Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,069,312            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,069,312      100.0%
    Completed Analysis Runs                     1,062,848       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                3,619        0.3%
    Invalid Binaries                                2,845        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       572,159       53.8%
  Programs using HTTP                             170,540       29.8%
    URLs captured                                       0            
  Programs using FTP                                  139        0.0%
  Programs using SMTP                               1,638        0.3%
  Programs using IRC                               10,916        1.9%
Programs that sent UDP data                       724,699       68.2%
  Programs that made DNS requests                 348,042       48.0%
Programs that made P2P connections                     35        0.0%
    Programs using bittorrent                          18       51.4%
    Programs using edonkey                              3        8.6%
    Programs using gnutella                            14       40.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,450,468            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             3,450,468      100.0%
    Completed Analysis Runs                     3,427,712       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               17,019        0.5%
    Invalid Binaries                                5,737        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,864,050       54.4%
  Programs using HTTP                             512,805       27.5%
    URLs captured                                       0            
  Programs using FTP                                  580        0.0%
  Programs using SMTP                               2,037        0.1%
  Programs using IRC                               23,234        1.2%
Programs that sent UDP data                     2,396,521       69.9%
  Programs that made DNS requests               1,090,818       45.5%
Programs that made P2P connections                    137        0.0%
    Programs using bittorrent                          86       62.8%
    Programs using edonkey                              9        6.6%
    Programs using gnutella                            29       21.2%
    Programs using winmx                               13        9.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              5,827,009            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             5,827,009      100.0%
    Completed Analysis Runs                     5,791,305       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               28,928        0.5%
    Invalid Binaries                                6,776        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,975,210       51.4%
  Programs using HTTP                             844,100       28.4%
    URLs captured                                       0            
  Programs using FTP                                1,005        0.0%
  Programs using SMTP                               2,552        0.1%
  Programs using IRC                               40,001        1.3%
Programs that sent UDP data                     3,896,224       67.3%
  Programs that made DNS requests               1,802,838       46.3%
Programs that made P2P connections                    209        0.0%
    Programs using bittorrent                         142       67.9%
    Programs using edonkey                             11        5.3%
    Programs using gnutella                            35       16.7%
    Programs using winmx                               21       10.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              9,589,305            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             9,589,305      100.0%
    Completed Analysis Runs                     9,535,165       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               44,316        0.5%
    Invalid Binaries                                9,824        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,984,787       41.8%
  Programs using HTTP                           1,213,971       30.5%
    URLs captured                                       0            
  Programs using FTP                                1,450        0.0%
  Programs using SMTP                               6,412        0.2%
  Programs using IRC                               50,762        1.3%
Programs that sent UDP data                     5,091,343       53.4%
  Programs that made DNS requests               2,573,595       50.5%
Programs that made P2P connections                    300        0.0%
    Programs using bittorrent                         210       70.0%
    Programs using edonkey                             16        5.3%
    Programs using gnutella                            48       16.0%
    Programs using winmx                               26        8.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             16,798,427            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            16,798,427      100.0%
    Completed Analysis Runs                    16,676,992       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               75,825        0.5%
    Invalid Binaries                               45,610        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,494,933       38.9%
  Programs using HTTP                           1,604,321       24.7%
    URLs captured                                       0            
  Programs using FTP                                2,057        0.0%
  Programs using SMTP                               9,243        0.1%
  Programs using IRC                              192,587        3.0%
Programs that sent UDP data                     7,924,922       47.5%
  Programs that made DNS requests               4,001,831       50.5%
Programs that made P2P connections                    452        0.0%
    Programs using bittorrent                         321       71.0%
    Programs using edonkey                             33        7.3%
    Programs using gnutella                            68       15.0%
    Programs using winmx                               30        6.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             24,877,066            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            24,877,066      100.0%
    Completed Analysis Runs                    24,695,719       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              127,179        0.5%
    Invalid Binaries                               54,168        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    10,140,964       41.1%
  Programs using HTTP                           3,481,156       34.3%
    URLs captured                                       0            
  Programs using FTP                                3,799        0.0%
  Programs using SMTP                              13,265        0.1%
  Programs using IRC                              229,401        2.3%
Programs that sent UDP data                    13,448,084       54.5%
  Programs that made DNS requests               6,229,010       46.3%
Programs that made P2P connections                    519        0.0%
    Programs using bittorrent                         371       71.5%
    Programs using edonkey                             37        7.1%
    Programs using gnutella                            76       14.6%
    Programs using winmx                               35        6.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             137,744,751            
  Programs Skipped                              97,529,224       70.8%
  Programs Analyzed                             40,215,527       29.2%
    Completed Analysis Runs                     39,970,051       99.4%
    Failed Analysis Runs                             2,351        0.0%
    Programs Retried                               160,957        0.4%
    Invalid Binaries                                82,168        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     23,316,439       58.3%
  Programs using HTTP                           10,777,868       46.2%
    URLs captured                               10,981,413            
  Programs using FTP                                59,657        0.3%
  Programs using SMTP                               36,440        0.2%
  Programs using IRC                               308,220        1.3%
Programs that sent UDP data                     30,452,040       76.2%
  Programs that made DNS requests               22,723,082       74.6%
Programs that made P2P connections                     804        0.0%
    Programs using bittorrent                          609       75.7%
    Programs using edonkey                              52        6.5%
    Programs using gnutella                             97       12.1%
    Programs using winmx                                46        5.7%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>