On this page... (hide)
- Explanation
- Updates
- Sandbox Processing
- Sandbox Statistics (10-Day Rolling Report)
- Sandbox Statistics (30-Day Rolling Report)
- Sandbox Statistics (60-Day Rolling Report)
- Sandbox Statistics (90-Day Rolling Report)
- Sandbox Statistics (180-Day Rolling Report)
- Sandbox Statistics (One-Year Rolling Report)
- Sandbox Statistics (Two-Year Rolling Report)
Explanation
The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:
Programs Processed - How many binaries went through the system
- Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
- Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
- Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
- Failed Analysis Runs - Binaries that would not run and create a valid report
- Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
- Invalid Binaries - How many program that would not execute or were not proper Windows binaries
- Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
- Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
- Malicious Activity - What activity local to the system will the programs take
Updates
The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.
Sandbox Processing
FTP Results
HTTP Results
IRC Results
P2P Results
SMTP Results
Sandbox Statistics (10-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 1,907,775
Programs Skipped 1,339,405 70.2%
Programs Analyzed 568,370 29.8%
Completed Analysis Runs 534,424 94.0%
Failed Analysis Runs 4,752 0.8%
Programs Retried 29,187 5.1%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 166,890 31.2%
Programs using HTTP 122,302 73.3%
URLs captured 1,087,295
Programs using FTP 883 0.5%
Programs using SMTP 978 0.6%
Programs using IRC 603 0.4%
Programs that sent UDP data 522,011 97.7%
Programs that made DNS requests 522,011 100.0%
Programs that made P2P connections 7 0.0%
Programs using bittorrent 6 85.7%
Programs using edonkey 0 0.0%
Programs using gnutella 0 0.0%
Programs using winmx 1 14.3%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 9,075 1.7%
Programs that made VMWare registry checks 376 0.1%
Programs that made SoftICE checks 547 0.1%
Programs that made Wine checks 784 0.1%
Programs that made Time checks 20 0.0%
Programs that supress Compatibility Warnings 93,065 17.4%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 5 0.0%
Programs that installed a Rootkit 1 0.0%
Programs that installed a startup entry 12,523 2.3%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 5,317 1.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (30-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 3,875,824
Programs Skipped 2,624,728 67.7%
Programs Analyzed 1,251,096 32.3%
Completed Analysis Runs 1,144,032 91.4%
Failed Analysis Runs 19,487 1.6%
Programs Retried 87,570 7.0%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 364,112 31.8%
Programs using HTTP 259,664 71.3%
URLs captured 2,357,282
Programs using FTP 1,979 0.5%
Programs using SMTP 1,847 0.5%
Programs using IRC 2,965 0.8%
Programs that sent UDP data 1,103,775 96.5%
Programs that made DNS requests 1,103,775 100.0%
Programs that made P2P connections 43 0.0%
Programs using bittorrent 22 51.2%
Programs using edonkey 7 16.3%
Programs using gnutella 12 27.9%
Programs using winmx 2 4.7%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 39,463 3.4%
Programs that made VMWare registry checks 1,168 0.1%
Programs that made SoftICE checks 3,214 0.3%
Programs that made Wine checks 3,983 0.3%
Programs that made Time checks 30 0.0%
Programs that supress Compatibility Warnings 330,316 28.9%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 52 0.0%
Programs that installed a Rootkit 1 0.0%
Programs that installed a startup entry 59,849 5.2%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 11,634 1.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (60-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 10,583,445
Programs Skipped 7,858,381 74.3%
Programs Analyzed 2,725,064 25.7%
Completed Analysis Runs 2,512,168 92.2%
Failed Analysis Runs 36,803 1.4%
Programs Retried 176,086 6.5%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 764,167 30.4%
Programs using HTTP 544,251 71.2%
URLs captured 4,896,366
Programs using FTP 3,926 0.5%
Programs using SMTP 4,563 0.6%
Programs using IRC 10,287 1.3%
Programs that sent UDP data 2,422,355 96.4%
Programs that made DNS requests 2,422,354 100.0%
Programs that made P2P connections 120 0.0%
Programs using bittorrent 50 41.7%
Programs using edonkey 17 14.2%
Programs using gnutella 47 39.2%
Programs using winmx 6 5.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 105,949 4.2%
Programs that made VMWare registry checks 2,039 0.1%
Programs that made SoftICE checks 11,785 0.5%
Programs that made Wine checks 12,185 0.5%
Programs that made Time checks 440 0.0%
Programs that supress Compatibility Warnings 799,696 31.8%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 281 0.0%
Programs that installed a Rootkit 99 0.0%
Programs that installed a startup entry 122,582 4.9%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 23,722 0.9%
Programs that called taskkill 0 0.0%
Sandbox Statistics (90-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 15,439,115
Programs Skipped 11,469,428 74.3%
Programs Analyzed 3,969,687 25.7%
Completed Analysis Runs 3,627,386 91.4%
Failed Analysis Runs 60,519 1.5%
Programs Retried 281,775 7.1%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 1,095,882 30.2%
Programs using HTTP 760,010 69.4%
URLs captured 7,296,557
Programs using FTP 6,378 0.6%
Programs using SMTP 7,103 0.6%
Programs using IRC 16,718 1.5%
Programs that sent UDP data 3,496,448 96.4%
Programs that made DNS requests 3,496,446 100.0%
Programs that made P2P connections 169 0.0%
Programs using bittorrent 69 40.8%
Programs using edonkey 23 13.6%
Programs using gnutella 67 39.6%
Programs using winmx 10 5.9%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 158,423 4.4%
Programs that made VMWare registry checks 3,287 0.1%
Programs that made SoftICE checks 17,824 0.5%
Programs that made Wine checks 17,214 0.5%
Programs that made Time checks 757 0.0%
Programs that supress Compatibility Warnings 1,229,541 33.9%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 404 0.0%
Programs that installed a Rootkit 123 0.0%
Programs that installed a startup entry 206,160 5.7%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 33,228 0.9%
Programs that called taskkill 0 0.0%
Sandbox Statistics (180-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 33,905,048
Programs Skipped 26,411,039 77.9%
Programs Analyzed 7,494,009 22.1%
Completed Analysis Runs 6,753,335 90.1%
Failed Analysis Runs 139,074 1.9%
Programs Retried 601,593 8.0%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 1,742,262 25.8%
Programs using HTTP 1,151,671 66.1%
URLs captured 10,608,503
Programs using FTP 10,365 0.6%
Programs using SMTP 8,687 0.5%
Programs using IRC 21,843 1.3%
Programs that sent UDP data 6,742,139 99.8%
Programs that made DNS requests 6,742,139 100.0%
Programs that made P2P connections 221 0.0%
Programs using bittorrent 92 41.6%
Programs using edonkey 37 16.7%
Programs using gnutella 81 36.7%
Programs using winmx 11 5.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 422,102 6.3%
Programs that made VMWare registry checks 3,884 0.1%
Programs that made SoftICE checks 21,307 0.3%
Programs that made Wine checks 22,695 0.3%
Programs that made Time checks 787 0.0%
Programs that supress Compatibility Warnings 2,504,870 37.1%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 441 0.0%
Programs that installed a Rootkit 132 0.0%
Programs that installed a startup entry 428,257 6.3%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 47,578 0.7%
Programs that called taskkill 0 0.0%
Sandbox Statistics (One-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 53,639,047
Programs Skipped 36,997,710 69.0%
Programs Analyzed 16,641,337 31.0%
Completed Analysis Runs 14,249,023 85.6%
Failed Analysis Runs 718,666 4.3%
Programs Retried 1,673,641 10.1%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 4,196,859 29.5%
Programs using HTTP 2,745,269 65.4%
URLs captured 27,231,264
Programs using FTP 27,101 0.6%
Programs using SMTP 21,834 0.5%
Programs using IRC 45,037 1.1%
Programs that sent UDP data 11,443,790 80.3%
Programs that made DNS requests 11,411,104 99.7%
Programs that made P2P connections 424 0.0%
Programs using bittorrent 182 42.9%
Programs using edonkey 57 13.4%
Programs using gnutella 169 39.9%
Programs using winmx 16 3.8%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 3,401,905 23.9%
Programs that made VMWare registry checks 5,058 0.0%
Programs that made SoftICE checks 35,699 0.3%
Programs that made Wine checks 43,245 0.3%
Programs that made Time checks 1,613 0.0%
Programs that supress Compatibility Warnings 5,940,247 41.7%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 680 0.0%
Programs that installed a Rootkit 1,071 0.0%
Programs that installed a startup entry 1,291,691 9.1%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 105,691 0.7%
Programs that called taskkill 0 0.0%
Sandbox Statistics (Two-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 88,490,229
Programs Skipped 55,907,036 63.2%
Programs Analyzed 32,583,193 36.8%
Completed Analysis Runs 28,771,460 88.3%
Failed Analysis Runs 895,427 2.7%
Programs Retried 2,916,299 9.0%
Invalid Binaries 7 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 8,649,185 30.1%
Programs using HTTP 4,861,985 56.2%
URLs captured 53,210,783
Programs using FTP 62,497 0.7%
Programs using SMTP 42,208 0.5%
Programs using IRC 95,247 1.1%
Programs that sent UDP data 15,800,119 54.9%
Programs that made DNS requests 15,767,433 99.8%
Programs that made P2P connections 743 0.0%
Programs using bittorrent 309 41.6%
Programs using edonkey 90 12.1%
Programs using gnutella 319 42.9%
Programs using winmx 25 3.4%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 4,543,728 15.8%
Programs that made VMWare registry checks 5,618 0.0%
Programs that made SoftICE checks 55,608 0.2%
Programs that made Wine checks 74,480 0.3%
Programs that made Time checks 1,642 0.0%
Programs that supress Compatibility Warnings 11,776,787 40.9%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 972 0.0%
Programs that installed a Rootkit 1,080 0.0%
Programs that installed a startup entry 3,044,984 10.6%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 160,166 0.6%
Programs that called taskkill 0 0.0%
<< Malware | Statistics | Sandbox Graphs >>
