Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,755,034            
  Programs Skipped                              1,453,129       82.8%
  Programs Analyzed                               301,905       17.2%
    Completed Analysis Runs                       301,901      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                    4        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       122,154       40.5%
  Programs using HTTP                              52,615       43.1%
    URLs captured                                       0            
  Programs using FTP                                    4        0.0%
  Programs using SMTP                                 405        0.3%
  Programs using IRC                                  233        0.2%
Programs that sent UDP data                       299,751       99.3%
  Programs that made DNS requests                 299,751      100.0%
Programs that made P2P connections                      1        0.0%
    Programs using bittorrent                           1      100.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              4,126,385            
  Programs Skipped                              3,350,247       81.2%
  Programs Analyzed                               776,138       18.8%
    Completed Analysis Runs                       776,029      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  109        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       570,415       73.5%
  Programs using HTTP                             427,733       75.0%
    URLs captured                                       0            
  Programs using FTP                                  160        0.0%
  Programs using SMTP                                 649        0.1%
  Programs using IRC                                3,873        0.7%
Programs that sent UDP data                       757,404       97.6%
  Programs that made DNS requests                 757,404      100.0%
Programs that made P2P connections                      6        0.0%
    Programs using bittorrent                           5       83.3%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1       16.7%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              8,970,337            
  Programs Skipped                              7,134,569       79.5%
  Programs Analyzed                             1,835,768       20.5%
    Completed Analysis Runs                     1,834,792       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  976        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,586,950       86.5%
  Programs using HTTP                           1,008,539       63.6%
    URLs captured                                       0            
  Programs using FTP                                  430        0.0%
  Programs using SMTP                               1,113        0.1%
  Programs using IRC                                7,741        0.5%
Programs that sent UDP data                     1,790,756       97.6%
  Programs that made DNS requests               1,790,756      100.0%
Programs that made P2P connections                     10        0.0%
    Programs using bittorrent                           9       90.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1       10.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             14,268,287            
  Programs Skipped                             11,130,244       78.0%
  Programs Analyzed                             3,138,043       22.0%
    Completed Analysis Runs                     3,135,954       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,089        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,772,934       88.4%
  Programs using HTTP                           1,619,261       58.4%
    URLs captured                                       0            
  Programs using FTP                                  721        0.0%
  Programs using SMTP                               1,719        0.1%
  Programs using IRC                               16,091        0.6%
Programs that sent UDP data                     3,060,691       97.6%
  Programs that made DNS requests               3,060,691      100.0%
Programs that made P2P connections                     45        0.0%
    Programs using bittorrent                          40       88.9%
    Programs using edonkey                              2        4.4%
    Programs using gnutella                             1        2.2%
    Programs using winmx                                2        4.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             46,313,301            
  Programs Skipped                             38,558,939       83.3%
  Programs Analyzed                             7,754,362       16.7%
    Completed Analysis Runs                     7,745,774       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                8,588        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,463,311       83.4%
  Programs using HTTP                           3,298,095       51.0%
    URLs captured                                       0            
  Programs using FTP                               32,244        0.5%
  Programs using SMTP                               6,780        0.1%
  Programs using IRC                               45,915        0.7%
Programs that sent UDP data                     7,559,875       97.6%
  Programs that made DNS requests               7,559,875      100.0%
Programs that made P2P connections                    114        0.0%
    Programs using bittorrent                          98       86.0%
    Programs using edonkey                              6        5.3%
    Programs using gnutella                             4        3.5%
    Programs using winmx                                6        5.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             120,900,643            
  Programs Skipped                             105,543,543       87.3%
  Programs Analyzed                             15,357,100       12.7%
    Completed Analysis Runs                     15,287,955       99.5%
    Failed Analysis Runs                             3,305        0.0%
    Programs Retried                                36,119        0.2%
    Invalid Binaries                                29,721        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     13,069,773       85.5%
  Programs using HTTP                            7,258,188       55.5%
    URLs captured                               15,977,237            
  Programs using FTP                                63,475        0.5%
  Programs using SMTP                               27,417        0.2%
  Programs using IRC                                71,897        0.6%
Programs that sent UDP data                     14,921,044       97.6%
  Programs that made DNS requests               14,921,044      100.0%
Programs that made P2P connections                     325        0.0%
    Programs using bittorrent                          276       84.9%
    Programs using edonkey                              16        4.9%
    Programs using gnutella                             23        7.1%
    Programs using winmx                                10        3.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             210,052,525            
  Programs Skipped                             180,986,931       86.2%
  Programs Analyzed                             29,065,594       13.8%
    Completed Analysis Runs                     28,600,862       98.4%
    Failed Analysis Runs                            51,247        0.2%
    Programs Retried                               375,340        1.3%
    Invalid Binaries                                38,145        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     18,617,579       65.1%
  Programs using HTTP                           10,497,151       56.4%
    URLs captured                               49,560,653            
  Programs using FTP                               117,856        0.6%
  Programs using SMTP                               57,743        0.3%
  Programs using IRC                                95,004        0.5%
Programs that sent UDP data                     27,914,441       97.6%
  Programs that made DNS requests               27,914,441      100.0%
Programs that made P2P connections                   1,629        0.0%
    Programs using bittorrent                        1,337       82.1%
    Programs using edonkey                              57        3.5%
    Programs using gnutella                            162        9.9%
    Programs using winmx                                73        4.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                  90,789        0.3%
Programs that made VMWare registry checks            1,814        0.0%
Programs that made SoftICE checks                    9,638        0.0%
Programs that made Wine checks                      10,061        0.0%
Programs that made Time checks                         398        0.0%
Programs that supress Compatibility Warnings       693,833        2.4%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            243        0.0%
Programs that installed a Rootkit                       99        0.0%
Programs that installed a startup entry            107,201        0.4%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   21,146        0.1%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>