Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              4,218,458            
  Programs Skipped                              3,859,313       91.5%
  Programs Analyzed                               359,145        8.5%
    Completed Analysis Runs                       358,332       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  813        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       262,629       73.3%
  Programs using HTTP                             108,953       41.5%
    URLs captured                                       0            
  Programs using FTP                                   68        0.0%
  Programs using SMTP                                 580        0.2%
  Programs using IRC                                2,588        1.0%
Programs that sent UDP data                       349,732       97.6%
  Programs that made DNS requests                 349,732      100.0%
Programs that made P2P connections                      2        0.0%
    Programs using bittorrent                           2      100.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              8,671,262            
  Programs Skipped                              7,515,951       86.7%
  Programs Analyzed                             1,155,311       13.3%
    Completed Analysis Runs                     1,152,830       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,481        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       936,559       81.2%
  Programs using HTTP                             506,461       54.1%
    URLs captured                                       0            
  Programs using FTP                                4,593        0.5%
  Programs using SMTP                               3,011        0.3%
  Programs using IRC                                8,772        0.9%
Programs that sent UDP data                     1,125,162       97.6%
  Programs that made DNS requests               1,125,162      100.0%
Programs that made P2P connections                      7        0.0%
    Programs using bittorrent                           6       85.7%
    Programs using edonkey                              1       14.3%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             18,733,520            
  Programs Skipped                             15,586,921       83.2%
  Programs Analyzed                             3,146,599       16.8%
    Completed Analysis Runs                     3,142,371       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                4,228        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,299,967       73.2%
  Programs using HTTP                             871,085       37.9%
    URLs captured                                       0            
  Programs using FTP                               27,922        1.2%
  Programs using SMTP                               3,470        0.2%
  Programs using IRC                               13,705        0.6%
Programs that sent UDP data                     2,805,164       89.3%
  Programs that made DNS requests               2,805,164      100.0%
Programs that made P2P connections                     30        0.0%
    Programs using bittorrent                          26       86.7%
    Programs using edonkey                              2        6.7%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                2        6.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             36,764,104            
  Programs Skipped                             31,933,976       86.9%
  Programs Analyzed                             4,830,128       13.1%
    Completed Analysis Runs                     4,823,332       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                6,796        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,861,636       80.1%
  Programs using HTTP                           1,696,165       43.9%
    URLs captured                                       0            
  Programs using FTP                               31,458        0.8%
  Programs using SMTP                               5,760        0.1%
  Programs using IRC                               26,909        0.7%
Programs that sent UDP data                     4,523,459       93.8%
  Programs that made DNS requests               4,523,459      100.0%
Programs that made P2P connections                     71        0.0%
    Programs using bittorrent                          58       81.7%
    Programs using edonkey                              5        7.0%
    Programs using gnutella                             4        5.6%
    Programs using winmx                                4        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             79,281,620            
  Programs Skipped                             70,585,068       89.0%
  Programs Analyzed                             8,696,552       11.0%
    Completed Analysis Runs                     8,679,728       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                  307        0.0%
    Invalid Binaries                               16,517        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     7,788,988       89.7%
  Programs using HTTP                           4,011,357       51.5%
    URLs captured                               3,430,932            
  Programs using FTP                               41,218        0.5%
  Programs using SMTP                              13,673        0.2%
  Programs using IRC                               41,546        0.5%
Programs that sent UDP data                     8,471,414       97.6%
  Programs that made DNS requests               8,471,414      100.0%
Programs that made P2P connections                    139        0.0%
    Programs using bittorrent                         114       82.0%
    Programs using edonkey                              9        6.5%
    Programs using gnutella                            10        7.2%
    Programs using winmx                                6        4.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             136,002,763            
  Programs Skipped                             120,695,034       88.7%
  Programs Analyzed                             15,307,729       11.3%
    Completed Analysis Runs                     15,116,438       98.8%
    Failed Analysis Runs                            12,652        0.1%
    Programs Retried                               144,332        0.9%
    Invalid Binaries                                34,307        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     11,485,502       76.0%
  Programs using HTTP                            6,105,885       53.2%
    URLs captured                               23,769,459            
  Programs using FTP                                79,146        0.7%
  Programs using SMTP                               34,202        0.3%
  Programs using IRC                                59,001        0.5%
Programs that sent UDP data                     14,753,643       97.6%
  Programs that made DNS requests               14,753,643      100.0%
Programs that made P2P connections                     419        0.0%
    Programs using bittorrent                          302       72.1%
    Programs using edonkey                              18        4.3%
    Programs using gnutella                             90       21.5%
    Programs using winmx                                 9        2.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             209,271,127            
  Programs Skipped                             179,958,979       86.0%
  Programs Analyzed                             29,312,148       14.0%
    Completed Analysis Runs                     28,369,076       96.8%
    Failed Analysis Runs                           151,635        0.5%
    Programs Retried                               755,833        2.6%
    Invalid Binaries                                35,604        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     16,423,642       57.9%
  Programs using HTTP                            9,198,482       56.0%
    URLs captured                               54,996,134            
  Programs using FTP                               123,644        0.8%
  Programs using SMTP                               60,119        0.4%
  Programs using IRC                                86,047        0.5%
Programs that sent UDP data                     27,688,218       97.6%
  Programs that made DNS requests               27,688,218      100.0%
Programs that made P2P connections                   1,686        0.0%
    Programs using bittorrent                        1,334       79.1%
    Programs using edonkey                              78        4.6%
    Programs using gnutella                            198       11.7%
    Programs using winmx                                76        4.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                 233,521        0.8%
Programs that made VMWare registry checks            3,792        0.0%
Programs that made SoftICE checks                   20,853        0.1%
Programs that made Wine checks                      21,874        0.1%
Programs that made Time checks                         778        0.0%
Programs that supress Compatibility Warnings     1,915,902        6.8%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            439        0.0%
Programs that installed a Rootkit                      131        0.0%
Programs that installed a startup entry            368,851        1.3%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   43,521        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>