Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              7,031,134            
  Programs Skipped                              6,575,560       93.5%
  Programs Analyzed                               455,574        6.5%
    Completed Analysis Runs                       455,338       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  236        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       267,184       58.7%
  Programs using HTTP                             192,334       72.0%
    URLs captured                                       0            
  Programs using FTP                                   73        0.0%
  Programs using SMTP                                 179        0.1%
  Programs using IRC                                1,341        0.5%
Programs that sent UDP data                       283,397       62.2%
  Programs that made DNS requests                 283,397      100.0%
Programs that made P2P connections                      0        0.0%
    Programs using bittorrent                           0            
    Programs using edonkey                              0            
    Programs using gnutella                             0            
    Programs using winmx                                0            
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             18,855,761            
  Programs Skipped                             17,671,997       93.7%
  Programs Analyzed                             1,183,764        6.3%
    Completed Analysis Runs                     1,182,858       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  906        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       981,080       82.9%
  Programs using HTTP                             755,477       77.0%
    URLs captured                                       0            
  Programs using FTP                                  272        0.0%
  Programs using SMTP                                 620        0.1%
  Programs using IRC                                6,670        0.7%
Programs that sent UDP data                     1,025,806       86.7%
  Programs that made DNS requests               1,025,806      100.0%
Programs that made P2P connections                      1        0.0%
    Programs using bittorrent                           0        0.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1      100.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             30,916,249            
  Programs Skipped                             28,670,749       92.7%
  Programs Analyzed                             2,245,500        7.3%
    Completed Analysis Runs                     2,238,231       99.7%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                7,269        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,943,026       86.8%
  Programs using HTTP                           1,275,541       65.6%
    URLs captured                               2,068,640            
  Programs using FTP                                7,279        0.4%
  Programs using SMTP                               3,062        0.2%
  Programs using IRC                               10,199        0.5%
Programs that sent UDP data                     2,113,337       94.4%
  Programs that made DNS requests               2,113,337      100.0%
Programs that made P2P connections                     23        0.0%
    Programs using bittorrent                          18       78.3%
    Programs using edonkey                              2        8.7%
    Programs using gnutella                             2        8.7%
    Programs using winmx                                1        4.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             38,731,472            
  Programs Skipped                             35,082,635       90.6%
  Programs Analyzed                             3,648,837        9.4%
    Completed Analysis Runs                     3,636,713       99.7%
    Failed Analysis Runs                              546        0.0%
    Programs Retried                                2,258        0.1%
    Invalid Binaries                                9,320        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,190,159       87.7%
  Programs using HTTP                           1,842,356       57.8%
    URLs captured                               7,018,129            
  Programs using FTP                               18,038        0.6%
  Programs using SMTP                               6,063        0.2%
  Programs using IRC                               16,064        0.5%
Programs that sent UDP data                     3,549,431       97.6%
  Programs that made DNS requests               3,549,431      100.0%
Programs that made P2P connections                     58        0.0%
    Programs using bittorrent                          50       86.2%
    Programs using edonkey                              2        3.4%
    Programs using gnutella                             4        6.9%
    Programs using winmx                                2        3.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             71,900,479            
  Programs Skipped                             65,471,619       91.1%
  Programs Analyzed                             6,428,860        8.9%
    Completed Analysis Runs                     6,296,232       97.9%
    Failed Analysis Runs                            7,493        0.1%
    Programs Retried                              103,686        1.6%
    Invalid Binaries                               21,449        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,682,379       74.4%
  Programs using HTTP                           2,892,938       61.8%
    URLs captured                              16,994,471            
  Programs using FTP                               31,957        0.7%
  Programs using SMTP                              16,093        0.3%
  Programs using IRC                               21,723        0.5%
Programs that sent UDP data                     6,145,122       97.6%
  Programs that made DNS requests               6,145,122      100.0%
Programs that made P2P connections                    161        0.0%
    Programs using bittorrent                         139       86.3%
    Programs using edonkey                              6        3.7%
    Programs using gnutella                            14        8.7%
    Programs using winmx                                2        1.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             117,525,259            
  Programs Skipped                             103,717,592       88.3%
  Programs Analyzed                             13,807,667       11.7%
    Completed Analysis Runs                     13,591,717       98.4%
    Failed Analysis Runs                            14,268        0.1%
    Programs Retried                               176,128        1.3%
    Invalid Binaries                                25,554        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      8,101,594       59.6%
  Programs using HTTP                            4,664,560       57.6%
    URLs captured                               37,793,499            
  Programs using FTP                                68,636        0.8%
  Programs using SMTP                               29,547        0.4%
  Programs using IRC                                31,575        0.4%
Programs that sent UDP data                     13,265,515       97.6%
  Programs that made DNS requests               13,265,515      100.0%
Programs that made P2P connections                     855        0.0%
    Programs using bittorrent                          690       80.7%
    Programs using edonkey                              21        2.5%
    Programs using gnutella                             92       10.8%
    Programs using winmx                                52        6.1%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             183,536,232            
  Programs Skipped                             154,258,467       84.0%
  Programs Analyzed                             29,277,765       16.0%
    Completed Analysis Runs                     27,470,073       93.8%
    Failed Analysis Runs                           449,793        1.5%
    Programs Retried                             1,331,323        4.5%
    Invalid Binaries                                26,576        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     12,298,536       44.8%
  Programs using HTTP                            7,502,759       61.0%
    URLs captured                               63,985,379            
  Programs using FTP                               100,390        0.8%
  Programs using SMTP                               55,881        0.5%
  Programs using IRC                                69,604        0.6%
Programs that sent UDP data                     26,810,791       97.6%
  Programs that made DNS requests               26,810,791      100.0%
Programs that made P2P connections                   1,670        0.0%
    Programs using bittorrent                        1,281       76.7%
    Programs using edonkey                              81        4.9%
    Programs using gnutella                            235       14.1%
    Programs using winmx                                73        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               1,924,151        7.0%
Programs that made VMWare registry checks            4,485        0.0%
Programs that made SoftICE checks                   28,617        0.1%
Programs that made Wine checks                      32,931        0.1%
Programs that made Time checks                       1,582        0.0%
Programs that supress Compatibility Warnings     4,217,297       15.4%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            560        0.0%
Programs that installed a Rootkit                    1,061        0.0%
Programs that installed a startup entry            866,086        3.2%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   69,417        0.3%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>