Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                766,821            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               766,821      100.0%
    Completed Analysis Runs                       765,793       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,028        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       158,675       20.7%
  Programs using HTTP                              79,991       50.4%
    URLs captured                                       0            
  Programs using FTP                                   90        0.1%
  Programs using SMTP                                 288        0.2%
  Programs using IRC                                1,439        0.9%
Programs that sent UDP data                       255,252       33.3%
  Programs that made DNS requests                  99,815       39.1%
Programs that made P2P connections                      4        0.0%
    Programs using bittorrent                           1       25.0%
    Programs using edonkey                              1       25.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                2       50.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,530,385            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,530,385      100.0%
    Completed Analysis Runs                     1,529,157       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,228        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       498,571       32.6%
  Programs using HTTP                             222,944       44.7%
    URLs captured                                       0            
  Programs using FTP                                  203        0.0%
  Programs using SMTP                                 618        0.1%
  Programs using IRC                                3,313        0.7%
Programs that sent UDP data                       832,055       54.4%
  Programs that made DNS requests                 278,259       33.4%
Programs that made P2P connections                      8        0.0%
    Programs using bittorrent                           4       50.0%
    Programs using edonkey                              1       12.5%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                3       37.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,916,529            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,916,529      100.0%
    Completed Analysis Runs                     1,915,192       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,337        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       881,499       46.0%
  Programs using HTTP                             502,115       57.0%
    URLs captured                                       0            
  Programs using FTP                                  507        0.1%
  Programs using SMTP                               1,078        0.1%
  Programs using IRC                                7,716        0.9%
Programs that sent UDP data                     1,349,163       70.4%
  Programs that made DNS requests                 571,135       42.3%
Programs that made P2P connections                     10        0.0%
    Programs using bittorrent                           6       60.0%
    Programs using edonkey                              1       10.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                3       30.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,831,403            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             2,831,403      100.0%
    Completed Analysis Runs                     2,830,018      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,385        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,611,748       57.0%
  Programs using HTTP                             986,783       61.2%
    URLs captured                                       0            
  Programs using FTP                                  745        0.0%
  Programs using SMTP                               2,225        0.1%
  Programs using IRC                               13,817        0.9%
Programs that sent UDP data                     2,362,449       83.5%
  Programs that made DNS requests               1,175,785       49.8%
Programs that made P2P connections                     16        0.0%
    Programs using bittorrent                          10       62.5%
    Programs using edonkey                              1        6.2%
    Programs using gnutella                             2       12.5%
    Programs using winmx                                3       18.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             12,675,394            
  Programs Skipped                              7,092,710       56.0%
  Programs Analyzed                             5,582,684       44.0%
    Completed Analysis Runs                     5,569,108       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.2%
    Invalid Binaries                                2,262        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,844,908       69.0%
  Programs using HTTP                           2,502,773       65.1%
    URLs captured                                       0            
  Programs using FTP                                1,482        0.0%
  Programs using SMTP                               4,939        0.1%
  Programs using IRC                               31,139        0.8%
Programs that sent UDP data                     5,435,449       97.6%
  Programs that made DNS requests               3,929,632       72.3%
Programs that made P2P connections                     36        0.0%
    Programs using bittorrent                          24       66.7%
    Programs using edonkey                              2        5.6%
    Programs using gnutella                             6       16.7%
    Programs using winmx                                4       11.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             84,870,192            
  Programs Skipped                             70,215,850       82.7%
  Programs Analyzed                            14,654,342       17.3%
    Completed Analysis Runs                    14,629,108       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.1%
    Invalid Binaries                               13,920        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    12,018,281       82.2%
  Programs using HTTP                           6,796,908       56.6%
    URLs captured                                       0            
  Programs using FTP                               34,073        0.3%
  Programs using SMTP                              16,754        0.1%
  Programs using IRC                               81,163        0.7%
Programs that sent UDP data                    14,278,009       97.6%
  Programs that made DNS requests              13,541,962       94.8%
Programs that made P2P connections                    194        0.0%
    Programs using bittorrent                         154       79.4%
    Programs using edonkey                             12        6.2%
    Programs using gnutella                            16        8.2%
    Programs using winmx                               12        6.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             192,354,802            
  Programs Skipped                             164,019,840       85.3%
  Programs Analyzed                             28,334,962       14.7%
    Completed Analysis Runs                     28,082,615       99.1%
    Failed Analysis Runs                            14,759        0.1%
    Programs Retried                               198,907        0.7%
    Invalid Binaries                                38,681        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     19,548,553       69.6%
  Programs using HTTP                           10,987,356       56.2%
    URLs captured                               40,083,388            
  Programs using FTP                               107,162        0.5%
  Programs using SMTP                               46,813        0.2%
  Programs using IRC                               107,059        0.5%
Programs that sent UDP data                     27,408,632       97.6%
  Programs that made DNS requests               27,408,632      100.0%
Programs that made P2P connections                   1,282        0.0%
    Programs using bittorrent                        1,062       82.8%
    Programs using edonkey                              39        3.0%
    Programs using gnutella                            116        9.0%
    Programs using winmx                                65        5.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>