Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              1,756,321            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             1,756,321      100.0%
    Completed Analysis Runs                     1,739,336       99.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               12,731        0.7%
    Invalid Binaries                                4,254        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     1,013,942       58.3%
  Programs using HTTP                             296,654       29.3%
    URLs captured                                       0            
  Programs using FTP                                  367        0.0%
  Programs using SMTP                              10,788        1.1%
  Programs using IRC                                4,577        0.5%
Programs that sent UDP data                     1,275,028       73.3%
  Programs that made DNS requests                 538,790       42.3%
Programs that made P2P connections                     74        0.0%
    Programs using bittorrent                          52       70.3%
    Programs using edonkey                              2        2.7%
    Programs using gnutella                            17       23.0%
    Programs using winmx                                3        4.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              5,034,052            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                             5,034,052      100.0%
    Completed Analysis Runs                     5,001,546       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               23,472        0.5%
    Invalid Binaries                                9,034        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,827,684       56.5%
  Programs using HTTP                             876,405       31.0%
    URLs captured                                       0            
  Programs using FTP                                1,147        0.0%
  Programs using SMTP                              30,843        1.1%
  Programs using IRC                               14,735        0.5%
Programs that sent UDP data                     3,566,233       71.3%
  Programs that made DNS requests               1,588,692       44.5%
Programs that made P2P connections                    201        0.0%
    Programs using bittorrent                         139       69.2%
    Programs using edonkey                              7        3.5%
    Programs using gnutella                            39       19.4%
    Programs using winmx                               16        8.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             11,109,935            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            11,109,935      100.0%
    Completed Analysis Runs                    11,054,580       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               41,342        0.4%
    Invalid Binaries                               14,013        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     6,558,344       59.3%
  Programs using HTTP                           1,886,863       28.8%
    URLs captured                                       0            
  Programs using FTP                                2,035        0.0%
  Programs using SMTP                              75,819        1.2%
  Programs using IRC                               28,905        0.4%
Programs that sent UDP data                     8,216,605       74.3%
  Programs that made DNS requests               3,476,029       42.3%
Programs that made P2P connections                  1,033        0.0%
    Programs using bittorrent                         904       87.5%
    Programs using edonkey                             15        1.5%
    Programs using gnutella                            82        7.9%
    Programs using winmx                               32        3.1%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             16,280,585            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            16,280,585      100.0%
    Completed Analysis Runs                    16,206,344       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                               58,434        0.4%
    Invalid Binaries                               15,807        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     9,439,611       58.2%
  Programs using HTTP                           2,783,185       29.5%
    URLs captured                                       0            
  Programs using FTP                                2,900        0.0%
  Programs using SMTP                             109,098        1.2%
  Programs using IRC                               49,443        0.5%
Programs that sent UDP data                    11,865,025       73.2%
  Programs that made DNS requests               5,060,615       42.7%
Programs that made P2P connections                  1,144        0.0%
    Programs using bittorrent                         969       84.7%
    Programs using edonkey                             25        2.2%
    Programs using gnutella                           106        9.3%
    Programs using winmx                               44        3.8%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             25,716,734            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            25,716,734      100.0%
    Completed Analysis Runs                    25,580,962       99.5%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              100,589        0.4%
    Invalid Binaries                               35,183        0.1%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    14,304,117       55.9%
  Programs using HTTP                           4,207,284       29.4%
    URLs captured                                       0            
  Programs using FTP                                4,652        0.0%
  Programs using SMTP                             130,482        0.9%
  Programs using IRC                              126,938        0.9%
Programs that sent UDP data                    18,135,872       70.9%
  Programs that made DNS requests               7,995,911       44.1%
Programs that made P2P connections                  1,435        0.0%
    Programs using bittorrent                       1,157       80.6%
    Programs using edonkey                             42        2.9%
    Programs using gnutella                           166       11.6%
    Programs using winmx                               70        4.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             40,349,619            
  Programs Skipped                                      0        0.0%
  Programs Analyzed                            40,349,619      100.0%
    Completed Analysis Runs                    40,080,874       99.3%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                              187,538        0.5%
    Invalid Binaries                               81,207        0.2%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                    18,651,131       46.5%
  Programs using HTTP                           5,128,158       27.5%
    URLs captured                                       0            
  Programs using FTP                                5,999        0.0%
  Programs using SMTP                             137,762        0.7%
  Programs using IRC                              288,507        1.5%
Programs that sent UDP data                    23,669,736       59.1%
  Programs that made DNS requests              10,431,546       44.1%
Programs that made P2P connections                  1,697        0.0%
    Programs using bittorrent                       1,349       79.5%
    Programs using edonkey                             65        3.8%
    Programs using gnutella                           203       12.0%
    Programs using winmx                               80        4.7%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             107,850,656            
  Programs Skipped                              52,375,165       48.6%
  Programs Analyzed                             55,475,491       51.4%
    Completed Analysis Runs                     55,170,464       99.5%
    Failed Analysis Runs                                 0        0.0%
    Programs Retried                               210,741        0.4%
    Invalid Binaries                                94,286        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     30,218,317       54.8%
  Programs using HTTP                           11,527,202       38.1%
    URLs captured                                        0            
  Programs using FTP                                40,363        0.1%
  Programs using SMTP                              153,983        0.5%
  Programs using IRC                               377,073        1.2%
Programs that sent UDP data                     38,821,327       70.4%
  Programs that made DNS requests               23,011,206       59.3%
Programs that made P2P connections                   1,907        0.0%
    Programs using bittorrent                        1,519       79.7%
    Programs using edonkey                              77        4.0%
    Programs using gnutella                            217       11.4%
    Programs using winmx                                94        4.9%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>