Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              2,741,753            
  Programs Skipped                              2,389,907       87.2%
  Programs Analyzed                               351,846       12.8%
    Completed Analysis Runs                       346,745       98.6%
    Failed Analysis Runs                              205        0.1%
    Programs Retried                                4,407        1.3%
    Invalid Binaries                                  489        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       184,879       53.3%
  Programs using HTTP                             144,507       78.2%
    URLs captured                               1,156,158            
  Programs using FTP                                1,626        0.9%
  Programs using SMTP                               1,193        0.6%
  Programs using IRC                                  923        0.5%
Programs that sent UDP data                       338,423       97.6%
  Programs that made DNS requests                 338,423      100.0%
Programs that made P2P connections                     12        0.0%
    Programs using bittorrent                          10       83.3%
    Programs using edonkey                              1        8.3%
    Programs using gnutella                             1        8.3%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              9,507,325            
  Programs Skipped                              8,384,890       88.2%
  Programs Analyzed                             1,122,435       11.8%
    Completed Analysis Runs                     1,107,117       98.6%
    Failed Analysis Runs                            1,418        0.1%
    Programs Retried                               12,384        1.1%
    Invalid Binaries                                1,516        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       587,669       53.1%
  Programs using HTTP                             425,187       72.4%
    URLs captured                               3,647,217            
  Programs using FTP                                7,199        1.2%
  Programs using SMTP                               5,899        1.0%
  Programs using IRC                                2,268        0.4%
Programs that sent UDP data                     1,080,546       97.6%
  Programs that made DNS requests               1,080,546      100.0%
Programs that made P2P connections                     33        0.0%
    Programs using bittorrent                          29       87.9%
    Programs using edonkey                              2        6.1%
    Programs using gnutella                             2        6.1%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             22,319,419            
  Programs Skipped                             20,460,693       91.7%
  Programs Analyzed                             1,858,726        8.3%
    Completed Analysis Runs                     1,768,963       95.2%
    Failed Analysis Runs                            5,057        0.3%
    Programs Retried                               79,938        4.3%
    Invalid Binaries                                4,768        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       944,449       53.4%
  Programs using HTTP                             605,088       64.1%
    URLs captured                               5,605,069            
  Programs using FTP                                8,550        0.9%
  Programs using SMTP                               6,627        0.7%
  Programs using IRC                                3,430        0.4%
Programs that sent UDP data                     1,726,507       97.6%
  Programs that made DNS requests               1,726,507      100.0%
Programs that made P2P connections                     42        0.0%
    Programs using bittorrent                          32       76.2%
    Programs using edonkey                              4        9.5%
    Programs using gnutella                             6       14.3%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             29,492,742            
  Programs Skipped                             26,541,767       90.0%
  Programs Analyzed                             2,950,975       10.0%
    Completed Analysis Runs                     2,844,335       96.4%
    Failed Analysis Runs                            6,311        0.2%
    Programs Retried                               94,206        3.2%
    Invalid Binaries                                6,123        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,489,573       52.4%
  Programs using HTTP                             815,197       54.7%
    URLs captured                               7,739,818            
  Programs using FTP                               12,908        0.9%
  Programs using SMTP                               9,006        0.6%
  Programs using IRC                                5,211        0.3%
Programs that sent UDP data                     2,776,070       97.6%
  Programs that made DNS requests               2,776,070      100.0%
Programs that made P2P connections                    103        0.0%
    Programs using bittorrent                          69       67.0%
    Programs using edonkey                              5        4.9%
    Programs using gnutella                            28       27.2%
    Programs using winmx                                1        1.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             52,310,781            
  Programs Skipped                             45,803,219       87.6%
  Programs Analyzed                             6,507,562       12.4%
    Completed Analysis Runs                     6,356,078       97.7%
    Failed Analysis Runs                           10,882        0.2%
    Programs Retried                              132,125        2.0%
    Invalid Binaries                                8,477        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,101,494       48.8%
  Programs using HTTP                           1,647,155       53.1%
    URLs captured                              18,668,566            
  Programs using FTP                               33,431        1.1%
  Programs using SMTP                              17,016        0.5%
  Programs using IRC                               10,489        0.3%
Programs that sent UDP data                     6,203,532       97.6%
  Programs that made DNS requests               6,203,532      100.0%
Programs that made P2P connections                    476        0.0%
    Programs using bittorrent                         342       71.8%
    Programs using edonkey                             11        2.3%
    Programs using gnutella                            78       16.4%
    Programs using winmx                               45        9.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             91,279,162            
  Programs Skipped                             77,872,252       85.3%
  Programs Analyzed                            13,406,910       14.7%
    Completed Analysis Runs                    13,086,549       97.6%
    Failed Analysis Runs                           34,155        0.3%
    Programs Retried                              276,600        2.1%
    Invalid Binaries                                9,606        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     5,714,449       43.7%
  Programs using HTTP                           3,363,763       58.9%
    URLs captured                              34,678,765            
  Programs using FTP                               59,043        1.0%
  Programs using SMTP                              33,152        0.6%
  Programs using IRC                               19,299        0.3%
Programs that sent UDP data                    12,772,471       97.6%
  Programs that made DNS requests              12,772,471      100.0%
Programs that made P2P connections                  1,261        0.0%
    Programs using bittorrent                       1,060       84.1%
    Programs using edonkey                             35        2.8%
    Programs using gnutella                           106        8.4%
    Programs using winmx                               60        4.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                 32,369        0.2%
Programs that made VMWare registry checks           1,051        0.0%
Programs that made SoftICE checks                   2,583        0.0%
Programs that made Wine checks                      3,188        0.0%
Programs that made Time checks                         26        0.0%
Programs that supress Compatibility Warnings      274,971        2.1%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates            35        0.0%
Programs that installed a Rootkit                       1        0.0%
Programs that installed a startup entry            50,333        0.4%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                  10,121        0.1%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             143,569,133            
  Programs Skipped                             113,237,527       78.9%
  Programs Analyzed                             30,331,606       21.1%
    Completed Analysis Runs                     27,643,354       91.1%
    Failed Analysis Runs                           751,964        2.5%
    Programs Retried                             1,926,682        6.4%
    Invalid Binaries                                 9,606        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      9,937,233       35.9%
  Programs using HTTP                            6,100,571       61.4%
    URLs captured                               62,815,923            
  Programs using FTP                                88,447        0.9%
  Programs using SMTP                               56,391        0.6%
  Programs using IRC                                64,903        0.7%
Programs that sent UDP data                     26,979,913       97.6%
  Programs that made DNS requests               26,979,913      100.0%
Programs that made P2P connections                   1,682        0.0%
    Programs using bittorrent                        1,236       73.5%
    Programs using edonkey                              89        5.3%
    Programs using gnutella                            283       16.8%
    Programs using winmx                                74        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               3,770,719       13.6%
Programs that made VMWare registry checks            5,116        0.0%
Programs that made SoftICE checks                   37,350        0.1%
Programs that made Wine checks                      45,976        0.2%
Programs that made Time checks                       1,615        0.0%
Programs that supress Compatibility Warnings     6,399,613       23.2%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            701        0.0%
Programs that installed a Rootkit                    1,072        0.0%
Programs that installed a startup entry          1,410,748        5.1%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                  112,674        0.4%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>