Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,699,545            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,699,545      100.0%
    Completed Analysis Runs                     1,691,626       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                7,584        0.4%
    Invalid Binaries                                  335        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       976,859       57.7%
  Programs using HTTP                             279,924       28.7%
    URLs captured                                       0            
  Programs using FTP                                  225        0.0%
  Programs using SMTP                              12,094        1.2%
  Programs using IRC                                3,854        0.4%
Programs that sent UDP data                     1,244,710       73.6%
  Programs that made DNS requests                 485,889       39.0%
Programs that made P2P connections                     37        0.0%
    Programs using bittorrent                          26       70.3%
    Programs using edonkey                              3        8.1%
    Programs using gnutella                             6       16.2%
    Programs using winmx                                2        5.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              5,306,263            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             5,306,263      100.0%
    Completed Analysis Runs                     5,286,927       99.6%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               17,483        0.3%
    Invalid Binaries                                1,853        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,966,550       56.1%
  Programs using HTTP                             918,140       30.9%
    URLs captured                                       0            
  Programs using FTP                                  874        0.0%
  Programs using SMTP                              34,013        1.1%
  Programs using IRC                               20,743        0.7%
Programs that sent UDP data                     3,756,058       71.0%
  Programs that made DNS requests               1,624,642       43.3%
Programs that made P2P connections                    117        0.0%
    Programs using bittorrent                          69       59.0%
    Programs using edonkey                             10        8.5%
    Programs using gnutella                            26       22.2%
    Programs using winmx                               12       10.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              8,937,080            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             8,937,080      100.0%
    Completed Analysis Runs                     8,891,820       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               30,929        0.3%
    Invalid Binaries                               14,331        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,864,974       54.7%
  Programs using HTTP                           1,499,326       30.8%
    URLs captured                                       0            
  Programs using FTP                                1,629        0.0%
  Programs using SMTP                              52,869        1.1%
  Programs using IRC                               58,067        1.2%
Programs that sent UDP data                     6,145,487       69.1%
  Programs that made DNS requests               2,765,984       45.0%
Programs that made P2P connections                    197        0.0%
    Programs using bittorrent                         114       57.9%
    Programs using edonkey                             16        8.1%
    Programs using gnutella                            49       24.9%
    Programs using winmx                               18        9.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             12,288,884            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            12,288,884      100.0%
    Completed Analysis Runs                    12,225,996       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               42,417        0.3%
    Invalid Binaries                               20,471        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,681,869       54.7%
  Programs using HTTP                           2,001,995       30.0%
    URLs captured                                       0            
  Programs using FTP                                2,191        0.0%
  Programs using SMTP                              54,926        0.8%
  Programs using IRC                               82,024        1.2%
Programs that sent UDP data                     8,477,271       69.3%
  Programs that made DNS requests               3,831,436       45.2%
Programs that made P2P connections                    333        0.0%
    Programs using bittorrent                         197       59.2%
    Programs using edonkey                             25        7.5%
    Programs using gnutella                            80       24.0%
    Programs using winmx                               31        9.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             22,116,493            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            22,116,493      100.0%
    Completed Analysis Runs                    21,974,890       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               87,475        0.4%
    Invalid Binaries                               54,128        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    10,261,119       46.7%
  Programs using HTTP                           2,932,276       28.6%
    URLs captured                                       0            
  Programs using FTP                                3,313        0.0%
  Programs using SMTP                              61,158        0.6%
  Programs using IRC                              243,757        2.4%
Programs that sent UDP data                    12,803,381       58.3%
  Programs that made DNS requests               6,333,048       49.5%
Programs that made P2P connections                    580        0.0%
    Programs using bittorrent                         383       66.0%
    Programs using edonkey                             42        7.2%
    Programs using gnutella                           109       18.8%
    Programs using winmx                               46        7.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             32,589,291            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            32,589,291      100.0%
    Completed Analysis Runs                    32,362,110       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              158,476        0.5%
    Invalid Binaries                               68,705        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    13,888,802       42.9%
  Programs using HTTP                           4,185,155       30.1%
    URLs captured                                       0            
  Programs using FTP                                4,867        0.0%
  Programs using SMTP                              64,445        0.5%
  Programs using IRC                              277,862        2.0%
Programs that sent UDP data                    18,070,117       55.8%
  Programs that made DNS requests               8,084,268       44.7%
Programs that made P2P connections                    713        0.0%
    Programs using bittorrent                         481       67.5%
    Programs using edonkey                             53        7.4%
    Programs using gnutella                           126       17.7%
    Programs using winmx                               53        7.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             128,503,358            
  Programs Skipped                              81,735,028       63.6%
  Programs Analyzed                             46,768,330       36.4%
    Completed Analysis Runs                     46,511,214       99.5%
    Failed Analysis Runs                                 0        0.0%
    Programs Retried                               169,790        0.4%
    Invalid Binaries                                87,326        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     26,391,962       56.7%
  Programs using HTTP                           11,311,675       42.9%
    URLs captured                                1,789,417            
  Programs using FTP                                44,834        0.2%
  Programs using SMTP                               82,937        0.3%
  Programs using IRC                               359,253        1.4%
Programs that sent UDP data                     33,579,824       72.2%
  Programs that made DNS requests               22,442,917       66.8%
Programs that made P2P connections                     920        0.0%
    Programs using bittorrent                          648       70.4%
    Programs using edonkey                              66        7.2%
    Programs using gnutella                            143       15.5%
    Programs using winmx                                63        6.8%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>