The past 30 days of data collected and stored in the malc0de database shows the United States is the top offender when it comes to domains hosting malware. The first graph represents how much malware was collected each day between 01/21/2010 – 02/21/2010.  We can see a spike around Valentines days which can probably be attributed spam/malware taking advantage of the holiday. The dip on the 9th is likely related to something breaking so ignore that.

I thought it would also be interesting to create a graph based on which countries have hosted the most malware during the previous 30 days. I was a little surprised at the results seeing the United States at the top of the list with China coming in second place.

Keep in mind that this data only represents a tiny snapshot in the overall scheme of things and is specific to malware collected by malc0de.com.

Last but not least the list below represents the top ten binaries seen during the past 30 days.

Count – MD5
251 – 7981f884202bf9f50bb5cb9bf3adbeb1
200 – 105082712e5a14db357fb9432bc9ca22
198 – eeda586b324d69ebf6b537724ad122cb
178 – 1bf3bbfa188f1b8fd0ffc498be481d53
171 – eec01f6a39e56ae3efe0a9866ba09b33
125 – 9ec690317e2109169c371c81341ec3d3
82 – 4f4a22a1391fe11be2c9c9b77ded0949
75 – a1e96a96471e08dae17d0b9b6873d726
75 – a17a76e2f0f8343bbd4c49c9eaef83a3
67 – 1620ef6bb04e2ca548f3e7951f2a8a6f

The MD5′s above are all related to Trojan Koobface. If you are interested in tracking domains and IP’s contacted by or distributing Koobface click here for an updated list.