Explanation

The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:

Programs Processed - How many binaries went through the system

  1. Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
  2. Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
    • Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
    • Failed Analysis Runs - Binaries that would not run and create a valid report
    • Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
    • Invalid Binaries - How many program that would not execute or were not proper Windows binaries
  3. Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
  4. Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
  5. Malicious Activity - What activity local to the system will the programs take

↑ Contents

Updates

The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.

↑ Contents

Sandbox Processing

FTP Results

HTTP Results

IRC Results

P2P Results

SMTP Results

↑ Contents

Sandbox Statistics (10-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                              5,701,484            
  Programs Skipped                              5,283,400       92.7%
  Programs Analyzed                               418,084        7.3%
    Completed Analysis Runs                       414,081       99.0%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                4,003        1.0%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       292,995       70.8%
  Programs using HTTP                             171,839       58.6%
    URLs captured                                 102,898            
  Programs using FTP                                  750        0.3%
  Programs using SMTP                                 466        0.2%
  Programs using IRC                                1,024        0.3%
Programs that sent UDP data                       319,944       77.3%
  Programs that made DNS requests                 319,944      100.0%
Programs that made P2P connections                      2        0.0%
    Programs using bittorrent                           0        0.0%
    Programs using edonkey                              1       50.0%
    Programs using gnutella                             1       50.0%
    Programs using winmx                                0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (30-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             12,070,625            
  Programs Skipped                             10,980,379       91.0%
  Programs Analyzed                             1,090,246        9.0%
    Completed Analysis Runs                     1,083,839       99.4%
    Failed Analysis Runs                                0        0.0%
    Programs Retried                                    0        0.0%
    Invalid Binaries                                6,407        0.6%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                       955,306       88.1%
  Programs using HTTP                             489,240       51.2%
    URLs captured                               2,225,598            
  Programs using FTP                                7,749        0.8%
  Programs using SMTP                               2,562        0.3%
  Programs using IRC                                3,703        0.4%
Programs that sent UDP data                     1,082,038       99.8%
  Programs that made DNS requests               1,082,038      100.0%
Programs that made P2P connections                     25        0.0%
    Programs using bittorrent                          21       84.0%
    Programs using edonkey                              2        8.0%
    Programs using gnutella                             1        4.0%
    Programs using winmx                                1        4.0%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (60-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             19,958,498            
  Programs Skipped                             17,464,172       87.5%
  Programs Analyzed                             2,494,326       12.5%
    Completed Analysis Runs                     2,483,038       99.5%
    Failed Analysis Runs                              546        0.0%
    Programs Retried                                2,258        0.1%
    Invalid Binaries                                8,484        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,188,879       88.2%
  Programs using HTTP                           1,055,082       48.2%
    URLs captured                               7,313,854            
  Programs using FTP                               17,832        0.8%
  Programs using SMTP                               5,629        0.3%
  Programs using IRC                                9,337        0.4%
Programs that sent UDP data                     2,423,445       97.6%
  Programs that made DNS requests               2,423,445      100.0%
Programs that made P2P connections                     62        0.0%
    Programs using bittorrent                          54       87.1%
    Programs using edonkey                              3        4.8%
    Programs using gnutella                             3        4.8%
    Programs using winmx                                2        3.2%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (90-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             29,839,039            
  Programs Skipped                             26,355,420       88.3%
  Programs Analyzed                             3,483,619       11.7%
    Completed Analysis Runs                     3,442,984       98.8%
    Failed Analysis Runs                            2,364        0.1%
    Programs Retried                               22,766        0.7%
    Invalid Binaries                               15,505        0.4%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     2,672,158       77.6%
  Programs using HTTP                           1,412,728       52.9%
    URLs captured                              11,111,437            
  Programs using FTP                               22,841        0.9%
  Programs using SMTP                               8,868        0.3%
  Programs using IRC                               11,641        0.4%
Programs that sent UDP data                     3,360,352       97.6%
  Programs that made DNS requests               3,360,352      100.0%
Programs that made P2P connections                    107        0.0%
    Programs using bittorrent                          94       87.9%
    Programs using edonkey                              4        3.7%
    Programs using gnutella                             7        6.5%
    Programs using winmx                                2        1.9%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (180-Day Rolling Report)

---------------------------------------------  ----------  ----------
Sandbox Results                                    Totals     Percent
---------------------------------------------  ----------  ----------
Programs Processed                             59,755,941            
  Programs Skipped                             53,332,872       89.3%
  Programs Analyzed                             6,423,069       10.7%
    Completed Analysis Runs                     6,273,457       97.7%
    Failed Analysis Runs                            8,868        0.1%
    Programs Retried                              118,760        1.8%
    Invalid Binaries                               21,984        0.3%
                                                                     
---------------------------------------------  ----------  ----------
Network Traffic Statistics                         Totals     Percent
---------------------------------------------  ----------  ----------
Programs that sent TCP data                     4,293,542       68.4%
  Programs using HTTP                           2,367,114       55.1%
    URLs captured                              20,155,162            
  Programs using FTP                               36,033        0.8%
  Programs using SMTP                              17,308        0.4%
  Programs using IRC                               17,443        0.4%
Programs that sent UDP data                     6,122,894       97.6%
  Programs that made DNS requests               6,122,894      100.0%
Programs that made P2P connections                    212        0.0%
    Programs using bittorrent                         171       80.7%
    Programs using edonkey                              9        4.2%
    Programs using gnutella                            29       13.7%
    Programs using winmx                                3        1.4%
                                                                     
---------------------------------------------  ----------  ----------
Anti-Analysis Techniques                           Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made debugger checks                      0        0.0%
Programs that made VMWare registry checks               0        0.0%
Programs that made SoftICE checks                       0        0.0%
Programs that made Wine checks                          0        0.0%
Programs that made Time checks                          0        0.0%
Programs that supress Compatibility Warnings            0        0.0%
                                                                     
---------------------------------------------  ----------  ----------
Malicious Activity                                 Totals     Percent
---------------------------------------------  ----------  ----------
Programs that made Windows Firewall Updates             0        0.0%
Programs that installed a Rootkit                       0        0.0%
Programs that installed a startup entry                 0        0.0%
Programs that accessed user's Firefox profile           0        0.0%
Programs that accessed the Pstore                       0        0.0%
Programs that called taskkill                           0        0.0%

↑ Contents

Sandbox Statistics (One-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             106,833,914            
  Programs Skipped                              93,102,883       87.1%
  Programs Analyzed                             13,731,031       12.9%
    Completed Analysis Runs                     13,501,507       98.3%
    Failed Analysis Runs                            15,071        0.1%
    Programs Retried                               189,798        1.4%
    Invalid Binaries                                24,655        0.2%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                      7,413,944       54.9%
  Programs using HTTP                            4,092,641       55.2%
    URLs captured                               40,367,627            
  Programs using FTP                                74,033        1.0%
  Programs using SMTP                               30,200        0.4%
  Programs using IRC                                25,765        0.3%
Programs that sent UDP data                     13,177,470       97.6%
  Programs that made DNS requests               13,177,470      100.0%
Programs that made P2P connections                   1,130        0.0%
    Programs using bittorrent                          944       83.5%
    Programs using edonkey                              30        2.7%
    Programs using gnutella                            101        8.9%
    Programs using winmx                                55        4.9%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks                       0        0.0%
Programs that made VMWare registry checks                0        0.0%
Programs that made SoftICE checks                        0        0.0%
Programs that made Wine checks                           0        0.0%
Programs that made Time checks                           0        0.0%
Programs that supress Compatibility Warnings             0        0.0%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates              0        0.0%
Programs that installed a Rootkit                        0        0.0%
Programs that installed a startup entry                  0        0.0%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                        0        0.0%
Programs that called taskkill                            0        0.0%

Sandbox Statistics (Two-Year Rolling Report)

---------------------------------------------   ----------  ----------
Sandbox Results                                     Totals     Percent
---------------------------------------------   ----------  ----------
Programs Processed                             167,364,056            
  Programs Skipped                             137,783,205       82.3%
  Programs Analyzed                             29,580,851       17.7%
    Completed Analysis Runs                     27,449,881       92.8%
    Failed Analysis Runs                           569,677        1.9%
    Programs Retried                             1,535,635        5.2%
    Invalid Binaries                                25,658        0.1%
                                                                      
---------------------------------------------   ----------  ----------
Network Traffic Statistics                          Totals     Percent
---------------------------------------------   ----------  ----------
Programs that sent TCP data                     11,678,378       42.5%
  Programs using HTTP                            6,965,985       59.6%
    URLs captured                               66,711,273            
  Programs using FTP                               102,262        0.9%
  Programs using SMTP                               58,981        0.5%
  Programs using IRC                                68,187        0.6%
Programs that sent UDP data                     26,791,083       97.6%
  Programs that made DNS requests               26,791,083      100.0%
Programs that made P2P connections                   1,725        0.0%
    Programs using bittorrent                        1,302       75.5%
    Programs using edonkey                              86        5.0%
    Programs using gnutella                            261       15.1%
    Programs using winmx                                76        4.4%
                                                                      
---------------------------------------------   ----------  ----------
Anti-Analysis Techniques                            Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made debugger checks               2,362,521        8.6%
Programs that made VMWare registry checks            4,764        0.0%
Programs that made SoftICE checks                   31,854        0.1%
Programs that made Wine checks                      37,347        0.1%
Programs that made Time checks                       1,612        0.0%
Programs that supress Compatibility Warnings     4,764,294       17.4%
                                                                      
---------------------------------------------   ----------  ----------
Malicious Activity                                  Totals     Percent
---------------------------------------------   ----------  ----------
Programs that made Windows Firewall Updates            607        0.0%
Programs that installed a Rootkit                    1,068        0.0%
Programs that installed a startup entry          1,010,188        3.7%
Programs that accessed user's Firefox profile            0        0.0%
Programs that accessed the Pstore                   81,838        0.3%
Programs that called taskkill                            0        0.0%

↑ Contents

<< Malware | Statistics | Sandbox Graphs >>