Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              6,758,977            
  Programs Skipped                              6,232,350       92.2%
  Programs Analyzed                               526,627        7.8%
    Completed Analysis Runs                       525,835       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  792        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       532,533      101.3%
  Programs using HTTP                             280,458       52.7%
    URLs captured                                       0            
  Programs using FTP                                  180        0.0%
  Programs using SMTP                               1,006        0.2%
  Programs using IRC                                1,480        0.3%
Programs that sent UDP data                       513,214       97.6%
  Programs that made DNS requests                 513,214      100.0%
Programs that made P2P connections                     17        0.0%
    Programs using bittorrent                          11       64.7%
    Programs using edonkey                              2       11.8%
    Programs using gnutella                             3       17.6%
    Programs using winmx                                1        5.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             15,093,744            
  Programs Skipped                             13,448,214       89.1%
  Programs Analyzed                             1,645,530       10.9%
    Completed Analysis Runs                     1,642,997       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,533        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,431,001       87.1%
  Programs using HTTP                             787,079       55.0%
    URLs captured                                       0            
  Programs using FTP                                  390        0.0%
  Programs using SMTP                               4,407        0.3%
  Programs using IRC                                4,131        0.3%
Programs that sent UDP data                     1,636,593       99.6%
  Programs that made DNS requests               1,636,593      100.0%
Programs that made P2P connections                     38        0.0%
    Programs using bittorrent                          31       81.6%
    Programs using edonkey                              2        5.3%
    Programs using gnutella                             3        7.9%
    Programs using winmx                                2        5.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             32,951,092            
  Programs Skipped                             30,051,038       91.2%
  Programs Analyzed                             2,900,054        8.8%
    Completed Analysis Runs                     2,896,191       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                3,863        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,554,158       88.2%
  Programs using HTTP                           1,589,008       62.2%
    URLs captured                                       0            
  Programs using FTP                                  661        0.0%
  Programs using SMTP                               5,336        0.2%
  Programs using IRC                               11,092        0.4%
Programs that sent UDP data                     2,860,961       98.8%
  Programs that made DNS requests               2,860,961      100.0%
Programs that made P2P connections                     47        0.0%
    Programs using bittorrent                          37       78.7%
    Programs using edonkey                              2        4.3%
    Programs using gnutella                             6       12.8%
    Programs using winmx                                2        4.3%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             46,531,799            
  Programs Skipped                             42,572,614       91.5%
  Programs Analyzed                             3,959,185        8.5%
    Completed Analysis Runs                     3,949,575       99.8%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                9,610        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     3,518,958       89.1%
  Programs using HTTP                           2,167,087       61.6%
    URLs captured                               1,499,416            
  Programs using FTP                                6,348        0.2%
  Programs using SMTP                               7,573        0.2%
  Programs using IRC                               14,653        0.4%
Programs that sent UDP data                     3,947,476       99.9%
  Programs that made DNS requests               3,947,476      100.0%
Programs that made P2P connections                     64        0.0%
    Programs using bittorrent                          51       79.7%
    Programs using edonkey                              3        4.7%
    Programs using gnutella                             7       10.9%
    Programs using winmx                                3        4.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             73,406,127            
  Programs Skipped                             65,988,294       89.9%
  Programs Analyzed                             7,417,833       10.1%
    Completed Analysis Runs                     7,358,552       99.2%
    Failed Analysis Runs                            3,285        0.0%
    Programs Retried                               35,046        0.5%
    Invalid Binaries                               20,950        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,017,697       81.8%
  Programs using HTTP                           3,626,985       60.3%
    URLs captured                              14,831,087            
  Programs using FTP                               28,832        0.5%
  Programs using SMTP                              17,889        0.3%
  Programs using IRC                               25,559        0.4%
Programs that sent UDP data                     7,181,946       97.6%
  Programs that made DNS requests               7,181,946      100.0%
Programs that made P2P connections                    193        0.0%
    Programs using bittorrent                         164       85.0%
    Programs using edonkey                              7        3.6%
    Programs using gnutella                            18        9.3%
    Programs using winmx                                4        2.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             127,309,532            
  Programs Skipped                             113,102,924       88.8%
  Programs Analyzed                             14,206,608       11.2%
    Completed Analysis Runs                     13,991,538       98.5%
    Failed Analysis Runs                            14,077        0.1%
    Programs Retried                               172,324        1.2%
    Invalid Binaries                                28,669        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      9,145,045       65.4%
  Programs using HTTP                            5,184,628       56.7%
    URLs captured                               33,802,953            
  Programs using FTP                                61,857        0.7%
  Programs using SMTP                               32,591        0.4%
  Programs using IRC                                34,959        0.4%
Programs that sent UDP data                     13,655,741       97.6%
  Programs that made DNS requests               13,655,741      100.0%
Programs that made P2P connections                     681        0.0%
    Programs using bittorrent                          519       76.2%
    Programs using edonkey                              19        2.8%
    Programs using gnutella                             94       13.8%
    Programs using winmx                                49        7.2%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             196,057,038            
  Programs Skipped                             166,834,095       85.1%
  Programs Analyzed                             29,222,943       14.9%
    Completed Analysis Runs                     27,694,280       94.8%
    Failed Analysis Runs                           347,036        1.2%
    Programs Retried                             1,151,936        3.9%
    Invalid Binaries                                29,691        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     13,577,504       49.0%
  Programs using HTTP                            8,133,604       59.9%
    URLs captured                               61,106,985            
  Programs using FTP                                98,445        0.7%
  Programs using SMTP                               58,380        0.4%
  Programs using IRC                                71,191        0.5%
Programs that sent UDP data                     27,029,617       97.6%
  Programs that made DNS requests               27,029,617      100.0%
Programs that made P2P connections                   1,689        0.0%
    Programs using bittorrent                        1,306       77.3%
    Programs using edonkey                              77        4.6%
    Programs using gnutella                            231       13.7%
    Programs using winmx                                75        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               1,405,410        5.1%
Programs that made VMWare registry checks            4,351        0.0%
Programs that made SoftICE checks                   25,889        0.1%
Programs that made Wine checks                      28,811        0.1%
Programs that made Time checks                       1,226        0.0%
Programs that supress Compatibility Warnings     3,590,712       13.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            522        0.0%
Programs that installed a Rootkit                      556        0.0%
Programs that installed a startup entry            726,305        2.6%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   60,425        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>