Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,134,939            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,134,939      100.0%
    Completed Analysis Runs                     1,126,812       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                3,631        0.3%
    Invalid Binaries                                4,496        0.4%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       560,846       49.8%
  Programs using HTTP                             179,336       32.0%
    URLs captured                                       0            
  Programs using FTP                                  164        0.0%
  Programs using SMTP                               4,522        0.8%
  Programs using IRC                                1,440        0.3%
Programs that sent UDP data                       710,629       63.1%
  Programs that made DNS requests                 302,020       42.5%
Programs that made P2P connections                     23        0.0%
    Programs using bittorrent                          15       65.2%
    Programs using edonkey                              3       13.0%
    Programs using gnutella                             5       21.7%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              4,082,302            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             4,082,302      100.0%
    Completed Analysis Runs                     4,058,006       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               14,984        0.4%
    Invalid Binaries                                9,312        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,000,786       49.3%
  Programs using HTTP                             640,699       32.0%
    URLs captured                                       0            
  Programs using FTP                                  914        0.0%
  Programs using SMTP                              15,655        0.8%
  Programs using IRC                                8,546        0.4%
Programs that sent UDP data                     2,581,115       63.6%
  Programs that made DNS requests               1,119,472       43.4%
Programs that made P2P connections                    125        0.0%
    Programs using bittorrent                          93       74.4%
    Programs using edonkey                              9        7.2%
    Programs using gnutella                            17       13.6%
    Programs using winmx                                6        4.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              8,994,467            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             8,994,467      100.0%
    Completed Analysis Runs                     8,938,250       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               37,938        0.4%
    Invalid Binaries                               18,279        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,753,634       53.2%
  Programs using HTTP                           1,501,979       31.6%
    URLs captured                                       0            
  Programs using FTP                                2,044        0.0%
  Programs using SMTP                              46,929        1.0%
  Programs using IRC                               22,976        0.5%
Programs that sent UDP data                     6,056,710       67.8%
  Programs that made DNS requests               2,678,822       44.2%
Programs that made P2P connections                    317        0.0%
    Programs using bittorrent                         224       70.7%
    Programs using edonkey                             15        4.7%
    Programs using gnutella                            56       17.7%
    Programs using winmx                               22        6.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             15,020,022            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            15,020,022      100.0%
    Completed Analysis Runs                    14,940,854       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               55,882        0.4%
    Invalid Binaries                               23,286        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     8,429,379       56.4%
  Programs using HTTP                           2,499,489       29.7%
    URLs captured                                       0            
  Programs using FTP                                2,938        0.0%
  Programs using SMTP                              90,021        1.1%
  Programs using IRC                               36,958        0.4%
Programs that sent UDP data                    10,641,365       71.2%
  Programs that made DNS requests               4,543,653       42.7%
Programs that made P2P connections                  1,149        0.0%
    Programs using bittorrent                         993       86.4%
    Programs using edonkey                             24        2.1%
    Programs using gnutella                            94        8.2%
    Programs using winmx                               38        3.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             27,283,709            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            27,283,709      100.0%
    Completed Analysis Runs                    27,141,739       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               98,234        0.4%
    Invalid Binaries                               43,736        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    15,121,577       55.7%
  Programs using HTTP                           4,502,737       29.8%
    URLs captured                                       0            
  Programs using FTP                                5,133        0.0%
  Programs using SMTP                             146,172        1.0%
  Programs using IRC                              118,660        0.8%
Programs that sent UDP data                    19,123,219       70.5%
  Programs that made DNS requests               8,365,751       43.7%
Programs that made P2P connections                  1,478        0.0%
    Programs using bittorrent                       1,184       80.1%
    Programs using edonkey                             49        3.3%
    Programs using gnutella                           177       12.0%
    Programs using winmx                               68        4.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             42,455,062            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            42,455,062      100.0%
    Completed Analysis Runs                    42,191,159       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              174,765        0.4%
    Invalid Binaries                               89,138        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    20,236,624       48.0%
  Programs using HTTP                           5,655,834       27.9%
    URLs captured                                       0            
  Programs using FTP                                6,678        0.0%
  Programs using SMTP                             153,499        0.8%
  Programs using IRC                              290,293        1.4%
Programs that sent UDP data                    25,456,899       60.3%
  Programs that made DNS requests              11,405,328       44.8%
Programs that made P2P connections                  1,817        0.0%
    Programs using bittorrent                       1,438       79.1%
    Programs using edonkey                             73        4.0%
    Programs using gnutella                           220       12.1%
    Programs using winmx                               86        4.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             96,781,942            
  Programs Skipped                             38,875,761       40.2%
  Programs Analyzed                            57,906,181       59.8%
    Completed Analysis Runs                    57,579,466       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              225,889        0.4%
    Invalid Binaries                              100,826        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    30,818,745       53.5%
  Programs using HTTP                          11,387,228       36.9%
    URLs captured                                       0            
  Programs using FTP                               40,941        0.1%
  Programs using SMTP                             165,749        0.5%
  Programs using IRC                              381,575        1.2%
Programs that sent UDP data                    39,786,322       69.1%
  Programs that made DNS requests              22,495,335       56.5%
Programs that made P2P connections                  1,998        0.0%
    Programs using bittorrent                       1,584       79.3%
    Programs using edonkey                             84        4.2%
    Programs using gnutella                           232       11.6%
    Programs using winmx                               98        4.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>