malware-dataset/linux/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5/analysis/sample.svg

77 lines
6.8 KiB
XML

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<!-- Generated by graphviz version 2.43.0 (0)
-->
<!-- Title: %3 Pages: 1 -->
<svg width="357pt" height="221pt"
viewBox="0.00 0.00 356.50 221.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 217)">
<title>%3</title>
<polygon fill="white" stroke="transparent" points="-4,4 -4,-217 352.5,-217 352.5,4 -4,4"/>
<!-- guuid=b11c622b&#45;0b00&#45;0000&#45;bc0f&#45;2f2859040000 pid=1113 -->
<g id="node1" class="node">
<title>guuid=b11c622b&#45;0b00&#45;0000&#45;bc0f&#45;2f2859040000 pid=1113</title>
<path fill="white" stroke="black" d="M82.5,-176.5C82.5,-176.5 152.5,-176.5 152.5,-176.5 158.5,-176.5 164.5,-182.5 164.5,-188.5 164.5,-188.5 164.5,-200.5 164.5,-200.5 164.5,-206.5 158.5,-212.5 152.5,-212.5 152.5,-212.5 82.5,-212.5 82.5,-212.5 76.5,-212.5 70.5,-206.5 70.5,-200.5 70.5,-200.5 70.5,-188.5 70.5,-188.5 70.5,-182.5 76.5,-176.5 82.5,-176.5"/>
<text text-anchor="middle" x="117.5" y="-190.8" font-family="Arial" font-size="14.00">/usr/bin/sudo</text>
</g>
<!-- guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114 -->
<g id="node2" class="node">
<title>guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114</title>
<path fill="white" stroke="black" d="M75,-88.5C75,-88.5 160,-88.5 160,-88.5 166,-88.5 172,-94.5 172,-100.5 172,-100.5 172,-112.5 172,-112.5 172,-118.5 166,-124.5 160,-124.5 160,-124.5 75,-124.5 75,-124.5 69,-124.5 63,-118.5 63,-112.5 63,-112.5 63,-100.5 63,-100.5 63,-94.5 69,-88.5 75,-88.5"/>
<text text-anchor="middle" x="117.5" y="-102.8" font-family="Arial" font-size="14.00">/usr/bin/newgrp</text>
</g>
<!-- guuid=b11c622b&#45;0b00&#45;0000&#45;bc0f&#45;2f2859040000 pid=1113&#45;&gt;guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114 -->
<g id="edge1" class="edge">
<title>guuid=b11c622b&#45;0b00&#45;0000&#45;bc0f&#45;2f2859040000 pid=1113&#45;&gt;guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114</title>
<path fill="none" stroke="black" d="M117.5,-176.1C117.5,-164.25 117.5,-148.32 117.5,-134.79"/>
<polygon fill="black" stroke="black" points="121,-134.58 117.5,-124.58 114,-134.58 121,-134.58"/>
<text text-anchor="middle" x="139" y="-146.8" font-family="Arial" font-size="14.00">execve</text>
</g>
<!-- guuid=b8c1c52c&#45;0b00&#45;0000&#45;bc0f&#45;2f285c040000 pid=1116 -->
<g id="node5" class="node">
<title>guuid=b8c1c52c&#45;0b00&#45;0000&#45;bc0f&#45;2f285c040000 pid=1116</title>
<path fill="white" stroke="black" d="M12,-0.5C12,-0.5 101,-0.5 101,-0.5 107,-0.5 113,-6.5 113,-12.5 113,-12.5 113,-24.5 113,-24.5 113,-30.5 107,-36.5 101,-36.5 101,-36.5 12,-36.5 12,-36.5 6,-36.5 0,-30.5 0,-24.5 0,-24.5 0,-12.5 0,-12.5 0,-6.5 6,-0.5 12,-0.5"/>
<text text-anchor="middle" x="56.5" y="-14.8" font-family="Arial" font-size="14.00">/tmp/sample.bin</text>
</g>
<!-- guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114&#45;&gt;guuid=b8c1c52c&#45;0b00&#45;0000&#45;bc0f&#45;2f285c040000 pid=1116 -->
<g id="edge3" class="edge">
<title>guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114&#45;&gt;guuid=b8c1c52c&#45;0b00&#45;0000&#45;bc0f&#45;2f285c040000 pid=1116</title>
<path fill="none" stroke="black" stroke-dasharray="1,5" d="M105.16,-88.1C96.33,-75.66 84.33,-58.73 74.45,-44.8"/>
<polygon fill="black" stroke="black" points="77.26,-42.72 68.62,-36.58 71.55,-46.77 77.26,-42.72"/>
<text text-anchor="middle" x="108" y="-58.8" font-family="Arial" font-size="14.00">clone</text>
</g>
<!-- guuid=cae6f62e&#45;0b00&#45;0000&#45;bc0f&#45;2f285d040000 pid=1117 -->
<g id="node6" class="node">
<title>guuid=cae6f62e&#45;0b00&#45;0000&#45;bc0f&#45;2f285d040000 pid=1117</title>
<path fill="white" stroke="black" d="M143.5,-0.5C143.5,-0.5 213.5,-0.5 213.5,-0.5 219.5,-0.5 225.5,-6.5 225.5,-12.5 225.5,-12.5 225.5,-24.5 225.5,-24.5 225.5,-30.5 219.5,-36.5 213.5,-36.5 213.5,-36.5 143.5,-36.5 143.5,-36.5 137.5,-36.5 131.5,-30.5 131.5,-24.5 131.5,-24.5 131.5,-12.5 131.5,-12.5 131.5,-6.5 137.5,-0.5 143.5,-0.5"/>
<text text-anchor="middle" x="178.5" y="-14.8" font-family="Arial" font-size="14.00">/usr/bin/bash</text>
</g>
<!-- guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114&#45;&gt;guuid=cae6f62e&#45;0b00&#45;0000&#45;bc0f&#45;2f285d040000 pid=1117 -->
<g id="edge4" class="edge">
<title>guuid=57ed1f2c&#45;0b00&#45;0000&#45;bc0f&#45;2f285a040000 pid=1114&#45;&gt;guuid=cae6f62e&#45;0b00&#45;0000&#45;bc0f&#45;2f285d040000 pid=1117</title>
<path fill="none" stroke="black" d="M129.84,-88.1C138.67,-75.66 150.67,-58.73 160.55,-44.8"/>
<polygon fill="black" stroke="black" points="163.45,-46.77 166.38,-36.58 157.74,-42.72 163.45,-46.77"/>
<text text-anchor="middle" x="174" y="-58.8" font-family="Arial" font-size="14.00">execve</text>
</g>
<!-- guuid=a493e31f&#45;0000&#45;0000&#45;bc0f&#45;2f2801000000 pid=1 -->
<g id="node3" class="node">
<title>guuid=a493e31f&#45;0000&#45;0000&#45;bc0f&#45;2f2801000000 pid=1</title>
<path fill="white" stroke="black" d="M194.5,-176.5C194.5,-176.5 336.5,-176.5 336.5,-176.5 342.5,-176.5 348.5,-182.5 348.5,-188.5 348.5,-188.5 348.5,-200.5 348.5,-200.5 348.5,-206.5 342.5,-212.5 336.5,-212.5 336.5,-212.5 194.5,-212.5 194.5,-212.5 188.5,-212.5 182.5,-206.5 182.5,-200.5 182.5,-200.5 182.5,-188.5 182.5,-188.5 182.5,-182.5 188.5,-176.5 194.5,-176.5"/>
<text text-anchor="middle" x="265.5" y="-190.8" font-family="Arial" font-size="14.00">/usr/lib/systemd/systemd</text>
</g>
<!-- guuid=2f5bc22c&#45;0b00&#45;0000&#45;bc0f&#45;2f285b040000 pid=1115 -->
<g id="node4" class="node">
<title>guuid=2f5bc22c&#45;0b00&#45;0000&#45;bc0f&#45;2f285b040000 pid=1115</title>
<path fill="white" stroke="black" d="M222.5,-88.5C222.5,-88.5 308.5,-88.5 308.5,-88.5 314.5,-88.5 320.5,-94.5 320.5,-100.5 320.5,-100.5 320.5,-112.5 320.5,-112.5 320.5,-118.5 314.5,-124.5 308.5,-124.5 308.5,-124.5 222.5,-124.5 222.5,-124.5 216.5,-124.5 210.5,-118.5 210.5,-112.5 210.5,-112.5 210.5,-100.5 210.5,-100.5 210.5,-94.5 216.5,-88.5 222.5,-88.5"/>
<text text-anchor="middle" x="265.5" y="-102.8" font-family="Arial" font-size="14.00">/usr/bin/passwd</text>
</g>
<!-- guuid=a493e31f&#45;0000&#45;0000&#45;bc0f&#45;2f2801000000 pid=1&#45;&gt;guuid=2f5bc22c&#45;0b00&#45;0000&#45;bc0f&#45;2f285b040000 pid=1115 -->
<g id="edge2" class="edge">
<title>guuid=a493e31f&#45;0000&#45;0000&#45;bc0f&#45;2f2801000000 pid=1&#45;&gt;guuid=2f5bc22c&#45;0b00&#45;0000&#45;bc0f&#45;2f285b040000 pid=1115</title>
<path fill="none" stroke="black" d="M265.5,-176.1C265.5,-164.25 265.5,-148.32 265.5,-134.79"/>
<polygon fill="black" stroke="black" points="269,-134.58 265.5,-124.58 262,-134.58 269,-134.58"/>
<text text-anchor="middle" x="287" y="-146.8" font-family="Arial" font-size="14.00">execve</text>
</g>
</g>
</svg>