On this page... (hide)
- Explanation
- Updates
- Sandbox Processing
- Sandbox Statistics (10-Day Rolling Report)
- Sandbox Statistics (30-Day Rolling Report)
- Sandbox Statistics (60-Day Rolling Report)
- Sandbox Statistics (90-Day Rolling Report)
- Sandbox Statistics (180-Day Rolling Report)
- Sandbox Statistics (One-Year Rolling Report)
- Sandbox Statistics (Two-Year Rolling Report)
Explanation
The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:
Programs Processed - How many binaries went through the system
- Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
- Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
- Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
- Failed Analysis Runs - Binaries that would not run and create a valid report
- Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
- Invalid Binaries - How many program that would not execute or were not proper Windows binaries
- Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
- Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
- Malicious Activity - What activity local to the system will the programs take
Updates
The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.
Sandbox Processing
FTP Results
HTTP Results
IRC Results
P2P Results
SMTP Results
Sandbox Statistics (10-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 1,216,219
Programs Skipped 636,706 52.4%
Programs Analyzed 579,513 47.6%
Completed Analysis Runs 544,455 94.0%
Failed Analysis Runs 2,052 0.4%
Programs Retried 33,006 5.7%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 134,914 24.8%
Programs using HTTP 62,702 46.5%
URLs captured 633,846
Programs using FTP 2,302 1.7%
Programs using SMTP 521 0.4%
Programs using IRC 7,655 5.7%
Programs that sent UDP data 136,348 25.0%
Programs that made DNS requests 136,348 100.0%
Programs that made P2P connections 14 0.0%
Programs using bittorrent 5 35.7%
Programs using edonkey 2 14.3%
Programs using gnutella 6 42.9%
Programs using winmx 1 7.1%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 41,090 7.5%
Programs that made VMWare registry checks 137 0.0%
Programs that made SoftICE checks 1,112 0.2%
Programs that made Wine checks 1,961 0.4%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 181,972 33.4%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 8 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 37,224 6.8%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 1,913 0.4%
Programs that called taskkill 0 0.0%
Sandbox Statistics (30-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 2,778,259
Programs Skipped 1,180,220 42.5%
Programs Analyzed 1,598,039 57.5%
Completed Analysis Runs 1,494,112 93.5%
Failed Analysis Runs 5,833 0.4%
Programs Retried 98,094 6.1%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 438,021 29.3%
Programs using HTTP 216,524 49.4%
URLs captured 1,889,780
Programs using FTP 6,645 1.5%
Programs using SMTP 2,175 0.5%
Programs using IRC 10,742 2.5%
Programs that sent UDP data 441,345 29.5%
Programs that made DNS requests 441,345 100.0%
Programs that made P2P connections 39 0.0%
Programs using bittorrent 10 25.6%
Programs using edonkey 11 28.2%
Programs using gnutella 17 43.6%
Programs using winmx 1 2.6%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 113,758 7.6%
Programs that made VMWare registry checks 152 0.0%
Programs that made SoftICE checks 2,903 0.2%
Programs that made Wine checks 4,568 0.3%
Programs that made Time checks 4 0.0%
Programs that supress Compatibility Warnings 550,486 36.8%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 28 0.0%
Programs that installed a Rootkit 1 0.0%
Programs that installed a startup entry 136,127 9.1%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 7,705 0.5%
Programs that called taskkill 0 0.0%
Sandbox Statistics (60-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 4,993,064
Programs Skipped 1,871,481 37.5%
Programs Analyzed 3,121,583 62.5%
Completed Analysis Runs 2,930,267 93.9%
Failed Analysis Runs 13,940 0.4%
Programs Retried 177,376 5.7%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 757,710 25.9%
Programs using HTTP 437,019 57.7%
URLs captured 5,340,633
Programs using FTP 10,808 1.4%
Programs using SMTP 5,665 0.7%
Programs using IRC 13,414 1.8%
Programs that sent UDP data 760,925 26.0%
Programs that made DNS requests 760,925 100.0%
Programs that made P2P connections 87 0.0%
Programs using bittorrent 33 37.9%
Programs using edonkey 14 16.1%
Programs using gnutella 38 43.7%
Programs using winmx 2 2.3%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 168,520 5.8%
Programs that made VMWare registry checks 187 0.0%
Programs that made SoftICE checks 6,060 0.2%
Programs that made Wine checks 9,122 0.3%
Programs that made Time checks 12 0.0%
Programs that supress Compatibility Warnings 972,259 33.2%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 68 0.0%
Programs that installed a Rootkit 2 0.0%
Programs that installed a startup entry 231,719 7.9%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 15,885 0.5%
Programs that called taskkill 0 0.0%
Sandbox Statistics (90-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 9,813,169
Programs Skipped 5,566,692 56.7%
Programs Analyzed 4,246,477 43.3%
Completed Analysis Runs 3,959,803 93.2%
Failed Analysis Runs 16,414 0.4%
Programs Retried 270,260 6.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 936,190 23.6%
Programs using HTTP 519,718 55.5%
URLs captured 6,127,363
Programs using FTP 11,073 1.2%
Programs using SMTP 5,779 0.6%
Programs using IRC 13,539 1.4%
Programs that sent UDP data 911,676 23.0%
Programs that made DNS requests 911,676 100.0%
Programs that made P2P connections 90 0.0%
Programs using bittorrent 34 37.8%
Programs using edonkey 14 15.6%
Programs using gnutella 40 44.4%
Programs using winmx 2 2.2%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 173,237 4.4%
Programs that made VMWare registry checks 190 0.0%
Programs that made SoftICE checks 6,365 0.2%
Programs that made Wine checks 9,531 0.2%
Programs that made Time checks 12 0.0%
Programs that supress Compatibility Warnings 1,444,344 36.5%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 68 0.0%
Programs that installed a Rootkit 2 0.0%
Programs that installed a startup entry 239,185 6.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 16,279 0.4%
Programs that called taskkill 0 0.0%
Sandbox Statistics (180-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 18,316,681
Programs Skipped 10,075,728 55.0%
Programs Analyzed 8,240,953 45.0%
Completed Analysis Runs 7,540,315 91.5%
Failed Analysis Runs 69,201 0.8%
Programs Retried 631,437 7.7%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 2,368,641 31.4%
Programs using HTTP 1,095,804 46.3%
URLs captured 11,500,601
Programs using FTP 14,024 0.6%
Programs using SMTP 8,017 0.3%
Programs using IRC 15,674 0.7%
Programs that sent UDP data 2,221,403 29.5%
Programs that made DNS requests 2,221,402 100.0%
Programs that made P2P connections 127 0.0%
Programs using bittorrent 48 37.8%
Programs using edonkey 16 12.6%
Programs using gnutella 60 47.2%
Programs using winmx 3 2.4%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 218,974 2.9%
Programs that made VMWare registry checks 209 0.0%
Programs that made SoftICE checks 8,514 0.1%
Programs that made Wine checks 13,193 0.2%
Programs that made Time checks 22 0.0%
Programs that supress Compatibility Warnings 3,064,355 40.6%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 112 0.0%
Programs that installed a Rootkit 5 0.0%
Programs that installed a startup entry 761,428 10.1%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 19,364 0.3%
Programs that called taskkill 0 0.0%
Sandbox Statistics (One-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 32,370,101
Programs Skipped 18,414,442 56.9%
Programs Analyzed 13,955,659 43.1%
Completed Analysis Runs 12,497,454 89.6%
Failed Analysis Runs 129,312 0.9%
Programs Retried 1,328,893 9.5%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 4,834,917 38.7%
Programs using HTTP 1,656,345 34.3%
URLs captured 18,302,416
Programs using FTP 19,344 0.4%
Programs using SMTP 14,879 0.3%
Programs using IRC 22,166 0.5%
Programs that sent UDP data 4,696,554 37.6%
Programs that made DNS requests 4,696,554 100.0%
Programs that made P2P connections 319 0.0%
Programs using bittorrent 104 32.6%
Programs using edonkey 24 7.5%
Programs using gnutella 184 57.7%
Programs using winmx 7 2.2%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 343,468 2.7%
Programs that made VMWare registry checks 302 0.0%
Programs that made SoftICE checks 15,507 0.1%
Programs that made Wine checks 24,490 0.2%
Programs that made Time checks 32 0.0%
Programs that supress Compatibility Warnings 6,163,784 49.3%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 232 0.0%
Programs that installed a Rootkit 10 0.0%
Programs that installed a startup entry 2,932,792 23.5%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 28,457 0.2%
Programs that called taskkill 0 0.0%
Sandbox Statistics (Two-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 58,831,727
Programs Skipped 29,316,003 49.8%
Programs Analyzed 29,515,724 50.2%
Completed Analysis Runs 25,795,531 87.4%
Failed Analysis Runs 302,762 1.0%
Programs Retried 3,417,431 11.6%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 12,785,817 49.6%
Programs using HTTP 4,898,903 38.3%
URLs captured 26,304,825
Programs using FTP 26,317 0.2%
Programs using SMTP 23,419 0.2%
Programs using IRC 69,534 0.5%
Programs that sent UDP data 12,619,143 48.9%
Programs that made DNS requests 12,619,143 100.0%
Programs that made P2P connections 869 0.0%
Programs using bittorrent 323 37.2%
Programs using edonkey 54 6.2%
Programs using gnutella 476 54.8%
Programs using winmx 16 1.8%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 1,012,209 3.9%
Programs that made VMWare registry checks 623 0.0%
Programs that made SoftICE checks 34,726 0.1%
Programs that made Wine checks 54,994 0.2%
Programs that made Time checks 309 0.0%
Programs that supress Compatibility Warnings 15,031,445 58.3%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 626 0.0%
Programs that installed a Rootkit 403 0.0%
Programs that installed a startup entry 9,772,660 37.9%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 44,243 0.2%
Programs that called taskkill 0 0.0%
<< Malware | Statistics | Sandbox Graphs >>
