SUBMISSIONS SIGNATURES FILE NAMES BOTNETS IRC MALWARE-HOSTS UNKNOWNS MUTEXES
We've developed a sandbox parser which automatically processes the malware reports sent to us from Norman. The data is then presented in this web interface using graphs and lists.
To date, a total of 1384 unique malware samples have been submitted to the Sandbox. The last recorded sample was added to the database on 2007-03-26 19:15:05.
This amounts to an average of 3.9 entries per day (0 submitted today).
When a file is passed to the Norman SandBox for scanning it is first tested using the virus signature file to see if it is a known virus. These are labeled as known viruses detected by Norman Signature files. If it is not found in the signature file, it is passed on to the Norman SandBox where the file is executed in a secure and closed environement and then monitored for suspicious activities. If it is harmful, it is reported as an unknown virus detected by the Norman SandBox. For more detailed info on this technology, Norman has compiled this whitepaper.
We have a close cooperation with Norman, not just because of their outstanding Sandbox technology, but also because we want to strengthen the ties between computer security professionals here in Norway.
