,204,433      100.0%
    Completed Analysis Runs                    24,083,447       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               91,816        0.4%
    Invalid Binaries                               29,170        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    12,340,209       51.2%
  Programs using HTTP                           3,667,679       29.7%
    URLs captured                                       0            
  Programs using FTP                                3,940        0.0%
  Programs using SMTP                             101,786        0.8%
  Programs using IRC                              124,027        1.0%
Programs that sent UDP data                    15,589,124       64.7%
  Programs that made DNS requests               7,115,058       45.6%
Programs that made P2P connections                  1,209        0.0%
    Programs using bittorrent                         969       80.1%
    Programs using edonkey                             39        3.2%
    Programs using gnutella                           141       11.7%
    Programs using winmx                               60        5.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             36,890,853            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            36,890,853      100.0%
    Completed Analysis Runs                    36,643,742       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              174,459        0.5%
    Invalid Binaries                               72,652        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    16,757,628       45.7%
  Programs using HTTP                           4,859,591       29.0%
    URLs captured                                       0            
  Programs using FTP                                5,476        0.0%
  Programs using SMTP                             105,291        0.6%
  Programs using IRC                              287,410        1.7%
Programs that sent UDP data                    21,424,303       58.5%
  Programs that made DNS requests               9,494,409       44.3%
Programs that made P2P connections                  1,408        0.0%
    Programs using bittorrent                       1,117       79.3%
    Programs using edonkey                             59        4.2%
    Programs using gnutella                           166       11.8%
    Programs using winmx                               66        4.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             123,026,226            
  Programs Skipped                              71,680,191       58.3%
  Programs Analyzed                             51,346,035       41.7%
    Completed Analysis Runs                     51,074,563       99.5%
    Failed Analysis Runs                                 0        0.0%
    Programs Retried                               185,773        0.4%
    Invalid Binaries                                85,699        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     28,953,791       56.7%
  Programs using HTTP                           11,780,878       40.7%
    URLs captured                                        0            
  Programs using FTP                                39,594        0.1%
  Programs using SMTP                              122,120        0.4%
  Programs using IRC                               369,427        1.3%
Programs that sent UDP data                     36,861,686       72.2%
  Programs that made DNS requests               23,190,433       62.9%
Programs that made P2P connections                   1,604        0.0%
    Programs using bittorrent                        1,272       79.3%
    Programs using edonkey                              71        4.4%
    Programs using gnutella                            183       11.4%
    Programs using winmx                                78        4.9%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>