Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              3,634,271            
  Programs Skipped                              2,960,406       81.5%
  Programs Analyzed                               673,865       18.5%
    Completed Analysis Runs                       673,197       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                  668        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       412,554       61.3%
  Programs using HTTP                              90,659       22.0%
    URLs captured                                       0            
  Programs using FTP                                4,446        1.1%
  Programs using SMTP                                 205        0.0%
  Programs using IRC                                1,874        0.5%
Programs that sent UDP data                       527,283       78.3%
  Programs that made DNS requests                 527,281      100.0%
Programs that made P2P connections                      6        0.0%
    Programs using bittorrent                           5       83.3%
    Programs using edonkey                              0        0.0%
    Programs using gnutella                             0        0.0%
    Programs using winmx                                1       16.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             14,721,133            
  Programs Skipped                             12,861,216       87.4%
  Programs Analyzed                             1,859,917       12.6%
    Completed Analysis Runs                     1,857,484       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                2,433        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,430,609       77.0%
  Programs using HTTP                             600,388       42.0%
    URLs captured                                       0            
  Programs using FTP                                8,475        0.6%
  Programs using SMTP                               1,365        0.1%
  Programs using IRC                               13,049        0.9%
Programs that sent UDP data                     1,660,195       89.4%
  Programs that made DNS requests               1,660,168      100.0%
Programs that made P2P connections                     31        0.0%
    Programs using bittorrent                          27       87.1%
    Programs using edonkey                              1        3.2%
    Programs using gnutella                             1        3.2%
    Programs using winmx                                2        6.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             29,796,533            
  Programs Skipped                             26,298,892       88.3%
  Programs Analyzed                             3,497,641       11.7%
    Completed Analysis Runs                     3,492,663       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                4,978        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,906,347       83.2%
  Programs using HTTP                           1,420,745       48.9%
    URLs captured                                       0            
  Programs using FTP                                8,908        0.3%
  Programs using SMTP                               5,815        0.2%
  Programs using IRC                               18,089        0.6%
Programs that sent UDP data                     3,331,946       95.4%
  Programs that made DNS requests               3,331,926      100.0%
Programs that made P2P connections                     69        0.0%
    Programs using bittorrent                          58       84.1%
    Programs using edonkey                              3        4.3%
    Programs using gnutella                             4        5.8%
    Programs using winmx                                4        5.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             47,241,749            
  Programs Skipped                             42,468,102       89.9%
  Programs Analyzed                             4,773,647       10.1%
    Completed Analysis Runs                     4,767,301       99.9%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                6,346        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,424,466       92.8%
  Programs using HTTP                           2,422,492       54.8%
    URLs captured                                       0            
  Programs using FTP                                9,281        0.2%
  Programs using SMTP                               7,410        0.2%
  Programs using IRC                               25,054        0.6%
Programs that sent UDP data                     4,652,885       97.6%
  Programs that made DNS requests               4,652,885      100.0%
Programs that made P2P connections                     89        0.0%
    Programs using bittorrent                          71       79.8%
    Programs using edonkey                              5        5.6%
    Programs using gnutella                             9       10.1%
    Programs using winmx                                4        4.5%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             79,291,652            
  Programs Skipped                             71,048,243       89.6%
  Programs Analyzed                             8,243,409       10.4%
    Completed Analysis Runs                     8,198,842       99.5%
    Failed Analysis Runs                            2,275        0.0%
    Programs Retried                               20,733        0.3%
    Invalid Binaries                               21,559        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     7,339,985       89.5%
  Programs using HTTP                           4,008,786       54.6%
    URLs captured                              10,253,390            
  Programs using FTP                               30,573        0.4%
  Programs using SMTP                              15,488        0.2%
  Programs using IRC                               37,030        0.5%
Programs that sent UDP data                     8,002,069       97.6%
  Programs that made DNS requests               8,002,069      100.0%
Programs that made P2P connections                    187        0.0%
    Programs using bittorrent                         158       84.5%
    Programs using edonkey                              9        4.8%
    Programs using gnutella                            14        7.5%
    Programs using winmx                                6        3.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             132,291,493            
  Programs Skipped                             117,406,172       88.7%
  Programs Analyzed                             14,885,321       11.3%
    Completed Analysis Runs                     14,687,463       98.7%
    Failed Analysis Runs                            13,212        0.1%
    Programs Retried                               153,588        1.0%
    Invalid Binaries                                31,058        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     10,625,786       72.3%
  Programs using HTTP                            5,873,609       55.3%
    URLs captured                               30,944,005            
  Programs using FTP                                65,672        0.6%
  Programs using SMTP                               33,696        0.3%
  Programs using IRC                                48,659        0.5%
Programs that sent UDP data                     14,334,963       97.6%
  Programs that made DNS requests               14,334,963      100.0%
Programs that made P2P connections                     678        0.0%
    Programs using bittorrent                          510       75.2%
    Programs using edonkey                              20        2.9%
    Programs using gnutella                             97       14.3%
    Programs using winmx                                51        7.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             207,143,052            
  Programs Skipped                             177,683,552       85.8%
  Programs Analyzed                             29,459,500       14.2%
    Completed Analysis Runs                     28,197,167       95.7%
    Failed Analysis Runs                           249,506        0.8%
    Programs Retried                               980,628        3.3%
    Invalid Binaries                                32,199        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     15,046,085       53.4%
  Programs using HTTP                            8,684,041       57.7%
    URLs captured                               57,096,938            
  Programs using FTP                               102,840        0.7%
  Programs using SMTP                               57,849        0.4%
  Programs using IRC                                80,014        0.5%
Programs that sent UDP data                     27,520,434       97.6%
  Programs that made DNS requests               27,520,434      100.0%
Programs that made P2P connections                   1,676        0.0%
    Programs using bittorrent                        1,317       78.6%
    Programs using edonkey                              77        4.6%
    Programs using gnutella                            207       12.4%
    Programs using winmx                                75        4.5%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                 716,741        2.5%
Programs that made VMWare registry checks            4,092        0.0%
Programs that made SoftICE checks                   22,347        0.1%
Programs that made Wine checks                      24,520        0.1%
Programs that made Time checks                         842        0.0%
Programs that supress Compatibility Warnings     2,848,786       10.1%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            458        0.0%
Programs that installed a Rootkit                      180        0.0%
Programs that installed a startup entry            532,103        1.9%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   52,117        0.2%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>