Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                193,179            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               193,179      100.0%
    Completed Analysis Runs                       193,173      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                    6        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       110,134       57.0%
  Programs using HTTP                              58,057       52.7%
    URLs captured                                       0            
  Programs using FTP                                   53        0.0%
  Programs using SMTP                                  85        0.1%
  Programs using IRC                                  305        0.3%
Programs that sent UDP data                       188,536       97.6%
  Programs that made DNS requests                  70,504       37.4%
Programs that made P2P connections                      0        0.0%
    Programs using bittorrent                           0            
    Programs using edonkey                              0            
    Programs using gnutella                             0            
    Programs using winmx                                0            
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                450,068            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               450,068      100.0%
    Completed Analysis Runs                       449,960      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  108        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       386,940       86.0%
  Programs using HTTP                             265,647       68.7%
    URLs captured                                       0            
  Programs using FTP                                  290        0.1%
  Programs using SMTP                                 427        0.1%
  Programs using IRC                                3,880        1.0%
Programs that sent UDP data                       439,160       97.6%
  Programs that made DNS requests                 286,786       65.3%
Programs that made P2P connections                      2        0.0%
    Programs using bittorrent                           2      100.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,422,551            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,422,551      100.0%
    Completed Analysis Runs                     1,422,393      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  158        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,118,653       78.6%
  Programs using HTTP                             731,178       65.4%
    URLs captured                                       0            
  Programs using FTP                                  536        0.0%
  Programs using SMTP                               1,546        0.1%
  Programs using IRC                                9,667        0.9%
Programs that sent UDP data                     1,388,255       97.6%
  Programs that made DNS requests                 882,311       63.6%
Programs that made P2P connections                      7        0.0%
    Programs using bittorrent                           5       71.4%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             2       28.6%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,587,241            
  Programs Skipped                                187,233        7.2%
  Programs Analyzed                             2,400,008       92.8%
    Completed Analysis Runs                     2,388,382       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.5%
    Invalid Binaries                                  312        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,870,411       78.3%
  Programs using HTTP                           1,281,222       68.5%
    URLs captured                                       0            
  Programs using FTP                                  877        0.0%
  Programs using SMTP                               2,509        0.1%
  Programs using IRC                               19,353        1.0%
Programs that sent UDP data                     2,331,060       97.6%
  Programs that made DNS requests               1,413,657       60.6%
Programs that made P2P connections                     14        0.0%
    Programs using bittorrent                          10       71.4%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             4       28.6%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             16,444,012            
  Programs Skipped                             11,007,337       66.9%
  Programs Analyzed                             5,436,675       33.1%
    Completed Analysis Runs                     5,423,161       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.2%
    Invalid Binaries                                2,200        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,585,290       84.6%
  Programs using HTTP                           2,930,716       63.9%
    URLs captured                                       0            
  Programs using FTP                                1,645        0.0%
  Programs using SMTP                               4,921        0.1%
  Programs using IRC                               31,548        0.7%
Programs that sent UDP data                     5,293,005       97.6%
  Programs that made DNS requests               5,214,507       98.5%
Programs that made P2P connections                     50        0.0%
    Programs using bittorrent                          38       76.0%
    Programs using edonkey                              3        6.0%
    Programs using gnutella                             6       12.0%
    Programs using winmx                                3        6.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             94,216,662            
  Programs Skipped                             80,070,443       85.0%
  Programs Analyzed                            14,146,219       15.0%
    Completed Analysis Runs                    14,116,601       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               11,314        0.1%
    Invalid Binaries                               18,304        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    12,416,922       88.0%
  Programs using HTTP                           7,100,565       57.2%
    URLs captured                               1,289,572            
  Programs using FTP                               39,056        0.3%
  Programs using SMTP                              18,298        0.1%
  Programs using IRC                               81,022        0.7%
Programs that sent UDP data                    13,777,802       97.6%
  Programs that made DNS requests              13,777,802      100.0%
Programs that made P2P connections                    202        0.0%
    Programs using bittorrent                         163       80.7%
    Programs using edonkey                             12        5.9%
    Programs using gnutella                            17        8.4%
    Programs using winmx                               10        5.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             196,751,995            
  Programs Skipped                             169,017,297       85.9%
  Programs Analyzed                             27,734,698       14.1%
    Completed Analysis Runs                     27,460,635       99.0%
    Failed Analysis Runs                            17,474        0.1%
    Programs Retried                               219,115        0.8%
    Invalid Binaries                                37,474        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     19,403,329       70.7%
  Programs using HTTP                           10,987,629       56.6%
    URLs captured                               41,489,008            
  Programs using FTP                               111,496        0.6%
  Programs using SMTP                               48,569        0.3%
  Programs using IRC                               105,273        0.5%
Programs that sent UDP data                     26,801,579       97.6%
  Programs that made DNS requests               26,801,579      100.0%
Programs that made P2P connections                   1,434        0.0%
    Programs using bittorrent                        1,205       84.0%
    Programs using edonkey                              44        3.1%
    Programs using gnutella                            119        8.3%
    Programs using winmx                                66        4.6%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>