Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                                754,957            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                               754,957      100.0%
    Completed Analysis Runs                       739,869       98.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                4,660        0.6%
    Invalid Binaries                               10,428        1.4%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       434,746       58.8%
  Programs using HTTP                             156,676       36.0%
    URLs captured                                       0            
  Programs using FTP                                  282        0.1%
  Programs using SMTP                               4,417        1.0%
  Programs using IRC                                8,572        2.0%
Programs that sent UDP data                       524,561       70.9%
  Programs that made DNS requests                 347,748       66.3%
Programs that made P2P connections                     35        0.0%
    Programs using bittorrent                          33       94.3%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             2        5.7%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,562,656            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             3,562,656      100.0%
    Completed Analysis Runs                     3,520,401       98.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               12,080        0.3%
    Invalid Binaries                               30,175        0.8%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,563,237       44.4%
  Programs using HTTP                             291,039       18.6%
    URLs captured                                       0            
  Programs using FTP                                  402        0.0%
  Programs using SMTP                               4,948        0.3%
  Programs using IRC                              135,661        8.7%
Programs that sent UDP data                     1,753,671       49.8%
  Programs that made DNS requests               1,142,148       65.1%
Programs that made P2P connections                     92        0.0%
    Programs using bittorrent                          71       77.2%
    Programs using edonkey                              9        9.8%
    Programs using gnutella                            10       10.9%
    Programs using winmx                                2        2.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              6,275,404            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             6,275,404      100.0%
    Completed Analysis Runs                     6,215,045       99.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               24,868        0.4%
    Invalid Binaries                               35,491        0.6%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,199,709       35.4%
  Programs using HTTP                             421,814       19.2%
    URLs captured                                       0            
  Programs using FTP                                  772        0.0%
  Programs using SMTP                               5,703        0.3%
  Programs using IRC                              142,369        6.5%
Programs that sent UDP data                     2,510,187       40.4%
  Programs that made DNS requests               1,468,582       58.5%
Programs that made P2P connections                    146        0.0%
    Programs using bittorrent                         113       77.4%
    Programs using edonkey                             15       10.3%
    Programs using gnutella                            16       11.0%
    Programs using winmx                                2        1.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              7,404,436            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             7,404,436      100.0%
    Completed Analysis Runs                     7,335,216       99.1%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               32,504        0.4%
    Invalid Binaries                               36,716        0.5%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,582,525       35.2%
  Programs using HTTP                             472,709       18.3%
    URLs captured                                       0            
  Programs using FTP                                  792        0.0%
  Programs using SMTP                               6,012        0.2%
  Programs using IRC                              144,520        5.6%
Programs that sent UDP data                     2,935,600       40.0%
  Programs that made DNS requests               1,590,384       54.2%
Programs that made P2P connections                    169        0.0%
    Programs using bittorrent                         127       75.1%
    Programs using edonkey                             17       10.1%
    Programs using gnutella                            21       12.4%
    Programs using winmx                                4        2.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             12,456,898            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            12,456,898      100.0%
    Completed Analysis Runs                    12,327,728       99.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               84,864        0.7%
    Invalid Binaries                               44,306        0.4%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,514,423       36.6%
  Programs using HTTP                           1,244,521       27.6%
    URLs captured                                       0            
  Programs using FTP                                1,719        0.0%
  Programs using SMTP                               7,667        0.2%
  Programs using IRC                              166,345        3.7%
Programs that sent UDP data                     5,828,320       47.3%
  Programs that made DNS requests               2,576,742       44.2%
Programs that made P2P connections                    217        0.0%
    Programs using bittorrent                         166       76.5%
    Programs using edonkey                             20        9.2%
    Programs using gnutella                            26       12.0%
    Programs using winmx                                5        2.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             23,932,769            
  Programs Skipped                              5,706,360       23.8%
  Programs Analyzed                            18,226,409       76.2%
    Completed Analysis Runs                    18,083,937       99.2%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               96,178        0.5%
    Invalid Binaries                               46,294        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     8,394,456       46.4%
  Programs using HTTP                           3,756,770       44.8%
    URLs captured                                       0            
  Programs using FTP                                3,221        0.0%
  Programs using SMTP                              12,611        0.2%
  Programs using IRC                              198,901        2.4%
Programs that sent UDP data                    11,622,004       64.3%
  Programs that made DNS requests               6,285,780       54.1%
Programs that made P2P connections                    256        0.0%
    Programs using bittorrent                         191       74.6%
    Programs using edonkey                             22        8.6%
    Programs using gnutella                            33       12.9%
    Programs using winmx                               10        3.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             156,774,513            
  Programs Skipped                             123,004,381       78.5%
  Programs Analyzed                             33,770,132       21.5%
    Completed Analysis Runs                     33,470,188       99.1%
    Failed Analysis Runs                             8,624        0.0%
    Programs Retried                               211,432        0.6%
    Invalid Binaries                                79,888        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     21,086,414       63.0%
  Programs using HTTP                           10,575,854       50.2%
    URLs captured                               19,556,801            
  Programs using FTP                                70,503        0.3%
  Programs using SMTP                               41,397        0.2%
  Programs using IRC                               266,792        1.3%
Programs that sent UDP data                     30,903,033       92.3%
  Programs that made DNS requests               25,570,068       82.7%
Programs that made P2P connections                     606        0.0%
    Programs using bittorrent                          481       79.4%
    Programs using edonkey                              40        6.6%
    Programs using gnutella                             64       10.6%
    Programs using winmx                                21        3.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>