malware-dataset/linux/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/analysis/sample.svg

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
 "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<!-- Generated by graphviz version 2.43.0 (0)
 -->
<!-- Title: %3 Pages: 1 -->
<svg width="210pt" height="365pt"
 viewBox="0.00 0.00 209.50 365.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 361)">
<title>%3</title>
<polygon fill="white" stroke="transparent" points="-4,4 -4,-361 205.5,-361 205.5,4 -4,4"/>
<!-- guuid=a0c9fb2d&#45;0b00&#45;0000&#45;ba64&#45;d1ba59040000 pid=1113 -->
<g id="node1" class="node">
<title>guuid=a0c9fb2d&#45;0b00&#45;0000&#45;ba64&#45;d1ba59040000 pid=1113</title>
<path fill="white" stroke="black" d="M52.5,-320.5C52.5,-320.5 122.5,-320.5 122.5,-320.5 128.5,-320.5 134.5,-326.5 134.5,-332.5 134.5,-332.5 134.5,-344.5 134.5,-344.5 134.5,-350.5 128.5,-356.5 122.5,-356.5 122.5,-356.5 52.5,-356.5 52.5,-356.5 46.5,-356.5 40.5,-350.5 40.5,-344.5 40.5,-344.5 40.5,-332.5 40.5,-332.5 40.5,-326.5 46.5,-320.5 52.5,-320.5"/>
<text text-anchor="middle" x="87.5" y="-334.8" font-family="Arial" font-size="14.00">/usr/bin/sudo</text>
</g>
<!-- guuid=837bc42e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5a040000 pid=1114 -->
<g id="node2" class="node">
<title>guuid=837bc42e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5a040000 pid=1114</title>
<path fill="white" stroke="black" d="M43,-232.5C43,-232.5 132,-232.5 132,-232.5 138,-232.5 144,-238.5 144,-244.5 144,-244.5 144,-256.5 144,-256.5 144,-262.5 138,-268.5 132,-268.5 132,-268.5 43,-268.5 43,-268.5 37,-268.5 31,-262.5 31,-256.5 31,-256.5 31,-244.5 31,-244.5 31,-238.5 37,-232.5 43,-232.5"/>
<text text-anchor="middle" x="87.5" y="-246.8" font-family="Arial" font-size="14.00">/tmp/sample.bin</text>
</g>
<!-- guuid=a0c9fb2d&#45;0b00&#45;0000&#45;ba64&#45;d1ba59040000 pid=1113&#45;&gt;guuid=837bc42e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5a040000 pid=1114 -->
<g id="edge1" class="edge">
<title>guuid=a0c9fb2d&#45;0b00&#45;0000&#45;ba64&#45;d1ba59040000 pid=1113&#45;&gt;guuid=837bc42e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5a040000 pid=1114</title>
<path fill="none" stroke="black" d="M87.5,-320.1C87.5,-308.25 87.5,-292.32 87.5,-278.79"/>
<polygon fill="black" stroke="black" points="91,-278.58 87.5,-268.58 84,-278.58 91,-278.58"/>
<text text-anchor="middle" x="109" y="-290.8" font-family="Arial" font-size="14.00">execve</text>
</g>
<!-- guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115 -->
<g id="node3" class="node">
<title>guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115</title>
<path fill="#3b5741" stroke="black" d="M12.5,-88.5C12.5,-88.5 162.5,-88.5 162.5,-88.5 168.5,-88.5 174.5,-94.5 174.5,-100.5 174.5,-100.5 174.5,-168.5 174.5,-168.5 174.5,-174.5 168.5,-180.5 162.5,-180.5 162.5,-180.5 12.5,-180.5 12.5,-180.5 6.5,-180.5 0.5,-174.5 0.5,-168.5 0.5,-168.5 0.5,-100.5 0.5,-100.5 0.5,-94.5 6.5,-88.5 12.5,-88.5"/>
<text text-anchor="middle" x="57" y="-165.3" font-family="Arial" font-size="14.00" fill="#fff000">/tmp/sample.bin</text>
<polyline fill="none" stroke="black" points="0.5,-157.5 113.5,-157.5 "/>
<text text-anchor="middle" x="57" y="-142.3" font-family="Arial" font-size="14.00" fill="#fff000">dns</text>
<polyline fill="none" stroke="black" points="0.5,-134.5 113.5,-134.5 "/>
<text text-anchor="middle" x="57" y="-119.3" font-family="Arial" font-size="14.00" fill="#fff000">net</text>
<polyline fill="none" stroke="black" points="0.5,-111.5 113.5,-111.5 "/>
<text text-anchor="middle" x="57" y="-96.3" font-family="Arial" font-size="14.00" fill="#fff000">send&#45;data</text>
<polyline fill="none" stroke="black" points="113.5,-88.5 113.5,-180.5 "/>
<text text-anchor="middle" x="144" y="-130.8" font-family="Arial" font-size="14.00" fill="#fff000">zombie</text>
</g>
<!-- guuid=837bc42e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5a040000 pid=1114&#45;&gt;guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115 -->
<g id="edge2" class="edge">
<title>guuid=837bc42e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5a040000 pid=1114&#45;&gt;guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115</title>
<path fill="none" stroke="black" stroke-dasharray="1,5" d="M87.5,-232.19C87.5,-221.05 87.5,-205.91 87.5,-190.91"/>
<polygon fill="black" stroke="black" points="91,-190.6 87.5,-180.6 84,-190.6 91,-190.6"/>
<text text-anchor="middle" x="104" y="-202.8" font-family="Arial" font-size="14.00">clone</text>
</g>
<!-- 10.0.2.3 -->
<g id="node4" class="node">
<title>10.0.2.3</title>
<path fill="grey" stroke="black" d="M12,-0.5C12,-0.5 53,-0.5 53,-0.5 59,-0.5 65,-6.5 65,-12.5 65,-12.5 65,-24.5 65,-24.5 65,-30.5 59,-36.5 53,-36.5 53,-36.5 12,-36.5 12,-36.5 6,-36.5 0,-30.5 0,-24.5 0,-24.5 0,-12.5 0,-12.5 0,-6.5 6,-0.5 12,-0.5"/>
<text text-anchor="middle" x="32.5" y="-14.8" font-family="Arial" font-size="14.00" fill="white">10.0.2.3</text>
</g>
<!-- guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115&#45;&gt;10.0.2.3 -->
<g id="edge3" class="edge">
<title>guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115&#45;&gt;10.0.2.3</title>
<path fill="none" stroke="blue" stroke-dasharray="5,2" d="M65.76,-88.44C58.78,-73.96 51.27,-58.4 45.16,-45.74"/>
<polygon fill="blue" stroke="blue" points="48.29,-44.17 40.79,-36.68 41.98,-47.21 48.29,-44.17"/>
<text text-anchor="middle" x="88" y="-58.8" font-family="Arial" font-size="14.00" fill="blue">send: 66B</text>
</g>
<!-- 108.181.160.104 -->
<g id="node5" class="node">
<title>108.181.160.104</title>
<path fill="grey" stroke="black" d="M95.5,-0.5C95.5,-0.5 189.5,-0.5 189.5,-0.5 195.5,-0.5 201.5,-6.5 201.5,-12.5 201.5,-12.5 201.5,-24.5 201.5,-24.5 201.5,-30.5 195.5,-36.5 189.5,-36.5 189.5,-36.5 95.5,-36.5 95.5,-36.5 89.5,-36.5 83.5,-30.5 83.5,-24.5 83.5,-24.5 83.5,-12.5 83.5,-12.5 83.5,-6.5 89.5,-0.5 95.5,-0.5"/>
<text text-anchor="middle" x="142.5" y="-14.8" font-family="Arial" font-size="14.00" fill="white">108.181.160.104</text>
</g>
<!-- guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115&#45;&gt;108.181.160.104 -->
<g id="edge4" class="edge">
<title>guuid=8b77dc2e&#45;0b00&#45;0000&#45;ba64&#45;d1ba5b040000 pid=1115&#45;&gt;108.181.160.104</title>
<path fill="none" stroke="green" stroke-dasharray="5,2" d="M111.49,-88.25C114.59,-82.15 117.67,-75.94 120.5,-70 124.15,-62.35 127.91,-53.95 131.26,-46.23"/>
<polygon fill="green" stroke="green" points="134.53,-47.5 135.26,-36.93 128.09,-44.74 134.53,-47.5"/>
<text text-anchor="middle" x="137.5" y="-58.8" font-family="Arial" font-size="14.00" fill="green">con</text>
</g>
</g>
</svg>
New samples from malware bazaar 2024-06-24 12:50:22 +00:00			`<?xml version="1.0" encoding="UTF-8" standalone="no"?>`
			`<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"`
			`"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">`
			`<!-- Generated by graphviz version 2.43.0 (0)`
			`-->`
			`<!-- Title: %3 Pages: 1 -->`
			`<svg width="210pt" height="365pt"`
			`viewBox="0.00 0.00 209.50 365.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">`
			`<g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 361)">`
			`<title>%3</title>`
			`<polygon fill="white" stroke="transparent" points="-4,4 -4,-361 205.5,-361 205.5,4 -4,4"/>`
			`<!-- guuid=a0c9fb2d-0b00-0000-ba64-d1ba59040000 pid=1113 -->`
			`<g id="node1" class="node">`
			`<title>guuid=a0c9fb2d-0b00-0000-ba64-d1ba59040000 pid=1113</title>`
			`<path fill="white" stroke="black" d="M52.5,-320.5C52.5,-320.5 122.5,-320.5 122.5,-320.5 128.5,-320.5 134.5,-326.5 134.5,-332.5 134.5,-332.5 134.5,-344.5 134.5,-344.5 134.5,-350.5 128.5,-356.5 122.5,-356.5 122.5,-356.5 52.5,-356.5 52.5,-356.5 46.5,-356.5 40.5,-350.5 40.5,-344.5 40.5,-344.5 40.5,-332.5 40.5,-332.5 40.5,-326.5 46.5,-320.5 52.5,-320.5"/>`
			`<text text-anchor="middle" x="87.5" y="-334.8" font-family="Arial" font-size="14.00">/usr/bin/sudo</text>`
			`</g>`
			`<!-- guuid=837bc42e-0b00-0000-ba64-d1ba5a040000 pid=1114 -->`
			`<g id="node2" class="node">`
			`<title>guuid=837bc42e-0b00-0000-ba64-d1ba5a040000 pid=1114</title>`
			`<path fill="white" stroke="black" d="M43,-232.5C43,-232.5 132,-232.5 132,-232.5 138,-232.5 144,-238.5 144,-244.5 144,-244.5 144,-256.5 144,-256.5 144,-262.5 138,-268.5 132,-268.5 132,-268.5 43,-268.5 43,-268.5 37,-268.5 31,-262.5 31,-256.5 31,-256.5 31,-244.5 31,-244.5 31,-238.5 37,-232.5 43,-232.5"/>`
			`<text text-anchor="middle" x="87.5" y="-246.8" font-family="Arial" font-size="14.00">/tmp/sample.bin</text>`
			`</g>`
			`<!-- guuid=a0c9fb2d-0b00-0000-ba64-d1ba59040000 pid=1113->guuid=837bc42e-0b00-0000-ba64-d1ba5a040000 pid=1114 -->`
			`<g id="edge1" class="edge">`
			`<title>guuid=a0c9fb2d-0b00-0000-ba64-d1ba59040000 pid=1113->guuid=837bc42e-0b00-0000-ba64-d1ba5a040000 pid=1114</title>`
			`<path fill="none" stroke="black" d="M87.5,-320.1C87.5,-308.25 87.5,-292.32 87.5,-278.79"/>`
			`<polygon fill="black" stroke="black" points="91,-278.58 87.5,-268.58 84,-278.58 91,-278.58"/>`
			`<text text-anchor="middle" x="109" y="-290.8" font-family="Arial" font-size="14.00">execve</text>`
			`</g>`
			`<!-- guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115 -->`
			`<g id="node3" class="node">`
			`<title>guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115</title>`
			`<path fill="#3b5741" stroke="black" d="M12.5,-88.5C12.5,-88.5 162.5,-88.5 162.5,-88.5 168.5,-88.5 174.5,-94.5 174.5,-100.5 174.5,-100.5 174.5,-168.5 174.5,-168.5 174.5,-174.5 168.5,-180.5 162.5,-180.5 162.5,-180.5 12.5,-180.5 12.5,-180.5 6.5,-180.5 0.5,-174.5 0.5,-168.5 0.5,-168.5 0.5,-100.5 0.5,-100.5 0.5,-94.5 6.5,-88.5 12.5,-88.5"/>`
			`<text text-anchor="middle" x="57" y="-165.3" font-family="Arial" font-size="14.00" fill="#fff000">/tmp/sample.bin</text>`
			`<polyline fill="none" stroke="black" points="0.5,-157.5 113.5,-157.5 "/>`
			`<text text-anchor="middle" x="57" y="-142.3" font-family="Arial" font-size="14.00" fill="#fff000">dns</text>`
			`<polyline fill="none" stroke="black" points="0.5,-134.5 113.5,-134.5 "/>`
			`<text text-anchor="middle" x="57" y="-119.3" font-family="Arial" font-size="14.00" fill="#fff000">net</text>`
			`<polyline fill="none" stroke="black" points="0.5,-111.5 113.5,-111.5 "/>`
			`<text text-anchor="middle" x="57" y="-96.3" font-family="Arial" font-size="14.00" fill="#fff000">send-data</text>`
			`<polyline fill="none" stroke="black" points="113.5,-88.5 113.5,-180.5 "/>`
			`<text text-anchor="middle" x="144" y="-130.8" font-family="Arial" font-size="14.00" fill="#fff000">zombie</text>`
			`</g>`
			`<!-- guuid=837bc42e-0b00-0000-ba64-d1ba5a040000 pid=1114->guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115 -->`
			`<g id="edge2" class="edge">`
			`<title>guuid=837bc42e-0b00-0000-ba64-d1ba5a040000 pid=1114->guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115</title>`
			`<path fill="none" stroke="black" stroke-dasharray="1,5" d="M87.5,-232.19C87.5,-221.05 87.5,-205.91 87.5,-190.91"/>`
			`<polygon fill="black" stroke="black" points="91,-190.6 87.5,-180.6 84,-190.6 91,-190.6"/>`
			`<text text-anchor="middle" x="104" y="-202.8" font-family="Arial" font-size="14.00">clone</text>`
			`</g>`
			`<!-- 10.0.2.3 -->`
			`<g id="node4" class="node">`
			`<title>10.0.2.3</title>`
			`<path fill="grey" stroke="black" d="M12,-0.5C12,-0.5 53,-0.5 53,-0.5 59,-0.5 65,-6.5 65,-12.5 65,-12.5 65,-24.5 65,-24.5 65,-30.5 59,-36.5 53,-36.5 53,-36.5 12,-36.5 12,-36.5 6,-36.5 0,-30.5 0,-24.5 0,-24.5 0,-12.5 0,-12.5 0,-6.5 6,-0.5 12,-0.5"/>`
			`<text text-anchor="middle" x="32.5" y="-14.8" font-family="Arial" font-size="14.00" fill="white">10.0.2.3</text>`
			`</g>`
			`<!-- guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115->10.0.2.3 -->`
			`<g id="edge3" class="edge">`
			`<title>guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115->10.0.2.3</title>`
			`<path fill="none" stroke="blue" stroke-dasharray="5,2" d="M65.76,-88.44C58.78,-73.96 51.27,-58.4 45.16,-45.74"/>`
			`<polygon fill="blue" stroke="blue" points="48.29,-44.17 40.79,-36.68 41.98,-47.21 48.29,-44.17"/>`
			`<text text-anchor="middle" x="88" y="-58.8" font-family="Arial" font-size="14.00" fill="blue">send: 66B</text>`
			`</g>`
			`<!-- 108.181.160.104 -->`
			`<g id="node5" class="node">`
			`<title>108.181.160.104</title>`
			`<path fill="grey" stroke="black" d="M95.5,-0.5C95.5,-0.5 189.5,-0.5 189.5,-0.5 195.5,-0.5 201.5,-6.5 201.5,-12.5 201.5,-12.5 201.5,-24.5 201.5,-24.5 201.5,-30.5 195.5,-36.5 189.5,-36.5 189.5,-36.5 95.5,-36.5 95.5,-36.5 89.5,-36.5 83.5,-30.5 83.5,-24.5 83.5,-24.5 83.5,-12.5 83.5,-12.5 83.5,-6.5 89.5,-0.5 95.5,-0.5"/>`
			`<text text-anchor="middle" x="142.5" y="-14.8" font-family="Arial" font-size="14.00" fill="white">108.181.160.104</text>`
			`</g>`
			`<!-- guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115->108.181.160.104 -->`
			`<g id="edge4" class="edge">`
			`<title>guuid=8b77dc2e-0b00-0000-ba64-d1ba5b040000 pid=1115->108.181.160.104</title>`
			`<path fill="none" stroke="green" stroke-dasharray="5,2" d="M111.49,-88.25C114.59,-82.15 117.67,-75.94 120.5,-70 124.15,-62.35 127.91,-53.95 131.26,-46.23"/>`
			`<polygon fill="green" stroke="green" points="134.53,-47.5 135.26,-36.93 128.09,-44.74 134.53,-47.5"/>`
			`<text text-anchor="middle" x="137.5" y="-58.8" font-family="Arial" font-size="14.00" fill="green">con</text>`
			`</g>`
			`</g>`
			`</svg>`