Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              6,616,849            
  Programs Skipped                              6,043,258       91.3%
  Programs Analyzed                               573,591        8.7%
    Completed Analysis Runs                       572,821       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  770        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       194,030       33.9%
  Programs using HTTP                             129,342       66.7%
    URLs captured                                       0            
  Programs using FTP                                   46        0.0%
  Programs using SMTP                                 101        0.1%
  Programs using IRC                                1,223        0.6%
Programs that sent UDP data                       221,664       38.7%
  Programs that made DNS requests                 221,664      100.0%
Programs that made P2P connections                      0        0.0%
    Programs using bittorrent                           0            
    Programs using edonkey                              0            
    Programs using gnutella                             0            
    Programs using winmx                                0            
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             18,139,544            
  Programs Skipped                             16,833,803       92.8%
  Programs Analyzed                             1,305,741        7.2%
    Completed Analysis Runs                     1,304,348       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                1,393        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       921,955       70.7%
  Programs using HTTP                             700,542       76.0%
    URLs captured                                       0            
  Programs using FTP                                  248        0.0%
  Programs using SMTP                                 581        0.1%
  Programs using IRC                                6,871        0.7%
Programs that sent UDP data                       978,746       75.0%
  Programs that made DNS requests                 978,746      100.0%
Programs that made P2P connections                      1        0.0%
    Programs using bittorrent                           0        0.0%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             1      100.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             31,720,184            
  Programs Skipped                             29,355,309       92.5%
  Programs Analyzed                             2,364,875        7.5%
    Completed Analysis Runs                     2,357,735       99.7%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                7,140        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,886,746       80.0%
  Programs using HTTP                           1,278,608       67.8%
    URLs captured                               1,499,416            
  Programs using FTP                                5,935        0.3%
  Programs using SMTP                               2,818        0.1%
  Programs using IRC                               10,432        0.6%
Programs that sent UDP data                     2,065,247       87.6%
  Programs that made DNS requests               2,065,247      100.0%
Programs that made P2P connections                     18        0.0%
    Programs using bittorrent                          14       77.8%
    Programs using edonkey                              1        5.6%
    Programs using gnutella                             2       11.1%
    Programs using winmx                                1        5.6%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             39,585,484            
  Programs Skipped                             35,804,600       90.4%
  Programs Analyzed                             3,780,884        9.6%
    Completed Analysis Runs                     3,768,773       99.7%
    Failed Analysis Runs                              541        0.0%
    Programs Retried                                2,019        0.1%
    Invalid Binaries                                9,551        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,172,148       84.2%
  Programs using HTTP                           1,875,573       59.1%
    URLs captured                               6,646,940            
  Programs using FTP                               16,318        0.5%
  Programs using SMTP                               5,301        0.2%
  Programs using IRC                               16,169        0.5%
Programs that sent UDP data                     3,621,542       96.1%
  Programs that made DNS requests               3,621,542      100.0%
Programs that made P2P connections                     54        0.0%
    Programs using bittorrent                          46       85.2%
    Programs using edonkey                              2        3.7%
    Programs using gnutella                             4        7.4%
    Programs using winmx                                2        3.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             72,163,819            
  Programs Skipped                             65,542,454       90.8%
  Programs Analyzed                             6,621,365        9.2%
    Completed Analysis Runs                     6,500,966       98.2%
    Failed Analysis Runs                            7,088        0.1%
    Programs Retried                               91,307        1.4%
    Invalid Binaries                               22,004        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,757,591       73.2%
  Programs using HTTP                           2,962,127       62.3%
    URLs captured                              16,883,932            
  Programs using FTP                               31,754        0.7%
  Programs using SMTP                              16,076        0.3%
  Programs using IRC                               22,388        0.5%
Programs that sent UDP data                     6,344,942       97.6%
  Programs that made DNS requests               6,344,942      100.0%
Programs that made P2P connections                    160        0.0%
    Programs using bittorrent                         139       86.9%
    Programs using edonkey                              6        3.8%
    Programs using gnutella                            13        8.1%
    Programs using winmx                                2        1.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             118,182,220            
  Programs Skipped                             104,250,519       88.2%
  Programs Analyzed                             13,931,701       11.8%
    Completed Analysis Runs                     13,717,861       98.5%
    Failed Analysis Runs                            14,183        0.1%
    Programs Retried                               173,457        1.2%
    Invalid Binaries                                26,200        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      8,147,979       59.4%
  Programs using HTTP                            4,712,793       57.8%
    URLs captured                               37,560,022            
  Programs using FTP                                68,481        0.8%
  Programs using SMTP                               29,578        0.4%
  Programs using IRC                                31,661        0.4%
Programs that sent UDP data                     13,388,632       97.6%
  Programs that made DNS requests               13,388,632      100.0%
Programs that made P2P connections                     851        0.0%
    Programs using bittorrent                          687       80.7%
    Programs using edonkey                              21        2.5%
    Programs using gnutella                             92       10.8%
    Programs using winmx                                51        6.0%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             185,262,667            
  Programs Skipped                             155,904,090       84.2%
  Programs Analyzed                             29,358,577       15.8%
    Completed Analysis Runs                     27,592,296       94.0%
    Failed Analysis Runs                           434,617        1.5%
    Programs Retried                             1,304,443        4.4%
    Invalid Binaries                                27,221        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     12,350,804       44.8%
  Programs using HTTP                            7,548,553       61.1%
    URLs captured                               63,694,060            
  Programs using FTP                               100,014        0.8%
  Programs using SMTP                               55,303        0.4%
  Programs using IRC                                69,395        0.6%
Programs that sent UDP data                     26,930,080       97.6%
  Programs that made DNS requests               26,930,080      100.0%
Programs that made P2P connections                   1,661        0.0%
    Programs using bittorrent                        1,279       77.0%
    Programs using edonkey                              79        4.8%
    Programs using gnutella                            230       13.8%
    Programs using winmx                                73        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               1,865,507        6.8%
Programs that made VMWare registry checks            4,446        0.0%
Programs that made SoftICE checks                   28,072        0.1%
Programs that made Wine checks                      32,377        0.1%
Programs that made Time checks                       1,580        0.0%
Programs that supress Compatibility Warnings     4,145,578       15.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            551        0.0%
Programs that installed a Rootkit                    1,061        0.0%
Programs that installed a startup entry            851,196        3.1%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   67,974        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>