Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,476,858            
  Programs Skipped                              3,081,267       88.6%
  Programs Analyzed                               395,591       11.4%
    Completed Analysis Runs                       389,798       98.5%
    Failed Analysis Runs                              475        0.1%
    Programs Retried                                4,956        1.3%
    Invalid Binaries                                  362        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       210,550       54.0%
  Programs using HTTP                             156,235       74.2%
    URLs captured                               1,386,070            
  Programs using FTP                                2,084        1.0%
  Programs using SMTP                               2,061        1.0%
  Programs using IRC                                  858        0.4%
Programs that sent UDP data                       380,442       97.6%
  Programs that made DNS requests                 380,442      100.0%
Programs that made P2P connections                     16        0.0%
    Programs using bittorrent                          14       87.5%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             2       12.5%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             11,782,089            
  Programs Skipped                             10,664,316       90.5%
  Programs Analyzed                             1,117,773        9.5%
    Completed Analysis Runs                     1,098,236       98.3%
    Failed Analysis Runs                            1,548        0.1%
    Programs Retried                               15,977        1.4%
    Invalid Binaries                                2,012        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       594,243       54.1%
  Programs using HTTP                             382,247       64.3%
    URLs captured                               3,412,969            
  Programs using FTP                                6,504        1.1%
  Programs using SMTP                               5,630        0.9%
  Programs using IRC                                2,024        0.3%
Programs that sent UDP data                     1,071,878       97.6%
  Programs that made DNS requests               1,071,878      100.0%
Programs that made P2P connections                     30        0.0%
    Programs using bittorrent                          27       90.0%
    Programs using edonkey                              1        3.3%
    Programs using gnutella                             2        6.7%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             22,232,874            
  Programs Skipped                             20,374,937       91.6%
  Programs Analyzed                             1,857,937        8.4%
    Completed Analysis Runs                     1,766,446       95.1%
    Failed Analysis Runs                            5,534        0.3%
    Programs Retried                               81,423        4.4%
    Invalid Binaries                                4,534        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       950,297       53.8%
  Programs using HTTP                             579,683       61.0%
    URLs captured                               5,597,775            
  Programs using FTP                                8,165        0.9%
  Programs using SMTP                               6,339        0.7%
  Programs using IRC                                3,370        0.4%
Programs that sent UDP data                     1,724,051       97.6%
  Programs that made DNS requests               1,724,051      100.0%
Programs that made P2P connections                     45        0.0%
    Programs using bittorrent                          33       73.3%
    Programs using edonkey                              3        6.7%
    Programs using gnutella                             8       17.8%
    Programs using winmx                                1        2.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             29,583,014            
  Programs Skipped                             26,539,801       89.7%
  Programs Analyzed                             3,043,213       10.3%
    Completed Analysis Runs                     2,938,531       96.6%
    Failed Analysis Runs                            6,166        0.2%
    Programs Retried                               92,038        3.0%
    Invalid Binaries                                6,478        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,511,172       51.4%
  Programs using HTTP                             804,045       53.2%
    URLs captured                               7,945,911            
  Programs using FTP                               13,698        0.9%
  Programs using SMTP                               9,670        0.6%
  Programs using IRC                                5,376        0.4%
Programs that sent UDP data                     2,868,006       97.6%
  Programs that made DNS requests               2,868,006      100.0%
Programs that made P2P connections                    141        0.0%
    Programs using bittorrent                          73       51.8%
    Programs using edonkey                              6        4.3%
    Programs using gnutella                            61       43.3%
    Programs using winmx                                1        0.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             53,418,122            
  Programs Skipped                             46,877,155       87.8%
  Programs Analyzed                             6,540,967       12.2%
    Completed Analysis Runs                     6,387,898       97.7%
    Failed Analysis Runs                           11,024        0.2%
    Programs Retried                              133,871        2.0%
    Invalid Binaries                                8,174        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,109,152       48.7%
  Programs using HTTP                           1,591,825       51.2%
    URLs captured                              18,411,827            
  Programs using FTP                               32,789        1.1%
  Programs using SMTP                              16,634        0.5%
  Programs using IRC                               10,124        0.3%
Programs that sent UDP data                     6,234,588       97.6%
  Programs that made DNS requests               6,234,588      100.0%
Programs that made P2P connections                    476        0.0%
    Programs using bittorrent                         343       72.1%
    Programs using edonkey                             10        2.1%
    Programs using gnutella                            78       16.4%
    Programs using winmx                               45        9.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             91,080,706            
  Programs Skipped                             77,548,845       85.1%
  Programs Analyzed                            13,531,861       14.9%
    Completed Analysis Runs                    13,194,402       97.5%
    Failed Analysis Runs                           37,277        0.3%
    Programs Retried                              290,879        2.1%
    Invalid Binaries                                9,303        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     5,708,437       43.3%
  Programs using HTTP                           3,353,798       58.8%
    URLs captured                              34,665,249            
  Programs using FTP                               58,690        1.0%
  Programs using SMTP                              33,174        0.6%
  Programs using IRC                               20,065        0.4%
Programs that sent UDP data                    12,877,736       97.6%
  Programs that made DNS requests              12,877,736      100.0%
Programs that made P2P connections                  1,274        0.0%
    Programs using bittorrent                       1,062       83.4%
    Programs using edonkey                             36        2.8%
    Programs using gnutella                           116        9.1%
    Programs using winmx                               60        4.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                 45,592        0.3%
Programs that made VMWare registry checks           1,284        0.0%
Programs that made SoftICE checks                   3,795        0.0%
Programs that made Wine checks                      4,679        0.0%
Programs that made Time checks                         30        0.0%
Programs that supress Compatibility Warnings      378,908        2.9%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates            76        0.0%
Programs that installed a Rootkit                       1        0.0%
Programs that installed a startup entry            65,591        0.5%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                  12,755        0.1%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             142,752,527            
  Programs Skipped                             112,254,902       78.6%
  Programs Analyzed                             30,497,625       21.4%
    Completed Analysis Runs                     27,798,325       91.1%
    Failed Analysis Runs                           754,976        2.5%
    Programs Retried                             1,935,021        6.3%
    Invalid Binaries                                 9,303        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      9,916,702       35.7%
  Programs using HTTP                            6,076,781       61.3%
    URLs captured                               62,952,789            
  Programs using FTP                                88,787        0.9%
  Programs using SMTP                               56,763        0.6%
  Programs using IRC                                65,007        0.7%
Programs that sent UDP data                     27,131,165       97.6%
  Programs that made DNS requests               27,131,165      100.0%
Programs that made P2P connections                   1,688        0.0%
    Programs using bittorrent                        1,237       73.3%
    Programs using edonkey                              89        5.3%
    Programs using gnutella                            287       17.0%
    Programs using winmx                                75        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               3,835,578       13.8%
Programs that made VMWare registry checks            5,127        0.0%
Programs that made SoftICE checks                   37,864        0.1%
Programs that made Wine checks                      46,729        0.2%
Programs that made Time checks                       1,615        0.0%
Programs that supress Compatibility Warnings     6,513,702       23.4%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            702        0.0%
Programs that installed a Rootkit                    1,072        0.0%
Programs that installed a startup entry          1,431,545        5.1%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                  114,684        0.4%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>