Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                373,270            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               373,270      100.0%
    Completed Analysis Runs                       373,269      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                    1        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       243,652       65.3%
  Programs using HTTP                             151,439       62.2%
    URLs captured                                       0            
  Programs using FTP                                  108        0.0%
  Programs using SMTP                                 242        0.1%
  Programs using IRC                                5,313        2.2%
Programs that sent UDP data                       353,418       94.7%
  Programs that made DNS requests                 149,252       42.2%
Programs that made P2P connections                      3        0.0%
    Programs using bittorrent                           3      100.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,011,042            
  Programs Skipped                                847,803       42.2%
  Programs Analyzed                             1,163,239       57.8%
    Completed Analysis Runs                     1,151,886       99.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        1.0%
    Invalid Binaries                                   39        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       742,573       64.5%
  Programs using HTTP                             491,251       66.2%
    URLs captured                                       0            
  Programs using FTP                                  283        0.0%
  Programs using SMTP                               1,496        0.2%
  Programs using IRC                                8,491        1.1%
Programs that sent UDP data                     1,124,240       97.6%
  Programs that made DNS requests                 668,967       59.5%
Programs that made P2P connections                     10        0.0%
    Programs using bittorrent                           5       50.0%
    Programs using edonkey                              1       10.0%
    Programs using gnutella                             3       30.0%
    Programs using winmx                                1       10.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              6,061,902            
  Programs Skipped                              4,150,203       68.5%
  Programs Analyzed                             1,911,699       31.5%
    Completed Analysis Runs                     1,900,240       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.6%
    Invalid Binaries                                  145        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,337,342       70.4%
  Programs using HTTP                             947,625       70.9%
    URLs captured                                       0            
  Programs using FTP                                  473        0.0%
  Programs using SMTP                               2,165        0.2%
  Programs using IRC                               12,667        0.9%
Programs that sent UDP data                     1,854,634       97.6%
  Programs that made DNS requests               1,646,848       88.8%
Programs that made P2P connections                     16        0.0%
    Programs using bittorrent                          10       62.5%
    Programs using edonkey                              1        6.2%
    Programs using gnutella                             4       25.0%
    Programs using winmx                                1        6.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             10,832,909            
  Programs Skipped                              7,897,003       72.9%
  Programs Analyzed                             2,935,906       27.1%
    Completed Analysis Runs                     2,923,648       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.4%
    Invalid Binaries                                  944        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,304,749       78.8%
  Programs using HTTP                           1,507,092       65.4%
    URLs captured                                       0            
  Programs using FTP                                  718        0.0%
  Programs using SMTP                               2,620        0.1%
  Programs using IRC                               16,428        0.7%
Programs that sent UDP data                     2,853,480       97.6%
  Programs that made DNS requests               2,853,480      100.0%
Programs that made P2P connections                     19        0.0%
    Programs using bittorrent                          13       68.4%
    Programs using edonkey                              1        5.3%
    Programs using gnutella                             4       21.1%
    Programs using winmx                                1        5.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             33,164,167            
  Programs Skipped                             26,116,085       78.7%
  Programs Analyzed                             7,048,082       21.3%
    Completed Analysis Runs                     7,030,703       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.2%
    Invalid Binaries                                6,065        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     5,767,252       82.0%
  Programs using HTTP                           3,176,332       55.1%
    URLs captured                                       0            
  Programs using FTP                               25,567        0.4%
  Programs using SMTP                               6,986        0.1%
  Programs using IRC                               40,563        0.7%
Programs that sent UDP data                     6,861,966       97.6%
  Programs that made DNS requests               6,861,966      100.0%
Programs that made P2P connections                     91        0.0%
    Programs using bittorrent                          74       81.3%
    Programs using edonkey                              6        6.6%
    Programs using gnutella                             5        5.5%
    Programs using winmx                                6        6.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             113,385,410            
  Programs Skipped                              97,999,607       86.4%
  Programs Analyzed                             15,385,803       13.6%
    Completed Analysis Runs                     15,320,949       99.6%
    Failed Analysis Runs                             2,420        0.0%
    Programs Retried                                34,344        0.2%
    Invalid Binaries                                28,090        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     13,145,978       85.8%
  Programs using HTTP                            7,257,188       55.2%
    URLs captured                               11,232,875            
  Programs using FTP                                56,491        0.4%
  Programs using SMTP                               23,472        0.2%
  Programs using IRC                                78,322        0.6%
Programs that sent UDP data                     14,953,246       97.6%
  Programs that made DNS requests               14,953,246      100.0%
Programs that made P2P connections                     289        0.0%
    Programs using bittorrent                          241       83.4%
    Programs using edonkey                              15        5.2%
    Programs using gnutella                             22        7.6%
    Programs using winmx                                11        3.8%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             205,855,278            
  Programs Skipped                             177,100,231       86.0%
  Programs Analyzed                             28,755,047       14.0%
    Completed Analysis Runs                     28,380,839       98.7%
    Failed Analysis Runs                            34,072        0.1%
    Programs Retried                               301,952        1.1%
    Invalid Binaries                                38,184        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     18,992,170       66.9%
  Programs using HTTP                           10,734,985       56.5%
    URLs captured                               47,043,037            
  Programs using FTP                               116,087        0.6%
  Programs using SMTP                               56,683        0.3%
  Programs using IRC                                97,362        0.5%
Programs that sent UDP data                     27,699,698       97.6%
  Programs that made DNS requests               27,699,698      100.0%
Programs that made P2P connections                   1,553        0.0%
    Programs using bittorrent                        1,308       84.2%
    Programs using edonkey                              47        3.0%
    Programs using gnutella                            128        8.2%
    Programs using winmx                                70        4.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                  22,884        0.1%
Programs that made VMWare registry checks              908        0.0%
Programs that made SoftICE checks                    1,582        0.0%
Programs that made Wine checks                       2,155        0.0%
Programs that made Time checks                          25        0.0%
Programs that supress Compatibility Warnings       207,817        0.7%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates             17        0.0%
Programs that installed a Rootkit                        1        0.0%
Programs that installed a startup entry             38,186        0.1%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                    8,602        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>