Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,620,712            
  Programs Skipped                              2,013,436       76.8%
  Programs Analyzed                               607,276       23.2%
    Completed Analysis Runs                       606,420       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  856        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       413,778       68.2%
  Programs using HTTP                             155,809       37.7%
    URLs captured                                       0            
  Programs using FTP                                7,819        1.9%
  Programs using SMTP                               1,528        0.4%
  Programs using IRC                                3,313        0.8%
Programs that sent UDP data                       499,038       82.3%
  Programs that made DNS requests                 499,038      100.0%
Programs that made P2P connections                      3        0.0%
    Programs using bittorrent                           2       66.7%
    Programs using edonkey                              1       33.3%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              9,041,938            
  Programs Skipped                              7,107,359       78.6%
  Programs Analyzed                             1,934,579       21.4%
    Completed Analysis Runs                     1,932,745       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,834        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,328,362       68.7%
  Programs using HTTP                             401,180       30.2%
    URLs captured                                       0            
  Programs using FTP                               25,227        1.9%
  Programs using SMTP                               1,892        0.1%
  Programs using IRC                                5,242        0.4%
Programs that sent UDP data                     1,567,440       81.1%
  Programs that made DNS requests               1,567,440      100.0%
Programs that made P2P connections                     20        0.0%
    Programs using bittorrent                          17       85.0%
    Programs using edonkey                              1        5.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                2       10.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             24,509,421            
  Programs Skipped                             20,755,699       84.7%
  Programs Analyzed                             3,753,722       15.3%
    Completed Analysis Runs                     3,749,253       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                4,469        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,799,779       74.7%
  Programs using HTTP                           1,075,091       38.4%
    URLs captured                                       0            
  Programs using FTP                               30,482        1.1%
  Programs using SMTP                               3,203        0.1%
  Programs using IRC                               19,469        0.7%
Programs that sent UDP data                     3,238,416       86.4%
  Programs that made DNS requests               3,238,388      100.0%
Programs that made P2P connections                     54        0.0%
    Programs using bittorrent                          46       85.2%
    Programs using edonkey                              2        3.7%
    Programs using gnutella                             3        5.6%
    Programs using winmx                                3        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             39,043,820            
  Programs Skipped                             33,648,146       86.2%
  Programs Analyzed                             5,395,674       13.8%
    Completed Analysis Runs                     5,388,365       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                7,309        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,163,665       77.3%
  Programs using HTTP                           1,850,848       44.5%
    URLs captured                                       0            
  Programs using FTP                               30,757        0.7%
  Programs using SMTP                               7,647        0.2%
  Programs using IRC                               23,690        0.6%
Programs that sent UDP data                     4,822,842       89.5%
  Programs that made DNS requests               4,822,825      100.0%
Programs that made P2P connections                     89        0.0%
    Programs using bittorrent                          75       84.3%
    Programs using edonkey                              4        4.5%
    Programs using gnutella                             5        5.6%
    Programs using winmx                                5        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             78,034,795            
  Programs Skipped                             68,963,957       88.4%
  Programs Analyzed                             9,070,838       11.6%
    Completed Analysis Runs                     9,051,402       99.8%
    Failed Analysis Runs                              546        0.0%
    Programs Retried                                2,258        0.0%
    Invalid Binaries                               16,632        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     8,080,333       89.3%
  Programs using HTTP                           4,068,808       50.4%
    URLs captured                               6,990,833            
  Programs using FTP                               48,916        0.6%
  Programs using SMTP                              14,675        0.2%
  Programs using IRC                               40,456        0.5%
Programs that sent UDP data                     8,834,168       97.6%
  Programs that made DNS requests               8,834,168      100.0%
Programs that made P2P connections                    163        0.0%
    Programs using bittorrent                         136       83.4%
    Programs using edonkey                              8        4.9%
    Programs using gnutella                            12        7.4%
    Programs using winmx                                7        4.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             133,438,532            
  Programs Skipped                             117,929,409       88.4%
  Programs Analyzed                             15,509,123       11.6%
    Completed Analysis Runs                     15,319,427       98.8%
    Failed Analysis Runs                            12,653        0.1%
    Programs Retried                               144,402        0.9%
    Invalid Binaries                                32,641        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     11,285,421       73.7%
  Programs using HTTP                            5,953,876       52.8%
    URLs captured                               26,862,229            
  Programs using FTP                                84,508        0.7%
  Programs using SMTP                               34,745        0.3%
  Programs using IRC                                53,463        0.5%
Programs that sent UDP data                     14,951,760       97.6%
  Programs that made DNS requests               14,951,760      100.0%
Programs that made P2P connections                     493        0.0%
    Programs using bittorrent                          337       68.4%
    Programs using edonkey                              19        3.9%
    Programs using gnutella                             92       18.7%
    Programs using winmx                                45        9.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             210,397,021            
  Programs Skipped                             180,608,640       85.8%
  Programs Analyzed                             29,788,381       14.2%
    Completed Analysis Runs                     28,788,312       96.6%
    Failed Analysis Runs                           155,982        0.5%
    Programs Retried                               810,151        2.7%
    Invalid Binaries                                33,936        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     15,878,085       55.2%
  Programs using HTTP                            8,872,412       55.9%
    URLs captured                               55,437,030            
  Programs using FTP                               122,952        0.8%
  Programs using SMTP                               58,765        0.4%
  Programs using IRC                                82,051        0.5%
Programs that sent UDP data                     28,097,392       97.6%
  Programs that made DNS requests               28,097,392      100.0%
Programs that made P2P connections                   1,682        0.0%
    Programs using bittorrent                        1,329       79.0%
    Programs using edonkey                              77        4.6%
    Programs using gnutella                            200       11.9%
    Programs using winmx                                76        4.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                 384,948        1.3%
Programs that made VMWare registry checks            3,863        0.0%
Programs that made SoftICE checks                   21,182        0.1%
Programs that made Wine checks                      22,475        0.1%
Programs that made Time checks                         783        0.0%
Programs that supress Compatibility Warnings     2,378,565        8.3%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            440        0.0%
Programs that installed a Rootkit                      132        0.0%
Programs that installed a startup entry            421,080        1.5%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   47,116        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>