Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              5,532,789            
  Programs Skipped                              4,892,221       88.4%
  Programs Analyzed                               640,568       11.6%
    Completed Analysis Runs                       639,828       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  740        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       531,797       83.1%
  Programs using HTTP                             226,728       42.6%
    URLs captured                                       0            
  Programs using FTP                                2,229        0.4%
  Programs using SMTP                                 340        0.1%
  Programs using IRC                                4,297        0.8%
Programs that sent UDP data                       590,294       92.3%
  Programs that made DNS requests                 590,292      100.0%
Programs that made P2P connections                     11        0.0%
    Programs using bittorrent                           9       81.8%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1        9.1%
    Programs using winmx                                1        9.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             17,509,747            
  Programs Skipped                             15,780,867       90.1%
  Programs Analyzed                             1,728,880        9.9%
    Completed Analysis Runs                     1,726,303       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,577        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,562,501       90.5%
  Programs using HTTP                             800,514       51.2%
    URLs captured                                       0            
  Programs using FTP                                4,241        0.3%
  Programs using SMTP                               1,996        0.1%
  Programs using IRC                               13,469        0.9%
Programs that sent UDP data                     1,724,260       99.9%
  Programs that made DNS requests               1,724,237      100.0%
Programs that made P2P connections                     40        0.0%
    Programs using bittorrent                          32       80.0%
    Programs using edonkey                              2        5.0%
    Programs using gnutella                             4       10.0%
    Programs using winmx                                2        5.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             32,390,527            
  Programs Skipped                             29,009,544       89.6%
  Programs Analyzed                             3,380,983       10.4%
    Completed Analysis Runs                     3,375,903       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                5,080        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,869,780       85.0%
  Programs using HTTP                           1,533,521       53.4%
    URLs captured                                       0            
  Programs using FTP                                4,521        0.2%
  Programs using SMTP                               6,002        0.2%
  Programs using IRC                               17,261        0.6%
Programs that sent UDP data                     3,265,911       96.7%
  Programs that made DNS requests               3,265,910      100.0%
Programs that made P2P connections                     70        0.0%
    Programs using bittorrent                          59       84.3%
    Programs using edonkey                              3        4.3%
    Programs using gnutella                             5        7.1%
    Programs using winmx                                3        4.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             50,606,557            
  Programs Skipped                             46,058,559       91.0%
  Programs Analyzed                             4,547,998        9.0%
    Completed Analysis Runs                     4,541,957       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                6,041        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,472,605       98.5%
  Programs using HTTP                           2,632,783       58.9%
    URLs captured                                       0            
  Programs using FTP                                4,934        0.1%
  Programs using SMTP                               7,404        0.2%
  Programs using IRC                               24,374        0.5%
Programs that sent UDP data                     4,432,950       97.6%
  Programs that made DNS requests               4,432,950      100.0%
Programs that made P2P connections                     84        0.0%
    Programs using bittorrent                          67       79.8%
    Programs using edonkey                              5        6.0%
    Programs using gnutella                             9       10.7%
    Programs using winmx                                3        3.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             78,688,774            
  Programs Skipped                             70,744,408       89.9%
  Programs Analyzed                             7,944,366       10.1%
    Completed Analysis Runs                     7,895,078       99.4%
    Failed Analysis Runs                            2,533        0.0%
    Programs Retried                               25,082        0.3%
    Invalid Binaries                               21,673        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     7,125,966       90.3%
  Programs using HTTP                           4,047,811       56.8%
    URLs captured                              11,535,710            
  Programs using FTP                               28,722        0.4%
  Programs using SMTP                              16,634        0.2%
  Programs using IRC                               36,237        0.5%
Programs that sent UDP data                     7,705,596       97.6%
  Programs that made DNS requests               7,705,596      100.0%
Programs that made P2P connections                    202        0.0%
    Programs using bittorrent                         170       84.2%
    Programs using edonkey                              9        4.5%
    Programs using gnutella                            18        8.9%
    Programs using winmx                                5        2.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             132,795,177            
  Programs Skipped                             118,168,915       89.0%
  Programs Analyzed                             14,626,262       11.0%
    Completed Analysis Runs                     14,423,242       98.6%
    Failed Analysis Runs                            13,494        0.1%
    Programs Retried                               159,099        1.1%
    Invalid Binaries                                30,427        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     10,424,075       72.3%
  Programs using HTTP                            5,824,066       55.9%
    URLs captured                               31,497,940            
  Programs using FTP                                62,541        0.6%
  Programs using SMTP                               33,749        0.3%
  Programs using IRC                                46,959        0.5%
Programs that sent UDP data                     14,077,084       97.6%
  Programs that made DNS requests               14,077,084      100.0%
Programs that made P2P connections                     688        0.0%
    Programs using bittorrent                          521       75.7%
    Programs using edonkey                              20        2.9%
    Programs using gnutella                             97       14.1%
    Programs using winmx                                50        7.3%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             204,979,244            
  Programs Skipped                             175,714,678       85.7%
  Programs Analyzed                             29,264,566       14.3%
    Completed Analysis Runs                     27,871,189       95.2%
    Failed Analysis Runs                           298,925        1.0%
    Programs Retried                             1,062,896        3.6%
    Invalid Binaries                                31,556        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     14,804,962       53.1%
  Programs using HTTP                            8,702,648       58.8%
    URLs captured                               58,198,750            
  Programs using FTP                                99,110        0.7%
  Programs using SMTP                               58,157        0.4%
  Programs using IRC                                79,169        0.5%
Programs that sent UDP data                     27,202,280       97.6%
  Programs that made DNS requests               27,202,280      100.0%
Programs that made P2P connections                   1,686        0.0%
    Programs using bittorrent                        1,324       78.5%
    Programs using edonkey                              77        4.6%
    Programs using gnutella                            210       12.5%
    Programs using winmx                                75        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                 928,101        3.3%
Programs that made VMWare registry checks            4,211        0.0%
Programs that made SoftICE checks                   23,222        0.1%
Programs that made Wine checks                      25,606        0.1%
Programs that made Time checks                         906        0.0%
Programs that supress Compatibility Warnings     3,062,545       11.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            464        0.0%
Programs that installed a Rootkit                      225        0.0%
Programs that installed a startup entry            589,063        2.1%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   54,471        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>