Hey there, i've been playing with VirusTotal graph since some weeks.
Originally i did a graph just for building a landscape of files for ATM Wall, the graph can be seen here: https://www.virustotal.com/graph/embed/ ... afc989ee5f
I got the idea of doing this after having seen the work of @vanjasvajcer about ATM malware classification: https://blog.talosintelligence.com/2019 ... amite.html
But i started to got vicious with VT graph so here is some interesting graphs i did based with VT and this forum:
Looking for an ollydbg modification ? https://www.virustotal.com/graph/embed/ ... 1e97f2263a
You have lost your SoftIce CD ? https://www.virustotal.com/graph/embed/ ... 191a1b0467
a small landscape about dongle piracy https://www.virustotal.com/graph/embed/ ... 20febd3f9f
Originally i did a graph just for building a landscape of files for ATM Wall, the graph can be seen here: https://www.virustotal.com/graph/embed/ ... afc989ee5f
I got the idea of doing this after having seen the work of @vanjasvajcer about ATM malware classification: https://blog.talosintelligence.com/2019 ... amite.html
But i started to got vicious with VT graph so here is some interesting graphs i did based with VT and this forum:
- Zeus World (v2.1.0.1 and inferior): https://www.virustotal.com/graph/embed/ ... ae32af6994 Big nebula of zeus builders since code leak of v2.0.8.9, contain also few very old builders and some have funny messages inside destined to AV vendors.
- IceIX World (v1.2.5 and v1.2.6): https://www.virustotal.com/graph/embed/ ... bf262634bf
- Citadel World (v1.3.4.5 and v1.3.5.1): https://www.virustotal.com/graph/embed/ ... a1d2f1646d
- Atmos World (v1.01): https://www.virustotal.com/graph/embed/ ... 9d3196389e Builders, releases, fews files.
- SpyEye World: https://www.virustotal.com/graph/embed/ ... 70a9fcadb5 Research about plugins are based on this board (https://www.kernelmode.info/forum/viewtopic.php?f=16&t=93), contain a nice timeline of the versioning and most of interesting files i guess.
- Carberp 'krabs.7z': https://www.virustotal.com/graph/embed/ ... 73a29e7429 Files annotation based on this board (https://www.kernelmode.info/forum/viewtopic.php?f=16&t=2793), chaos mosaic at the image of the archive.
- BestAV affiliate: https://www.virustotal.com/graph/embed/ ... d081f741aa Lot of FakeAV files found with communicating IPs, graph based also on fews posts here
Looking for an ollydbg modification ? https://www.virustotal.com/graph/embed/ ... 1e97f2263a
You have lost your SoftIce CD ? https://www.virustotal.com/graph/embed/ ... 191a1b0467
a small landscape about dongle piracy https://www.virustotal.com/graph/embed/ ... 20febd3f9f
i cracked the fakeav outside the bestav Example : Internet-Antivirus Nevermind 
