-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathsamples.html
200 lines (142 loc) · 6.68 KB
/
samples.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="initial-scale=1" />
<meta name="description" content="APTMalware - Advanced Persistent Threat MALWARE stats">
<meta name="keywords" content="APTMalware, Advanced Persistent Threat MALWARE stats">
<meta name="author" content="Andrea Cristaldi">
<title>APTMalware - Advanced Persistent Threat MALWARE features and statistics</title>
<link rel="stylesheet" href="CSS/style2.css" />
<link rel="icon" type="image/x-icon" href="images/favicon.ico">
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/chart.min.js"></script>
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script>
</script>
</head>
<body>
<div id="container">
<div id="introDiv">
<div id="show-intro">
<h1><img src="images/aptmap.png" /> APT Malware features and statistics</h1>
<p>An Advanced Persistent Threat (APT) is a stealthy computer network threat actor, nation state, state-sponsored group or non-state sponsored groups conducting large-scale targeted intrusions for specific goals, which gains unauthorized access to a computer network and remains undetected for an extended period.
</p>
<p>The data reported here are the result of a processing based on static analysis techniques performed on 29GB of malware samples attributed to APT groups, followed by a correlation process. The sample group is limited to PE Portable executable. The data in JSON format are available on the github repository.</p>
<p>Attribution is a very complex issue. Information published here may be wrong, outdated, or may change based on evolving information.</p>
<p>Sample sources: <a href="https://www.vx-underground.org/" target="blank_">VX-Underground</a></p>
<p>ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN ARE PROVIDED ON AN "AS IS" BASIS</p>
<p>Project: <strong style="color:rgb(253, 255, 16);">Andrea Cristaldi</strong> <a href="https://github.com/andreacristaldi/APTmap" target="blank_">GitHub</a>, <a href="https://www.linkedin.com/in/andreacristaldi/" target="blank_">Linkedin</a>, <a href="https://www.cybersec4.com" target="blank_">Cybersec4</a>
<p>This work is licensed under a <a href="http://creativecommons.org/licenses/by/4.0/" target="blank_">Creative Commons Attribution 4.0 International License</a>.</p>
<button id="start">Go to data</button>
</div>
</div>
</div>
<div id="DivContainer">
<img src="images/aptmap.png"/>
<h1>APT Malware features and statistics</h1>
<div class="DivPanel1">
<h2>Samples</h2>
<span id="NSamples"></span>
<p>2010-2022</br>
PE Portable Executable</br>
29GB of data analysed using static analysis techniques</br>
<a href="malware.html">Here, the stats</a></br></br></p>
<a href="index.html">Go to APTMap</a></br></br>
<h3 id="Aboutclickable" >About APTMalware</h3>
</div>
<div class="DivPanel2">
<h2>Samples</h2>
<div class="table-container" id="TableSamples">
<input type="text" id="search-input1" placeholder="Search hash"><br/><br/>
<table>
<thead>
<tr>
<th>ID</th>
<th>HASH</th>
</tr>
</thead>
<tbody>
</tbody>
</table>
<div id="pagination1">
<button id="prev-page1">Prev</button>
<span id="page-number1">1</span> / <span id="total-pages1">1</span>
<button id="next-page1">Next</button>
<span id="count1"></span>
<script>
document.getElementById("start").addEventListener("click", function () {
document.getElementById("DivContainer").style.filter = "blur(0px)";
document.getElementById("container").style.display = "none";
});
document.getElementById("Aboutclickable").addEventListener("click", function () {
document.getElementById("DivContainer").style.filter = "blur(8px)";
document.getElementById("container").style.display = "";
});
var referrer = document.referrer;
if (referrer.includes("malware.html")) {
document.getElementById("DivContainer").style.filter = "blur(0px)";
document.getElementById("container").style.display = "none";
}
const itemsPerPage1 = 250;
let currentPage1 = 1;
let jsonData1 = [];
let filteredData1 =[];
function loadData1() {
$.getJSON('hashes.json', function(data) {
jsonData1 = data;
filteredData1 = jsonData1;
let count = filteredData1.length;
document.getElementById("NSamples").innerHTML=count;
const totalPages = Math.ceil(filteredData1.length / itemsPerPage1);
$('#total-pages1').text(totalPages);
updateTable1();
});
}
function updateTable1() {
const startIndex = (currentPage1 - 1) * itemsPerPage1;
const endIndex = startIndex + itemsPerPage1;
const currentPageData = filteredData1.slice(startIndex, endIndex);
const tableBody = $('#TableSamples tbody');
tableBody.empty();
for (const item of currentPageData) {
tableBody.append(`<tr><td><a target='_blank' href='https://www.virustotal.com/gui/search/${item.SHA256}'>${item.SHA256}</a></td><td>MD5: ${item.MD5}<br/>SHA1: ${item.SHA1}<br/>SHA256: ${item.SHA256}</td></tr>`);
}
let celem = 0;
for (const item of filteredData1) {
celem +=1;
}
$('#count1').text('Total record: ' + celem );
$('#page-number1').text(currentPage1);
}
$('#prev-page1').click(function() {
if (currentPage1 > 1) {
currentPage1--;
updateTable1();
}
});
$('#next-page1').click(function() {
const maxPage = Math.ceil(jsonData1.length / itemsPerPage1);
if (currentPage1 < maxPage) {
currentPage1++;
updateTable1();
}
});
$('#search-input1').on('input', function() {
const searchTerm = $(this).val().toLowerCase();
filteredData1 = jsonData1.filter(item => item.MD5.toLowerCase().includes(searchTerm) ||
item.SHA1.toLowerCase().includes(searchTerm)||
item.SHA256.toLowerCase().includes(searchTerm));
currentPage1 = 1;
const totalPages = Math.ceil(filteredData1.length / itemsPerPage1);
$('#total-pages1').text(totalPages);
updateTable1();
});
loadData1();
</script>
</div>
</div>
</div>
<div class="clearfix"></div>
</div>
</body>
</html>