Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                850,503            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               850,503      100.0%
    Completed Analysis Runs                       835,759       98.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               14,487        1.7%
    Invalid Binaries                                  257        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       559,173       66.9%
  Programs using HTTP                             320,673       57.3%
    URLs captured                                       0            
  Programs using FTP                                  539        0.1%
  Programs using SMTP                                 708        0.1%
  Programs using IRC                                8,833        1.6%
Programs that sent UDP data                       757,237       90.6%
  Programs that made DNS requests                 410,681       54.2%
Programs that made P2P connections                     21        0.0%
    Programs using bittorrent                          17       81.0%
    Programs using edonkey                              2        9.5%
    Programs using gnutella                             2        9.5%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,819,038            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,819,038      100.0%
    Completed Analysis Runs                     1,804,232       99.2%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               14,487        0.8%
    Invalid Binaries                                  319        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,187,249       65.8%
  Programs using HTTP                             711,297       59.9%
    URLs captured                                       0            
  Programs using FTP                                  806        0.1%
  Programs using SMTP                               1,325        0.1%
  Programs using IRC                               15,186        1.3%
Programs that sent UDP data                     1,593,209       88.3%
  Programs that made DNS requests                 836,769       52.5%
Programs that made P2P connections                     34        0.0%
    Programs using bittorrent                          27       79.4%
    Programs using edonkey                              3        8.8%
    Programs using gnutella                             2        5.9%
    Programs using winmx                                2        5.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,353,703            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             3,353,703      100.0%
    Completed Analysis Runs                     3,337,670       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               14,487        0.4%
    Invalid Binaries                                1,546        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,781,110       53.4%
  Programs using HTTP                             956,464       53.7%
    URLs captured                                       0            
  Programs using FTP                                1,023        0.1%
  Programs using SMTP                               1,969        0.1%
  Programs using IRC                               19,117        1.1%
Programs that sent UDP data                     2,591,613       77.6%
  Programs that made DNS requests               1,130,683       43.6%
Programs that made P2P connections                     45        0.0%
    Programs using bittorrent                          33       73.3%
    Programs using edonkey                              4        8.9%
    Programs using gnutella                             3        6.7%
    Programs using winmx                                5       11.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,773,500            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             3,773,500      100.0%
    Completed Analysis Runs                     3,757,358       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               14,487        0.4%
    Invalid Binaries                                1,655        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,164,429       57.6%
  Programs using HTTP                           1,225,062       56.6%
    URLs captured                                       0            
  Programs using FTP                                1,307        0.1%
  Programs using SMTP                               2,394        0.1%
  Programs using IRC                               23,033        1.1%
Programs that sent UDP data                     3,136,915       83.5%
  Programs that made DNS requests               1,418,382       45.2%
Programs that made P2P connections                     47        0.0%
    Programs using bittorrent                          35       74.5%
    Programs using edonkey                              4        8.5%
    Programs using gnutella                             3        6.4%
    Programs using winmx                                5       10.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             10,191,497            
  Programs Skipped                              3,663,441       35.9%
  Programs Analyzed                             6,528,056       64.1%
    Completed Analysis Runs                     6,500,290       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               25,801        0.4%
    Invalid Binaries                                1,965        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,198,283       64.6%
  Programs using HTTP                           2,628,353       62.6%
    URLs captured                                       0            
  Programs using FTP                                2,040        0.0%
  Programs using SMTP                               5,805        0.1%
  Programs using IRC                               42,107        1.0%
Programs that sent UDP data                     6,219,576       95.7%
  Programs that made DNS requests               3,551,980       57.1%
Programs that made P2P connections                     68        0.0%
    Programs using bittorrent                          48       70.6%
    Programs using edonkey                              5        7.4%
    Programs using gnutella                             9       13.2%
    Programs using winmx                                6        8.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             67,212,529            
  Programs Skipped                             52,007,768       77.4%
  Programs Analyzed                            15,204,761       22.6%
    Completed Analysis Runs                    15,166,109       99.7%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               25,804        0.2%
    Invalid Binaries                               12,848        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    11,637,188       76.7%
  Programs using HTTP                           6,427,395       55.2%
    URLs captured                                       0            
  Programs using FTP                               34,497        0.3%
  Programs using SMTP                              16,415        0.1%
  Programs using IRC                               89,631        0.8%
Programs that sent UDP data                    14,802,122       97.6%
  Programs that made DNS requests              12,580,074       85.0%
Programs that made P2P connections                    212        0.0%
    Programs using bittorrent                         171       80.7%
    Programs using edonkey                             13        6.1%
    Programs using gnutella                            14        6.6%
    Programs using winmx                               14        6.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             185,111,520            
  Programs Skipped                             156,026,391       84.3%
  Programs Analyzed                             29,085,129       15.7%
    Completed Analysis Runs                     28,832,700       99.1%
    Failed Analysis Runs                            14,183        0.0%
    Programs Retried                               199,261        0.7%
    Invalid Binaries                                38,985        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     20,500,336       71.1%
  Programs using HTTP                           11,494,599       56.1%
    URLs captured                               37,560,022            
  Programs using FTP                               103,112        0.5%
  Programs using SMTP                               47,065        0.2%
  Programs using IRC                               121,570        0.6%
Programs that sent UDP data                     28,140,715       97.6%
  Programs that made DNS requests               28,140,715      100.0%
Programs that made P2P connections                   1,082        0.0%
    Programs using bittorrent                          871       80.5%
    Programs using edonkey                              36        3.3%
    Programs using gnutella                            110       10.2%
    Programs using winmx                                65        6.0%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>