An URL can point to a file having an extension or to a complete domain which has some kind of server side code which drops a file on the visitor’s computer. The ‘none’ type in the table means that the URL actually represents a domain or a script action (like ‘http://server/index.php?’). Note that even if a file has an usually non harmful extension (like ‘txt’), it doesn’t actually mean that this file is really a harmless text file. It only has the innocent extension in order to fool the user to download it and execute it.
| # | Extension | % | Variation from January in % |
| 1 | exe | 48.1969 | -13.55 |
| 2 | none | 22.9160 | 13.96 |
| 3 | txt | 15.8797 | 22.00 |
| 4 | php | 4.4364 | -52.84 |
| 5 | jpg | 1.8492 | 18.14 |
| 6 | 1.5347 | 57.38 | |
| 7 | htm | 0.8848 | -51.66 |
| 8 | com | 0.8386 | 40.00 |
| 9 | dll | 0.8135 | 53.09 |
| 10 | gif | 0.7883 | -45.21 |
| 11 | html | 0.7170 | -37.43 |
| 12 | pl | 0.3061 | -53.42 |
| 13 | asp | 0.1845 | -129.55 |
| 14 | png | 0.1216 | 65.52 |
| 15 | rar | 0.1174 | -2289.29 |
| 16 | js | 0.1006 | -25.00 |
| 17 | swf | 0.0964 | -65.22 |
| 18 | css | 0.0713 | -47.06 |
| 19 | dat | 0.0629 | -166.67 |
| 20 | zip | 0.0461 | -1163.64 |
| 21 | ocx | 0.0168 | -25.00 |
| 22 | aspx | 0.0126 | -200.00 |
| 23 | jsp | 0.0042 | 100.00 |
| 24 | cmd | 0.0042 | 0.00 |
| 25 | bat | 0.0000 | 0.00 |
Sorin Mustaca
Manager International Software Development