On this page... (hide)
- Explanation
- Updates
- Sandbox Processing
- Sandbox Statistics (10-Day Rolling Report)
- Sandbox Statistics (30-Day Rolling Report)
- Sandbox Statistics (60-Day Rolling Report)
- Sandbox Statistics (90-Day Rolling Report)
- Sandbox Statistics (180-Day Rolling Report)
- Sandbox Statistics (One-Year Rolling Report)
- Sandbox Statistics (Two-Year Rolling Report)
Explanation
The chart is a summary of the analysis of binaries through our sandboxing system. The different fields in the report are as follows:
Programs Processed - How many binaries went through the system
- Programs Skipped - Using different hashing methodologies we are able to identify common polymorphistic files and skip the processing
- Programs Analyzed - How many binaries actually were submitted to the Sandbox system and analyized
- Completed Analysis Runs - How many of the submitted binaries completed successfully and had some sort of results
- Failed Analysis Runs - Binaries that would not run and create a valid report
- Programs Retried - How many binaries were re-run. All binaries that initially fail will be re-run for more attempts to properly execute and gain an analysis of that program
- Invalid Binaries - How many program that would not execute or were not proper Windows binaries
- Network Traffic Statistics - Of the programs that were processed and had output, which had network based traffic and the breakdown of the different types of network traffic seen for the binaries
- Anti-Analysis Techniques - Many of the different malware programs will take defensive measures to prevent analysis and reverse engineering. These are the different forms and results that we are able to determine from the successfully tested programs
- Malicious Activity - What activity local to the system will the programs take
Updates
The chart is updated once every four hours and is for the last rolling ten days and 30 days of statistics.
Sandbox Processing
FTP Results
HTTP Results
IRC Results
P2P Results
SMTP Results
Sandbox Statistics (10-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 1,431,516
Programs Skipped 0 0.0%
Programs Analyzed 1,431,516 100.0%
Completed Analysis Runs 1,421,740 99.3%
Failed Analysis Runs 0 0.0%
Programs Retried 6,536 0.5%
Invalid Binaries 3,240 0.2%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 729,810 51.3%
Programs using HTTP 223,070 30.6%
URLs captured 0
Programs using FTP 318 0.0%
Programs using SMTP 6,702 0.9%
Programs using IRC 6,770 0.9%
Programs that sent UDP data 961,948 67.7%
Programs that made DNS requests 431,743 44.9%
Programs that made P2P connections 47 0.0%
Programs using bittorrent 13 27.7%
Programs using edonkey 4 8.5%
Programs using gnutella 29 61.7%
Programs using winmx 1 2.1%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (30-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 4,224,783
Programs Skipped 0 0.0%
Programs Analyzed 4,224,783 100.0%
Completed Analysis Runs 4,199,883 99.4%
Failed Analysis Runs 0 0.0%
Programs Retried 16,806 0.4%
Invalid Binaries 8,094 0.2%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 2,196,972 52.3%
Programs using HTTP 610,441 27.8%
URLs captured 0
Programs using FTP 836 0.0%
Programs using SMTP 22,684 1.0%
Programs using IRC 21,164 1.0%
Programs that sent UDP data 2,904,449 69.2%
Programs that made DNS requests 1,232,566 42.4%
Programs that made P2P connections 113 0.0%
Programs using bittorrent 33 29.2%
Programs using edonkey 5 4.4%
Programs using gnutella 70 61.9%
Programs using winmx 5 4.4%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (60-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 8,445,552
Programs Skipped 0 0.0%
Programs Analyzed 8,445,552 100.0%
Completed Analysis Runs 8,374,334 99.2%
Failed Analysis Runs 0 0.0%
Programs Retried 56,920 0.7%
Invalid Binaries 14,298 0.2%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 4,207,827 50.2%
Programs using HTTP 1,207,996 28.7%
URLs captured 0
Programs using FTP 1,901 0.0%
Programs using SMTP 30,391 0.7%
Programs using IRC 30,067 0.7%
Programs that sent UDP data 5,636,618 67.3%
Programs that made DNS requests 2,427,298 43.1%
Programs that made P2P connections 201 0.0%
Programs using bittorrent 86 42.8%
Programs using edonkey 6 3.0%
Programs using gnutella 94 46.8%
Programs using winmx 15 7.5%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (90-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 11,973,768
Programs Skipped 0 0.0%
Programs Analyzed 11,973,768 100.0%
Completed Analysis Runs 11,873,842 99.2%
Failed Analysis Runs 0 0.0%
Programs Retried 69,754 0.6%
Invalid Binaries 30,172 0.3%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 6,045,078 50.9%
Programs using HTTP 1,744,268 28.9%
URLs captured 0
Programs using FTP 2,527 0.0%
Programs using SMTP 38,070 0.6%
Programs using IRC 35,604 0.6%
Programs that sent UDP data 8,144,888 68.6%
Programs that made DNS requests 3,441,448 42.3%
Programs that made P2P connections 303 0.0%
Programs using bittorrent 142 46.9%
Programs using edonkey 8 2.6%
Programs using gnutella 123 40.6%
Programs using winmx 30 9.9%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (180-Day Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 26,287,420
Programs Skipped 0 0.0%
Programs Analyzed 26,287,420 100.0%
Completed Analysis Runs 26,107,316 99.3%
Failed Analysis Runs 0 0.0%
Programs Retried 123,928 0.5%
Invalid Binaries 56,176 0.2%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 13,867,728 53.1%
Programs using HTTP 4,094,253 29.5%
URLs captured 0
Programs using FTP 5,423 0.0%
Programs using SMTP 121,708 0.9%
Programs using IRC 71,391 0.5%
Programs that sent UDP data 18,067,058 69.2%
Programs that made DNS requests 7,719,478 42.7%
Programs that made P2P connections 1,437 0.0%
Programs using bittorrent 1,131 78.7%
Programs using edonkey 31 2.2%
Programs using gnutella 209 14.5%
Programs using winmx 66 4.6%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (One-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 49,847,675
Programs Skipped 0 0.0%
Programs Analyzed 49,847,675 100.0%
Completed Analysis Runs 49,522,132 99.3%
Failed Analysis Runs 0 0.0%
Programs Retried 214,908 0.4%
Invalid Binaries 110,635 0.2%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 25,148,967 50.8%
Programs using HTTP 7,312,689 29.1%
URLs captured 0
Programs using FTP 8,916 0.0%
Programs using SMTP 192,940 0.8%
Programs using IRC 317,454 1.3%
Programs that sent UDP data 32,104,881 64.8%
Programs that made DNS requests 14,528,846 45.3%
Programs that made P2P connections 2,057 0.0%
Programs using bittorrent 1,537 74.7%
Programs using edonkey 74 3.6%
Programs using gnutella 331 16.1%
Programs using winmx 115 5.6%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
Sandbox Statistics (Two-Year Rolling Report)
--------------------------------------------- ---------- ----------
Sandbox Results Totals Percent
--------------------------------------------- ---------- ----------
Programs Processed 76,962,516
Programs Skipped 11,149,969 14.5%
Programs Analyzed 65,812,547 85.5%
Completed Analysis Runs 65,386,462 99.4%
Failed Analysis Runs 0 0.0%
Programs Retried 298,472 0.5%
Invalid Binaries 127,613 0.2%
--------------------------------------------- ---------- ----------
Network Traffic Statistics Totals Percent
--------------------------------------------- ---------- ----------
Programs that sent TCP data 33,380,836 51.1%
Programs using HTTP 11,481,058 34.4%
URLs captured 0
Programs using FTP 12,095 0.0%
Programs using SMTP 201,135 0.6%
Programs using IRC 384,501 1.2%
Programs that sent UDP data 43,807,702 67.0%
Programs that made DNS requests 21,530,636 49.1%
Programs that made P2P connections 2,246 0.0%
Programs using bittorrent 1,678 74.7%
Programs using edonkey 89 4.0%
Programs using gnutella 354 15.8%
Programs using winmx 125 5.6%
--------------------------------------------- ---------- ----------
Anti-Analysis Techniques Totals Percent
--------------------------------------------- ---------- ----------
Programs that made debugger checks 0 0.0%
Programs that made VMWare registry checks 0 0.0%
Programs that made SoftICE checks 0 0.0%
Programs that made Wine checks 0 0.0%
Programs that made Time checks 0 0.0%
Programs that supress Compatibility Warnings 0 0.0%
--------------------------------------------- ---------- ----------
Malicious Activity Totals Percent
--------------------------------------------- ---------- ----------
Programs that made Windows Firewall Updates 0 0.0%
Programs that installed a Rootkit 0 0.0%
Programs that installed a startup entry 0 0.0%
Programs that accessed user's Firefox profile 0 0.0%
Programs that accessed the Pstore 0 0.0%
Programs that called taskkill 0 0.0%
<< Malware | Statistics | Sandbox Graphs >>
