Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,110,683            
  Programs Skipped                              1,510,792       71.6%
  Programs Analyzed                               599,891       28.4%
    Completed Analysis Runs                       599,300       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  591        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       559,301       93.3%
  Programs using HTTP                             289,893       51.8%
    URLs captured                                       0            
  Programs using FTP                                  141        0.0%
  Programs using SMTP                                 280        0.1%
  Programs using IRC                                1,043        0.2%
Programs that sent UDP data                       584,916       97.6%
  Programs that made DNS requests                 584,916      100.0%
Programs that made P2P connections                      6        0.0%
    Programs using bittorrent                           5       83.3%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                1       16.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              5,645,891            
  Programs Skipped                              4,228,192       74.9%
  Programs Analyzed                             1,417,699       25.1%
    Completed Analysis Runs                     1,416,485       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,214        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,239,997       87.5%
  Programs using HTTP                             607,647       49.0%
    URLs captured                                       0            
  Programs using FTP                                  281        0.0%
  Programs using SMTP                                 579        0.0%
  Programs using IRC                                7,516        0.6%
Programs that sent UDP data                     1,382,489       97.6%
  Programs that made DNS requests               1,382,489      100.0%
Programs that made P2P connections                     33        0.0%
    Programs using bittorrent                          29       87.9%
    Programs using edonkey                              2        6.1%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                2        6.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             13,807,767            
  Programs Skipped                             11,472,264       83.1%
  Programs Analyzed                             2,335,503       16.9%
    Completed Analysis Runs                     2,332,648       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,855        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,159,179       92.6%
  Programs using HTTP                           1,209,012       56.0%
    URLs captured                                       0            
  Programs using FTP                                  707        0.0%
  Programs using SMTP                               2,318        0.1%
  Programs using IRC                               17,126        0.8%
Programs that sent UDP data                     2,276,664       97.6%
  Programs that made DNS requests               2,276,664      100.0%
Programs that made P2P connections                     52        0.0%
    Programs using bittorrent                          44       84.6%
    Programs using edonkey                              4        7.7%
    Programs using gnutella                             1        1.9%
    Programs using winmx                                3        5.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             22,154,601            
  Programs Skipped                             18,043,996       81.4%
  Programs Analyzed                             4,110,605       18.6%
    Completed Analysis Runs                     4,105,444       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                5,161        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,446,219       83.9%
  Programs using HTTP                           1,656,036       48.1%
    URLs captured                                       0            
  Programs using FTP                               24,273        0.7%
  Programs using SMTP                               4,258        0.1%
  Programs using IRC                               24,089        0.7%
Programs that sent UDP data                     4,006,913       97.6%
  Programs that made DNS requests               4,006,913      100.0%
Programs that made P2P connections                     68        0.0%
    Programs using bittorrent                          58       85.3%
    Programs using edonkey                              5        7.4%
    Programs using gnutella                             1        1.5%
    Programs using winmx                                4        5.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             69,232,178            
  Programs Skipped                             60,377,995       87.2%
  Programs Analyzed                             8,854,183       12.8%
    Completed Analysis Runs                     8,842,681       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                               11,502        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     7,853,197       88.8%
  Programs using HTTP                           4,075,532       51.9%
    URLs captured                                       0            
  Programs using FTP                               32,488        0.4%
  Programs using SMTP                              11,651        0.1%
  Programs using IRC                               49,135        0.6%
Programs that sent UDP data                     8,630,456       97.6%
  Programs that made DNS requests               8,630,456      100.0%
Programs that made P2P connections                    157        0.0%
    Programs using bittorrent                         129       82.2%
    Programs using edonkey                             10        6.4%
    Programs using gnutella                            10        6.4%
    Programs using winmx                                8        5.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             132,501,911            
  Programs Skipped                             117,049,881       88.3%
  Programs Analyzed                             15,452,030       11.7%
    Completed Analysis Runs                     15,290,871       99.0%
    Failed Analysis Runs                             8,868        0.1%
    Programs Retried                               118,628        0.8%
    Invalid Binaries                                33,663        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     12,497,108       81.7%
  Programs using HTTP                            6,693,141       53.6%
    URLs captured                               20,104,794            
  Programs using FTP                                68,453        0.5%
  Programs using SMTP                               29,072        0.2%
  Programs using IRC                                67,529        0.5%
Programs that sent UDP data                     14,923,890       97.6%
  Programs that made DNS requests               14,923,890      100.0%
Programs that made P2P connections                     369        0.0%
    Programs using bittorrent                          300       81.3%
    Programs using edonkey                              19        5.1%
    Programs using gnutella                             39       10.6%
    Programs using winmx                                11        3.0%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             209,388,694            
  Programs Skipped                             179,820,855       85.9%
  Programs Analyzed                             29,567,839       14.1%
    Completed Analysis Runs                     28,861,834       97.6%
    Failed Analysis Runs                            94,313        0.3%
    Programs Retried                               574,337        1.9%
    Invalid Binaries                                37,355        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     17,719,699       61.4%
  Programs using HTTP                            9,883,933       55.8%
    URLs captured                               53,268,640            
  Programs using FTP                               121,735        0.7%
  Programs using SMTP                               60,255        0.3%
  Programs using IRC                                96,790        0.5%
Programs that sent UDP data                     28,169,149       97.6%
  Programs that made DNS requests               28,169,149      100.0%
Programs that made P2P connections                   1,700        0.0%
    Programs using bittorrent                        1,359       79.9%
    Programs using edonkey                              74        4.4%
    Programs using gnutella                            189       11.1%
    Programs using winmx                                78        4.6%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                 172,737        0.6%
Programs that made VMWare registry checks            3,639        0.0%
Programs that made SoftICE checks                   18,761        0.1%
Programs that made Wine checks                      18,595        0.1%
Programs that made Time checks                         759        0.0%
Programs that supress Compatibility Warnings     1,409,603        4.9%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            410        0.0%
Programs that installed a Rootkit                      123        0.0%
Programs that installed a startup entry            252,431        0.9%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   36,824        0.1%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>