Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                894,715            
  Programs Skipped                                683,012       76.3%
  Programs Analyzed                               211,703       23.7%
    Completed Analysis Runs                       211,692      100.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                   11        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       175,721       83.0%
  Programs using HTTP                             134,339       76.5%
    URLs captured                                       0            
  Programs using FTP                                   43        0.0%
  Programs using SMTP                                 182        0.1%
  Programs using IRC                                1,700        1.0%
Programs that sent UDP data                       206,611       97.6%
  Programs that made DNS requests                 206,611      100.0%
Programs that made P2P connections                      0        0.0%
    Programs using bittorrent                           0            
    Programs using edonkey                              0            
    Programs using gnutella                             0            
    Programs using winmx                                0            
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              4,799,302            
  Programs Skipped                              3,766,748       78.5%
  Programs Analyzed                             1,032,554       21.5%
    Completed Analysis Runs                     1,031,755       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  799        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       859,336       83.3%
  Programs using HTTP                             435,892       50.7%
    URLs captured                                       0            
  Programs using FTP                                  160        0.0%
  Programs using SMTP                                 385        0.0%
  Programs using IRC                                2,973        0.3%
Programs that sent UDP data                     1,006,992       97.6%
  Programs that made DNS requests               1,006,992      100.0%
Programs that made P2P connections                      3        0.0%
    Programs using bittorrent                           3      100.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             10,139,290            
  Programs Skipped                              7,768,570       76.6%
  Programs Analyzed                             2,370,720       23.4%
    Completed Analysis Runs                     2,368,784       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,936        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,086,993       88.1%
  Programs using HTTP                           1,070,185       51.3%
    URLs captured                                       0            
  Programs using FTP                                  476        0.0%
  Programs using SMTP                                 991        0.0%
  Programs using IRC                               11,164        0.5%
Programs that sent UDP data                     2,311,933       97.6%
  Programs that made DNS requests               2,311,933      100.0%
Programs that made P2P connections                     39        0.0%
    Programs using bittorrent                          35       89.7%
    Programs using edonkey                              2        5.1%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                2        5.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             18,280,446            
  Programs Skipped                             15,010,155       82.1%
  Programs Analyzed                             3,270,291       17.9%
    Completed Analysis Runs                     3,266,525       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                3,766        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,999,966       91.8%
  Programs using HTTP                           1,672,543       55.8%
    URLs captured                                       0            
  Programs using FTP                                1,153        0.0%
  Programs using SMTP                               2,782        0.1%
  Programs using IRC                               20,750        0.7%
Programs that sent UDP data                     3,188,128       97.6%
  Programs that made DNS requests               3,188,128      100.0%
Programs that made P2P connections                     56        0.0%
    Programs using bittorrent                          48       85.7%
    Programs using edonkey                              4        7.1%
    Programs using gnutella                             1        1.8%
    Programs using winmx                                3        5.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             56,666,265            
  Programs Skipped                             48,063,860       84.8%
  Programs Analyzed                             8,602,405       15.2%
    Completed Analysis Runs                     8,591,449       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                               10,956        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     7,159,540       83.3%
  Programs using HTTP                           3,518,051       49.1%
    URLs captured                                       0            
  Programs using FTP                               32,293        0.5%
  Programs using SMTP                              10,440        0.1%
  Programs using IRC                               45,212        0.6%
Programs that sent UDP data                     8,385,254       97.6%
  Programs that made DNS requests               8,385,254      100.0%
Programs that made P2P connections                    142        0.0%
    Programs using bittorrent                         121       85.2%
    Programs using edonkey                              8        5.6%
    Programs using gnutella                             5        3.5%
    Programs using winmx                                8        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             130,460,810            
  Programs Skipped                             115,186,321       88.3%
  Programs Analyzed                             15,274,489       11.7%
    Completed Analysis Runs                     15,129,693       99.1%
    Failed Analysis Runs                             7,509        0.0%
    Programs Retried                               104,249        0.7%
    Invalid Binaries                                33,038        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     12,694,867       83.9%
  Programs using HTTP                            6,859,954       54.0%
    URLs captured                               17,249,771            
  Programs using FTP                                64,813        0.5%
  Programs using SMTP                               27,839        0.2%
  Programs using IRC                                68,469        0.5%
Programs that sent UDP data                     14,766,580       97.6%
  Programs that made DNS requests               14,766,580      100.0%
Programs that made P2P connections                     327        0.0%
    Programs using bittorrent                          275       84.1%
    Programs using edonkey                              17        5.2%
    Programs using gnutella                             25        7.6%
    Programs using winmx                                10        3.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             211,810,139            
  Programs Skipped                             182,138,037       86.0%
  Programs Analyzed                             29,672,102       14.0%
    Completed Analysis Runs                     29,087,041       98.0%
    Failed Analysis Runs                            73,190        0.2%
    Programs Retried                               473,832        1.6%
    Invalid Binaries                                38,039        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     18,314,386       63.0%
  Programs using HTTP                           10,196,259       55.7%
    URLs captured                               52,219,770            
  Programs using FTP                               119,790        0.7%
  Programs using SMTP                               59,895        0.3%
  Programs using IRC                                98,786        0.5%
Programs that sent UDP data                     28,388,952       97.6%
  Programs that made DNS requests               28,388,952      100.0%
Programs that made P2P connections                   1,683        0.0%
    Programs using bittorrent                        1,352       80.3%
    Programs using edonkey                              67        4.0%
    Programs using gnutella                            186       11.1%
    Programs using winmx                                78        4.6%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                 151,371        0.5%
Programs that made VMWare registry checks            2,920        0.0%
Programs that made SoftICE checks                   17,320        0.1%
Programs that made Wine checks                      16,467        0.1%
Programs that made Time checks                         756        0.0%
Programs that supress Compatibility Warnings     1,143,714        3.9%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            403        0.0%
Programs that installed a Rootkit                      123        0.0%
Programs that installed a startup entry            184,256        0.6%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   31,212        0.1%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>