On this page... (hide)
- Explanation
- Updates
- Sandbox Processing
- Sandbox Statistics (10-Day Rolling Report)
- Sandbox Statistics (30-Day Rolling Report)
- Sandbox Statistics (60-Day Rolling Report)
- Sandbox Statistics (90-Day Rolling Report)
- Sandbox Statistics (180-Day Rolling Report)
- Sandbox Statistics (One-Year Rolling Report)
- Sandbox Statistics (Two-Year Rolling Report)
Explanation
The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:
Programs Processed - How many binaries went through the system
- Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
- Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
- Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
- Failed Analysis Runs - Binaries that would not run and create a valid report
- Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
- Invalid Binaries - How many program that would not execute or were not proper Windows binaries
- Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
- Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
- Malicious Activity - What activity local to the system will the programs take
Updates
The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.
Sandbox Processing
FTP Results
HTTP Results
IRC Results
P2P Results
SMTP Results
Sandbox Statistics (10-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 708,371
Programs Skipped 423,224 59.7%
Programs Analyzed 285,147 40.3%
Completed Analysis Runs 247,118 86.7%
Failed Analysis Runs 1,444 0.5%
Programs Retried 36,585 12.8%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 81,121 32.8%
Programs using HTTP 62,963 77.6%
URLs captured 238,886
Programs using FTP 229 0.3%
Programs using SMTP 312 0.4%
Programs using IRC 586 0.7%
Programs that sent UDP data 81,082 32.8%
Programs that made DNS requests 81,082 100.0%
Programs that made P2P connections 32 0.0%
Programs using bittorrent 24 75.0%
Programs using edonkey 1 3.1%
Programs using gnutella 7 21.9%
Programs using winmx 0 0.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 28,774 11.6%
Programs that made VMWare registry checks 12 0.0%
Programs that made SoftICE checks 863 0.3%
Programs that made Wine checks 1,352 0.5%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 97,800 39.6%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 5 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 50,855 20.6%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 441 0.2%
Programs that called taskkill 0 0.0%
Sandbox Statistics (30-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 2,136,174
Programs Skipped 1,267,215 59.3%
Programs Analyzed 868,959 40.7%
Completed Analysis Runs 749,187 86.2%
Failed Analysis Runs 3,749 0.4%
Programs Retried 116,023 13.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 325,718 43.5%
Programs using HTTP 258,086 79.2%
URLs captured 779,668
Programs using FTP 703 0.2%
Programs using SMTP 1,022 0.3%
Programs using IRC 1,657 0.5%
Programs that sent UDP data 324,106 43.3%
Programs that made DNS requests 324,106 100.0%
Programs that made P2P connections 71 0.0%
Programs using bittorrent 42 59.2%
Programs using edonkey 3 4.2%
Programs using gnutella 26 36.6%
Programs using winmx 0 0.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 91,204 12.2%
Programs that made VMWare registry checks 30 0.0%
Programs that made SoftICE checks 2,007 0.3%
Programs that made Wine checks 2,969 0.4%
Programs that made Time checks 3 0.0%
Programs that supress Compatibility Warnings 372,651 49.7%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 21 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 237,908 31.8%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 1,075 0.1%
Programs that called taskkill 0 0.0%
Sandbox Statistics (60-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 5,072,899
Programs Skipped 2,498,746 49.3%
Programs Analyzed 2,574,153 50.7%
Completed Analysis Runs 2,273,620 88.3%
Failed Analysis Runs 7,461 0.3%
Programs Retried 293,072 11.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 1,562,839 68.7%
Programs using HTTP 1,235,344 79.0%
URLs captured 2,161,547
Programs using FTP 1,239 0.1%
Programs using SMTP 1,507 0.1%
Programs using IRC 3,014 0.2%
Programs that sent UDP data 1,549,692 68.2%
Programs that made DNS requests 1,549,692 100.0%
Programs that made P2P connections 136 0.0%
Programs using bittorrent 62 45.6%
Programs using edonkey 8 5.9%
Programs using gnutella 66 48.5%
Programs using winmx 0 0.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 270,471 11.9%
Programs that made VMWare registry checks 48 0.0%
Programs that made SoftICE checks 2,951 0.1%
Programs that made Wine checks 4,368 0.2%
Programs that made Time checks 3 0.0%
Programs that supress Compatibility Warnings 1,663,440 73.2%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 43 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 1,385,038 60.9%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 2,050 0.1%
Programs that called taskkill 0 0.0%
Sandbox Statistics (90-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 7,356,736
Programs Skipped 3,006,330 40.9%
Programs Analyzed 4,350,406 59.1%
Completed Analysis Runs 3,781,770 86.9%
Failed Analysis Runs 28,333 0.7%
Programs Retried 540,303 12.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 2,416,178 63.9%
Programs using HTTP 1,924,786 79.7%
URLs captured 3,449,088
Programs using FTP 2,062 0.1%
Programs using SMTP 2,445 0.1%
Programs using IRC 4,952 0.2%
Programs that sent UDP data 2,399,338 63.4%
Programs that made DNS requests 2,399,338 100.0%
Programs that made P2P connections 197 0.0%
Programs using bittorrent 85 43.1%
Programs using edonkey 15 7.6%
Programs using gnutella 97 49.2%
Programs using winmx 0 0.0%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 380,171 10.1%
Programs that made VMWare registry checks 76 0.0%
Programs that made SoftICE checks 5,096 0.1%
Programs that made Wine checks 7,554 0.2%
Programs that made Time checks 4 0.0%
Programs that supress Compatibility Warnings 2,624,510 69.4%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 92 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 2,122,311 56.1%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 4,168 0.1%
Programs that called taskkill 0 0.0%
Sandbox Statistics (180-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 12,548,870
Programs Skipped 5,291,794 42.2%
Programs Analyzed 7,257,076 57.8%
Completed Analysis Runs 6,004,619 82.7%
Failed Analysis Runs 138,506 1.9%
Programs Retried 1,113,951 15.3%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 3,474,034 57.9%
Programs using HTTP 2,752,141 79.2%
URLs captured 5,042,817
Programs using FTP 4,415 0.1%
Programs using SMTP 4,532 0.1%
Programs using IRC 37,407 1.1%
Programs that sent UDP data 3,455,903 57.6%
Programs that made DNS requests 3,455,903 100.0%
Programs that made P2P connections 377 0.0%
Programs using bittorrent 128 34.0%
Programs using edonkey 22 5.8%
Programs using gnutella 226 59.9%
Programs using winmx 1 0.3%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 509,228 8.5%
Programs that made VMWare registry checks 146 0.0%
Programs that made SoftICE checks 9,455 0.2%
Programs that made Wine checks 14,170 0.2%
Programs that made Time checks 153 0.0%
Programs that supress Compatibility Warnings 3,978,168 66.3%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 246 0.0%
Programs that installed a Rootkit 312 0.0%
Programs that installed a startup entry 2,992,212 49.8%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 9,325 0.2%
Programs that called taskkill 0 0.0%
Sandbox Statistics (One-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 26,641,930
Programs Skipped 10,195,204 38.3%
Programs Analyzed 16,446,726 61.7%
Completed Analysis Runs 13,343,797 81.1%
Failed Analysis Runs 236,784 1.4%
Programs Retried 2,866,145 17.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 7,219,664 54.1%
Programs using HTTP 5,770,320 79.9%
URLs captured 15,139,379
Programs using FTP 8,773 0.1%
Programs using SMTP 8,801 0.1%
Programs using IRC 52,683 0.7%
Programs that sent UDP data 7,346,086 55.1%
Programs that made DNS requests 7,346,086 100.0%
Programs that made P2P connections 661 0.0%
Programs using bittorrent 239 36.2%
Programs using edonkey 35 5.3%
Programs using gnutella 379 57.3%
Programs using winmx 8 1.2%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 600,847 4.5%
Programs that made VMWare registry checks 666 0.0%
Programs that made SoftICE checks 15,664 0.1%
Programs that made Wine checks 22,785 0.2%
Programs that made Time checks 168 0.0%
Programs that supress Compatibility Warnings 8,580,392 64.3%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 545 0.0%
Programs that installed a Rootkit 315 0.0%
Programs that installed a startup entry 6,575,062 49.3%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 341,818 2.6%
Programs that called taskkill 0 0.0%
Sandbox Statistics (Two-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 51,668,711
Programs Skipped 25,722,280 49.8%
Programs Analyzed 25,946,431 50.2%
Completed Analysis Runs 21,114,467 81.4%
Failed Analysis Runs 320,802 1.2%
Programs Retried 4,511,162 17.4%
Invalid Binaries 0 0.0%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 7,809,715 37.0%
Programs using HTTP 6,230,375 79.8%
URLs captured 17,181,255
Programs using FTP 11,488 0.1%
Programs using SMTP 17,581 0.2%
Programs using IRC 87,379 1.1%
Programs that sent UDP data 7,923,991 37.5%
Programs that made DNS requests 7,923,991 100.0%
Programs that made P2P connections 816 0.0%
Programs using bittorrent 282 34.6%
Programs using edonkey 49 6.0%
Programs using gnutella 473 58.0%
Programs using winmx 12 1.5%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 675,489 3.2%
Programs that made VMWare registry checks 1,056 0.0%
Programs that made SoftICE checks 19,196 0.1%
Programs that made Wine checks 28,378 0.1%
Programs that made Time checks 5,368 0.0%
Programs that supress Compatibility Warnings 14,335,774 67.9%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 833 0.0%
Programs that installed a Rootkit 3,213 0.0%
Programs that installed a startup entry 8,507,889 40.3%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 422,234 2.0%
Programs that called taskkill 0 0.0%
<< Malware | Statistics | Sandbox Graphs >>
