├── LICENSE ├── connections.json ├── vs-autocompiler ├── README.md └── autocompiler.ps1 ├── website ├── README.txt ├── config.json ├── css │ ├── style.css │ └── tablet.css ├── data.json ├── images │ ├── CC.png │ ├── blank.gif │ ├── fancybox_loading.gif │ ├── fancybox_sprite.png │ ├── info.png │ ├── intezer.png │ ├── jisc-logo-small.png │ ├── map.png │ ├── oii.png │ ├── oii_brand.png │ ├── oii_text.png │ ├── rainbow.png │ ├── sprite.png │ ├── zoom_in.png │ ├── zoom_out.png │ └── zoom_reset.png ├── index.html ├── js │ ├── excanvas.js │ ├── fancybox │ │ ├── jquery.fancybox.css │ │ └── jquery.fancybox.pack.js │ ├── jquery │ │ └── jquery.min.js │ ├── main.js │ └── sigma │ │ ├── _sigma.min.js │ │ ├── parseGexf_fin.js │ │ ├── sigma.js │ │ ├── sigma.min.js │ │ ├── sigma.parseGexf.js │ │ └── sigma.parseJson.js └── web.config └── yara ├── ImprovedReflectiveDllInjector.yar ├── InjectProc.yar ├── Invoke-Vnc.yar ├── MemoryModule-DIY.yar ├── MemoryModule.yar ├── ReflectiveDLLInjection.yar ├── RunPE-In-Memory.yar ├── Win7Elevate.yar ├── passcat.yar ├── quarkspwdump.yar └── vncdll.yar /LICENSE: -------------------------------------------------------------------------------- 1 | BSD 3-Clause License 2 | 3 | Copyright (c) 2020, Intezer Labs 4 | All rights reserved. 5 | 6 | Redistribution and use in source and binary forms, with or without 7 | modification, are permitted provided that the following conditions are met: 8 | 9 | 1. Redistributions of source code must retain the above copyright notice, this 10 | list of conditions and the following disclaimer. 11 | 12 | 2. Redistributions in binary form must reproduce the above copyright notice, 13 | this list of conditions and the following disclaimer in the documentation 14 | and/or other materials provided with the distribution. 15 | 16 | 3. Neither the name of the copyright holder nor the names of its 17 | contributors may be used to endorse or promote products derived from 18 | this software without specific prior written permission. 19 | 20 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 21 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 23 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 24 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 26 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 27 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | -------------------------------------------------------------------------------- /connections.json: -------------------------------------------------------------------------------- 1 | { 2 | "BlackBone": [ 3 | "HackingTeam", 4 | "Lolbot", 5 | "OilRig", 6 | "APT1", 7 | "Emissary Panda", 8 | "Wajam", 9 | "CHAINSHOT", 10 | "Cyberbit" 11 | ], 12 | "Mapping-Injection": [], 13 | "HookPasswordChange": [ 14 | "Micropsia", 15 | "ATM Dispenser", 16 | "OceanLotus" 17 | ], 18 | "coilgun": [], 19 | "injectAllTheThings": [ 20 | "LeafMiner", 21 | "PyXie", 22 | "Slingshot", 23 | "Petya", 24 | "Lazarus", 25 | "LatentBot", 26 | "Carbanak", 27 | "Mischa", 28 | "GandCrab", 29 | "TrickBot", 30 | "Cobalt" 31 | ], 32 | "MemoryModule": [ 33 | "AlmaLocker", 34 | "MegaCortex", 35 | "Oztratz", 36 | "Princess Locker", 37 | "DNSBirthday", 38 | "Lazarus", 39 | "Fireball", 40 | "KuaiZip", 41 | "Turla", 42 | "Fancy Bear", 43 | "Suckfly", 44 | "OrangeWorm Ransomware" 45 | ], 46 | "ReflectiveDLLInjection": [ 47 | "LeafMiner", 48 | "LockPOS", 49 | "Carbanak", 50 | "ShaktiTrojan", 51 | "Java NotDharma", 52 | "Mischa", 53 | "Petya", 54 | "GandCrab", 55 | "TA505", 56 | "TrickBot", 57 | "CobaltStrike", 58 | "MM Core", 59 | "LatentBot", 60 | "Tick", 61 | "Joao", 62 | "Backboot", 63 | "Ramnit", 64 | "Pony", 65 | "Ammy Admin", 66 | "Copy Kittens", 67 | "DNSBirthday", 68 | "Rokku Ransomware", 69 | "Chimera Ransomware", 70 | "Patchwork", 71 | "DarkHotel", 72 | "Ke3chang", 73 | "HackingTeam", 74 | "Magniber Ransomware" 75 | ], 76 | "InjectProc": [], 77 | "RottenPotatoEXE": [], 78 | "process-inject": [ 79 | "Vicious Panda", 80 | "Mischa", 81 | "LeafMiner", 82 | "TA505", 83 | "Joao", 84 | "GandCrab", 85 | "Carbanak", 86 | "Petya", 87 | "TrickBot", 88 | "PyXie", 89 | "Cobalt", 90 | "Ramnit" 91 | ], 92 | "SharpSploit": [ 93 | "APT10" 94 | ], 95 | "TikiTorch": [], 96 | "DeviceGuardBypasses": [], 97 | "LethalHTA": [], 98 | "SharpExec": [], 99 | "RottenPotato": [ 100 | "LeafMiner", 101 | "Australia Parliament Hack" 102 | ], 103 | "JuicyPotato": [ 104 | "TEMP.Demon", 105 | "Blue Mockingbird", 106 | "Fox Kitten", 107 | "DarkHotel", 108 | "MyKings" 109 | ], 110 | "Tokenvator": [], 111 | "Lilith": [ 112 | "Operation Dark Pyongyang", 113 | "Tick" 114 | ], 115 | "SharpCOM": [], 116 | "ProcessInjection": [], 117 | "AsyncRAT-C#": [ 118 | "Bepush", 119 | "CONFUCIUS", 120 | "Slimhem", 121 | "Hakbit Ransomware", 122 | "Siplog", 123 | "Bokytuda", 124 | "Subti", 125 | "Hoetou" 126 | ], 127 | "UACME": [ 128 | "TrickBot", 129 | "Pitou", 130 | "GandCrab", 131 | "7ev3n", 132 | "Charming Kitten", 133 | "Novter", 134 | "OceanLotus", 135 | "AVE_MARIA", 136 | "Patchwork", 137 | "Winnti", 138 | "Sigma Ransomware", 139 | "DarkHotel", 140 | "Carberp" 141 | ], 142 | "Trebuchet": [ 143 | "Australia Parliament Hack" 144 | ], 145 | ".NetPELoader": [ 146 | "Lazarus" 147 | ], 148 | "Custom Mimikatz": [ 149 | "TrickBot", 150 | "Chafer", 151 | "TA505", 152 | "APT10", 153 | "LeafMiner", 154 | "Operation Cleaver", 155 | "Turla", 156 | "Carbanak", 157 | "Bad Rabbit Ransomware", 158 | "OilRig", 159 | "DRBControl", 160 | "Winnti", 161 | "Cobalt Kitty", 162 | "Ke3chang", 163 | "Black Energy", 164 | "Operation Skeleton Key", 165 | "Fancy Bear", 166 | "CryptoUnknown" 167 | ], 168 | "Custom Meterpreter": [ 169 | "Turla", 170 | "Refined Kitten", 171 | "Winnti", 172 | "DarkHydrus" 173 | ], 174 | "passcat": [ 175 | "Vidar", 176 | "Socelars", 177 | "TrickBot", 178 | "Babar", 179 | "Legion Loader" 180 | ], 181 | "SharpWeb": [], 182 | "csharp-uhwid": [ 183 | "CryptoJoker", 184 | "JigsawLocker", 185 | "Rastakhiz Ransomware", 186 | "CryptoNar", 187 | "APT-C-27", 188 | "Lockify" 189 | ], 190 | "minhook": [ 191 | "Buhtrap", 192 | "Panda Banker", 193 | "NukeBot", 194 | "Terdot", 195 | "Ursu", 196 | "Zloader" 197 | ], 198 | "myLittleRansomware": [ 199 | "RekenSom Ransomware", 200 | "Cute", 201 | "LockOn", 202 | "Honor", 203 | "PyteHole" 204 | ], 205 | "mhook": [ 206 | "MINEBRIDGE" 207 | ], 208 | "DetoursNT": [], 209 | "EasyHook": [ 210 | "DNSBirthday", 211 | "Dharma" 212 | ], 213 | "RemCom": [ 214 | "BlueTermite", 215 | "Chafer", 216 | "APT10", 217 | "Fancy Bear", 218 | "Sogou" 219 | ], 220 | "BypassUAC/Win7Elevate": [ 221 | "Winnti", 222 | "Ploutus", 223 | "Kimsuky", 224 | "Lazarus", 225 | "NetTraveler" 226 | ], 227 | "K8-BypassUAC": [ 228 | "DRBControl" 229 | ], 230 | "PSInject": [ 231 | "Turla" 232 | ], 233 | "SuperDelete": [ 234 | "Refined Kitten" 235 | ], 236 | "QuasarRAT": [ 237 | "PsiXBot", 238 | "SpyGate", 239 | "Subaat", 240 | "Subti", 241 | "Ploutus", 242 | "VERMIN Campaign", 243 | "CONFUCIUS", 244 | "Habbo", 245 | "APT10", 246 | "Taily", 247 | "Tinclex", 248 | "Patchwork", 249 | "Necurs", 250 | "JigsawLocker", 251 | "Gaza Cybergang", 252 | "Refined Kitten", 253 | "ShellReset" 254 | ], 255 | "HTran": [ 256 | "APT1", 257 | "Tick", 258 | "Scarlet Mimic", 259 | "Lazarus", 260 | "APT10", 261 | "Gothic Panda", 262 | "OilRig", 263 | "Winnti", 264 | "Emissary Panda", 265 | "KeyBoy", 266 | "DragonOK" 267 | ], 268 | "QuarksPwDump": [ 269 | "DRBControl", 270 | "Lazarus", 271 | "Ke3chang" 272 | ], 273 | "ImprovedReflectiveDLLInjection": [ 274 | "TrickBot", 275 | "Vicious Panda", 276 | "Petya", 277 | "Ramnit", 278 | "Lazarus", 279 | "Winnti", 280 | "DarkHotel", 281 | "Karius", 282 | "Matrix Panda" 283 | ], 284 | "fgdump": [ 285 | "Volatile Cedar", 286 | "NetTraveler", 287 | "Icefog" 288 | ], 289 | "WinEggDrop PortScanner": [ 290 | "ZombieBoy", 291 | "Winnti", 292 | "MadoMiner", 293 | "Luoxk" 294 | ], 295 | "rootkit.com/cardmagic": [ 296 | "APT1", 297 | "Shylock", 298 | "Scieron" 299 | ], 300 | "SimplePELoader": [ 301 | "Leviathan", 302 | "Carbanak" 303 | ], 304 | "ProxyDll": [ 305 | "Maze Ransomware" 306 | ], 307 | "Dumpert": [ 308 | "Emissary Panda", 309 | "Operation Skeleton Key" 310 | ], 311 | "RunPE-In-Memory": [ 312 | "TrickBot" 313 | ], 314 | "Sharpire": [ 315 | "Evrial" 316 | ], 317 | "Virtual Machines Detection Enhaced": [ 318 | "TrickBot" 319 | ], 320 | "rewolf-wow64ext": [ 321 | "LatentBot", 322 | "Fancy Bear", 323 | "Ngay", 324 | "Black Energy" 325 | ], 326 | "Invoke-Vnc": [ 327 | "TrickBot", 328 | "Winnti", 329 | "Matrix Banker", 330 | "DarkHotel", 331 | "Carbanak" 332 | ], 333 | "Covenant": [ 334 | "Refined Kitten" 335 | ], 336 | "SharpSuite": [], 337 | "Process-Hollowing": [], 338 | "AggressorScripts": [], 339 | "TpmInitUACBypass": [], 340 | "tenable-UACBypass": [], 341 | "DccwBypassUAC": [], 342 | "ALPC-BypassUAC": [], 343 | "WheresMyImplant": [], 344 | "SharpHound": [ 345 | "PyXie", 346 | "Operation Wocao" 347 | ], 348 | "NetRipper": [ 349 | "Turla" 350 | ], 351 | "Pinjectra": [], 352 | "CookieMonster": [], 353 | "SeatBelt": [], 354 | "Rubeus": [], 355 | "AmsiScanBufferBypass": [ 356 | "Forkbombo" 357 | ], 358 | "PowerShdll": [], 359 | "SCShell": [], 360 | "TinyMet": [ 361 | "Carbanak", 362 | "TA505" 363 | ], 364 | "ruler": [ 365 | "Refined Kitten", 366 | "OilRig" 367 | ], 368 | "TitanHide": [ 369 | "CHAINSHOT" 370 | ], 371 | "PoshC2": [ 372 | "Refined Kitten", 373 | "APT10", 374 | "LYCEUM", 375 | "FakeUpdates" 376 | ], 377 | "Koadic": [ 378 | "FakeUpdates", 379 | "APT10", 380 | "MuddyWater", 381 | "Fancy Bear" 382 | ], 383 | "FruityC2": [ 384 | "MuddyWater" 385 | ], 386 | "Posh-SecMod": [ 387 | "Turla" 388 | ], 389 | "Empire": [ 390 | "FakeUpdates", 391 | "Turla", 392 | "FIN7", 393 | "APT10", 394 | "Ryuk", 395 | "TrickBot", 396 | "Frankenstein", 397 | "INDRIK SPIDER", 398 | "RobbinHood Ransomware", 399 | "Refined Kitten", 400 | "WIRTE", 401 | "Aurora Panda", 402 | "Cozy Bear", 403 | "DarkHydrus", 404 | "Novter", 405 | "LYCEUM", 406 | "FIN8", 407 | "MuddyWater", 408 | "Codoso", 409 | "Copy Kittens", 410 | "FIN10", 411 | "GandCrab" 412 | ], 413 | "veil": [ 414 | "DarkHydrus" 415 | ], 416 | "pupy": [ 417 | "Refined Kitten", 418 | "Rocket Kitten" 419 | ], 420 | "Trochilus": [ 421 | "APT10", 422 | "DRBControl", 423 | "Nightshade Panda", 424 | "Hurricane Panda" 425 | ], 426 | "DKMC": [ 427 | "APT10", 428 | "Gaza CyberGang" 429 | ], 430 | "PowerSploit": [ 431 | "BRONZE PRESIDENT", 432 | "Fancy Bear", 433 | "SamSam Ransomware", 434 | "TrickBot", 435 | "Purple Fox", 436 | "Novter", 437 | "NetWalker Ransomware", 438 | "Nemty Ransomware", 439 | "GhostMiner", 440 | "Winnti", 441 | "FIN7", 442 | "Operation Wocao", 443 | "Refined Kitten", 444 | "MuddyWater", 445 | "Patchwork", 446 | "APT10", 447 | "OceanLotus" 448 | ], 449 | "LaZagne": [ 450 | "Refined Kitten", 451 | "Gothic Panda", 452 | "MuddyWater", 453 | "Qealler", 454 | "Cloud Atlas", 455 | "NetWalker Ransomware", 456 | "LeafMiner", 457 | "OilRig" 458 | ], 459 | "Apfell": [], 460 | "FactionC2": [], 461 | "SafetyKatz": [ 462 | "Chafer", 463 | "TEMP.Demon" 464 | ], 465 | "BloodHound": [ 466 | "TEMP.Demon", 467 | "Operation Skeleton Key" 468 | ], 469 | "reGeorg": [ 470 | "TEMP.Demon" 471 | ], 472 | "iBombShell": [], 473 | "FudgeC2": [], 474 | "Callidus": [], 475 | "KeeThief": [ 476 | "Operation Wocao" 477 | ], 478 | "jexboss": [ 479 | "Operation Wocao", 480 | "SamSam Ransomware" 481 | ], 482 | "chrome-passwords": [ 483 | "MuddyWater" 484 | ], 485 | "impacket": [ 486 | "APT10", 487 | "Berserk Bear", 488 | "Energetic Bear", 489 | "SamSam Ransomware", 490 | "Operation Wocao", 491 | "Emissary Panda" 492 | ], 493 | "CHAOS": [ 494 | "Forkbombo" 495 | ], 496 | "DeathStar": [ 497 | "Forkbombo" 498 | ], 499 | "CrackMapExec": [ 500 | "Forkbombo", 501 | "MuddyWater", 502 | "Chafer", 503 | "Energetic Bear" 504 | ], 505 | "WinPwnage": [ 506 | "PoetRAT" 507 | ], 508 | "FireMaster": [ 509 | "PowerPool" 510 | ], 511 | "InfinityRAT": [ 512 | "Harvbot", 513 | "Reomot", 514 | "Ponoeb", 515 | "Aataki" 516 | ], 517 | "BypassUAC": [ 518 | "ataware", 519 | "BrazilianBankingTrojan" 520 | ], 521 | "OxidDumper": [ 522 | "OceanLotus" 523 | ], 524 | "chimera_pe": [ 525 | "Bolik" 526 | ] 527 | } -------------------------------------------------------------------------------- /vs-autocompiler/README.md: -------------------------------------------------------------------------------- 1 | ## vs-autocompiler 2 | 3 | Compiles a project with multiplie Visual Studio backends. 4 | Supports: VS2019, VS2017, VS2015, VS2013, VS2012, VS2010. 5 | 6 | Run autocompiler.ps1 from directory with the project and the .sln file. 7 | Set $out parameter for where to generate the compiled files, e.g.: 8 | 9 | ``` 10 | git clone https://github.com/stephenfewer/ReflectiveDLLInjection 11 | cd ReflectiveDLLInjection 12 | C:\Users\me\autocompiler.ps1 -out C:\Users\me\output 13 | ``` 14 | 15 | -------------------------------------------------------------------------------- /vs-autocompiler/autocompiler.ps1: -------------------------------------------------------------------------------- 1 | param ( 2 | [string]$sln, 3 | [string]$out = "G:/out", 4 | [string]$SetupScriptPath 5 | ) 6 | # TODO: Add force-dotnet or force-native 7 | 8 | function CopyNoOverwrite { 9 | param ( 10 | [string]$src, 11 | [string]$dst 12 | ) 13 | 14 | # TODO: Strip extension to add suffix and then readd it (instead of just adding .exe ontop) 15 | If (Test-Path $dst) { 16 | $i = 0 17 | While (Test-Path $dst) { 18 | $i += 1 19 | $dst = "$dst-$i.exe" 20 | } 21 | } Else { 22 | New-Item -ItemType File -Path $dst -Force 23 | } 24 | 25 | Copy-Item -Path $src -Destination $dst -Force 26 | } 27 | 28 | function Git-Clean { 29 | git clean -fdx # Force, include directories 30 | git reset --hard 31 | } 32 | 33 | function Upgrade-VCProj { 34 | 35 | } 36 | 37 | function Create-Initial-Directories { 38 | $ProjectName = (Get-Item -Path ".\").Name 39 | $outDir = "$out/$ProjectName/" 40 | mkdir $outDir 41 | } 42 | 43 | function Existing-Executables-Sha256 { 44 | $executables = Get-ChildItem -Include *.exe, *.dll -Recurse $pwd 45 | $hashes = @() 46 | ForEach ($executable in $executables) 47 | { 48 | $sha = (Get-FileHash -Path $executable.FullName).hash 49 | $hashes += $sha 50 | } 51 | return $hashes 52 | } 53 | 54 | function Move-Compiled { 55 | param ( 56 | [string]$outSuffix, 57 | [string]$ExistingHashes 58 | ) 59 | $ProjectName = (Get-Item -Path ".\").Name 60 | $outDir = "$out/$ProjectName/$ProjectName$outSuffix/" 61 | 62 | $executables = Get-ChildItem -Include *.exe, *.dll -Recurse $pwd 63 | 64 | # Remove executables not created by our compilation 65 | $filtered_executables = @() 66 | ForEach ($executable in $executables) { 67 | $sha = (Get-FileHash -Path $executable.FullName).hash 68 | If (!$ExistingHashes.Contains($sha)) { 69 | $filtered_executables += $executable 70 | } 71 | } 72 | $executables = $filtered_executables 73 | 74 | # Move compiled executables to destination directory 75 | if($executables.Length -gt 0){ 76 | Remove-Item $outDir -Recurse -Force > $null 77 | mkdir $outDir > $null 78 | 79 | ForEach ($executable in $executables) 80 | { 81 | $outFile = $outDir + $executable.Name 82 | CopyNoOverwrite -src $executable.FullName -dst $outFile > $null 83 | } 84 | return $true 85 | } Else { 86 | Write-Information "Failed to build $ProjectName$outSuffix" 87 | return $false 88 | } 89 | } 90 | 91 | function Find-Git-Checkpoints { 92 | # Each checkpoint is a month 93 | $gitHist = (git log --format="%ai`t%H`t%an`t%ae`t%s") | ConvertFrom-Csv -Delimiter "`t" -Header ("Date", "CommitId", "Author", "Email", "Subject") 94 | ForEach ($hist in $gitHist) { 95 | $YearMonth = $hist.Date.Substring(0, 7) 96 | $hist | Add-Member -NotePropertyName YearMonth -NotePropertyValue $YearMonth 97 | } 98 | $GitCommits = ($gitHist | Sort-Object -Property YearMonth -Unique) 99 | 100 | return $GitCommits 101 | } 102 | 103 | function Reset-Compiler-Env { 104 | [Environment]::SetEnvironmentVariable("LIB", "") 105 | [Environment]::SetEnvironmentVariable("INCLUDE", "") 106 | [Environment]::SetEnvironmentVariable("VSINSTALLDIR", "") 107 | [Environment]::SetEnvironmentVariable("VSCMD_VER", "") 108 | [Environment]::SetEnvironmentVariable("VSCMD_ARG_HOST_ARCH", "") 109 | [Environment]::SetEnvironmentVariable("VSCMD_ARG_TGT_ARCH", "") 110 | [Environment]::SetEnvironmentVariable("VisualStudioVersion", "") 111 | [Environment]::SetEnvironmentVariable("VS140COMNTOOLS", "") 112 | [Environment]::SetEnvironmentVariable("VS150COMNTOOLS", "") 113 | [Environment]::SetEnvironmentVariable("VS160COMNTOOLS", "") 114 | [Environment]::SetEnvironmentVariable("VCToolsVersion", "") 115 | [Environment]::SetEnvironmentVariable("VCToolsRedistDir", "") 116 | [Environment]::SetEnvironmentVariable("VCToolsInstallDir", "") 117 | [Environment]::SetEnvironmentVariable("VCINSTALLDIR", "") 118 | [Environment]::SetEnvironmentVariable("VCIDEInstallDir", "") 119 | } 120 | 121 | $COMPILERS_NUM = 6 122 | 123 | function Setup-Compiler-ByIndex { 124 | param ( 125 | [int]$i 126 | ) 127 | 128 | $byIndex = @( 129 | "v100", 130 | "v120", 131 | "v140", 132 | "v140_xp", 133 | "v141", 134 | "v142" 135 | ) 136 | 137 | $configs = @{ 138 | "v100" = @{ 139 | "Env" = @{"VCTargetsPath" = "C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\"} 140 | "MSBuild" = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe" 141 | "Toolset_Version" = "v100" 142 | } 143 | "v120" = @{ 144 | "Env" = @{"VCTargetsPath" = "C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\v120\"} 145 | "MSBuild" = "C:\Program Files `(x86`)\MSBuild\12.0\Bin\MSBuild.exe" 146 | "Toolset_Version" = "v120" 147 | } 148 | "v140" = @{ 149 | "Env" = @{"VCTargetsPath" = "C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\v140\"} 150 | "MSBuild" = "C:\Program Files `(x86`)\MSBuild\14.0\Bin\MSBuild.exe" 151 | "Toolset_Version" = "v140" 152 | } 153 | "v140_xp" = @{ 154 | "Env" = @{"VCTargetsPath" = "C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\v140\"} 155 | "MSBuild" = "C:\Program Files `(x86`)\MSBuild\14.0\Bin\MSBuild.exe" 156 | "Toolset_Version" = "v140_xp" 157 | } 158 | "v141" = @{ 159 | "Env" = @{"VCTargetsPath" = ""} 160 | "MSBuild" = "C:\Program Files `(x86`)\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin\MSBuild.exe" 161 | "Toolset_Version" = "v141" 162 | } 163 | "v142" = @{ 164 | "Env" = @{"VCTargetsPath" = ""} 165 | "MSBuild" = "C:\Program Files `(x86`)\Microsoft Visual Studio\2019\Community\MSBuild\Current\Bin\MSBuild.exe" 166 | "Toolset_Version" = "v142" 167 | } 168 | } 169 | #$extra_env.v140.initenv = "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" 170 | 171 | $config = $configs[$byIndex[$i]] 172 | Reset-Compiler-Env 173 | foreach ($k in $config.Env.Keys) { 174 | [Environment]::SetEnvironmentVariable($k, $config.Env[$k]) 175 | } 176 | return $config 177 | } 178 | 179 | function Bootstrap-Compiler-Options { 180 | $globaloptions = @{ 181 | "WholeProgramOptimization" = @("true", "false") 182 | } 183 | 184 | $projFiles = Get-ChildItem -Include *.vcxproj -Recurse $pwd 185 | 186 | ForEach ($projFile in $projFiles) 187 | { 188 | [xml]$xmldata = Get-Content $projFile.FullName 189 | 190 | [System.Xml.XmlNamespaceManager]$ns = $xmldata.NameTable 191 | $ns.AddNamespace("Any", $xmldata.DocumentElement.NamespaceURI) 192 | 193 | $xmldata.SelectNodes('//Any:WindowsTargetPlatformVersion', $ns) | ForEach-Object { $_.ParentNode.RemoveChild($_) } 194 | $xmldata.SelectNodes('//Any:PrecompiledHeader', $ns) | ForEach-Object { $_.InnerText = "NotUsing" } 195 | $xmldata.SelectNodes('//Any:GenerateDebugInformation', $ns) | ForEach-Object { $_.ParentNode.RemoveChild($_) } 196 | $xmldata.SelectNodes('//Any:EnableEnhancedInstructionSet', $ns) | ForEach-Object { $_.ParentNode.RemoveChild($_) } 197 | # TODO: Add legacy_stdio_definitions.lib to AdditionalDependencies 198 | $ForceLinker = $xmldata.CreateElement("ForceFileOutput", $xmldata.DocumentElement.NamespaceURI) 199 | $ForceLinker.InnerText = "UndefinedSymbolOnly" 200 | $xmldata.SelectNodes('//Any:Link', $ns) | ForEach-Object { $xmldata.CreateElement("ForceFileOutput"); $_.AppendChild($ForceLinker) } 201 | 202 | $xmldata.Save($projFile.FullName) 203 | } 204 | } 205 | 206 | function Optional-Setup-Script { 207 | 208 | } 209 | 210 | function Optional-Cleanup-Script { 211 | 212 | } 213 | 214 | function Compile-Job-Native { 215 | param ( 216 | [string]$arch, 217 | [string]$exec, 218 | [string]$sln, 219 | [string]$toolset_version, 220 | [string]$Suffix 221 | ) 222 | Git-Clean > $null 223 | $CLOptions = Bootstrap-Compiler-Options 224 | 225 | $ExistingHashes = Existing-Executables-Sha256 226 | 227 | # Compile 228 | Write-Information "Building for $arch with $toolset_version with cmd: $exec `"$sln`" /m /p:Configuration=Release /p:Platform=`"$arch`" /p:PlatformToolset=$toolset_version" 229 | $proc = Start-Process -Passthru -NoNewWindow -FilePath $exec -ArgumentList "`"$sln`" /m /p:Configuration=Release /p:Platform=`"$arch`" /p:PlatformToolset=$toolset_version" 230 | $proc.WaitForExit() 231 | 232 | # Find and move compiled executables 233 | Write-Information "Finding executables generated for $arch $toolset_version" 234 | $success = Move-Compiled -ExistingHashes $ExistingHashes -outSuffix "-$toolset_version-$arch$Suffix" 235 | return $success 236 | } 237 | 238 | function Compile-Job-Dotnet { 239 | param( 240 | [string]$sdkversion, 241 | [string]$exec, 242 | [string]$sln, 243 | [string]$Suffix 244 | ) 245 | Git-Clean > $null 246 | nuget restore $sln > $null 247 | $ExistingHashes = Existing-Executables-Sha256 248 | 249 | # Compile 250 | Write-Information "Building for with $sdkversion with cmd: $exec `"$sln`" /m /p:Configuration=Release /p:TargetFramework=$sdkversion /p:AllowUnsafeBlocks=true" 251 | $proc = Start-Process -Passthru -NoNewWindow -FilePath $exec -ArgumentList "`"$sln`" /m /p:Configuration=Release /p:TargetFramework=$sdkversion /p:AllowUnsafeBlocks=true" 252 | $proc.WaitForExit() 253 | 254 | # Find and move compiled executables 255 | Write-Information "Finding executables generated for $sdkversion" 256 | $success = Move-Compiled -ExistingHashes $ExistingHashes -outSuffix "-$sdkversion$Suffix" 257 | return $success 258 | } 259 | 260 | function Get-Project-Type { 261 | $csprojs = Get-ChildItem -Include *.csproj -Recurse $pwd 262 | If($csprojs.Length -gt 0) { 263 | return "dotnet" 264 | } 265 | return "native" 266 | } 267 | 268 | function Batch-Compile { 269 | param ( 270 | [string]$Suffix 271 | ) 272 | 273 | If(-Not (Test-Path $sln)) { 274 | Write-Information "Couldn't find $sln with suffix $suffix" 275 | return $false 276 | } 277 | $projectType = Get-Project-Type 278 | If($projectType -eq "native") { 279 | for ($i=0; $i -lt $COMPILERS_NUM; $i++) { 280 | $config = Setup-Compiler-ByIndex -i $i 281 | $compiler = $config.MSBuild 282 | $toolset_version = $config.Toolset_Version 283 | $exec = @" 284 | "$compiler" 285 | "@ 286 | 287 | # Build for x86 288 | $success = Compile-Job-Native -arch "x86" -exec $exec -sln $sln -toolset_version $toolset_version -Suffix $Suffix 289 | 290 | If($success -eq $false) { 291 | Write-Information "x86 build failed, trying Win32!" 292 | Compile-Job-Native -arch "Win32" -exec $exec -sln $sln -toolset_version $toolset_version -Suffix $Suffix 293 | } 294 | # Build for x64 295 | Compile-Job-Native -arch "x64" -exec $exec -sln $sln -toolset_version $toolset_version -Suffix $Suffix 296 | 297 | # Try compiling for 'Any CPU' 298 | Compile-Job-Native -arch "Any CPU" -exec $exec -sln $sln -toolset_version $toolset_version -Suffix $Suffix 299 | } 300 | } 301 | If($projectType -eq "dotnet"){ 302 | $sdkversions = @("net35", "net45", "netstandard2.0") 303 | $exec = "C:\Program Files `(x86`)\Microsoft Visual Studio\2019\Community\MSBuild\Current\Bin\MSBuild.exe" 304 | ForEach($sdkversion in $sdkversions){ 305 | Compile-Job-Dotnet -sdkversion $sdkversion -exec $exec -sln $sln -Suffix $suffix 306 | } 307 | } 308 | 309 | return $true 310 | } 311 | 312 | function Load-Setup-Script { 313 | If( Test-Path $SetupScriptPath ) { 314 | Import-Module -Name $SetupScriptPath 315 | } 316 | } 317 | 318 | function Find-Sln { 319 | $slns = Get-ChildItem *.sln 320 | if($slns.Count -eq 0) { 321 | echo "Couldn't find SLN file!" 322 | exit 1 323 | } 324 | if($slns.Count -gt 1) { 325 | echo "More than 1 SLN file found!" 326 | exit 1 327 | } 328 | return $slns[0].FullName 329 | } 330 | 331 | function Main{ 332 | # Determine whether to start git mode: traverse bymonthly commits to compile additional code 333 | git status 334 | $gitExists = $LASTEXITCODE 335 | Write-Information "Starting!" 336 | 337 | Create-Initial-Directories 338 | if ([string]::IsNullOrEmpty($sln)) { 339 | $sln = Find-Sln 340 | } 341 | 342 | If ($gitExists -eq 0) { 343 | git checkout master 344 | git pull 345 | $GitCommits = Find-Git-Checkpoints 346 | [array]::Reverse($GitCommits) 347 | ForEach($GitCommit in $GitCommits) { 348 | git reset --hard $GitCommit.CommitId 349 | $success = (Batch-Compile -Suffix "-$($GitCommit.YearMonth)") 350 | If(-Not $success){ 351 | break 352 | } 353 | } 354 | } Else { 355 | Batch-Compile -Suffix "" 356 | } 357 | } 358 | 359 | $InformationPreference = "Continue" 360 | Main 361 | 362 | -------------------------------------------------------------------------------- /website/README.txt: -------------------------------------------------------------------------------- 1 | Template provided by InteractiveVis project 2 | http://blogs.oii.ox.ac.uk/vis/ 3 | https://github.com/oxfordinternetinstitute/InteractiveVis/ 4 | 5 | Important. The files must be uploaded to a webserver (or run one locally) in order to be viewed. JavaScript security prevents running the pages locally without a webserver. 6 | 7 | The InteractiveVis project of the Oxford Internet Institute with funding by JISC aims to allow easy creation of interactive visualisations for geospatial and network data using native web technologies (HTML5, CSS3, and SVG) and allow these visualisations to be self-contained so that they may run entirely offline in ebooks and other media. The project will survey existing solutions and build the necessary components to fill in missing features and smooth over incompatibilities in between existing libraries. The project will further provide online hosted wizards to allow for the easy creation of these interactive visualizations. 8 | 9 | More information about the project is available on the project blog: 10 | http//blogs.oii.ox.ac.uk/vis/ 11 | 12 | -------------------------------------------------------------------------------- /website/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "type": "network", 3 | "version": "1.0", 4 | "data": "data.json", 5 | "logo": { 6 | "file": "images/intezer.png", 7 | "link": "https://www.intezer.com/", 8 | "text": "Intezer" 9 | }, 10 | "text": { 11 | "more": "", 12 | "intro": "A map tracking the use of libraries with offensive capabilities by threat actors.
For more information check the VirusBulletin page.

Add new connections on GitHub.", 13 | "title": "OST Map" 14 | }, 15 | "legend": { 16 | "edgeLabel": "Connection", 17 | "colorLabel": "Type", 18 | "nodeLabel": "Tool" 19 | }, 20 | "features": { 21 | "search": true, 22 | "groupSelectorAttribute": "type", 23 | "hoverBehavior": "dim" 24 | }, 25 | "informationPanel": { 26 | "groupByEdgeDirection": false, 27 | "imageAttribute": false 28 | }, 29 | "sigma": { 30 | "drawingProperties": { 31 | "defaultEdgeType": "curve", 32 | "defaultHoverLabelBGColor": "#002147", 33 | "defaultLabelBGColor": "#ddd", 34 | "activeFontStyle": "bold", 35 | "defaultLabelColor": "#000", 36 | "labelThreshold": 10, 37 | "defaultLabelHoverColor": "#fff", 38 | "fontStyle": "bold", 39 | "hoverFontStyle": "bold", 40 | "defaultLabelSize": 14 41 | }, 42 | "graphProperties": { 43 | "maxEdgeSize": 0.5, 44 | "minEdgeSize": 0.2, 45 | "minNodeSize": 1, 46 | "maxNodeSize": 7 47 | }, 48 | "mouseProperties": { 49 | "maxRatio": 20, 50 | "minRatio": 0.75 51 | } 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /website/css/style.css: -------------------------------------------------------------------------------- 1 | * { 2 | padding: 0px; 3 | margin: 0px; 4 | } 5 | 6 | .cf:before, .cf:after { 7 | content: ""; 8 | display: table; 9 | } 10 | 11 | .cf:after { 12 | clear: both; 13 | } 14 | 15 | .cf { 16 | zoom: 1; 17 | } 18 | 19 | html, body { 20 | width: 100%; 21 | height: 100%; 22 | margin: 0px; 23 | padding: 0px; 24 | font-size: 12px; 25 | font-family: 'Open Sans'; 26 | line-height: 1.25em; 27 | } 28 | 29 | .sigma-parent { 30 | position: relative; 31 | height: 100%; 32 | } 33 | 34 | .sigma-expand { 35 | position: absolute; 36 | width: 100%; 37 | height: 100%; 38 | top: 0; 39 | left: 0; 40 | background-color: #1a263d; 41 | background-position: center center; 42 | background-repeat: no-repeat; 43 | -webkit-touch-callout: none; 44 | -webkit-user-select: none; 45 | -khtml-user-select: none; 46 | -moz-user-select: none; 47 | -ms-user-select: none; 48 | user-select: none; 49 | } 50 | 51 | canvas#sigma_bg_1 { 52 | display: none; 53 | } 54 | 55 | #attributepane { 56 | display: block; 57 | display: none; 58 | position: absolute; 59 | height: auto; 60 | bottom: 0; 61 | top: 0; 62 | right: 0; 63 | width: 240px; 64 | background-color: #fff; 65 | margin: 0; 66 | word-wrap: break-word; 67 | background-color: rgba(255, 255, 255, 0.8); 68 | border-left: 1px solid #ccc; 69 | padding: 0px 18px 0px 18px; 70 | z-index: 1; 71 | } 72 | 73 | 74 | #attributepane .text { 75 | height: 100%; 76 | } 77 | 78 | #attributepane .name { 79 | color: #000; 80 | margin-bottom: 5px; 81 | height: 14px; 82 | border-bottom: 1px solid #999; 83 | padding: 0px 0 10px 0; 84 | font-size: 16px; 85 | font-weight: bold; 86 | } 87 | 88 | 89 | #attributepane .returntext em { 90 | background-image: url('../images/sprite.png'); 91 | background-repeat: no-repeat; 92 | display: block; 93 | width: 20px; 94 | height: 20px; 95 | background-position: -91px -13px; 96 | float: left; 97 | } 98 | 99 | #attributepane .returntext span { 100 | padding-left: 5px; 101 | display: block; 102 | } 103 | 104 | #attributepane .close { 105 | padding-left: 14px; 106 | margin-top: 10px; 107 | } 108 | 109 | #attributepane .close .c { 110 | border-top: 2px solid #999; 111 | padding: 10px 0 14px 0; 112 | } 113 | 114 | #attributepane .close em { 115 | background-image: url('../images/sprite.png'); 116 | background-repeat: no-repeat; 117 | background-position: -11px -13px; 118 | display: block; 119 | width: 24px; 120 | height: 16px; 121 | float: left; 122 | } 123 | 124 | #attributepane .close span { 125 | display: block; 126 | width: 151px; 127 | float: left; 128 | } 129 | 130 | #attributepane .nodeattributes { 131 | display: block; 132 | height: 85%; 133 | overflow-y: scroll; 134 | overflow-x: hidden; 135 | border-bottom: 1px solid #999; 136 | } 137 | 138 | #attributepane .name { 139 | font-size: 14px; 140 | cursor: default; 141 | padding-bottom: 10px; 142 | padding-top: 18px; 143 | font-weight: bold; 144 | } 145 | 146 | #attributepane .data { 147 | 148 | } 149 | 150 | #attributepane .data .plus { 151 | background-repeat: no-repeat; 152 | background-image: url('../images/sprite.png'); 153 | background-position: -171px -122px; 154 | width: 22px; 155 | height: 20px; 156 | float: left; 157 | display: block; 158 | } 159 | 160 | #attributepane .link { 161 | padding: 0 0 0 4px; 162 | } 163 | 164 | #attributepane .link li { 165 | padding-top: 2px; 166 | cursor: pointer; 167 | } 168 | 169 | #attributepane .p { 170 | padding-top: 10px; 171 | font-weight: bold; 172 | font-size: 14px; 173 | } 174 | 175 | .left-close { 176 | background-image: url('../images/fancybox_sprite.png'); 177 | margin-left: -37px; 178 | z-index: 99999; 179 | cursor: pointer; 180 | padding-left: 31px; 181 | line-height: 36px; 182 | background-repeat: no-repeat; 183 | margin-bottom: 25px; 184 | font-weight: bold; 185 | font-size: 14px; 186 | 187 | } 188 | 189 | #developercontainer { 190 | margin-left: 25px; 191 | margin-bottom: 25px; 192 | position: fixed; 193 | bottom: 0; 194 | } 195 | 196 | #jisc { 197 | width: 71px; 198 | height: 56px; 199 | background-image: url('../images/jisc-logo-small.png'); 200 | background-repeat: no-repeat; 201 | display: inline-block; 202 | } 203 | 204 | #jisc span { 205 | display: none; 206 | } 207 | 208 | #oii { 209 | width: 227px; 210 | height: 56px; 211 | background-image: url('../images/oii_text.png'); 212 | background-repeat: no-repeat; 213 | display: inline-block; 214 | margin-right: 10px; 215 | 216 | } 217 | 218 | #oii span { 219 | display: none; 220 | } 221 | 222 | #maintitle { 223 | width: 100%; 224 | height: 72px; 225 | background-repeat: no-repeat; 226 | margin-bottom: 20px; 227 | display: flex; 228 | align-items: center; 229 | } 230 | 231 | #maintitle h1 { 232 | display: none; 233 | } 234 | 235 | #mainpanel { 236 | margin-top: 50px; 237 | margin-left: 25px; 238 | background: #fff; 239 | background-color: #fff; 240 | z-index: 20; 241 | position: fixed; 242 | top: 0; 243 | border-radius: 16px; 244 | 245 | } 246 | 247 | #mainpanel .b1 { 248 | padding: 0px 0 0 0; 249 | } 250 | 251 | #mainpanel .col { 252 | width: 240px; 253 | padding: 18px 18px 18px 18px; 254 | margin: 0; 255 | 256 | } 257 | 258 | #title { 259 | font-weight: bold; 260 | } 261 | 262 | #titletext { 263 | padding: 6px 0 10px 0; 264 | } 265 | 266 | #info { 267 | padding-bottom: 15px; 268 | } 269 | 270 | 271 | #search { 272 | border-top: 1px solid #999; 273 | padding: 20px 0 0px 2px; 274 | } 275 | 276 | #search input[name=search] { 277 | border: 1px solid #999; 278 | background-color: #fff; 279 | padding: 5px 7px 4px 7px; 280 | width: 205px; 281 | color: #000; 282 | } 283 | 284 | #search input.empty { 285 | color: #000; 286 | } 287 | 288 | #search .state { 289 | width: 14px; 290 | height: 14px; 291 | background-image: url('../images/sprite.png'); 292 | float: right; 293 | margin-top: 6px; 294 | cursor: pointer; 295 | background-position: -131px -13px; 296 | } 297 | 298 | #search .state.searching { 299 | background-position: -11px -13px; 300 | } 301 | 302 | #search .results { 303 | display: none; 304 | /* border: 1px solid #999;*/ 305 | margin: 6px; 306 | /*height: 150px;*/ 307 | overflow-y: scroll; 308 | overflow-x: hidden; 309 | } 310 | 311 | #search .results b { 312 | padding-left: 2px; 313 | } 314 | 315 | #search .results a { 316 | padding: 1px 2px; 317 | display: block; 318 | cursor: pointer; 319 | text-decoration: none; 320 | color: #000; 321 | } 322 | 323 | #search .results a:hover { 324 | background-color: #999; 325 | color: #fff; 326 | } 327 | 328 | #attributeselect { 329 | margin: 20px 0 13px 0; 330 | -webkit-touch-callout: none; 331 | -webkit-user-select: none; 332 | -khtml-user-select: none; 333 | -moz-user-select: none; 334 | -ms-user-select: none; 335 | user-select: none; 336 | } 337 | 338 | #attributeselect .select { 339 | border: 1px solid #999; 340 | padding: 5px 7px 4px 7px; 341 | color: #fff; 342 | cursor: pointer; 343 | background-color: #999; 344 | background-image: url('../images/sprite.png'); 345 | background-repeat: no-repeat; 346 | background-position: 200px -144px; 347 | } 348 | 349 | #attributeselect .close { 350 | background-position: 200px -8px; 351 | } 352 | 353 | #attributeselect .list { 354 | display: none; 355 | border: 1px solid #999; 356 | padding: 6px; 357 | height: 150px; 358 | width: 226px; 359 | overflow-y: scroll; 360 | overflow-x: hidden; 361 | background-color: #999; 362 | /*position: relative; 363 | left: 240px; 364 | bottom: 164px;*/ 365 | position: absolute; 366 | margin-left: 240px; 367 | margin-top: -164px; 368 | color: white; 369 | } 370 | 371 | #attributeselect .list a { 372 | display: block; 373 | padding: 2px; 374 | text-decoration: none; 375 | color: #fff; 376 | } 377 | 378 | #attributeselect .list a:hover { 379 | background-color: #fff; 380 | color: #000; 381 | } 382 | 383 | .link h2 { 384 | font-size: 1em; 385 | padding-top: 1em; 386 | } 387 | 388 | #mainpanel dl { 389 | padding-bottom: 10px; 390 | } 391 | 392 | #mainpanel h2 { 393 | font-size: 14px; 394 | } 395 | 396 | #mainpanel dt { 397 | width: 20px; 398 | height: 20px; 399 | float: left; 400 | background-repeat: no-repeat; 401 | background-image: url('../images/sprite.png'); 402 | } 403 | 404 | #legend dl { 405 | } 406 | 407 | #mainpanel h2 { 408 | padding-bottom: 10px; 409 | } 410 | 411 | #legend dd { 412 | margin-bottom: 8px; 413 | color: #000; 414 | } 415 | 416 | #mainpanel .infos dd { 417 | margin-bottom: 12px; 418 | } 419 | 420 | #mainpanel .node { 421 | background-position: -11px -119px; 422 | } 423 | 424 | #mainpanel .edge { 425 | background-position: -51px -122px; 426 | } 427 | 428 | #mainpanel .colours { 429 | 430 | background-image: url('../images/rainbow.png'); 431 | 432 | } 433 | 434 | #legend { 435 | margin-top: 8px; 436 | } 437 | 438 | #legend .note { 439 | margin-bottom: 8px; 440 | 441 | } 442 | 443 | #mainpanel .regions { 444 | background-position: -171px -13px; 445 | } 446 | 447 | #mainpanel .download { 448 | background-position: -51px -13px; 449 | } 450 | 451 | #mainpanel .moreinformation { 452 | background: url('../images/info.png'); 453 | background-repeat: no-repeat; 454 | margin-left: 5px; 455 | } 456 | 457 | #copyright { 458 | margin: 0 auto; 459 | position: fixed; 460 | right: 40px; 461 | bottom: 25px; 462 | z-index: 0; 463 | } 464 | 465 | #copyright a { 466 | color: #000; 467 | } 468 | 469 | #copyright .explanation { 470 | display: none; 471 | } 472 | 473 | #zoom { 474 | z-index: 999; 475 | position: fixed; 476 | left: 45%; 477 | bottom: 25px; 478 | margin: 0 auto; 479 | padding: 0; 480 | -webkit-touch-callout: none; 481 | -webkit-user-select: none; 482 | -khtml-user-select: none; 483 | -moz-user-select: none; 484 | -ms-user-select: none; 485 | user-select: none; 486 | text-align: left; 487 | } 488 | 489 | #zoom .z { 490 | background: #fff; 491 | background-color: rgba(255, 255, 255, 0.7); 492 | width: 60px; 493 | height: 60px; 494 | cursor: pointer; 495 | border: 1px solid #ccc; 496 | float: left; 497 | margin-right: 4px; 498 | background-repeat: no-repeat; 499 | } 500 | 501 | #zoom .z[rel=center] { 502 | background-image: url('../images/zoom_reset.png'); 503 | background-position: center; 504 | } 505 | 506 | #zoom .z[rel=in] { 507 | background-image: url('../images/zoom_in.png'); 508 | background-position: center; 509 | } 510 | 511 | #zoom .z[rel=out] { 512 | background-image: url('../images/zoom_out.png'); 513 | background-position: center; 514 | } 515 | 516 | .line { 517 | font-size: 12px; 518 | color: #000; 519 | text-decoration: none; 520 | font-weight: bold; 521 | cursor: pointer; 522 | cursor: hand; 523 | } 524 | 525 | #information { 526 | display: none; 527 | background: #fff; 528 | padding: 1px 10px 10px 10px; 529 | } 530 | 531 | #information h3 { 532 | margin: 14px 0 4px 0; 533 | } 534 | 535 | #information p { 536 | margin: 0 0 4px 0; 537 | } 538 | 539 | #information .button { 540 | width: 14px; 541 | height: 14px; 542 | background-image: url('../images/sprite.png'); 543 | border: 1px solid #999; 544 | display: inline-block; 545 | *display: inline; 546 | *zoom: 1; 547 | } 548 | 549 | #information .button span { 550 | display: none; 551 | } 552 | 553 | #information .button.plus { 554 | background-position: -91px -122px; 555 | } 556 | 557 | #information .button.moins { 558 | background-position: -131px -122px; 559 | } 560 | 561 | #minify { 562 | background-color: #fff; 563 | padding: 4px 4px 4px 25px; 564 | cursor: pointer; 565 | background-image: url('../images/sprite.png'); 566 | background-repeat: no-repeat; 567 | background-position: -167px -118px; 568 | position: absolute; 569 | top: 65px; 570 | left: 15px; 571 | display: none; 572 | } 573 | 574 | #minifier { 575 | position: absolute; 576 | width: 20px; 577 | height: 16px; 578 | background-image: url('../images/sprite.png'); 579 | background-repeat: no-repeat; 580 | background-position: -45px -147px; 581 | cursor: pointer; 582 | display: none; 583 | } 584 | 585 | -------------------------------------------------------------------------------- /website/css/tablet.css: -------------------------------------------------------------------------------- 1 | #developercontainer { 2 | display:none; 3 | } -------------------------------------------------------------------------------- /website/images/CC.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/CC.png -------------------------------------------------------------------------------- /website/images/blank.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/blank.gif -------------------------------------------------------------------------------- /website/images/fancybox_loading.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/fancybox_loading.gif -------------------------------------------------------------------------------- /website/images/fancybox_sprite.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/fancybox_sprite.png -------------------------------------------------------------------------------- /website/images/info.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/info.png -------------------------------------------------------------------------------- /website/images/intezer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/intezer.png -------------------------------------------------------------------------------- /website/images/jisc-logo-small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/jisc-logo-small.png -------------------------------------------------------------------------------- /website/images/map.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/map.png -------------------------------------------------------------------------------- /website/images/oii.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/oii.png -------------------------------------------------------------------------------- /website/images/oii_brand.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/oii_brand.png -------------------------------------------------------------------------------- /website/images/oii_text.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/oii_text.png -------------------------------------------------------------------------------- /website/images/rainbow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/rainbow.png -------------------------------------------------------------------------------- /website/images/sprite.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/sprite.png -------------------------------------------------------------------------------- /website/images/zoom_in.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/zoom_in.png -------------------------------------------------------------------------------- /website/images/zoom_out.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/zoom_out.png -------------------------------------------------------------------------------- /website/images/zoom_reset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/images/zoom_reset.png -------------------------------------------------------------------------------- /website/index.html: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 6 | OST Map 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 | 40 | 41 |
42 |
43 |
44 |
45 |

Legend:

46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 | 63 |

Group Selector:

64 |
Select Group
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 | 82 | 83 |
84 |
85 |
86 |
Return to the full network
87 |
88 |
89 |

90 |
91 |
Connections:
92 |
93 |
    94 |
95 |
96 |
97 |
98 |
99 | 100 | 101 | -------------------------------------------------------------------------------- /website/js/excanvas.js: -------------------------------------------------------------------------------- 1 | document.createElement("canvas").getContext||function(){function S(){return this.context_||(this.context_=new z(this))}function T(a,b,c){var g=J.call(arguments,2);return function(){return a.apply(b,g.concat(J.call(arguments)))}}function K(a){return(""+a).replace(/&/g,"&").replace(/"/g,""")}function L(a){a.namespaces.g_vml_||a.namespaces.add("g_vml_","urn:schemas-microsoft-com:vml","#default#VML");a.namespaces.g_o_||a.namespaces.add("g_o_","urn:schemas-microsoft-com:office:office","#default#VML"); 2 | a.styleSheets.ex_canvas_||(a=a.createStyleSheet(),a.owningElement.id="ex_canvas_",a.cssText="canvas{display:inline-block;overflow:hidden;text-align:left;width:300px;height:150px}")}function U(a){var b=a.srcElement;switch(a.propertyName){case "width":b.getContext().clearRect();b.style.width=b.attributes.width.nodeValue+"px";b.firstChild.style.width=b.clientWidth+"px";break;case "height":b.getContext().clearRect(),b.style.height=b.attributes.height.nodeValue+"px",b.firstChild.style.height=b.clientHeight+ 3 | "px"}}function V(a){a=a.srcElement;a.firstChild&&(a.firstChild.style.width=a.clientWidth+"px",a.firstChild.style.height=a.clientHeight+"px")}function A(){return[[1,0,0],[0,1,0],[0,0,1]]}function q(a,b){for(var c=A(),g=0;3>g;g++)for(var e=0;3>e;e++){for(var f=0,d=0;3>d;d++)f+=a[g][d]*b[d][e];c[g][e]=f}return c}function M(a,b){b.fillStyle=a.fillStyle;b.lineCap=a.lineCap;b.lineJoin=a.lineJoin;b.lineWidth=a.lineWidth;b.miterLimit=a.miterLimit;b.shadowBlur=a.shadowBlur;b.shadowColor=a.shadowColor;b.shadowOffsetX= 4 | a.shadowOffsetX;b.shadowOffsetY=a.shadowOffsetY;b.strokeStyle=a.strokeStyle;b.globalAlpha=a.globalAlpha;b.font=a.font;b.textAlign=a.textAlign;b.textBaseline=a.textBaseline;b.arcScaleX_=a.arcScaleX_;b.arcScaleY_=a.arcScaleY_;b.lineScale_=a.lineScale_}function N(a){var b=a.indexOf("(",3),c=a.indexOf(")",b+1),b=a.substring(b+1,c).split(",");if(4!=b.length||"a"!=a.charAt(3))b[3]=1;return b}function B(a,b,c){return Math.min(c,Math.max(b,a))}function C(a,b,c){0>c&&c++;16*c?a+6*(b-a)*c: 5 | 1>2*c?b:2>3*c?a+6*(b-a)*(2/3-c):a}function D(a){if(a in E)return E[a];var b,c=1,a=""+a;if("#"==a.charAt(0))b=a;else if(/^rgb/.test(a)){c=N(a);b="#";for(var g,e=0;3>e;e++)g=-1!=c[e].indexOf("%")?Math.floor(255*(parseFloat(c[e])/100)):+c[e],b+=s[B(g,0,255)];c=+c[3]}else if(/^hsl/.test(a)){e=c=N(a);b=parseFloat(e[0])/360%360;0>b&&b++;g=B(parseFloat(e[1])/100,0,1);e=B(parseFloat(e[2])/100,0,1);if(0==g)g=e=b=e;else{var f=0.5>e?e*(1+g):e+g-e*g,d=2*e-f;g=C(d,f,b+1/3);e=C(d,f,b);b=C(d,f,b-1/3)}b="#"+s[Math.floor(255* 6 | g)]+s[Math.floor(255*e)]+s[Math.floor(255*b)];c=c[3]}else b=W[a]||a;return E[a]={color:b,alpha:c}}function z(a){this.m_=A();this.mStack_=[];this.aStack_=[];this.currentPath_=[];this.fillStyle=this.strokeStyle="#000";this.lineWidth=1;this.lineJoin="miter";this.lineCap="butt";this.miterLimit=1*n;this.globalAlpha=1;this.font="10px sans-serif";this.textAlign="left";this.textBaseline="alphabetic";this.canvas=a;var b="width:"+a.clientWidth+"px;height:"+a.clientHeight+"px;overflow:hidden;position:absolute", 7 | c=a.ownerDocument.createElement("div");c.style.cssText=b;a.appendChild(c);b=c.cloneNode(!1);b.style.backgroundColor="red";b.style.filter="alpha(opacity=0)";a.appendChild(b);this.element_=c;this.lineScale_=this.arcScaleY_=this.arcScaleX_=1}function O(a,b,c,g){a.currentPath_.push({type:"bezierCurveTo",cp1x:b.x,cp1y:b.y,cp2x:c.x,cp2y:c.y,x:g.x,y:g.y});a.currentX_=g.x;a.currentY_=g.y}function P(a,b){var c=D(a.strokeStyle),g=c.color,c=c.alpha*a.globalAlpha,e=a.lineScale_*a.lineWidth;1>e&&(c*=e);b.push("')}function Q(a,b,c,g){var e=a.fillStyle,f=a.arcScaleX_,d=a.arcScaleY_,h=g.x-c.x,l=g.y-c.y;if(e instanceof t){var i=0,j=g=0,r=0,k=1;if("gradient"==e.type_){var i=e.x1_/f,c=e.y1_/d,m=p(a,e.x0_/f,e.y0_/d),i=p(a,i,c),i=180*Math.atan2(i.x-m.x,i.y-m.y)/Math.PI;0>i&&(i+=360);1.0E-6>i&&(i=0)}else m=p(a,e.x0_,e.y0_),g=(m.x-c.x)/h,j=(m.y-c.y)/l,h/=f* 9 | n,l/=d*n,k=u.max(h,l),r=2*e.r0_/k,k=2*e.r1_/k-r;f=e.colors_;f.sort(function(a,b){return a.offset-b.offset});for(var d=f.length,m=f[0].color,c=f[d-1].color,h=f[0].alpha*a.globalAlpha,a=f[d-1].alpha*a.globalAlpha,l=[],o=0;o')}else e instanceof 10 | F?h&&l&&b.push("'):(e=D(a.fillStyle),b.push(''))}function p(a,b,c){a=a.m_;return{x:n*(b*a[0][0]+c*a[1][0]+a[2][0])-o,y:n*(b*a[0][1]+c*a[1][1]+a[2][1])-o}}function w(a,b,c){isFinite(b[0][0])&&isFinite(b[0][1])&&isFinite(b[1][0])&&isFinite(b[1][1])&&isFinite(b[2][0])&&isFinite(b[2][1])&&(a.m_=b,c&&(a.lineScale_=Y(Z(b[0][0]*b[1][1]-b[0][1]* 11 | b[1][0]))))}function t(a){this.type_=a;this.r1_=this.y1_=this.x1_=this.r0_=this.y0_=this.x0_=0;this.colors_=[]}function F(a,b){if(!a||1!=a.nodeType||"IMG"!=a.tagName)throw new x("TYPE_MISMATCH_ERR");if("complete"!=a.readyState)throw new x("INVALID_STATE_ERR");switch(b){case "repeat":case null:case "":this.repetition_="repeat";break;case "repeat-x":case "repeat-y":case "no-repeat":this.repetition_=b;break;default:throw new x("SYNTAX_ERR");}this.src_=a.src;this.width_=a.width;this.height_=a.height} 12 | function x(a){this.code=this[a];this.message=a+": DOM Exception "+this.code}var u=Math,h=u.round,G=u.sin,H=u.cos,Z=u.abs,Y=u.sqrt,n=10,o=n/2;navigator.userAgent.match(/MSIE ([\d.]+)?/);var J=Array.prototype.slice;L(document);var R={init:function(a){a=a||document;a.createElement("canvas");a.attachEvent("onreadystatechange",T(this.init_,this,a))},init_:function(a){for(var a=a.getElementsByTagName("canvas"),b=0;bd;d++)for(var y=0;16>y;y++)s[16*d+y]=d.toString(16)+y.toString(16);var W={aliceblue:"#F0F8FF",antiquewhite:"#FAEBD7",aquamarine:"#7FFFD4",azure:"#F0FFFF",beige:"#F5F5DC", 14 | bisque:"#FFE4C4",black:"#000000",blanchedalmond:"#FFEBCD",blueviolet:"#8A2BE2",brown:"#A52A2A",burlywood:"#DEB887",cadetblue:"#5F9EA0",chartreuse:"#7FFF00",chocolate:"#D2691E",coral:"#FF7F50",cornflowerblue:"#6495ED",cornsilk:"#FFF8DC",crimson:"#DC143C",cyan:"#00FFFF",darkblue:"#00008B",darkcyan:"#008B8B",darkgoldenrod:"#B8860B",darkgray:"#A9A9A9",darkgreen:"#006400",darkgrey:"#A9A9A9",darkkhaki:"#BDB76B",darkmagenta:"#8B008B",darkolivegreen:"#556B2F",darkorange:"#FF8C00",darkorchid:"#9932CC",darkred:"#8B0000", 15 | darksalmon:"#E9967A",darkseagreen:"#8FBC8F",darkslateblue:"#483D8B",darkslategray:"#2F4F4F",darkslategrey:"#2F4F4F",darkturquoise:"#00CED1",darkviolet:"#9400D3",deeppink:"#FF1493",deepskyblue:"#00BFFF",dimgray:"#696969",dimgrey:"#696969",dodgerblue:"#1E90FF",firebrick:"#B22222",floralwhite:"#FFFAF0",forestgreen:"#228B22",gainsboro:"#DCDCDC",ghostwhite:"#F8F8FF",gold:"#FFD700",goldenrod:"#DAA520",grey:"#808080",greenyellow:"#ADFF2F",honeydew:"#F0FFF0",hotpink:"#FF69B4",indianred:"#CD5C5C",indigo:"#4B0082", 16 | ivory:"#FFFFF0",khaki:"#F0E68C",lavender:"#E6E6FA",lavenderblush:"#FFF0F5",lawngreen:"#7CFC00",lemonchiffon:"#FFFACD",lightblue:"#ADD8E6",lightcoral:"#F08080",lightcyan:"#E0FFFF",lightgoldenrodyellow:"#FAFAD2",lightgreen:"#90EE90",lightgrey:"#D3D3D3",lightpink:"#FFB6C1",lightsalmon:"#FFA07A",lightseagreen:"#20B2AA",lightskyblue:"#87CEFA",lightslategray:"#778899",lightslategrey:"#778899",lightsteelblue:"#B0C4DE",lightyellow:"#FFFFE0",limegreen:"#32CD32",linen:"#FAF0E6",magenta:"#FF00FF",mediumaquamarine:"#66CDAA", 17 | mediumblue:"#0000CD",mediumorchid:"#BA55D3",mediumpurple:"#9370DB",mediumseagreen:"#3CB371",mediumslateblue:"#7B68EE",mediumspringgreen:"#00FA9A",mediumturquoise:"#48D1CC",mediumvioletred:"#C71585",midnightblue:"#191970",mintcream:"#F5FFFA",mistyrose:"#FFE4E1",moccasin:"#FFE4B5",navajowhite:"#FFDEAD",oldlace:"#FDF5E6",olivedrab:"#6B8E23",orange:"#FFA500",orangered:"#FF4500",orchid:"#DA70D6",palegoldenrod:"#EEE8AA",palegreen:"#98FB98",paleturquoise:"#AFEEEE",palevioletred:"#DB7093",papayawhip:"#FFEFD5", 18 | peachpuff:"#FFDAB9",peru:"#CD853F",pink:"#FFC0CB",plum:"#DDA0DD",powderblue:"#B0E0E6",rosybrown:"#BC8F8F",royalblue:"#4169E1",saddlebrown:"#8B4513",salmon:"#FA8072",sandybrown:"#F4A460",seagreen:"#2E8B57",seashell:"#FFF5EE",sienna:"#A0522D",skyblue:"#87CEEB",slateblue:"#6A5ACD",slategray:"#708090",slategrey:"#708090",snow:"#FFFAFA",springgreen:"#00FF7F",steelblue:"#4682B4",tan:"#D2B48C",thistle:"#D8BFD8",tomato:"#FF6347",turquoise:"#40E0D0",violet:"#EE82EE",wheat:"#F5DEB3",whitesmoke:"#F5F5F5",yellowgreen:"#9ACD32"}, 19 | E={},I={},X={butt:"flat",round:"round"},d=z.prototype;d.clearRect=function(){this.textMeasureEl_&&(this.textMeasureEl_.removeNode(!0),this.textMeasureEl_=null);this.element_.innerHTML=""};d.beginPath=function(){this.currentPath_=[]};d.moveTo=function(a,b){var c=p(this,a,b);this.currentPath_.push({type:"moveTo",x:c.x,y:c.y});this.currentX_=c.x;this.currentY_=c.y};d.lineTo=function(a,b){var c=p(this,a,b);this.currentPath_.push({type:"lineTo",x:c.x,y:c.y});this.currentX_=c.x;this.currentY_=c.y};d.bezierCurveTo= 20 | function(a,b,c,g,e,f){e=p(this,e,f);a=p(this,a,b);c=p(this,c,g);O(this,a,c,e)};d.quadraticCurveTo=function(a,b,c,g){a=p(this,a,b);c=p(this,c,g);g={x:this.currentX_+2/3*(a.x-this.currentX_),y:this.currentY_+2/3*(a.y-this.currentY_)};O(this,g,{x:g.x+(c.x-this.currentX_)/3,y:g.y+(c.y-this.currentY_)/3},c)};d.arc=function(a,b,c,g,e,f){var c=c*n,d=f?"at":"wa",h=a+H(g)*c-o,l=b+G(g)*c-o,g=a+H(e)*c-o,e=b+G(e)*c-o;h==g&&!f&&(h+=0.125);a=p(this,a,b);h=p(this,h,l);g=p(this,g,e);this.currentPath_.push({type:d, 21 | x:a.x,y:a.y,radius:c,xStart:h.x,yStart:h.y,xEnd:g.x,yEnd:g.y})};d.rect=function(a,b,c,g){this.moveTo(a,b);this.lineTo(a+c,b);this.lineTo(a+c,b+g);this.lineTo(a,b+g);this.closePath()};d.strokeRect=function(a,b,c,g){var e=this.currentPath_;this.beginPath();this.moveTo(a,b);this.lineTo(a+c,b);this.lineTo(a+c,b+g);this.lineTo(a,b+g);this.closePath();this.stroke();this.currentPath_=e};d.fillRect=function(a,b,c,g){var e=this.currentPath_;this.beginPath();this.moveTo(a,b);this.lineTo(a+c,b);this.lineTo(a+ 22 | c,b+g);this.lineTo(a,b+g);this.closePath();this.fill();this.currentPath_=e};d.createLinearGradient=function(a,b,c,g){var e=new t("gradient");e.x0_=a;e.y0_=b;e.x1_=c;e.y1_=g;return e};d.createRadialGradient=function(a,b,c,g,e,f){var d=new t("gradientradial");d.x0_=a;d.y0_=b;d.r0_=c;d.x1_=g;d.y1_=e;d.r1_=f;return d};d.drawImage=function(a,b){var c,g,e,d,o,v,l,i;e=a.runtimeStyle.width;d=a.runtimeStyle.height;a.runtimeStyle.width="auto";a.runtimeStyle.height="auto";var j=a.width,r=a.height;a.runtimeStyle.width= 23 | e;a.runtimeStyle.height=d;if(3==arguments.length)c=arguments[1],g=arguments[2],o=v=0,l=e=j,i=d=r;else if(5==arguments.length)c=arguments[1],g=arguments[2],e=arguments[3],d=arguments[4],o=v=0,l=j,i=r;else if(9==arguments.length)o=arguments[1],v=arguments[2],l=arguments[3],i=arguments[4],c=arguments[5],g=arguments[6],e=arguments[7],d=arguments[8];else throw Error("Invalid number of arguments");var k=p(this,c,g),m=[];m.push(" ','","");this.element_.insertAdjacentHTML("BeforeEnd",m.join(""))};d.stroke=function(a){var b=[];b.push("d.x)d.x=f.x;if(null==c.y||f.yd.y)d.y=f.y}}b.push(' ">');a?Q(this,b,c,d):P(this,b);b.push("");this.element_.insertAdjacentHTML("beforeEnd",b.join(""))};d.fill=function(){this.stroke(!0)};d.closePath=function(){this.currentPath_.push({type:"close"})};d.save=function(){var a= 28 | {};M(this,a);this.aStack_.push(a);this.mStack_.push(this.m_);this.m_=q(A(),this.m_)};d.restore=function(){this.aStack_.length&&(M(this.aStack_.pop(),this),this.m_=this.mStack_.pop())};d.translate=function(a,b){w(this,q([[1,0,0],[0,1,0],[a,b,1]],this.m_),!1)};d.rotate=function(a){var b=H(a),a=G(a);w(this,q([[b,a,0],[-a,b,0],[0,0,1]],this.m_),!1)};d.scale=function(a,b){this.arcScaleX_*=a;this.arcScaleY_*=b;w(this,q([[a,0,0],[0,b,0],[0,0,1]],this.m_),!0)};d.transform=function(a,b,c,d,e,f){w(this,q([[a, 29 | b,0],[c,d,0],[e,f,1]],this.m_),!0)};d.setTransform=function(a,b,c,d,e,f){w(this,[[a,b,0],[c,d,0],[e,f,1]],!0)};d.drawText_=function(a,b,c,d,e){var f=this.m_,d=0,o=1E3,q=0,l=[],i;i=this.font;if(I[i])i=I[i];else{var j=document.createElement("div").style;try{j.font=i}catch(r){}i=I[i]={style:j.fontStyle||"normal",variant:j.fontVariant||"normal",weight:j.fontWeight||"normal",size:j.fontSize||10,family:j.fontFamily||"sans-serif"}}var j=i,k=this.element_;i={};for(var m in j)i[m]=j[m];m=parseFloat(k.currentStyle.fontSize); 30 | k=parseFloat(j.size);i.size="number"==typeof j.size?j.size:-1!=j.size.indexOf("px")?k:-1!=j.size.indexOf("em")?m*k:-1!=j.size.indexOf("%")?m/100*k:-1!=j.size.indexOf("pt")?k/0.75:m;i.size*=0.981;m=i.style+" "+i.variant+" "+i.weight+" "+i.size+"px "+i.family;k=this.element_.currentStyle;j=this.textAlign.toLowerCase();switch(j){case "left":case "center":case "right":break;case "end":j="ltr"==k.direction?"right":"left";break;case "start":j="rtl"==k.direction?"right":"left";break;default:j="left"}switch(this.textBaseline){case "hanging":case "top":q= 31 | i.size/1.75;break;case "middle":break;default:case null:case "alphabetic":case "ideographic":case "bottom":q=-i.size/2.25}switch(j){case "right":d=1E3;o=0.05;break;case "center":d=o=500}b=p(this,b+0,c+q);l.push('');e?P(this,l):Q(this,l,{x:-d,y:0},{x:o,y:i.size});e=f[0][0].toFixed(3)+","+f[1][0].toFixed(3)+","+f[0][1].toFixed(3)+ 32 | ","+f[1][1].toFixed(3)+",0,0";b=h(b.x/n)+","+h(b.y/n);l.push('','','');this.element_.insertAdjacentHTML("beforeEnd",l.join(""))};d.fillText=function(a,b,c,d){this.drawText_(a,b,c,d,!1)};d.strokeText=function(a,b,c,d){this.drawText_(a,b,c,d,!0)};d.measureText=function(a){this.textMeasureEl_||(this.element_.insertAdjacentHTML("beforeEnd", 33 | ''),this.textMeasureEl_=this.element_.lastChild);var b=this.element_.ownerDocument;this.textMeasureEl_.innerHTML="";this.textMeasureEl_.style.font=this.font;this.textMeasureEl_.appendChild(b.createTextNode(a));return{width:this.textMeasureEl_.offsetWidth}};d.clip=function(){};d.arcTo=function(){};d.createPattern=function(a,b){return new F(a,b)};t.prototype.addColorStop=function(a,b){b=D(b);this.colors_.push({offset:a, 34 | color:b.color,alpha:b.alpha})};d=x.prototype=Error();d.INDEX_SIZE_ERR=1;d.DOMSTRING_SIZE_ERR=2;d.HIERARCHY_REQUEST_ERR=3;d.WRONG_DOCUMENT_ERR=4;d.INVALID_CHARACTER_ERR=5;d.NO_DATA_ALLOWED_ERR=6;d.NO_MODIFICATION_ALLOWED_ERR=7;d.NOT_FOUND_ERR=8;d.NOT_SUPPORTED_ERR=9;d.INUSE_ATTRIBUTE_ERR=10;d.INVALID_STATE_ERR=11;d.SYNTAX_ERR=12;d.INVALID_MODIFICATION_ERR=13;d.NAMESPACE_ERR=14;d.INVALID_ACCESS_ERR=15;d.VALIDATION_ERR=16;d.TYPE_MISMATCH_ERR=17;G_vmlCanvasManager=R;CanvasRenderingContext2D=z;CanvasGradient= 35 | t;CanvasPattern=F;DOMException=x}(); -------------------------------------------------------------------------------- /website/js/fancybox/jquery.fancybox.css: -------------------------------------------------------------------------------- 1 | /*! fancyBox v2.0.6 fancyapps.com | fancyapps.com/fancybox/#license */ 2 | .fancybox-tmp iframe, .fancybox-tmp object { 3 | vertical-align: top; 4 | padding: 0; 5 | margin: 0; 6 | } 7 | 8 | .fancybox-wrap { 9 | position: absolute; 10 | top: 0; 11 | left: 0; 12 | z-index: 8020; 13 | } 14 | 15 | .fancybox-skin { 16 | position: relative; 17 | padding: 0; 18 | margin: 0; 19 | background: #f9f9f9; 20 | color: #444; 21 | text-shadow: none; 22 | -webkit-border-radius: 4px; 23 | -moz-border-radius: 4px; 24 | border-radius: 4px; 25 | } 26 | 27 | .fancybox-opened { 28 | z-index: 8030; 29 | } 30 | 31 | .fancybox-opened .fancybox-skin { 32 | -webkit-box-shadow: 0 10px 25px rgba(0, 0, 0, 0.5); 33 | -moz-box-shadow: 0 10px 25px rgba(0, 0, 0, 0.5); 34 | box-shadow: 0 10px 25px rgba(0, 0, 0, 0.5); 35 | } 36 | 37 | .fancybox-outer, .fancybox-inner { 38 | padding: 0; 39 | margin: 0; 40 | position: relative; 41 | outline: none; 42 | } 43 | 44 | .fancybox-inner { 45 | overflow: hidden; 46 | } 47 | 48 | .fancybox-type-iframe .fancybox-inner { 49 | -webkit-overflow-scrolling: touch; 50 | } 51 | 52 | .fancybox-error { 53 | color: #444; 54 | font: 14px/20px "Helvetica Neue",Helvetica,Arial,sans-serif; 55 | margin: 0; 56 | padding: 10px; 57 | } 58 | 59 | .fancybox-image, .fancybox-iframe { 60 | display: block; 61 | width: 100%; 62 | height: 100%; 63 | border: 0; 64 | padding: 0; 65 | margin: 0; 66 | vertical-align: top; 67 | } 68 | 69 | .fancybox-image { 70 | max-width: 100%; 71 | max-height: 100%; 72 | } 73 | 74 | #fancybox-loading, .fancybox-close, .fancybox-prev span, .fancybox-next span { 75 | background-image: url('../../images/fancybox_sprite.png'); 76 | } 77 | 78 | #fancybox-loading { 79 | position: fixed; 80 | top: 50%; 81 | left: 50%; 82 | margin-top: -22px; 83 | margin-left: -22px; 84 | background-position: 0 -108px; 85 | opacity: 0.8; 86 | cursor: pointer; 87 | z-index: 8020; 88 | } 89 | 90 | #fancybox-loading div { 91 | width: 44px; 92 | height: 44px; 93 | background: url('../../images/fancybox_loading.gif') center center no-repeat; 94 | } 95 | 96 | .fancybox-close { 97 | position: absolute; 98 | top: -18px; 99 | right: -18px; 100 | width: 36px; 101 | height: 36px; 102 | cursor: pointer; 103 | z-index: 8040; 104 | } 105 | 106 | .fancybox-nav { 107 | position: absolute; 108 | top: 0; 109 | width: 40%; 110 | height: 100%; 111 | cursor: pointer; 112 | background: transparent url('../../images/blank.gif'); /* helps IE */ 113 | -webkit-tap-highlight-color: rgba(0,0,0,0); 114 | z-index: 8040; 115 | } 116 | 117 | .fancybox-prev { 118 | left: 0; 119 | } 120 | 121 | .fancybox-next { 122 | right: 0; 123 | } 124 | 125 | .fancybox-nav span { 126 | position: absolute; 127 | top: 50%; 128 | width: 36px; 129 | height: 34px; 130 | margin-top: -18px; 131 | cursor: pointer; 132 | z-index: 8040; 133 | visibility: hidden; 134 | } 135 | 136 | .fancybox-prev span { 137 | left: 20px; 138 | background-position: 0 -36px; 139 | } 140 | 141 | .fancybox-next span { 142 | right: 20px; 143 | background-position: 0 -72px; 144 | } 145 | 146 | .fancybox-nav:hover span { 147 | visibility: visible; 148 | } 149 | 150 | .fancybox-tmp { 151 | position: absolute; 152 | top: -9999px; 153 | left: -9999px; 154 | padding: 0; 155 | overflow: visible; 156 | visibility: hidden; 157 | } 158 | 159 | /* Overlay helper */ 160 | 161 | #fancybox-overlay { 162 | position: absolute; 163 | top: 0; 164 | left: 0; 165 | overflow: hidden; 166 | display: none; 167 | z-index: 8010; 168 | background: #000; 169 | } 170 | 171 | #fancybox-overlay.overlay-fixed { 172 | position: fixed; 173 | bottom: 0; 174 | right: 0; 175 | } 176 | 177 | /* Title helper */ 178 | 179 | .fancybox-title { 180 | visibility: hidden; 181 | font: normal 13px/20px "Helvetica Neue",Helvetica,Arial,sans-serif; 182 | position: relative; 183 | text-shadow: none; 184 | z-index: 8050; 185 | } 186 | 187 | .fancybox-opened .fancybox-title { 188 | visibility: visible; 189 | } 190 | 191 | .fancybox-title-float-wrap { 192 | position: absolute; 193 | bottom: 0; 194 | right: 50%; 195 | margin-bottom: -35px; 196 | z-index: 8030; 197 | text-align: center; 198 | } 199 | 200 | .fancybox-title-float-wrap .child { 201 | display: inline-block; 202 | margin-right: -100%; 203 | padding: 2px 20px; 204 | background: transparent; /* Fallback for web browsers that doesn't support RGBa */ 205 | background: rgba(0, 0, 0, 0.8); 206 | -webkit-border-radius: 15px; 207 | -moz-border-radius: 15px; 208 | border-radius: 15px; 209 | text-shadow: 0 1px 2px #222; 210 | color: #FFF; 211 | font-weight: bold; 212 | line-height: 24px; 213 | white-space: nowrap; 214 | } 215 | 216 | .fancybox-title-outside-wrap { 217 | position: relative; 218 | margin-top: 10px; 219 | color: #fff; 220 | } 221 | 222 | .fancybox-title-inside-wrap { 223 | margin-top: 10px; 224 | } 225 | 226 | .fancybox-title-over-wrap { 227 | position: absolute; 228 | bottom: 0; 229 | left: 0; 230 | color: #fff; 231 | padding: 10px; 232 | background: #000; 233 | background: rgba(0, 0, 0, .8); 234 | } -------------------------------------------------------------------------------- /website/js/fancybox/jquery.fancybox.pack.js: -------------------------------------------------------------------------------- 1 | /*! fancyBox v2.0.6 fancyapps.com | fancyapps.com/fancybox/#license */ 2 | (function(s,l,d,t){var m=d(s),q=d(l),a=d.fancybox=function(){a.open.apply(this,arguments)},u=!1,k=l.createTouch!==t,o=function(a){return"string"===d.type(a)},n=function(b,c){c&&o(b)&&0
',image:'',iframe:'",swf:'',error:'

The requested content cannot be loaded.
Please try again later.

', 5 | closeBtn:'
',next:'',prev:''},openEffect:"fade",openSpeed:300,openEasing:"swing",openOpacity:!0,openMethod:"zoomIn",closeEffect:"fade",closeSpeed:300,closeEasing:"swing",closeOpacity:!0,closeMethod:"zoomOut",nextEffect:"elastic",nextSpeed:300,nextEasing:"swing",nextMethod:"changeIn",prevEffect:"elastic", 6 | prevSpeed:300,prevEasing:"swing",prevMethod:"changeOut",helpers:{overlay:{speedIn:0,speedOut:300,opacity:0.8,css:{cursor:"pointer"},closeClick:!0},title:{type:"float"}}},group:{},opts:{},coming:null,current:null,isOpen:!1,isOpened:!1,player:{timer:null,isActive:!1},ajaxLoad:null,imgPreload:null,transitions:{},helpers:{},open:function(b,c){a.close(!0);b&&!d.isArray(b)&&(b=b instanceof d?d(b).get():[b]);a.isActive=!0;a.opts=d.extend(!0,{},a.defaults,c);d.isPlainObject(c)&&c.keys!==t&&(a.opts.keys=c.keys? 7 | d.extend({},a.defaults.keys,c.keys):!1);a.group=b;a._start(a.opts.index||0)},cancel:function(){a.coming&&!1===a.trigger("onCancel")||(a.coming=null,a.hideLoading(),a.ajaxLoad&&a.ajaxLoad.abort(),a.ajaxLoad=null,a.imgPreload&&(a.imgPreload.onload=a.imgPreload.onabort=a.imgPreload.onerror=null))},close:function(b){a.cancel();a.current&&!1!==a.trigger("beforeClose")&&(a.unbindEvents(),!a.isOpen||b&&!0===b[0]?(d(".fancybox-wrap").stop().trigger("onReset").remove(),a._afterZoomOut()):(a.isOpen=a.isOpened= 8 | !1,d(".fancybox-item, .fancybox-nav").remove(),a.wrap.stop(!0).removeClass("fancybox-opened"),a.inner.css("overflow","hidden"),a.transitions[a.current.closeMethod]()))},play:function(b){var c=function(){clearTimeout(a.player.timer)},e=function(){c();a.current&&a.player.isActive&&(a.player.timer=setTimeout(a.next,a.current.playSpeed))},f=function(){c();d("body").unbind(".player");a.player.isActive=!1;a.trigger("onPlayEnd")};if(a.player.isActive||b&&!1===b[0])f();else if(a.current&&(a.current.loop|| 9 | a.current.index=a.group.length?b=0:0>b&&(b=a.group.length-1)),a.group[b]!==t&&(a.cancel(),a._start(b)))},reposition:function(b, 10 | c){var e;a.isOpen&&(e=a._getPosition(c),b&&"scroll"===b.type?(delete e.position,a.wrap.stop(!0,!0).animate(e,200)):a.wrap.css(e))},update:function(b){a.isOpen&&(u||setTimeout(function(){var c=a.current,e=!b||b&&"orientationchange"===b.type;if(u&&(u=!1,c)){if(!b||"scroll"!==b.type||e)c.autoSize&&"iframe"!==c.type&&(a.inner.height("auto"),c.height=a.inner.height()),(c.autoResize||e)&&a._setDimension(),c.canGrow&&"iframe"!==c.type&&a.inner.height("auto");(c.autoCenter||e)&&a.reposition(b);a.trigger("onUpdate")}}, 11 | 200),u=!0)},toggle:function(){a.isOpen&&(a.current.fitToView=!a.current.fitToView,a.update())},hideLoading:function(){q.unbind("keypress.fb");d("#fancybox-loading").remove()},showLoading:function(){a.hideLoading();q.bind("keypress.fb",function(b){27===b.keyCode&&(b.preventDefault(),a.cancel())});d('
').click(a.cancel).appendTo("body")},getViewport:function(){return{x:m.scrollLeft(),y:m.scrollTop(),w:k&&s.innerWidth?s.innerWidth:m.width(),h:k&&s.innerHeight? 12 | s.innerHeight:m.height()}},unbindEvents:function(){a.wrap&&a.wrap.unbind(".fb");q.unbind(".fb");m.unbind(".fb")},bindEvents:function(){var b=a.current,c=b.keys;b&&(m.bind("resize.fb orientationchange.fb"+(b.autoCenter&&!b.fixed?" scroll.fb":""),a.update),c&&q.bind("keydown.fb",function(b){var f;f=b.target||b.srcElement;if(!b.ctrlKey&&!b.altKey&&!b.shiftKey&&!b.metaKey&&(!f||!f.type&&!d(f).is("[contenteditable]")))f=b.keyCode,-1b.length))for(i=1;i<=h;i+=1)if(f=b[(c.index+i)%e],g=f.href||d(f).attr("href")||f,"image"===f.type||a.isImage(g))(new Image).src=g},_afterLoad:function(){a.hideLoading(); 19 | !a.coming||!1===a.trigger("afterLoad",a.current)?a.coming=!1:(a.isOpened?(d(".fancybox-item, .fancybox-nav").remove(),a.wrap.stop(!0).removeClass("fancybox-opened"),a.inner.css("overflow","hidden"),a.transitions[a.current.prevMethod]()):(d(".fancybox-wrap").stop().trigger("onReset").remove(),a.trigger("afterClose")),a.unbindEvents(),a.isOpen=!1,a.current=a.coming,a.wrap=d(a.current.tpl.wrap).addClass("fancybox-"+(k?"mobile":"desktop")+" fancybox-type-"+a.current.type+" fancybox-tmp "+a.current.wrapCSS).appendTo("body"), 20 | a.skin=d(".fancybox-skin",a.wrap).css("padding",n(a.current.padding)),a.outer=d(".fancybox-outer",a.wrap),a.inner=d(".fancybox-inner",a.wrap),a._setContent())},_setContent:function(){var b=a.current,c=b.content,e=b.type,f=b.minWidth,g=b.minHeight,i=b.maxWidth,h=b.maxHeight;switch(e){case "inline":case "ajax":case "html":b.selector?c=d("
").html(c).find(b.selector):c instanceof d&&(c.parent().hasClass("fancybox-inner")&&c.parents(".fancybox-wrap").unbind("onReset"),c=c.show().detach(),d(a.wrap).bind("onReset", 21 | function(){c.appendTo("body").hide()}));b.autoSize&&(f=d('
').appendTo("body").css({minWidth:n(f,"w"),minHeight:n(g,"h"),maxWidth:n(i,"w"),maxHeight:n(h,"h")}).append(c),b.width=f.width(),b.height=f.height(),f.width(a.current.width),f.height()>b.height&&(f.width(b.width+1),b.width=f.width(),b.height=f.height()),c=f.contents().detach(),f.remove());break;case "image":c=b.tpl.image.replace("{href}",b.href);b.aspectRatio=!0;break;case "swf":c= 22 | b.tpl.swf.replace(/\{width\}/g,b.width).replace(/\{height\}/g,b.height).replace(/\{href\}/g,b.href);break;case "iframe":c=d(b.tpl.iframe.replace("{rnd}",(new Date).getTime())).attr("scrolling",b.scrolling).attr("src",b.href),b.scrolling=k?"scroll":"auto"}if("image"===e||"swf"===e)b.autoSize=!1,b.scrolling="visible";"iframe"===e&&b.autoSize?(a.showLoading(),a._setDimension(),a.inner.css("overflow",b.scrolling),c.bind({onCancel:function(){d(this).unbind();a._afterZoomOut()},load:function(){a.hideLoading(); 23 | try{this.contentWindow.document.location&&(a.current.height=d(this).contents().find("body").height())}catch(b){a.current.autoSize=!1}a[a.isOpen?"_afterZoomIn":"_beforeShow"]()}}).appendTo(a.inner)):(a.inner.append(c),a._beforeShow())},_beforeShow:function(){a.coming=null;a.trigger("beforeShow");a._setDimension();a.wrap.hide().removeClass("fancybox-tmp");a.bindEvents();a._preloadImages();a.transitions[a.isOpened?a.current.nextMethod:a.current.openMethod]()},_setDimension:function(){var b=a.wrap,c= 24 | a.inner,e=a.current,f=a.getViewport(),g=e.margin,i=2*e.padding,h=e.width,j=e.height,r=e.maxWidth+i,k=e.maxHeight+i,l=e.minWidth+i,m=e.minHeight+i,p;f.w-=g[1]+g[3];f.h-=g[0]+g[2];o(h)&&0r&&(h=r,j=(h-i)/g+i),j>k&&(j=k,h=(j-i)*g+i),hr||p>k)for(;(h>r||p>k)&&h>l&&p>m;)j-=10,e.aspectRatio?(h=Math.round((j-i)*g+i),hm&&jf.w||p>f.h)&&h>l&&j>m)e.canShrink=!0;a.innerSpace=p-i- 26 | c.height()},_getPosition:function(b){var c=a.current,e=a.getViewport(),f=c.margin,d=a.wrap.width()+f[1]+f[3],i=a.wrap.height()+f[0]+f[2],h={position:"absolute",top:f[0]+e.y,left:f[3]+e.x};c.autoCenter&&c.fixed&&!b&&i<=e.h&&d<=e.w&&(h={position:"fixed",top:f[0],left:f[3]});h.top=n(Math.max(h.top,h.top+(e.h-i)*c.topRatio));h.left=n(Math.max(h.left,h.left+0.5*(e.w-d)));return h},_afterZoomIn:function(){var b=a.current,c=b?b.scrolling:"no";if(b&&(a.isOpen=a.isOpened=!0,a.wrap.addClass("fancybox-opened"), 27 | a.inner.css("overflow","yes"===c?"scroll":"no"===c?"hidden":c),a.trigger("afterShow"),a.update(),(b.closeClick||b.nextClick)&&a.inner.css("cursor","pointer").bind("click.fb",function(c){if(!d(c.target).is("a")&&!d(c.target).parent().is("a"))a[b.closeClick?"close":"next"]()}),b.closeBtn&&d(b.tpl.closeBtn).appendTo(a.skin).bind("click.fb",a.close),b.arrows&&1c.end&&(g=1-g),d-=a.innerSpace*g),a.inner[e](d)},zoomIn:function(){var b=a.wrap,c=a.current,e=c.openEffect,f="elastic"===e,g=d.extend({},c.dim, 30 | a._getPosition(f)),i=d.extend({opacity:1},g);delete i.position;f?(g=this.getOrigPosition(),c.openOpacity&&(g.opacity=0),a.outer.add(a.inner).width("auto").height("auto")):"fade"===e&&(g.opacity=0);b.css(g).show().animate(i,{duration:"none"===e?0:c.openSpeed,easing:c.openEasing,step:f?this.step:null,complete:a._afterZoomIn})},zoomOut:function(){var b=a.wrap,c=a.current,d=c.openEffect,f="elastic"===d,g={opacity:0};f&&("fixed"===b.css("position")&&b.css(a._getPosition(!0)),g=this.getOrigPosition(),c.closeOpacity&& 31 | (g.opacity=0));b.animate(g,{duration:"none"===d?0:c.closeSpeed,easing:c.closeEasing,step:f?this.step:null,complete:a._afterZoomOut})},changeIn:function(){var b=a.wrap,c=a.current,d=c.nextEffect,f="elastic"===d,g=a._getPosition(f),i={opacity:1};g.opacity=0;f&&(g.top=n(parseInt(g.top,10)-200),i.top="+=200px");b.css(g).show().animate(i,{duration:"none"===d?0:c.nextSpeed,easing:c.nextEasing,complete:a._afterZoomIn})},changeOut:function(){var b=a.wrap,c=a.current,e=c.prevEffect,f={opacity:0};b.removeClass("fancybox-opened"); 32 | "elastic"===e&&(f.top="+=200px");b.animate(f,{duration:"none"===e?0:c.prevSpeed,easing:c.prevEasing,complete:function(){d(this).trigger("onReset").remove()}})}};a.helpers.overlay={overlay:null,update:function(){var a,c;this.overlay.width("100%").height("100%");d.browser.msie||k?(a=Math.max(l.documentElement.scrollWidth,l.body.scrollWidth),c=Math.max(l.documentElement.offsetWidth,l.body.offsetWidth),a=a
').css(b.css).appendTo("body"),b.closeClick&&this.overlay.bind("click.fb",a.close),a.current.fixed&&!k?this.overlay.addClass("overlay-fixed"):(this.update(),this.onUpdate=function(){this.update()}),this.overlay.fadeTo(b.speedIn,b.opacity))},afterClose:function(a){this.overlay&&this.overlay.fadeOut(a.speedOut||0,function(){d(this).remove()});this.overlay=null}};a.helpers.title={beforeShow:function(b){var c; 34 | if(c=a.current.title)c=d('
'+c+"
").appendTo("body"),"float"===b.type&&(c.width(c.width()),c.wrapInner(''),a.current.margin[2]+=Math.abs(parseInt(c.css("margin-bottom"),10))),c.appendTo("over"===b.type?a.inner:"outside"===b.type?a.wrap:a.skin)}};d.fn.fancybox=function(b){var c=d(this),e=this.selector||"",f,g=function(g){var h=this,j=f,k;!g.ctrlKey&&!g.altKey&&!g.shiftKey&&!g.metaKey&&!d(h).is(".fancybox-wrap")&& 35 | (g.preventDefault(),g=b.groupAttr||"data-fancybox-group",k=d(h).attr(g),k||(g="rel",k=h[g]),k&&""!==k&&"nofollow"!==k&&(h=e.length?d(e):c,h=h.filter("["+g+'="'+k+'"]'),j=h.index(this)),b.index=j,a.open(h,b))},b=b||{};f=b.index||0;e?q.undelegate(e,"click.fb-start").delegate(e,"click.fb-start",g):c.unbind("click.fb-start").bind("click.fb-start",g);return this};d(l).ready(function(){a.defaults.fixed=d.support.fixedPosition||!(d.browser.msie&&6>=d.browser.version)&&!k})})(window,document,jQuery); -------------------------------------------------------------------------------- /website/js/main.js: -------------------------------------------------------------------------------- 1 | var sigInst, canvas, $GP 2 | 3 | //Load configuration file 4 | var config={}; 5 | 6 | //For debug allow a config=file.json parameter to specify the config 7 | function GetQueryStringParams(sParam,defaultVal) { 8 | var sPageURL = ""+window.location;//.search.substring(1);//This might be causing error in Safari? 9 | if (sPageURL.indexOf("?")==-1) return defaultVal; 10 | sPageURL=sPageURL.substr(sPageURL.indexOf("?")+1); 11 | var sURLVariables = sPageURL.split('&'); 12 | for (var i = 0; i < sURLVariables.length; i++) { 13 | var sParameterName = sURLVariables[i].split('='); 14 | if (sParameterName[0] == sParam) { 15 | return sParameterName[1]; 16 | } 17 | } 18 | return defaultVal; 19 | } 20 | 21 | 22 | jQuery.getJSON(GetQueryStringParams("config","config.json"), function(data, textStatus, jqXHR) { 23 | config=data; 24 | 25 | if (config.type!="network") { 26 | //bad config 27 | alert("Invalid configuration settings.") 28 | return; 29 | } 30 | 31 | //As soon as page is ready (and data ready) set up it 32 | $(document).ready(setupGUI(config)); 33 | });//End JSON Config load 34 | 35 | 36 | // FUNCTION DECLARATIONS 37 | 38 | Object.size = function(obj) { 39 | var size = 0, key; 40 | for (key in obj) { 41 | if (obj.hasOwnProperty(key)) size++; 42 | } 43 | return size; 44 | }; 45 | 46 | function initSigma(config) { 47 | var data=config.data 48 | 49 | var drawProps, graphProps,mouseProps; 50 | drawProps={ 51 | defaultLabelColor: "#fff", 52 | defaultLabelSize: 14, 53 | defaultLabelBGColor: "#ddd", 54 | defaultHoverLabelBGColor: "#002147", 55 | defaultLabelHoverColor: "#fff", 56 | labelThreshold: 7, 57 | defaultEdgeType: "straight", 58 | hoverFontStyle: "bold", 59 | fontStyle: "bold", 60 | activeFontStyle: "bold" 61 | }; 62 | 63 | graphProps={ 64 | minNodeSize: 1, 65 | maxNodeSize: 7, 66 | minEdgeSize: 2.0, 67 | maxEdgeSize: 2.0 68 | }; 69 | 70 | if (config.sigma && config.sigma.mouseProperties) 71 | mouseProps=config.sigma.mouseProperties; 72 | else 73 | mouseProps={ 74 | minRatio: 0.75, // How far can we zoom out? 75 | maxRatio: 20, // How far can we zoom in? 76 | }; 77 | 78 | var a = sigma.init(document.getElementById("sigma-canvas")).drawingProperties(drawProps).graphProperties(graphProps).mouseProperties(mouseProps); 79 | sigInst = a; 80 | a.active = !1; 81 | a.neighbors = {}; 82 | a.detail = !1; 83 | 84 | 85 | dataReady = function() {//This is called as soon as data is loaded 86 | a.clusters = {}; 87 | a.color_family = {}; 88 | 89 | a.iterNodes( 90 | function (b) { //This is where we populate the array used for the group select box 91 | 92 | // note: index may not be consistent for all nodes. Should calculate each time. 93 | // alert(JSON.stringify(b.attr.attributes[5].val)); 94 | // alert(b.x); 95 | a.clusters[b.attr.attributes['type']] || (a.clusters[b.attr.attributes['type']] = []); 96 | a.clusters[b.attr.attributes['type']].push(b.id);//SAH: push id not label 97 | a.color_family[b.attr.attributes['type']] = b.color; 98 | } 99 | ); 100 | 101 | a.bind("upnodes", function (a) { 102 | nodeActive(a.content[0]) 103 | }); 104 | 105 | a.draw(); 106 | configSigmaElements(config); 107 | } 108 | 109 | if (data.indexOf("gexf")>0 || data.indexOf("xml")>0) 110 | a.parseGexf(data,dataReady); 111 | else 112 | a.parseJson(data,dataReady); 113 | gexf = sigmaInst = null; 114 | } 115 | 116 | 117 | function setupGUI(config) { 118 | // Initialise main interface elements 119 | var logo=""; // Logo elements 120 | if (config.logo.file) { 121 | 122 | logo = ""; 127 | } 128 | if (config.logo.link) logo=""+logo+""; 129 | $("#maintitle").html(logo); 130 | 131 | // #title 132 | $("#title").html("

"+config.text.title+"

"); 133 | 134 | // #titletext 135 | $("#titletext").html(config.text.intro); 136 | 137 | // More information 138 | if (config.text.more) { 139 | $("#information").html(config.text.more); 140 | } else { 141 | //hide more information link 142 | $("#moreinformation").hide(); 143 | } 144 | 145 | // Legend 146 | 147 | // Node 148 | if (config.legend.nodeLabel) { 149 | $(".node").next().html(config.legend.nodeLabel); 150 | } else { 151 | //hide more information link 152 | $(".node").hide(); 153 | } 154 | // Edge 155 | if (config.legend.edgeLabel) { 156 | $(".edge").next().html(config.legend.edgeLabel); 157 | } else { 158 | //hide more information link 159 | $(".edge").hide(); 160 | } 161 | // Colours 162 | if (config.legend.nodeLabel) { 163 | $(".colours").next().html(config.legend.colorLabel); 164 | } else { 165 | //hide more information link 166 | $(".colours").hide(); 167 | } 168 | 169 | $GP = { 170 | calculating: !1, 171 | showgroup: !1 172 | }; 173 | $GP.intro = $("#intro"); 174 | $GP.minifier = $GP.intro.find("#minifier"); 175 | $GP.mini = $("#minify"); 176 | $GP.info = $("#attributepane"); 177 | $GP.info_donnees = $GP.info.find(".nodeattributes"); 178 | $GP.info_name = $GP.info.find(".name"); 179 | $GP.info_link = $GP.info.find(".link"); 180 | $GP.info_data = $GP.info.find(".data"); 181 | $GP.info_close = $GP.info.find(".returntext"); 182 | $GP.info_close2 = $GP.info.find(".close"); 183 | $GP.info_p = $GP.info.find(".p"); 184 | $GP.info_close.click(nodeNormal); 185 | $GP.info_close2.click(nodeNormal); 186 | $GP.form = $("#mainpanel").find("form"); 187 | $GP.search = new Search($GP.form.find("#search")); 188 | if (!config.features.search) { 189 | $("#search").hide(); 190 | } 191 | if (!config.features.groupSelectorAttribute) { 192 | $("#attributeselect").hide(); 193 | } 194 | $GP.cluster = new Cluster($GP.form.find("#attributeselect")); 195 | config.GP=$GP; 196 | initSigma(config); 197 | } 198 | 199 | function configSigmaElements(config) { 200 | $GP=config.GP; 201 | 202 | // Node hover behaviour 203 | if (config.features.hoverBehavior == "dim") { 204 | 205 | var greyColor = '#ccc'; 206 | sigInst.bind('overnodes',function(event){ 207 | var nodes = event.content; 208 | var neighbors = {}; 209 | sigInst.iterEdges(function(e){ 210 | if(nodes.indexOf(e.source)<0 && nodes.indexOf(e.target)<0){ 211 | if(!e.attr['grey']){ 212 | e.attr['true_color'] = e.color; 213 | e.color = greyColor; 214 | e.attr['grey'] = 1; 215 | } 216 | }else{ 217 | e.color = e.attr['grey'] ? e.attr['true_color'] : e.color; 218 | e.attr['grey'] = 0; 219 | 220 | neighbors[e.source] = 1; 221 | neighbors[e.target] = 1; 222 | } 223 | }).iterNodes(function(n){ 224 | if(!neighbors[n.id]){ 225 | if(!n.attr['grey']){ 226 | n.attr['true_color'] = n.color; 227 | n.color = greyColor; 228 | n.attr['grey'] = 1; 229 | } 230 | }else{ 231 | n.color = n.attr['grey'] ? n.attr['true_color'] : n.color; 232 | n.attr['grey'] = 0; 233 | } 234 | }).draw(2,2,2); 235 | }).bind('outnodes',function(){ 236 | sigInst.iterEdges(function(e){ 237 | e.color = e.attr['grey'] ? e.attr['true_color'] : e.color; 238 | e.attr['grey'] = 0; 239 | }).iterNodes(function(n){ 240 | n.color = n.attr['grey'] ? n.attr['true_color'] : n.color; 241 | n.attr['grey'] = 0; 242 | }).draw(2,2,2); 243 | }); 244 | 245 | } else if (config.features.hoverBehavior == "hide") { 246 | 247 | sigInst.bind('overnodes',function(event){ 248 | var nodes = event.content; 249 | var neighbors = {}; 250 | sigInst.iterEdges(function(e){ 251 | if(nodes.indexOf(e.source)>=0 || nodes.indexOf(e.target)>=0){ 252 | neighbors[e.source] = 1; 253 | neighbors[e.target] = 1; 254 | } 255 | }).iterNodes(function(n){ 256 | if(!neighbors[n.id]){ 257 | n.hidden = 1; 258 | }else{ 259 | n.hidden = 0; 260 | } 261 | }).draw(2,2,2); 262 | }).bind('outnodes',function(){ 263 | sigInst.iterEdges(function(e){ 264 | e.hidden = 0; 265 | }).iterNodes(function(n){ 266 | n.hidden = 0; 267 | }).draw(2,2,2); 268 | }); 269 | 270 | } 271 | $GP.bg = $(sigInst._core.domElements.bg); 272 | $GP.bg2 = $(sigInst._core.domElements.bg2); 273 | var a = [], 274 | b,x=1; 275 | for (b in sigInst.clusters) a.push(''); 276 | //a.sort(); 277 | $GP.cluster.content(a.join("")); 278 | b = { 279 | minWidth: 400, 280 | maxWidth: 800, 281 | maxHeight: 600 282 | };// minHeight: 300, 283 | $("a.fb").fancybox(b); 284 | $("#zoom").find("div.z").each(function () { 285 | var a = $(this), 286 | b = a.attr("rel"); 287 | a.click(function () { 288 | if (b == "center") { 289 | sigInst.position(0,0,1).draw(); 290 | } else { 291 | var a = sigInst._core; 292 | sigInst.zoomTo(a.domElements.nodes.width / 2, a.domElements.nodes.height / 2, a.mousecaptor.ratio * ("in" == b ? 1.5 : 0.5)); 293 | } 294 | 295 | }) 296 | }); 297 | $GP.mini.click(function () { 298 | $GP.mini.hide(); 299 | $GP.intro.show(); 300 | $GP.minifier.show() 301 | }); 302 | $GP.minifier.click(function () { 303 | $GP.intro.hide(); 304 | $GP.minifier.hide(); 305 | $GP.mini.show() 306 | }); 307 | $GP.intro.find("#showGroups").click(function () { 308 | !0 == $GP.showgroup ? showGroups(!1) : showGroups(!0) 309 | }); 310 | a = window.location.hash.substr(1); 311 | if (0 < a.length) switch (a) { 312 | case "Groups": 313 | showGroups(!0); 314 | break; 315 | case "information": 316 | $.fancybox.open($("#information"), b); 317 | break; 318 | default: 319 | $GP.search.exactMatch = !0, $GP.search.search(a) 320 | $GP.search.clean(); 321 | } 322 | 323 | } 324 | 325 | function Search(a) { 326 | 327 | 328 | this.input = a.find("input[name=search]"); 329 | this.state = a.find(".state"); 330 | this.results = a.find(".results"); 331 | this.exactMatch = !1; 332 | this.lastSearch = ""; 333 | this.searching = !1; 334 | var b = this; 335 | this.input.focus(function () { 336 | var a = $(this); 337 | a.data("focus") || (a.data("focus", !0), a.removeClass("empty")); 338 | b.clean() 339 | }); 340 | this.input.keydown(function (a) { 341 | if (13 == a.which) return b.state.addClass("searching"), b.search(b.input.val()), !1 342 | }); 343 | this.state.click(function () { 344 | var a = b.input.val(); 345 | b.searching && a == b.lastSearch ? b.close() : (b.state.addClass("searching"), b.search(a)) 346 | }); 347 | this.dom = a; 348 | this.close = function () { 349 | this.state.removeClass("searching"); 350 | this.results.hide(); 351 | this.searching = !1; 352 | this.input.val("");//SAH -- let's erase string when we close 353 | nodeNormal() 354 | }; 355 | this.clean = function () { 356 | this.results.empty().hide(); 357 | this.state.removeClass("searching"); 358 | this.input.val(""); 359 | }; 360 | this.search = function (a) { 361 | var b = !1, 362 | c = [], 363 | //b = this.exactMatch ? ("^" + a + "$").toLowerCase() : a.toLowerCase(), 364 | b = this.exactMatch ? ("^" + a + "$").toLowerCase() : ("^" + a).toLowerCase(), 365 | g = RegExp(b); 366 | this.exactMatch = !1; 367 | this.searching = !0; 368 | this.lastSearch = a; 369 | this.results.empty(); 370 | if (1 >= a.length) this.results.html("You must search for a name with a minimum of 2 letters."); 371 | else { 372 | console.log(g); 373 | sigInst.iterNodes(function (a) { 374 | g.test(a.label.toLowerCase()) && c.push({ 375 | id: a.id, 376 | name: a.label 377 | }) 378 | }); 379 | c.length ? (b = !0, nodeActive(c[0].id)) : b = showCluster(a); 380 | a = ["Search Results: "]; 381 | if (1 < c.length) for (var d = 0, h = c.length; d < h; d++) a.push('" + c[d].name + ""); 382 | 0 == c.length && !b && a.push("No results found."); 383 | 1 < a.length && this.results.html(a.join("")); 384 | } 385 | if(c.length!=1) this.results.show(); 386 | if(c.length==1) this.results.hide(); 387 | } 388 | } 389 | 390 | function Cluster(a) { 391 | this.cluster = a; 392 | this.display = !1; 393 | this.list = this.cluster.find(".list"); 394 | this.list.empty(); 395 | this.select = this.cluster.find(".select"); 396 | this.select.click(function () { 397 | $GP.cluster.toggle() 398 | }); 399 | this.toggle = function () { 400 | this.display ? this.hide() : this.show() 401 | }; 402 | this.content = function (a) { 403 | this.list.html(a); 404 | this.list.find("a").click(function () { 405 | var a = $(this).attr("href").substr(1); 406 | showCluster(a) 407 | }) 408 | }; 409 | this.hide = function () { 410 | this.display = !1; 411 | this.list.hide(); 412 | this.select.removeClass("close") 413 | }; 414 | this.show = function () { 415 | this.display = !0; 416 | this.list.show(); 417 | this.select.addClass("close") 418 | } 419 | } 420 | function showGroups(a) { 421 | a ? ($GP.intro.find("#showGroups").text("Hide groups"), $GP.bg.show(), $GP.bg2.hide(), $GP.showgroup = !0) : ($GP.intro.find("#showGroups").text("View Groups"), $GP.bg.hide(), $GP.bg2.show(), $GP.showgroup = !1) 422 | } 423 | 424 | function nodeNormal() { 425 | !0 != $GP.calculating && !1 != sigInst.detail && (showGroups(!1), $GP.calculating = !0, sigInst.detail = !0, $GP.info.delay(400).animate({width:'hide'},350),$GP.cluster.hide(), sigInst.iterEdges(function (a) { 426 | a.attr.color = !1; 427 | a.hidden = !1 428 | }), sigInst.iterNodes(function (a) { 429 | a.hidden = !1; 430 | a.attr.color = !1; 431 | a.attr.lineWidth = !1; 432 | a.attr.size = !1 433 | }), sigInst.draw(2, 2, 2, 2), sigInst.neighbors = {}, sigInst.active = !1, $GP.calculating = !1, window.location.hash = "") 434 | } 435 | 436 | function nodeActive(a) { 437 | 438 | var groupByDirection=false; 439 | if (config.informationPanel.groupByEdgeDirection && config.informationPanel.groupByEdgeDirection==true) groupByDirection=true; 440 | 441 | sigInst.neighbors = {}; 442 | sigInst.detail = !0; 443 | var b = sigInst._core.graph.nodesIndex[a]; 444 | showGroups(!1); 445 | var outgoing={},incoming={},mutual={};//SAH 446 | sigInst.iterEdges(function (b) { 447 | b.attr.lineWidth = !1; 448 | b.hidden = !0; 449 | 450 | n={ 451 | name: b.label, 452 | colour: b.color 453 | }; 454 | 455 | if (a==b.source) outgoing[b.target]=n; //SAH 456 | else if (a==b.target) incoming[b.source]=n; //SAH 457 | if (a == b.source || a == b.target) sigInst.neighbors[a == b.target ? b.source : b.target] = n; 458 | b.hidden = !1, b.attr.color = "rgba(0, 0, 0, 1)"; 459 | }); 460 | var f = []; 461 | sigInst.iterNodes(function (a) { 462 | a.hidden = !0; 463 | a.attr.lineWidth = !1; 464 | a.attr.color = a.color 465 | }); 466 | 467 | if (groupByDirection) { 468 | //SAH - Compute intersection for mutual and remove these from incoming/outgoing 469 | for (e in outgoing) { 470 | //name=outgoing[e]; 471 | if (e in incoming) { 472 | mutual[e]=outgoing[e]; 473 | delete incoming[e]; 474 | delete outgoing[e]; 475 | } 476 | } 477 | } 478 | 479 | var createList=function(c) { 480 | var f = []; 481 | var e = [], 482 | //c = sigInst.neighbors, 483 | g; 484 | for (g in c) { 485 | var d = sigInst._core.graph.nodesIndex[g]; 486 | d.hidden = !1; 487 | d.attr.lineWidth = !1; 488 | d.attr.color = c[g].colour; 489 | a != g && e.push({ 490 | id: g, 491 | name: d.label, 492 | group: (c[g].name)? c[g].name:"", 493 | colour: c[g].colour 494 | }) 495 | } 496 | e.sort(function (a, b) { 497 | var c = a.group.toLowerCase(), 498 | d = b.group.toLowerCase(), 499 | e = a.name.toLowerCase(), 500 | f = b.name.toLowerCase(); 501 | return c != d ? c < d ? -1 : c > d ? 1 : 0 : e < f ? -1 : e > f ? 1 : 0 502 | }); 503 | d = ""; 504 | for (g in e) { 505 | c = e[g]; 506 | /*if (c.group != d) { 507 | d = c.group; 508 | f.push('
  • ' + d + "
    • "); 509 | }*/ 510 | f.push('
  • ' + c.name + "
    • "); 511 | } 512 | return f; 513 | } 514 | 515 | /*console.log("mutual:"); 516 | console.log(mutual); 517 | console.log("incoming:"); 518 | console.log(incoming); 519 | console.log("outgoing:"); 520 | console.log(outgoing);*/ 521 | 522 | 523 | var f=[]; 524 | 525 | //console.log("neighbors:"); 526 | //console.log(sigInst.neighbors); 527 | 528 | if (groupByDirection) { 529 | size=Object.size(mutual); 530 | f.push("

    Mututal (" + size + ")

    "); 531 | (size>0)? f=f.concat(createList(mutual)) : f.push("No mutual links
    "); 532 | size=Object.size(incoming); 533 | f.push("

    Incoming (" + size + ")

    "); 534 | (size>0)? f=f.concat(createList(incoming)) : f.push("No incoming links
    "); 535 | size=Object.size(outgoing); 536 | f.push("

    Outgoing (" + size + ")

    "); 537 | (size>0)? f=f.concat(createList(outgoing)) : f.push("No outgoing links
    "); 538 | } else { 539 | f=f.concat(createList(sigInst.neighbors)); 540 | } 541 | //b is object of active node -- SAH 542 | b.hidden = !1; 543 | b.attr.color = b.color; 544 | b.attr.lineWidth = 6; 545 | b.attr.strokeStyle = "#000000"; 546 | sigInst.draw(2, 2, 2, 2); 547 | 548 | $GP.info_link.find("ul").html(f.join("")); 549 | $GP.info_link.find("li").each(function () { 550 | var a = $(this), 551 | b = a.attr("rel"); 552 | }); 553 | f = b.attr; 554 | if (f.attributes) { 555 | var image_attribute = false; 556 | if (config.informationPanel.imageAttribute) { 557 | image_attribute=config.informationPanel.imageAttribute; 558 | } 559 | e = []; 560 | temp_array = []; 561 | g = 0; 562 | for (var attr in f.attributes) { 563 | var d = f.attributes[attr], 564 | h = ""; 565 | if (attr!=image_attribute) { 566 | if (attr=='Intezer Analyze Report') 567 | { 568 | h = 'Intezer Analyze Report:  View


    '; 569 | e.push(h) 570 | } 571 | else 572 | { 573 | if (attr != 'Architecture' && attr != 'Gene Count') 574 | { 575 | h = '' + attr + ':  ' + d + '
    '; 576 | e.push(h) 577 | } 578 | } 579 | } 580 | //temp_array.push(f.attributes[g].attr); 581 | } 582 | 583 | if (image_attribute) { 584 | //image_index = jQuery.inArray(image_attribute, temp_array); 585 | $GP.info_name.html("
    ' + b.label + "
    "); 586 | } else { 587 | $GP.info_name.html("

    ' + b.label + "


    "); 588 | } 589 | // Image field for attribute pane 590 | $GP.info_data.html(e.join("
    ")) 591 | } 592 | $GP.info_data.show(); 593 | $GP.info_p.html("Connections:"); 594 | $GP.info.animate({width:'show'},350); 595 | $GP.info_donnees.hide(); 596 | $GP.info_donnees.show(); 597 | sigInst.active = a; 598 | window.location.hash = b.label; 599 | } 600 | 601 | function showCluster(a) { 602 | var temp = sigInst.clusters[a]; 603 | var b = temp.concat(sigInst.clusters['Library']); 604 | if (b && 0 < b.length) { 605 | showGroups(!1); 606 | sigInst.detail = !0; 607 | b.sort(); 608 | sigInst.iterEdges(function (a) { 609 | a.hidden = !1; 610 | a.attr.lineWidth = !1; 611 | a.attr.color = !1 612 | }); 613 | sigInst.iterNodes(function (a) { 614 | a.hidden = !0 615 | }); 616 | for (var f = [], e = [], c = 0, g = b.length; c < g; c++) { 617 | var d = sigInst._core.graph.nodesIndex[b[c]]; 618 | !0 == d.hidden && (e.push(b[c]), d.hidden = !1, d.attr.lineWidth = !1, d.attr.color = d.color, f.push('
  • ' + d.label + "
    • ")) 619 | } 620 | sigInst.clusters[a] = e; 621 | sigInst.draw(2, 2, 2, 2); 622 | $GP.info_name.html("" + a + ""); 623 | $GP.info_data.hide(); 624 | $GP.info_p.html("Group Members:"); 625 | $GP.info_link.find("ul").html(f.join("")); 626 | $GP.info.animate({width:'show'},350); 627 | $GP.search.clean(); 628 | $GP.cluster.hide(); 629 | return !0 630 | } 631 | return !1 632 | } 633 | 634 | 635 | -------------------------------------------------------------------------------- /website/js/sigma/_sigma.min.js: -------------------------------------------------------------------------------- 1 | /* sigmajs.org - an open-source light-weight JavaScript graph drawing library - Version: 0.1 - Author: Alexis Jacomy - License: MIT */ 2 | var sigma={tools:{},classes:{},instances:{}}; 3 | (function(){Array.prototype.some||(Array.prototype.some=function(g,i){var k=this.length;if("function"!=typeof g)throw new TypeError;for(var m=0;m";a+="

    LOCAL :

    ";for(b in c.p.localProbes)a+="

    "+b+" : "+c.p.localProbes[b]()+"

    ";c.p.dom.innerHTML=a;return c}sigma.classes.Cascade.call(this);var c=this;this.instance=b;this.monitoring=!1;this.p={fps:40,dom:j,globalProbes:{"Time (ms)":sigma.chronos.getExecutionTime,Queue:sigma.chronos.getQueuedTasksCount,Tasks:sigma.chronos.getTasksCount,FPS:sigma.chronos.getFPS},localProbes:{"Nodes count":function(){return c.instance.graph.nodes.length},"Edges count":function(){return c.instance.graph.edges.length}}}; 22 | this.activate=function(){c.monitoring||(c.monitoring=window.setInterval(f,1E3/c.p.fps));return c};this.desactivate=function(){c.monitoring&&(window.clearInterval(c.monitoring),c.monitoring=null,c.p.dom.innerHTML="");return c}}function g(b){var j=b.changedTouches[0],f="";switch(b.type){case "touchstart":f="mousedown";break;case "touchmove":f="mousemove";break;case "touchend":f="mouseup";break;default:return}var c=document.createEvent("MouseEvent");c.initMouseEvent(f,!0,!0,window,1,j.posX,j.posY,j.clientX, 23 | j.clientY,!1,!1,!1,!1,0,null);j.target.dispatchEvent(c);b.preventDefault()}function p(b){function j(b){a.p.mouseEnabled&&(f(a.mouseX,a.mouseY,a.ratio*(0<(void 0!=b.wheelDelta&&b.wheelDelta||void 0!=b.detail&&-b.detail)?a.p.zoomMultiply:1/a.p.zoomMultiply)),a.p.blockScroll&&(b.preventDefault?b.preventDefault():b.returnValue=!1))}function f(b,d,f){if(!a.isMouseDown&&(window.clearInterval(a.interpolationID),m=void 0!=f,w=a.stageX,n=b,o=a.stageY,l=d,h=f||a.ratio,h=Math.min(Math.max(h,a.p.minRatio),a.p.maxRatio), 24 | u=a.p.directZooming?1-(m?a.p.zoomDelta:a.p.dragDelta):0,a.ratio!=h||a.stageX!=n||a.stageY!=l))c(),a.interpolationID=window.setInterval(c,50),a.dispatch("startinterpolate")}function c(){u+=m?a.p.zoomDelta:a.p.dragDelta;u=Math.min(u,1);var b=sigma.easing.quadratic.easeout(u),c=a.ratio;a.ratio=c*(1-b)+h*b;m?(a.stageX=n+(a.stageX-n)*a.ratio/c,a.stageY=l+(a.stageY-l)*a.ratio/c):(a.stageX=w*(1-b)+n*b,a.stageY=o*(1-b)+l*b);a.dispatch("interpolate");1<=u&&(window.clearInterval(a.interpolationID),b=a.ratio, 25 | m?(a.ratio=h,a.stageX=n+(a.stageX-n)*a.ratio/b,a.stageY=l+(a.stageY-l)*a.ratio/b):(a.stageX=n,a.stageY=l),a.dispatch("stopinterpolate"))}sigma.classes.Cascade.call(this);sigma.classes.EventDispatcher.call(this);var a=this;this.p={minRatio:1,maxRatio:32,marginRatio:1,zoomDelta:0.1,dragDelta:0.3,zoomMultiply:2,directZooming:!1,blockScroll:!0,inertia:1.1,mouseEnabled:!0,touchEnabled:!0};var i=0,d=0,w=0,o=0,h=1,n=0,l=0,s=0,t=0,A=0,k=0,u=0,m=!1;this.stageY=this.stageX=0;this.ratio=1;this.mouseY=this.mouseX= 26 | 0;this.isTouchDown=this.isMouseDown=!1;b.addEventListener("DOMMouseScroll",j,!0);b.addEventListener("mousewheel",j,!0);b.addEventListener("mousemove",function(b){a.mouseX=void 0!=b.offsetX&&b.offsetX||void 0!=b.layerX&&b.layerX||void 0!=b.clientX&&b.clientX;a.mouseY=void 0!=b.offsetY&&b.offsetY||void 0!=b.layerY&&b.layerY||void 0!=b.clientY&&b.clientY;if(a.isMouseDown){var c=a.mouseX-i+w,h=a.mouseY-d+o;if(c!=a.stageX||h!=a.stageY)t=s,k=A,s=c,A=h,a.stageX=c,a.stageY=h,a.dispatch("drag")}a.dispatch("move"); 27 | b.preventDefault?b.preventDefault():b.returnValue=!1},!0);b.addEventListener("mousedown",function(b){a.p.mouseEnabled&&(a.isMouseDown=!0,a.dispatch("mousedown"),w=a.stageX,o=a.stageY,i=a.mouseX,d=a.mouseY,t=s=a.stageX,k=A=a.stageY,a.dispatch("startdrag"),b.preventDefault?b.preventDefault():b.returnValue=!1)},!0);document.addEventListener("mouseup",function(b){a.p.mouseEnabled&&a.isMouseDown&&(a.isMouseDown=!1,a.dispatch("mouseup"),(w!=a.stageX||o!=a.stageY)&&f(a.stageX+a.p.inertia*(a.stageX-t),a.stageY+ 28 | a.p.inertia*(a.stageY-k)),b.preventDefault?b.preventDefault():b.returnValue=!1)},!0);b.addEventListener("touchstart",g,!0);b.addEventListener("touchmove",g,!0);document.addEventListener("touchend",g,!0);b.addEventListener("touchcancel",g,!0);this.checkBorders=function(){return a};this.interpolate=f}function z(b,j,f,c,a,g,d){function i(a){var b=c,d="fixed"==h.p.labelSize?h.p.defaultLabelSize:h.p.labelSizeRatio*a.displaySize;b.font=(h.p.hoverFontStyle||h.p.fontStyle||"")+" "+d+"px "+(h.p.hoverFont|| 29 | h.p.font||"");b.fillStyle="node"==h.p.labelHoverBGColor?a.color||h.p.defaultNodeColor:h.p.defaultHoverLabelBGColor;b.beginPath();h.p.labelHoverShadow&&(b.shadowOffsetX=0,b.shadowOffsetY=0,b.shadowBlur=4,b.shadowColor=h.p.labelHoverShadowColor);sigma.tools.drawRoundRect(b,Math.round(a.displayX-d/2-2),Math.round(a.displayY-d/2-2),Math.round(b.measureText(a.label).width+1.5*a.displaySize+d/2+4),Math.round(d+4),Math.round(d/2+2),"left");b.closePath();b.fill();b.shadowOffsetX=0;b.shadowOffsetY=0;b.shadowBlur= 30 | 0;b.beginPath();b.fillStyle="node"==h.p.nodeBorderColor?a.color||h.p.defaultNodeColor:h.p.defaultNodeBorderColor;b.arc(Math.round(a.displayX),Math.round(a.displayY),a.displaySize+h.p.borderSize,0,2*Math.PI,!0);b.closePath();b.fill();b.beginPath();b.fillStyle="node"==h.p.nodeHoverColor?a.color||h.p.defaultNodeColor:h.p.defaultNodeHoverColor;b.arc(Math.round(a.displayX),Math.round(a.displayY),a.displaySize,0,2*Math.PI,!0);b.closePath();b.fill();b.fillStyle="node"==h.p.labelHoverColor?a.color||h.p.defaultNodeColor: 31 | h.p.defaultLabelHoverColor;b.fillText(a.label,Math.round(a.displayX+1.5*a.displaySize),Math.round(a.displayY+d/2-3));return h}function o(a){if(isNaN(a.x)||isNaN(a.y))throw Error("A node's coordinate is not a number (id: "+a.id+")");return!a.hidden&&a.displayX+a.displaySize>-n/3&&a.displayX-a.displaySize<4*n/3&&a.displayY+a.displaySize>-l/3&&a.displayY-a.displaySize<4*l/3}sigma.classes.Cascade.call(this);var h=this;this.p={labelColor:"default",defaultLabelColor:"#000",labelHoverBGColor:"default",defaultHoverLabelBGColor:"#fff", 32 | labelHoverShadow:!0,labelHoverShadowColor:"#000",labelHoverColor:"default",defaultLabelHoverColor:"#000",labelActiveBGColor:"default",defaultActiveLabelBGColor:"#fff",labelActiveShadow:!0,labelActiveShadowColor:"#000",labelActiveColor:"default",defaultLabelActiveColor:"#000",labelSize:"fixed",defaultLabelSize:12,labelSizeRatio:2,labelThreshold:6,font:"Arial",hoverFont:"",activeFont:"",fontStyle:"",hoverFontStyle:"",activeFontStyle:"",edgeColor:"source",defaultEdgeColor:"#aaa",defaultEdgeType:"line", 33 | defaultNodeColor:"#aaa",nodeHoverColor:"node",defaultNodeHoverColor:"#fff",nodeActiveColor:"node",defaultNodeActiveColor:"#fff",borderSize:0,nodeBorderColor:"node",defaultNodeBorderColor:"#fff",edgesSpeed:200,nodesSpeed:200,labelsSpeed:200};var n=g,l=d;this.currentLabelIndex=this.currentNodeIndex=this.currentEdgeIndex=0;this.task_drawLabel=function(){for(var b=a.nodes.length,c=0;c++=h.p.labelThreshold||d.forceLabel){var g="fixed"==h.p.labelSize?h.p.defaultLabelSize:h.p.labelSizeRatio*d.displaySize;j.font=h.p.fontStyle+g+"px "+h.p.font;j.fillStyle="node"==h.p.labelColor?d.color||h.p.defaultNodeColor:h.p.defaultLabelColor;j.fillText(d.label,Math.round(d.displayX+1.5*d.displaySize),Math.round(d.displayY+g/2-3))}}else h.currentLabelIndex++;return h.currentLabelIndex(b*=2)?0.5*b*b:-0.5*(--b*(b-2)-1)};sigma.tools.drawRoundRect=function(b,g,f,c,a,i,d){var i=i?i:0,k=d?d:[],k="string"==typeof k?k.split(" "):k,d=i&&(0<=k.indexOf("topleft")||0<=k.indexOf("top")||0<=k.indexOf("left")),m=i&&(0<=k.indexOf("topright")|| 62 | 0<=k.indexOf("top")||0<=k.indexOf("right")),h=i&&(0<=k.indexOf("bottomleft")||0<=k.indexOf("bottom")||0<=k.indexOf("left")),k=i&&(0<=k.indexOf("bottomright")||0<=k.indexOf("bottom")||0<=k.indexOf("right"));b.moveTo(g,f+i);d?b.arcTo(g,f,g+i,f,i):b.lineTo(g,f);m?(b.lineTo(g+c-i,f),b.arcTo(g+c,f,g+c,f+i,i)):b.lineTo(g+c,f);k?(b.lineTo(g+c,f+a-i),b.arcTo(g+c,f+a,g+c-i,f+a,i)):b.lineTo(g+c,f+a);h?(b.lineTo(g+i,f+a),b.arcTo(g,f+a,g,f+a-i,i)):b.lineTo(g,f+a);b.lineTo(g,f+i)};sigma.tools.getRGB=function(b, 63 | g){var b=b.toString(),f={r:0,g:0,b:0};if(3<=b.length&&"#"==b.charAt(0)){var c=b.length-1;6==c?f={r:parseInt(b.charAt(1)+b.charAt(2),16),g:parseInt(b.charAt(3)+b.charAt(4),16),b:parseInt(b.charAt(5)+b.charAt(5),16)}:3==c&&(f={r:parseInt(b.charAt(1)+b.charAt(1),16),g:parseInt(b.charAt(2)+b.charAt(2),16),b:parseInt(b.charAt(3)+b.charAt(3),16)})}g&&(f=[f.r,f.g,f.b]);return f};sigma.tools.rgbToHex=function(b,g,f){return sigma.tools.toHex(b)+sigma.tools.toHex(g)+sigma.tools.toHex(f)};sigma.tools.toHex= 64 | function(b){b=parseInt(b,10);if(isNaN(b))return"00";b=Math.max(0,Math.min(b,255));return"0123456789ABCDEF".charAt((b-b%16)/16)+"0123456789ABCDEF".charAt(b%16)};sigma.publicPrototype=x.prototype})(); 65 | -------------------------------------------------------------------------------- /website/js/sigma/parseGexf_fin.js: -------------------------------------------------------------------------------- 1 | // Mathieu Jacomy @ Sciences Po Médialab & WebAtlas 2 | // (requires sigma.js to be loaded) 3 | sigma.publicPrototype.parseGexf = function(gexfPath) { 4 | // Load XML file: 5 | var gexfhttp, gexf; 6 | var sigmaInstance = this; 7 | gexfhttp = window.XMLHttpRequest ? 8 | new XMLHttpRequest() : 9 | new ActiveXObject('Microsoft.XMLHTTP'); 10 | 11 | gexfhttp.overrideMimeType('text/xml'); 12 | gexfhttp.open('GET', gexfPath, false); 13 | gexfhttp.send(); 14 | gexf = gexfhttp.responseXML; 15 | 16 | var viz='http://www.gexf.net/1.2draft/viz'; // Vis namespace 17 | var i, j, k; 18 | 19 | // Parse Attributes 20 | // This is confusing, so I'll comment heavily 21 | var nodesAttributes = []; // The list of attributes of the nodes of the graph that we build in json 22 | var nodesAttributesDict = {}; 23 | var edgesAttributes = []; // The list of attributes of the edges of the graph that we build in json 24 | var edgesAttributesDict = {}; 25 | var attributesNodes = gexf.getElementsByTagName('attributes'); // In the gexf (that is an xml), the list of xml nodes 'attributes' (note the plural 's') 26 | 27 | for(i = 0; i0){ 86 | sizeNode = sizeNodes[0]; 87 | size = parseFloat(sizeNode.getAttribute('value')); 88 | } 89 | 90 | var positionNodes = nodeNode.getElementsByTagName('position'); 91 | positionNodes = positionNodes.length ? 92 | positionNodes : 93 | nodeNode.getElementsByTagNameNS('*','position'); 94 | if(positionNodes.length>0){ 95 | var positionNode = positionNodes[0]; 96 | x = parseFloat(positionNode.getAttribute('x')); 97 | y = parseFloat(positionNode.getAttribute('y')); 98 | } 99 | 100 | var colorNodes = nodeNode.getElementsByTagName('color'); 101 | colorNodes = colorNodes.length ? 102 | colorNodes : 103 | nodeNode.getElementsByTagNameNS('*','color'); 104 | if(colorNodes.length>0){ 105 | colorNode = colorNodes[0]; 106 | color = '#'+sigma.tools.rgbToHex(parseFloat(colorNode.getAttribute('r')), 107 | parseFloat(colorNode.getAttribute('g')), 108 | parseFloat(colorNode.getAttribute('b'))); 109 | } 110 | 111 | // Create Node 112 | var node = {label:label, size:size, x:x, y:y, attributes:{}, color:color}; // The graph node 113 | 114 | // Attribute values 115 | var attvalueNodes = nodeNode.getElementsByTagName('attvalue'); 116 | for(k=0; k";a+="

    LOCAL :

    ";for(b in c.p.localProbes)a+="

    "+b+" : "+c.p.localProbes[b]()+"

    ";c.p.dom.innerHTML=a;return c}sigma.classes.Cascade.call(this);var c=this;this.instance=b;this.monitoring=!1;this.p={fps:40,dom:j,globalProbes:{"Time (ms)":sigma.chronos.getExecutionTime,Queue:sigma.chronos.getQueuedTasksCount,Tasks:sigma.chronos.getTasksCount,FPS:sigma.chronos.getFPS},localProbes:{"Nodes count":function(){return c.instance.graph.nodes.length},"Edges count":function(){return c.instance.graph.edges.length}}}; 22 | this.activate=function(){c.monitoring||(c.monitoring=window.setInterval(f,1E3/c.p.fps));return c};this.desactivate=function(){c.monitoring&&(window.clearInterval(c.monitoring),c.monitoring=null,c.p.dom.innerHTML="");return c}}function g(b){var j=b.changedTouches[0],f="";switch(b.type){case "touchstart":f="mousedown";break;case "touchmove":f="mousemove";break;case "touchend":f="mouseup";break;default:return}var c=document.createEvent("MouseEvent");c.initMouseEvent(f,!0,!0,window,1,j.posX,j.posY,j.clientX, 23 | j.clientY,!1,!1,!1,!1,0,null);j.target.dispatchEvent(c);b.preventDefault()}function p(b){function j(b){a.p.mouseEnabled&&(f(a.mouseX,a.mouseY,a.ratio*(0<(void 0!=b.wheelDelta&&b.wheelDelta||void 0!=b.detail&&-b.detail)?a.p.zoomMultiply:1/a.p.zoomMultiply)),a.p.blockScroll&&(b.preventDefault?b.preventDefault():b.returnValue=!1))}function f(b,d,f){if(!a.isMouseDown&&(window.clearInterval(a.interpolationID),m=void 0!=f,w=a.stageX,n=b,o=a.stageY,l=d,h=f||a.ratio,h=Math.min(Math.max(h,a.p.minRatio),a.p.maxRatio), 24 | u=a.p.directZooming?1-(m?a.p.zoomDelta:a.p.dragDelta):0,a.ratio!=h||a.stageX!=n||a.stageY!=l))c(),a.interpolationID=window.setInterval(c,50),a.dispatch("startinterpolate")}function c(){u+=m?a.p.zoomDelta:a.p.dragDelta;u=Math.min(u,1);var b=sigma.easing.quadratic.easeout(u),c=a.ratio;a.ratio=c*(1-b)+h*b;m?(a.stageX=n+(a.stageX-n)*a.ratio/c,a.stageY=l+(a.stageY-l)*a.ratio/c):(a.stageX=w*(1-b)+n*b,a.stageY=o*(1-b)+l*b);a.dispatch("interpolate");1<=u&&(window.clearInterval(a.interpolationID),b=a.ratio, 25 | m?(a.ratio=h,a.stageX=n+(a.stageX-n)*a.ratio/b,a.stageY=l+(a.stageY-l)*a.ratio/b):(a.stageX=n,a.stageY=l),a.dispatch("stopinterpolate"))}sigma.classes.Cascade.call(this);sigma.classes.EventDispatcher.call(this);var a=this;this.p={minRatio:1,maxRatio:32,marginRatio:1,zoomDelta:0.1,dragDelta:0.3,zoomMultiply:2,directZooming:!1,blockScroll:!0,inertia:1.1,mouseEnabled:!0,touchEnabled:!0};var i=0,d=0,w=0,o=0,h=1,n=0,l=0,s=0,t=0,A=0,k=0,u=0,m=!1;this.stageY=this.stageX=0;this.ratio=1;this.mouseY=this.mouseX= 26 | 0;this.isTouchDown=this.isMouseDown=!1;b.addEventListener("DOMMouseScroll",j,!0);b.addEventListener("mousewheel",j,!0);b.addEventListener("mousemove",function(b){a.mouseX=void 0!=b.offsetX&&b.offsetX||void 0!=b.layerX&&b.layerX||void 0!=b.clientX&&b.clientX;a.mouseY=void 0!=b.offsetY&&b.offsetY||void 0!=b.layerY&&b.layerY||void 0!=b.clientY&&b.clientY;if(a.isMouseDown){var c=a.mouseX-i+w,h=a.mouseY-d+o;if(c!=a.stageX||h!=a.stageY)t=s,k=A,s=c,A=h,a.stageX=c,a.stageY=h,a.dispatch("drag")}a.dispatch("move"); 27 | b.preventDefault?b.preventDefault():b.returnValue=!1},!0);b.addEventListener("mousedown",function(b){a.p.mouseEnabled&&(a.isMouseDown=!0,a.dispatch("mousedown"),w=a.stageX,o=a.stageY,i=a.mouseX,d=a.mouseY,t=s=a.stageX,k=A=a.stageY,a.dispatch("startdrag"),b.preventDefault?b.preventDefault():b.returnValue=!1)},!0);document.addEventListener("mouseup",function(b){a.p.mouseEnabled&&a.isMouseDown&&(a.isMouseDown=!1,a.dispatch("mouseup"),(w!=a.stageX||o!=a.stageY)&&f(a.stageX+a.p.inertia*(a.stageX-t),a.stageY+ 28 | a.p.inertia*(a.stageY-k)),b.preventDefault?b.preventDefault():b.returnValue=!1)},!0);b.addEventListener("touchstart",g,!0);b.addEventListener("touchmove",g,!0);document.addEventListener("touchend",g,!0);b.addEventListener("touchcancel",g,!0);this.checkBorders=function(){return a};this.interpolate=f}function z(b,j,f,c,a,g,d){function i(a){var b=c,d="fixed"==h.p.labelSize?h.p.defaultLabelSize:h.p.labelSizeRatio*a.displaySize;b.font=(h.p.hoverFontStyle||h.p.fontStyle||"")+" "+d+"px "+(h.p.hoverFont|| 29 | h.p.font||"");b.fillStyle="node"==h.p.labelHoverBGColor?a.color||h.p.defaultNodeColor:h.p.defaultHoverLabelBGColor;b.beginPath();h.p.labelHoverShadow&&(b.shadowOffsetX=0,b.shadowOffsetY=0,b.shadowBlur=4,b.shadowColor=h.p.labelHoverShadowColor);sigma.tools.drawRoundRect(b,Math.round(a.displayX-d/2-2),Math.round(a.displayY-d/2-2),Math.round(b.measureText(a.label).width+1.5*a.displaySize+d/2+4),Math.round(d+4),Math.round(d/2+2),"left");b.closePath();b.fill();b.shadowOffsetX=0;b.shadowOffsetY=0;b.shadowBlur= 30 | 0;b.beginPath();b.fillStyle="node"==h.p.nodeBorderColor?a.color||h.p.defaultNodeColor:h.p.defaultNodeBorderColor;b.arc(Math.round(a.displayX),Math.round(a.displayY),a.displaySize+h.p.borderSize,0,2*Math.PI,!0);b.closePath();b.fill();b.beginPath();b.fillStyle="node"==h.p.nodeHoverColor?a.color||h.p.defaultNodeColor:h.p.defaultNodeHoverColor;b.arc(Math.round(a.displayX),Math.round(a.displayY),a.displaySize,0,2*Math.PI,!0);b.closePath();b.fill();b.fillStyle="node"==h.p.labelHoverColor?a.color||h.p.defaultNodeColor: 31 | h.p.defaultLabelHoverColor;b.fillText(a.label,Math.round(a.displayX+1.5*a.displaySize),Math.round(a.displayY+d/2-3));return h}function o(a){if(isNaN(a.x)||isNaN(a.y))throw Error("A node's coordinate is not a number (id: "+a.id+")");return!a.hidden&&a.displayX+a.displaySize>-n/3&&a.displayX-a.displaySize<4*n/3&&a.displayY+a.displaySize>-l/3&&a.displayY-a.displaySize<4*l/3}sigma.classes.Cascade.call(this);var h=this;this.p={labelColor:"default",defaultLabelColor:"#000",labelHoverBGColor:"default",defaultHoverLabelBGColor:"#fff", 32 | labelHoverShadow:!0,labelHoverShadowColor:"#000",labelHoverColor:"default",defaultLabelHoverColor:"#000",labelActiveBGColor:"default",defaultActiveLabelBGColor:"#fff",labelActiveShadow:!0,labelActiveShadowColor:"#000",labelActiveColor:"default",defaultLabelActiveColor:"#000",labelSize:"fixed",defaultLabelSize:12,labelSizeRatio:2,labelThreshold:6,font:"Arial",hoverFont:"",activeFont:"",fontStyle:"",hoverFontStyle:"",activeFontStyle:"",edgeColor:"source",defaultEdgeColor:"#aaa",defaultEdgeType:"line", 33 | defaultNodeColor:"#aaa",nodeHoverColor:"node",defaultNodeHoverColor:"#fff",nodeActiveColor:"node",defaultNodeActiveColor:"#fff",borderSize:0,nodeBorderColor:"node",defaultNodeBorderColor:"#fff",edgesSpeed:200,nodesSpeed:200,labelsSpeed:200};var n=g,l=d;this.currentLabelIndex=this.currentNodeIndex=this.currentEdgeIndex=0;this.task_drawLabel=function(){for(var b=a.nodes.length,c=0;c++=h.p.labelThreshold||d.forceLabel){var g="fixed"==h.p.labelSize?h.p.defaultLabelSize:h.p.labelSizeRatio*d.displaySize;j.font=h.p.fontStyle+g+"px "+h.p.font;j.fillStyle="node"==h.p.labelColor?d.color||h.p.defaultNodeColor:h.p.defaultLabelColor;j.fillText(d.label,Math.round(d.displayX+1.5*d.displaySize),Math.round(d.displayY+g/2-3))}}else h.currentLabelIndex++;return h.currentLabelIndex(b*=2)?0.5*b*b:-0.5*(--b*(b-2)-1)};sigma.tools.drawRoundRect=function(b,g,f,c,a,i,d){var i=i?i:0,k=d?d:[],k="string"==typeof k?k.split(" "):k,d=i&&(0<=k.indexOf("topleft")||0<=k.indexOf("top")||0<=k.indexOf("left")),m=i&&(0<=k.indexOf("topright")|| 62 | 0<=k.indexOf("top")||0<=k.indexOf("right")),h=i&&(0<=k.indexOf("bottomleft")||0<=k.indexOf("bottom")||0<=k.indexOf("left")),k=i&&(0<=k.indexOf("bottomright")||0<=k.indexOf("bottom")||0<=k.indexOf("right"));b.moveTo(g,f+i);d?b.arcTo(g,f,g+i,f,i):b.lineTo(g,f);m?(b.lineTo(g+c-i,f),b.arcTo(g+c,f,g+c,f+i,i)):b.lineTo(g+c,f);k?(b.lineTo(g+c,f+a-i),b.arcTo(g+c,f+a,g+c-i,f+a,i)):b.lineTo(g+c,f+a);h?(b.lineTo(g+i,f+a),b.arcTo(g,f+a,g,f+a-i,i)):b.lineTo(g,f+a);b.lineTo(g,f+i)};sigma.tools.getRGB=function(b, 63 | g){var b=b.toString(),f={r:0,g:0,b:0};if(3<=b.length&&"#"==b.charAt(0)){var c=b.length-1;6==c?f={r:parseInt(b.charAt(1)+b.charAt(2),16),g:parseInt(b.charAt(3)+b.charAt(4),16),b:parseInt(b.charAt(5)+b.charAt(5),16)}:3==c&&(f={r:parseInt(b.charAt(1)+b.charAt(1),16),g:parseInt(b.charAt(2)+b.charAt(2),16),b:parseInt(b.charAt(3)+b.charAt(3),16)})}g&&(f=[f.r,f.g,f.b]);return f};sigma.tools.rgbToHex=function(b,g,f){return sigma.tools.toHex(b)+sigma.tools.toHex(g)+sigma.tools.toHex(f)};sigma.tools.toHex= 64 | function(b){b=parseInt(b,10);if(isNaN(b))return"00";b=Math.max(0,Math.min(b,255));return"0123456789ABCDEF".charAt((b-b%16)/16)+"0123456789ABCDEF".charAt(b%16)};sigma.publicPrototype=x.prototype})(); 65 | -------------------------------------------------------------------------------- /website/js/sigma/sigma.parseGexf.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/js/sigma/sigma.parseGexf.js -------------------------------------------------------------------------------- /website/js/sigma/sigma.parseJson.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/ost-map/df5fac01b1ae39157672dbf7f6a6e9340b853e89/website/js/sigma/sigma.parseJson.js -------------------------------------------------------------------------------- /website/web.config: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | -------------------------------------------------------------------------------- /yara/InjectProc.yar: -------------------------------------------------------------------------------- 1 | private rule id_1 2 | { 3 | meta: 4 | author = "Intezer Labs" 5 | strings: 6 | $a0 = { 48 [4] E8 [4] 48 [4] 48 [3] 48 [6] 48 [4] 48 [4] 48 [3] 8D [5] 89 [3] 48 [8] 0F 84 [4] 48 [4] 48 [4] FF 1? [4] 0F 10 [1] F2 [4] 66 [3] 66 [4] 66 [4] 66 [4] 48 [2] 48 [2] E8 [4] 48 [2] 45 [2] 33 [1] 48 [4] FF 1? [4] 4C [2] 48 [2] 48 [4] FF 1? [4] 48 [4] E8 [4] 48 [2] 75 [1] 48 [4] 48 [3] 48 [4] 48 [2] 45 [2] 41 [3] FF 1? } 7 | 8 | condition: 9 | any of them 10 | } 11 | 12 | private rule id_2 13 | { 14 | meta: 15 | author = "Intezer Labs" 16 | strings: 17 | $a0 = { 48 [6] E8 [4] 48 [3] 48 [3] E8 [4] 9? 48 [6] E8 [4] B9 [4] E8 [4] 48 [2] 33 [1] 44 [3] 48 [2] E8 [4] B9 [4] E8 [4] 48 [2] 33 [1] 48 [2] 48 [3] 48 [3] 48 [6] E8 [4] 48 [6] E8 [4] 48 [6] E8 [4] 48 [4] 48 [4] 4C [4] 4C [4] C7 [7] 44 [4] 45 [2] 45 [2] 33 [1] 49 [2] FF 1? [4] 48 [3] 0F 85 [4] 48 [6] E8 [4] 9? 48 [6] E8 [4] 48 [6] E8 [4] 48 [3] 48 [2] 74 [1] 48 [3] 48 [2] 48 [5] 72 } 18 | 19 | condition: 20 | any of them 21 | } 22 | 23 | private rule id_3 24 | { 25 | meta: 26 | author = "Intezer Labs" 27 | strings: 28 | $a0 = { FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 4C [4] 4C [2] 49 [3] 49 [3] 48 [4] 4C [3] 48 [2] 4D [2] 0F 84 } 29 | $b0 = { 49 [2] FF 1? [4] BF [4] 48 [2] 0F 84 } 30 | 31 | condition: 32 | any of ($a*) and any of ($b*) 33 | } 34 | 35 | private rule id_4 36 | { 37 | meta: 38 | author = "Intezer Labs" 39 | strings: 40 | $a0 = { 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] 48 [2] FF 1? [4] 48 [2] 0F 85 [4] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] 48 [2] FF 1? [4] 48 [2] 75 } 41 | 42 | condition: 43 | any of them 44 | } 45 | 46 | private rule id_5 47 | { 48 | meta: 49 | author = "Intezer Labs" 50 | strings: 51 | $a0 = { 48 [4] 48 [4] FF 1? [4] 0F 10 [1] F2 [4] 66 [3] 66 [4] 66 [4] 66 [4] 48 [2] 48 [2] E8 [4] 48 [2] 45 [2] 33 [1] 48 [4] FF 1? [4] 4C [2] 48 [2] 48 [4] FF 1? [4] 48 [4] E8 [4] 48 [2] 75 [1] 48 [4] 48 [3] 48 [4] 48 [2] 45 [2] 41 [3] FF 1? [4] B3 [1] EB } 52 | 53 | condition: 54 | any of them 55 | } 56 | 57 | private rule id_6 58 | { 59 | meta: 60 | author = "Intezer Labs" 61 | strings: 62 | $a0 = { 48 [6] E8 [4] 48 [6] E8 [4] B9 [4] E8 [4] 48 [2] 4D [3] 48 [6] E8 [4] 4C [4] 41 [5] 4C [2] 49 [2] 48 [2] FF 1? [4] 85 [1] 0F 84 [4] 48 [6] E8 [4] 48 [6] E8 [4] 48 [6] 49 [2] FF 1? [4] 49 [2] 48 [2] FF D? 85 [1] 74 [1] 48 [6] E9 } 63 | 64 | condition: 65 | any of them 66 | } 67 | 68 | private rule id_7 69 | { 70 | meta: 71 | author = "Intezer Labs" 72 | strings: 73 | $a0 = { FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 4C [4] 4C [2] 49 [3] 49 [3] 48 [4] 4C [3] 48 [2] 4D [2] 0F 84 [4] 44 [2] 33 [1] 8D [2] FF 1? [4] 48 [2] 48 [2] 0F 84 [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] FF 1? [4] 48 [2] 48 [6] FF 1? [4] 48 [2] 4D [2] 48 [2] FF 1? [4] 48 [2] FF 1? } 74 | 75 | condition: 76 | any of them 77 | } 78 | 79 | private rule id_8 80 | { 81 | meta: 82 | author = "Intezer Labs" 83 | strings: 84 | $a0 = { 48 [3] 48 [3] E8 [4] 9? B9 [4] E8 [4] 48 [2] 33 [1] 44 [3] 48 [2] E8 [4] B9 [4] E8 [4] 48 [2] 33 [1] 48 [2] 48 [3] 48 [3] 48 [4] 48 [4] 4C [4] 4C [4] C7 [7] 44 [4] 45 [2] 45 [2] 33 [1] 49 [2] FF 1? [4] 48 [3] 0F 85 [4] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 9? 48 [6] E8 [4] 48 [6] E8 [4] 48 [3] 48 [2] 74 [1] 48 [3] 48 [2] 48 [5] 72 } 85 | 86 | condition: 87 | any of them 88 | } 89 | 90 | private rule id_9 91 | { 92 | meta: 93 | author = "Intezer Labs" 94 | strings: 95 | $a0 = { 48 [2] 48 [4] E8 [4] 48 [4] 48 [3] 48 [6] 48 [4] 48 [4] 48 [3] 8D [5] 89 [3] 48 [8] 0F 84 [4] 48 [4] 48 [4] FF 1? [4] 0F 10 [1] F2 [4] 66 [3] 66 [4] 66 [4] 66 [4] 48 [2] 48 [2] E8 [4] 48 [2] 45 [2] 33 [1] 48 [4] FF 1? [4] 4C [2] 48 [2] 48 [4] FF 1? [4] 48 [4] E8 [4] 48 [2] 75 } 96 | 97 | condition: 98 | any of them 99 | } 100 | 101 | private rule id_10 102 | { 103 | meta: 104 | author = "Intezer Labs" 105 | strings: 106 | $a0 = { 44 [2] 33 [1] 8D [2] FF 1? [4] 48 [2] 48 [2] 0F 84 [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] FF 1? [4] 48 [2] 48 [6] FF 1? [4] 48 [2] 4D [2] 48 [2] FF 1? [4] 48 [2] FF 1? [4] 48 [3] 48 [2] 49 [2] 0F 85 } 107 | 108 | condition: 109 | any of them 110 | } 111 | 112 | private rule id_11 113 | { 114 | meta: 115 | author = "Intezer Labs" 116 | strings: 117 | $a0 = { 48 [6] 48 [2] FF 1? [4] 48 [2] 0F 85 [4] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] 48 [2] FF 1? [4] 48 [2] 75 [1] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 33 [1] E9 } 118 | 119 | condition: 120 | any of them 121 | } 122 | 123 | private rule id_12 124 | { 125 | meta: 126 | author = "Intezer Labs" 127 | strings: 128 | $a0 = { 4C [3] 4D [2] 49 [2] 48 [3] E8 [4] 0F B7 [2] 48 [4] 48 [3] 48 [3] E8 [4] 48 [2] 48 [6] 48 [2] 74 [1] 48 [6] E8 [4] 48 [2] 48 [6] 48 [3] 48 [6] 48 [3] 48 [6] 4C [2] 4C [3] 4C [3] 8B [2] 48 [3] E8 [4] 48 [2] 48 [2] 0F B7 [2] 48 [3] 48 [2] 44 [4] 45 [2] 0F 84 } 129 | 130 | condition: 131 | any of them 132 | } 133 | 134 | private rule id_13 135 | { 136 | meta: 137 | author = "Intezer Labs" 138 | strings: 139 | $a0 = { 48 [2] E8 [4] 48 [2] 4C [3] 4C [4] 4C [2] 33 [1] 48 [2] E8 [4] 48 [6] E8 [4] 48 [6] 4C [6] 4C [6] 0F 57 [1] F3 [5] 4C [4] 48 [4] E8 [4] 4C [3] 4C [2] 0F B7 [2] 48 [3] 4C [2] 0F B7 [2] 8B [1] 85 [1] 74 [1] 4C [2] 44 [2] 48 [2] 0F 1F } 140 | 141 | condition: 142 | any of them 143 | } 144 | 145 | private rule id_14 146 | { 147 | meta: 148 | author = "Intezer Labs" 149 | strings: 150 | $a0 = { FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 4C [4] 4C [2] 49 [3] 49 [3] 48 [4] 4C [3] 48 [2] 4D [2] 0F 84 [4] 44 [2] 33 [1] 8D [2] FF 1? [4] 48 [2] 48 [2] 0F 84 } 151 | $b0 = { 48 [3] 48 [2] 49 [2] 0F 85 } 152 | 153 | condition: 154 | any of ($a*) and any of ($b*) 155 | } 156 | 157 | private rule id_15 158 | { 159 | meta: 160 | author = "Intezer Labs" 161 | strings: 162 | $a0 = { 4C [2] 5? 5? 41 [1] 48 [6] 48 [8] 49 [3] 49 [3] 41 [4] 41 [4] 48 [6] 48 [2] 48 [7] 48 [2] 48 [2] 49 [3] 32 [1] 0F 57 [1] 33 [1] 48 [4] 45 [2] 41 [2] 48 [4] 72 } 163 | $b0 = { 48 [4] E8 [4] 48 [4] 48 [3] 48 [6] 48 [4] 48 [4] 48 [3] 8D [5] 89 [3] 48 [8] 0F 84 [4] 48 [4] 48 [4] FF 1? [4] 0F 10 [1] F2 [4] 66 [3] 66 [4] 66 [4] 66 [4] 48 [2] 48 [2] E8 [4] 48 [2] 45 [2] 33 [1] 48 [4] FF 1? [4] 4C [2] 48 [2] 48 [4] FF 1? [4] 48 [4] E8 [4] 48 [2] 75 } 164 | 165 | condition: 166 | any of ($a*) and any of ($b*) 167 | } 168 | 169 | private rule id_16 170 | { 171 | meta: 172 | author = "Intezer Labs" 173 | strings: 174 | $a0 = { 48 [7] 4C [3] 48 [7] 0F B7 [3] 48 [2] 48 [3] 48 [3] 48 [3] 48 [3] 49 [7] 4D [3] 49 [7] 49 [3] 49 [3] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 48 [3] 49 [3] 48 [3] 49 [3] 48 [3] 49 [3] 4C [3] 0F 57 [1] 66 [4] 49 [6] 48 [3] BA [4] 9? 0F 10 [1] 0F 11 [1] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 48 [6] 0F 10 [2] 0F 11 [2] 48 [6] 48 [3] 75 [1] 48 [2] 48 [2] 49 [6] 4D [6] 48 [6] 49 [6] 4C [6] 0F 57 [1] 66 [7] 48 [6] 49 [6] 48 [6] 49 [6] 48 [6] 49 [6] 66 [7] 4C [6] 48 [6] E8 [4] 48 [6] E8 [4] 48 [3] 48 [2] 74 } 175 | 176 | condition: 177 | any of them 178 | } 179 | 180 | private rule id_17 181 | { 182 | meta: 183 | author = "Intezer Labs" 184 | strings: 185 | $a0 = { FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] FF 1? [4] 48 [2] 48 [6] FF 1? [4] 48 [2] 4D [2] 48 [2] FF 1? [4] 48 [2] FF 1? [4] 48 [3] 48 [2] 49 [2] 0F 85 [4] 49 [2] FF 1? [4] BF } 186 | $a1 = { FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [6] FF 1? [4] 48 [2] 48 [6] FF 1? [4] 48 [2] 4D [2] 48 [2] FF 1? [4] 48 [2] FF 1? [4] 48 [3] 48 [2] 49 [2] 0F 85 [4] 49 [2] FF 1? [4] BB [4] EB } 187 | 188 | condition: 189 | any of them 190 | } 191 | 192 | private rule id_18 193 | { 194 | meta: 195 | author = "Intezer Labs" 196 | strings: 197 | $a0 = { 48 [2] 48 [2] 48 [6] 49 [6] 48 [6] 49 [6] 48 [6] 49 [6] 4C [6] 0F 57 [1] 66 [7] 48 [6] 49 [6] 49 [6] 48 [6] 49 [6] 66 [7] 4C [6] 48 [6] E8 [4] 48 [3] 48 [2] 74 [1] 48 [3] 48 [2] 48 [2] 48 [6] 72 [1] 48 [3] 48 [3] 48 [2] 48 [3] 48 [3] 76 } 198 | 199 | condition: 200 | any of them 201 | } 202 | 203 | private rule id_19 204 | { 205 | meta: 206 | author = "Intezer Labs" 207 | strings: 208 | $a0 = { 8B [1] 48 [2] 48 [3] 49 [3] 75 [1] 48 [7] 4C [3] 48 [7] 0F B7 [3] 48 [2] 48 [3] 48 [3] 48 [3] 48 [3] 49 [7] 4D [3] 49 [7] 49 [3] 49 [3] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 48 [3] 49 [3] 48 [3] 49 [3] 48 [3] 49 [3] 4C [3] 0F 57 [1] 66 [4] 49 [6] 48 [3] BA [4] 9? 0F 10 [1] 0F 11 [1] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 48 [6] 0F 10 [2] 0F 11 [2] 48 [6] 48 [3] 75 } 209 | 210 | condition: 211 | any of them 212 | } 213 | 214 | private rule id_20 215 | { 216 | meta: 217 | author = "Intezer Labs" 218 | strings: 219 | $a0 = { FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [3] 48 [3] E8 [4] 9? FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] B9 [4] E8 [4] 48 [2] 33 [1] 44 [3] 48 [2] E8 [4] B9 [4] E8 [4] 48 [2] 33 [1] 48 [2] 48 [3] 48 [3] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [4] 48 [4] 4C [4] 4C [4] C7 [7] 44 [4] 45 [2] 45 [2] 33 [1] 49 [2] FF 1? [4] 48 [3] 0F 85 [4] FF 1? [4] 8B [1] 48 [6] FF 1? [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 9? 48 [6] E8 [4] 48 [6] E8 [4] 48 [3] 48 [2] 74 [1] 48 [3] 48 [2] 48 [5] 72 } 220 | 221 | condition: 222 | any of them 223 | } 224 | 225 | private rule id_21 226 | { 227 | meta: 228 | author = "Intezer Labs" 229 | strings: 230 | $a0 = { 48 [6] 48 [3] 45 [3] 0F 1F [2] 66 [9] 8B [1] 48 [2] 48 [3] 49 [3] 75 [1] 48 [7] 48 [4] 48 [3] 48 [7] 48 [4] 48 [3] 48 [3] 48 [3] 48 [3] 48 [3] 49 [6] 49 [3] 49 [7] 49 [3] 49 [3] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 48 [3] 49 [3] 48 [3] 49 [3] 48 [3] 49 [3] 4C [3] 0F 57 [1] 66 [4] 49 [6] 48 [3] 9? } 231 | 232 | condition: 233 | any of them 234 | } 235 | 236 | private rule id_22 237 | { 238 | meta: 239 | author = "Intezer Labs" 240 | strings: 241 | $a0 = { 0F 10 [1] 0F 11 [1] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 48 [6] 0F 10 [2] 0F 11 [2] 48 [6] 48 [3] 75 [1] 48 [2] 48 [2] 49 [6] 4D [6] 48 [6] 49 [6] 4C [6] 0F 57 [1] 66 [7] 48 [6] 49 [6] 48 [6] 49 [6] 48 [6] 49 [6] 66 [7] 4C [6] 48 [6] E8 [4] 48 [6] E8 [4] 48 [3] 48 [2] 74 [1] 48 [3] 48 [2] 48 [2] 48 [6] 72 } 242 | 243 | condition: 244 | any of them 245 | } 246 | 247 | private rule id_23 248 | { 249 | meta: 250 | author = "Intezer Labs" 251 | strings: 252 | $a0 = { 48 [6] E8 [4] 48 [6] E8 [4] B9 [4] E8 [4] 48 [2] 4D [3] 48 [6] E8 [4] 4C [4] 41 [5] 4C [2] 49 [2] 48 [2] FF 1? [4] 85 [1] 0F 84 [4] 48 [6] E8 [4] 48 [6] E8 [4] 48 [6] 49 [2] FF 1? [4] 49 [2] 48 [2] FF D? 85 [1] 74 [1] 48 [6] E8 [4] E9 } 253 | 254 | condition: 255 | any of them 256 | } 257 | 258 | private rule id_24 259 | { 260 | meta: 261 | author = "Intezer Labs" 262 | strings: 263 | $a0 = { 4C [2] 5? 5? 41 [1] 48 [6] 48 [8] 49 [3] 49 [3] 41 [4] 41 [4] 48 [6] 48 [2] 48 [7] 48 [2] 48 [2] 49 [3] 32 [1] 0F 57 [1] 33 [1] 48 [4] 45 [2] 41 [2] 48 [4] 72 [1] 48 [2] 48 [4] E8 [4] 48 [4] 48 [3] 48 [6] 48 [4] 48 [4] 48 [3] 8D [5] 89 [3] 48 [8] 0F 84 } 264 | 265 | condition: 266 | any of them 267 | } 268 | 269 | private rule id_25 270 | { 271 | meta: 272 | author = "Intezer Labs" 273 | strings: 274 | $a0 = { 4C [2] 49 [3] 49 [3] 5? 5? 41 [1] 48 [6] 41 [4] 41 [4] 48 [6] 48 [2] 48 [7] 48 [2] 48 [2] 49 [3] 32 [1] 0F 57 [1] 33 [1] 48 [4] 45 [2] 41 [2] 48 [4] 72 [1] 48 [2] 48 [4] E8 [4] 48 [4] 48 [3] 48 [6] 48 [4] 48 [4] 48 [3] 8D [5] 89 [3] 48 [8] 0F 84 } 275 | 276 | condition: 277 | any of them 278 | } 279 | 280 | private rule id_26 281 | { 282 | meta: 283 | author = "Intezer Labs" 284 | strings: 285 | $a0 = { E8 [4] 4C [3] 4D [2] 49 [2] 48 [3] E8 [4] 0F B7 [2] 48 [4] 48 [3] 48 [3] E8 [4] 48 [2] 48 [6] 48 [2] 74 [1] 48 [6] E8 [4] 48 [2] 48 [6] 48 [3] 48 [6] 48 [3] 48 [6] 4C [2] 4C [3] 4C [3] 8B } 286 | 287 | condition: 288 | any of them 289 | } 290 | 291 | private rule id_27 292 | { 293 | meta: 294 | author = "Intezer Labs" 295 | strings: 296 | $a0 = { 48 [3] 44 [3] 9? 8B [1] 48 [2] 48 [3] 49 [3] 75 [1] 48 [7] 4C [3] 48 [7] 0F B7 [3] 48 [2] 48 [3] 48 [3] 48 [3] 48 [3] 49 [7] 4D [3] 49 [7] 49 [3] 49 [3] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 48 [3] 49 [3] 48 [3] 49 [3] 48 [3] 49 [3] 4C [3] 0F 57 [1] 66 [4] 49 [6] 48 [3] BA [4] 9? } 297 | 298 | condition: 299 | any of them 300 | } 301 | 302 | private rule id_28 303 | { 304 | meta: 305 | author = "Intezer Labs" 306 | strings: 307 | $a0 = { 8B [1] 48 [2] 48 [3] 49 [3] 75 [1] 48 [7] 48 [4] 48 [3] 48 [7] 48 [4] 48 [3] 48 [3] 48 [3] 48 [3] 48 [3] 49 [6] 49 [3] 49 [7] 49 [3] 49 [3] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 0F 10 [2] 41 [4] 48 [3] 49 [3] 48 [3] 49 [3] 48 [3] 49 [3] 4C [3] 0F 57 [1] 66 [4] 49 [6] 48 [3] 9? 0F 10 [1] 0F 11 [1] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 0F 10 [2] 0F 11 [2] 48 [6] 0F 10 [2] 0F 11 [2] 48 [6] 49 [3] 75 } 308 | 309 | condition: 310 | any of them 311 | } 312 | 313 | private rule id_29 314 | { 315 | meta: 316 | author = "Intezer Labs" 317 | strings: 318 | $a0 = { 48 [4] 5? 5? 5? 41 [1] 41 [1] 41 [1] 41 [1] 48 [7] 48 [6] 48 [6] 48 [2] 48 [6] 48 [2] 48 [4] 4C [2] 48 [4] 48 [4] 45 [2] 4C [3] 4C [3] 4C [3] 4C [3] 4C [3] 4C [3] 0F 57 [1] 66 [4] 33 [1] 41 [5] 48 [3] E8 [4] 4C [6] 0F 57 [1] 66 [7] 0F 57 [1] 66 [7] 4C [6] 48 [2] 74 } 319 | $b0 = { 0F 11 [2] 0F 11 [2] 0F 11 [2] 0F 11 [2] FF 1? [4] C7 [5] FF 1? [4] 48 [3] 48 [2] 74 } 320 | 321 | condition: 322 | any of ($a*) and any of ($b*) 323 | } 324 | 325 | rule InjectProc 326 | { 327 | meta: 328 | author = "Intezer Labs" 329 | date = "June 2020" 330 | condition: 331 | (id_1 or id_2 or id_3 or id_4 or id_5 or id_6 or id_7 or id_8 or id_9 or id_10 or id_11 or id_12 or id_13 or id_14 or id_15 or id_16 or id_17 or id_18 or id_19 or id_20 or id_21 or id_22 or id_23 or id_24 or id_25 or id_26 or id_27 or id_28 or id_29) 332 | } -------------------------------------------------------------------------------- /yara/MemoryModule-DIY.yar: -------------------------------------------------------------------------------- 1 | rule MemoryModule { 2 | strings: 3 | // First block: 4 | // mov , 0x4D5A 5 | // cmp [reg], reg 6 | $s1 = {B? 4D 5A 00 00 66 39 } 7 | // Second block: 8 | // mov ecx, 0xC1 9 | // call cs: 10 | // xor eax, eax 11 | $s2 = {B9 C1 00 00 00 FF 15 ?? ?? ?? ?? 33 C0 } 12 | condition: 13 | $s1 and $s2 in (@s1..@s1+0x800) 14 | } 15 | 16 | 17 | -------------------------------------------------------------------------------- /yara/ReflectiveDLLInjection.yar: -------------------------------------------------------------------------------- 1 | private rule id_1 2 | { 3 | meta: 4 | author = "Intezer Labs" 5 | strings: 6 | $a0 = { 48 [4] 48 [4] 48 [4] 48 [4] 41 [1] 41 [1] 41 [1] 48 [3] 48 [3] 48 [2] B9 [4] 66 [4] 0F 85 [4] 8B [6] 48 [2] E8 [4] 44 [2] 48 [2] 4C [2] 41 [3] E8 [4] 41 [3] 48 [2] 8B [1] 48 [2] E8 [4] 41 [3] 44 [2] 4C [2] 85 [1] 0F 84 [4] 45 [2] 0F 1F } 7 | 8 | condition: 9 | any of them 10 | } 11 | 12 | private rule id_2 13 | { 14 | meta: 15 | author = "Intezer Labs" 16 | strings: 17 | $a0 = { 48 [4] 48 [4] 48 [4] 48 [2] 4C [4] 4C [4] E8 [4] 48 [2] 44 [2] 4C [2] 41 [3] E8 [4] 41 [3] 48 [2] 8B [1] 48 [2] E8 [4] 41 [3] 8B [1] 48 [2] 85 [1] 0F 84 [4] 45 [2] 0F 1F [1] 48 [3] 44 [2] FF C? 48 [2] 0F B7 [2] 44 [4] 4C [3] 72 [1] 44 [4] 41 [3] 45 [2] 7E } 18 | 19 | condition: 20 | any of them 21 | } 22 | 23 | private rule id_3 24 | { 25 | meta: 26 | author = "Intezer Labs" 27 | strings: 28 | $a0 = { 8B [2] 8B [2] 03 [2] 89 [2] 8B [2] 83 [2] 89 [2] 8B [2] 8B [2] 03 [1] 89 [2] 8B [2] 8B [2] 03 [2] 89 [2] 8B [2] 8B [2] 03 [2] 89 [2] B8 [4] 66 [3] 0F B7 [2] 85 [1] 0F 8E } 29 | $b0 = { 8B [2] 8B [2] 03 [2] 89 [2] 6A [1] 68 [4] 8B [2] 8B [2] 5? 6A [1] FF 5? [1] 89 [2] 8B [2] 8B [2] 89 [2] 8B [2] 89 [2] 8B [2] 89 [2] 8B [2] 8B [2] 8B [2] F3 [1] 8B [2] 0F B7 [2] 8B [2] 8D [3] 89 } 30 | 31 | condition: 32 | any of ($a*) and any of ($b*) 33 | } 34 | 35 | private rule id_4 36 | { 37 | meta: 38 | author = "Intezer Labs" 39 | strings: 40 | $a0 = { 48 [3] 33 [1] 41 [5] 48 [2] 44 [3] 8B [2] 41 [2] 8B [2] 48 [2] 48 [2] 45 [2] 4C [2] F3 [1] 0F B7 [2] BA [4] 66 [4] 74 } 41 | $b0 = { 66 [3] 8B [5] 49 [2] 8B [2] 41 [2] 0F 84 [4] 8B [1] 49 [2] 41 [2] 8B [1] 8B [2] 49 [2] 49 [2] 4C [2] 45 [2] EB } 42 | 43 | condition: 44 | any of ($a*) and any of ($b*) 45 | } 46 | 47 | private rule id_5 48 | { 49 | meta: 50 | author = "Intezer Labs" 51 | strings: 52 | $a0 = { 8B [2] 03 [1] 89 [2] 8D [2] 89 [2] 8B [1] 85 [1] 0F 85 [4] 8B [2] 8B [2] 8B [2] 6A [1] 6A [1] 6A [1] 03 [1] FF 5? [1] FF 7? [1] 6A [1] FF 7? [1] FF D? 5? 8B [1] 5? 5? 8B [1] 5? C2 } 53 | 54 | condition: 55 | any of them 56 | } 57 | 58 | private rule id_6 59 | { 60 | meta: 61 | author = "Intezer Labs" 62 | strings: 63 | $a0 = { 4D [2] 4D [2] 75 [1] 8B [2] 48 [2] 8B [2] 85 [1] 0F 85 [4] 8B [2] 45 [2] 33 [1] 48 [3] 48 [2] FF 5? [2] 4C [7] BA [4] 48 [2] FF D? 48 [2] 48 [3] 41 [1] 41 [1] 41 [1] 41 [1] 5? 5? 5? 5? C3 } 64 | 65 | condition: 66 | any of them 67 | } 68 | 69 | private rule id_7 70 | { 71 | meta: 72 | author = "Intezer Labs" 73 | strings: 74 | $a0 = { 40 [1] 48 [3] 48 [3] 48 [2] 0F B7 [3] B9 [4] 66 [2] 75 } 75 | $b0 = { B9 [4] 66 [2] 75 [1] 8B [6] 48 [4] 48 [4] 48 [4] 48 [2] 4C [4] 4C [4] E8 [4] 48 [2] 44 [2] 4C [2] 41 [3] E8 [4] 41 [3] 48 [2] 8B [1] 48 [2] E8 [4] 41 [3] 8B [1] 48 [2] 85 [1] 0F 84 } 76 | 77 | condition: 78 | any of ($a*) and any of ($b*) 79 | } 80 | 81 | private rule id_8 82 | { 83 | meta: 84 | author = "Intezer Labs" 85 | strings: 86 | $a0 = { 8B [2] 0F B7 [2] 8B [2] 66 [3] 66 [3] 8B [2] 66 [3] 85 [1] 74 } 87 | $b0 = { 8B [2] 05 [4] 89 [2] 8B [2] 8B [2] 03 [1] 89 [2] 8B [2] 83 [3] 0F 84 } 88 | 89 | condition: 90 | any of ($a*) and any of ($b*) 91 | } 92 | 93 | private rule id_9 94 | { 95 | meta: 96 | author = "Intezer Labs" 97 | strings: 98 | $a0 = { 48 [3] 33 [1] 41 [5] 48 [2] 44 [3] 8B [2] 41 [2] 8B [2] 48 [2] 48 [2] 45 [2] 4C [2] F3 [1] 0F B7 [2] BA [4] 66 [4] 74 [1] 48 [4] 66 [3] 8B [1] 8B [2] 8B [2] 48 [2] 49 [2] F3 [1] 48 [3] 66 [4] 75 } 99 | 100 | condition: 101 | any of them 102 | } 103 | 104 | private rule id_10 105 | { 106 | meta: 107 | author = "Intezer Labs" 108 | strings: 109 | $a0 = { 49 [3] 41 [5] BF [4] 48 [3] 45 [3] 8B [6] 44 [4] 44 [4] 4C [2] 4C [2] 41 [2] 44 [2] 48 [2] 8A [1] 41 [3] 0F BE [1] 49 [2] 44 [2] 8A [1] 84 [1] 75 } 110 | 111 | condition: 112 | any of them 113 | } 114 | 115 | private rule id_11 116 | { 117 | meta: 118 | author = "Intezer Labs" 119 | strings: 120 | $a0 = { 8B [6] 48 [4] 48 [4] 48 [4] 48 [2] 4C [4] 4C [4] E8 [4] 48 [2] 44 [2] 4C [2] 41 [3] E8 [4] 41 [3] 48 [2] 8B [1] 48 [2] E8 [4] 41 [3] 8B [1] 48 [2] 85 [1] 0F 84 [4] 45 [2] 0F 1F [1] 48 [3] 44 [2] FF C? 48 [2] 0F B7 [2] 44 [4] 4C [3] 72 } 121 | 122 | condition: 123 | any of them 124 | } 125 | 126 | private rule id_12 127 | { 128 | meta: 129 | author = "Intezer Labs" 130 | strings: 131 | $a0 = { 0F B7 [2] 85 [1] 0F 8E } 132 | $b0 = { 8B [2] 8B [2] 03 [2] 89 [2] 6A [1] 68 [4] 8B [2] 8B [2] 5? 6A [1] FF 5? [1] 89 [2] 8B [2] 8B [2] 89 [2] 8B [2] 89 [2] 8B [2] 89 [2] 8B [2] 8B [2] 8B [2] F3 [1] 8B [2] 0F B7 [2] 8B [2] 8D [3] 89 [2] 8B [2] 0F B7 [2] 8B [2] 66 [3] 66 [3] 8B [2] 66 [3] 85 [1] 74 } 133 | 134 | condition: 135 | any of ($a*) and any of ($b*) 136 | } 137 | 138 | private rule id_13 139 | { 140 | meta: 141 | author = "Intezer Labs" 142 | strings: 143 | $a0 = { 81 F? [4] 0F 85 [4] 49 [3] 41 [5] BF [4] 48 [3] 45 [3] 8B [6] 44 [4] 44 [4] 4C [2] 4C [2] 41 [2] 44 [2] 48 [2] 8A } 144 | 145 | condition: 146 | any of them 147 | } 148 | 149 | private rule id_14 150 | { 151 | meta: 152 | author = "Intezer Labs" 153 | strings: 154 | $a0 = { 8B [2] 8B [2] 03 [2] 89 [2] 6A [1] 68 [4] 8B [2] 8B [2] 5? 6A [1] FF 5? [1] 89 [2] 8B [2] 8B [2] 89 [2] 8B [2] 89 [2] 8B [2] 89 [2] 8B [2] 8B [2] 8B [2] F3 [1] 8B [2] 0F B7 [2] 8B [2] 8D [3] 89 [2] 8B [2] 0F B7 [2] 8B [2] 66 [3] 66 [3] 8B [2] 66 [3] 85 [1] 74 [1] 8B [2] 8B [2] 03 [2] 89 [2] 8B [2] 8B [2] 03 [2] 89 [2] 8B [2] 8B [2] 89 [2] 8B [2] 8B [2] 8B [2] F3 [1] 8B [2] 83 [2] 89 [2] EB } 155 | 156 | condition: 157 | any of them 158 | } 159 | 160 | private rule id_15 161 | { 162 | meta: 163 | author = "Intezer Labs" 164 | strings: 165 | $a0 = { 48 [2] 48 [2] 66 [3] 75 [1] 81 F? [4] 0F 85 [4] 49 [3] BF [4] 48 [3] 8B [6] B8 [4] 44 [4] 8B [3] 0F B7 [1] 4C [2] 48 [2] 45 [2] 44 } 166 | 167 | condition: 168 | any of them 169 | } 170 | 171 | private rule id_16 172 | { 173 | meta: 174 | author = "Intezer Labs" 175 | strings: 176 | $a0 = { 81 F? [4] 0F 85 [4] 49 [3] BF [4] 48 [3] 8B [6] B8 [4] 44 [4] 8B [3] 0F B7 [1] 4C [2] 48 [2] 45 [2] 44 [3] 45 [2] 41 [2] 4C [2] 41 } 177 | 178 | condition: 179 | any of them 180 | } 181 | 182 | private rule id_17 183 | { 184 | meta: 185 | author = "Intezer Labs" 186 | strings: 187 | $a0 = { 49 [3] BF [4] 48 [3] 8B [6] B8 [4] 44 [4] 8B [3] 0F B7 [1] 4C [2] 48 [2] 45 [2] 44 [3] 45 [2] 41 [2] 4C [2] 41 [2] C1 [2] 0F BE [1] 49 [2] 03 [1] 41 [2] 84 [1] 75 } 188 | 189 | condition: 190 | any of them 191 | } 192 | 193 | rule ReflectiveDLLInjection 194 | { 195 | meta: 196 | author = "Intezer Labs" 197 | date = "June 2020" 198 | condition: 199 | (id_1 or id_2 or id_3 or id_4 or id_5 or id_6 or id_7 or id_8 or id_9 or id_10 or id_11 or id_12 or id_13 or id_14 or id_15 or id_16 or id_17) 200 | } -------------------------------------------------------------------------------- /yara/passcat.yar: -------------------------------------------------------------------------------- 1 | private rule id_1 2 | { 3 | meta: 4 | author = "Intezer Labs" 5 | strings: 6 | $a0 = { 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [4] 48 [4] 48 [6] 48 [4] 48 [4] 41 [5] 4C [6] 48 [3] 48 [4] FF 1? [4] 85 [1] 0F 85 } 7 | $b0 = { C7 [7] FF C? 48 [4] 48 [4] 48 [4] 48 [4] 4C [4] 4C [3] 8B [1] 48 [4] FF 1? [4] 8B [1] 48 [6] 48 [6] FF 1? [4] 81 F? [4] 0F 85 } 8 | 9 | condition: 10 | any of ($a*) and any of ($b*) 11 | } 12 | 13 | private rule id_2 14 | { 15 | meta: 16 | author = "Intezer Labs" 17 | strings: 18 | $a0 = { 68 [4] 8D [2] 5? 5? 89 [2] 8B [1] 6A [1] FF 1? [4] 8B [1] 83 [2] 89 [2] C6 [3] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 19 | $a1 = { 68 [4] 8D [2] 5? 5? 89 [2] 8B [1] 6A [1] E8 [4] 8B [1] 83 [2] 89 [2] C6 [3] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 20 | $a2 = { 8D [5] BF [4] 5? 5? 89 [5] 8B [1] 6A [1] E8 [4] 8B [1] 83 [2] 89 [5] C7 [6] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 21 | $a3 = { 68 [4] 8D [5] 5? 5? 89 [5] 8B [1] 6A [1] E8 [4] 8B [1] 83 [2] 89 [5] C6 [3] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 22 | $b0 = { C6 [3] 89 [1] 85 [1] 0F 84 } 23 | 24 | condition: 25 | any of ($a*) and any of ($b*) 26 | } 27 | 28 | private rule id_3 29 | { 30 | meta: 31 | author = "Intezer Labs" 32 | strings: 33 | $a0 = { 48 [4] 48 [4] 48 [6] 48 [4] 48 [4] 41 [5] 4C [6] 48 [3] 48 [4] FF 1? [4] 85 [1] 0F 85 } 34 | $b0 = { C7 [7] FF C? 48 [4] 48 [4] 48 [4] 48 [4] 4C [4] 4C [3] 8B [1] 48 [4] FF 1? [4] 8B [1] 48 [6] 48 [6] FF 1? [4] 81 F? [4] 0F 85 [4] 48 } 35 | 36 | condition: 37 | any of ($a*) and any of ($b*) 38 | } 39 | 40 | private rule id_4 41 | { 42 | meta: 43 | author = "Intezer Labs" 44 | strings: 45 | $a0 = { 2B [1] 8D [2] 5? 6A [1] 89 [2] FF D? 5? FF 1? [4] 89 [2] FF 7? [1] 85 [1] 0F 84 [4] FF 7? [1] 5? FF 1? [4] 83 [2] FF 7? [1] 6A [1] FF D? 5? FF D? 83 [3] C7 [6] C7 [6] 7E } 46 | $a1 = { 2B [1] 8D [2] 5? 6A [1] 89 [2] FF D? 5? FF 1? [4] 89 [2] FF 7? [1] 85 [1] 0F 84 [4] FF 7? [1] 5? FF 1? [4] 83 [2] FF 7? [1] 6A [1] FF D? 5? FF 1? [4] 83 [3] C7 [6] C7 [6] 0F 8E } 47 | $b0 = { 81 7? [5] 0F 85 } 48 | $b1 = { 81 B? [8] 0F 85 } 49 | 50 | condition: 51 | any of ($a*) and any of ($b*) 52 | } 53 | 54 | private rule id_5 55 | { 56 | meta: 57 | author = "Intezer Labs" 58 | strings: 59 | $a0 = { 48 [4] 48 [4] 48 [6] 48 [4] 48 [4] 41 [5] 4C [6] 48 [3] 48 [4] FF 1? [4] 85 [1] 75 [1] 48 [6] 48 [6] E8 [4] 48 [2] 48 [6] E8 [4] 48 [2] 48 [6] FF 1? [4] 48 [4] 48 [4] 48 [6] 48 [4] 48 [4] 41 [5] 4C [6] 48 [3] 48 [4] FF 1? [4] 85 [1] 0F 85 } 60 | 61 | condition: 62 | any of them 63 | } 64 | 65 | private rule id_6 66 | { 67 | meta: 68 | author = "Intezer Labs" 69 | strings: 70 | $a0 = { 3B [2] 0F 84 [4] 68 [4] 8D [2] 5? 5? 89 [2] 8B [1] 6A [1] FF 1? [4] 8B [1] 83 [2] 89 [2] C6 [3] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 71 | $a1 = { 3B [2] 0F 84 [4] 68 [4] 8D [2] 5? 5? 89 [2] 8B [1] 6A [1] E8 [4] 8B [1] 83 [2] 89 [2] C6 [3] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 72 | $a2 = { 3B [5] 0F 84 [4] 68 [4] 8D [5] 5? 5? 89 [5] 8B [1] 6A [1] E8 [4] 8B [1] 83 [2] 89 [5] C6 [3] 85 [1] 74 [1] 0F 57 [1] 66 [3] C7 [6] 68 [4] C7 [6] C7 [6] E8 [4] 89 [1] EB } 73 | 74 | condition: 75 | any of them 76 | } 77 | 78 | private rule id_7 79 | { 80 | meta: 81 | author = "Intezer Labs" 82 | strings: 83 | $a0 = { 48 [4] 48 [4] 48 [4] 4C [4] 41 [1] 48 [3] 48 [6] 48 [2] 48 [4] 48 [4] BB [4] FF 1? [4] 48 [2] 48 [4] 48 [8] 48 [6] FF 1? [4] 48 [2] 48 [6] FF 1? [4] 4C [2] 48 [6] FF 1? [4] 44 [2] 45 [2] 44 [2] 33 [1] 48 [2] FF 1? [4] 48 [2] 48 [4] 0F 1F [2] 66 [8] 4C [4] 44 [2] 48 [2] B9 [4] 41 [2] 85 [1] 0F 85 [4] 48 } 84 | $a1 = { 48 [4] 48 [4] 48 [4] 4C [4] 41 [1] 48 [3] 48 [6] 48 [2] 48 [4] 48 [4] BB [4] FF 1? [4] 48 [2] 48 [4] 48 [8] 48 [6] FF 1? [4] 48 [2] 48 [6] FF 1? [4] 4C [2] 48 [6] FF 1? [4] 44 [2] 45 [2] 44 [2] 33 [1] 48 [2] FF 1? [4] 48 [2] 48 [4] 0F 1F [2] 66 [8] 4C [4] 44 [2] 48 [2] B9 [4] 41 [2] 85 [1] 75 [1] 48 } 85 | 86 | condition: 87 | any of them 88 | } 89 | 90 | private rule id_8 91 | { 92 | meta: 93 | author = "Intezer Labs" 94 | strings: 95 | $a0 = { 8B [5] 33 [1] 89 [5] 39 [1] 0F 86 [4] EB } 96 | $b0 = { 68 [4] 69 [5] 8D [2] 5? 8B [5] BA [4] E8 [4] 8D [2] 8B [1] E8 [4] 83 [2] 8B [1] FF 1? [4] 8D [5] 5? 8D [5] 5? 8D [5] 5? 8B [5] 6A [1] 83 [2] 03 [1] 5? FF B? [4] FF B? [4] FF 1? [4] 85 [1] 0F 85 } 97 | 98 | condition: 99 | any of ($a*) and any of ($b*) 100 | } 101 | 102 | private rule id_9 103 | { 104 | meta: 105 | author = "Intezer Labs" 106 | strings: 107 | $a0 = { 8B [5] 33 [1] 89 [5] 39 [1] 0F 86 [4] 66 [10] 69 [5] 8D [2] 8B [5] BA [4] 68 [4] E8 [4] 5? 8D [2] 8B [1] E8 [4] 83 [2] 8B [1] FF 1? [4] 8D [5] 5? 8D [5] 5? 8D [5] 5? 8B [5] 6A [1] 83 [2] 03 [1] 5? FF B? [4] FF B? [4] FF 1? [4] 85 [1] 0F 85 } 108 | $a1 = { 8B [5] 33 [1] 89 [5] 39 [1] 0F 86 [4] 0F 1F [6] 68 [4] 69 [5] 8D [2] 5? 8B [5] BA [4] E8 [4] 8D [2] 8B [1] E8 [4] 83 [2] 8B [1] FF 1? [4] 8D [5] 5? 8D [5] 5? 8D [5] 5? 8B [5] 6A [1] 83 [2] 03 [1] 5? FF B? [4] FF B? [4] FF 1? [4] 85 [1] 0F 85 } 109 | 110 | condition: 111 | any of them 112 | } 113 | 114 | private rule id_10 115 | { 116 | meta: 117 | author = "Intezer Labs" 118 | strings: 119 | $a0 = { 2B [1] 8D [2] 5? 6A [1] 89 [2] FF D? 5? FF 1? [4] 89 [2] FF 7? [1] 85 [1] 0F 84 [4] FF 7? [1] 5? FF 1? [4] 83 [2] FF 7? [1] 6A [1] FF D? 5? FF D? 83 [3] C7 [6] C7 [6] 7E [1] 8B [2] 8D [2] 5? 8D [2] E8 [4] 83 [2] 89 [2] FF 7? [1] 6A [1] FF D? 5? FF D? FF 7? [1] 6A [1] FF D? 5? FF 1? [4] 89 [2] 85 [1] 74 } 120 | $a1 = { 2B [1] 8D [2] 5? 6A [1] 89 [2] FF D? 5? FF 1? [4] 89 [2] FF 7? [1] 85 [1] 0F 84 [4] FF 7? [1] 5? FF 1? [4] 83 [2] FF 7? [1] 6A [1] FF D? 5? FF 1? [4] 83 [3] C7 [6] C7 [6] 0F 8E [4] 8B [2] 8D [2] 5? 8D [2] E8 [4] 83 [2] 89 [2] FF 7? [1] 6A [1] FF D? 5? FF 1? [4] FF 7? [1] 6A [1] FF D? 5? FF 1? [4] 89 [2] 85 [1] 0F 84 } 121 | 122 | condition: 123 | any of them 124 | } 125 | 126 | private rule id_11 127 | { 128 | meta: 129 | author = "Intezer Labs" 130 | strings: 131 | $a0 = { 4C [4] 4C [4] 48 [6] 48 [4] 4C [6] 41 [5] 48 [2] FF 1? [4] 85 [1] 0F 84 [4] 8B [5] 89 [5] 48 [6] 48 [6] 48 [6] 48 [4] 44 [4] 4C [4] 45 [2] 45 [2] 33 [1] 48 [6] FF 1? [4] 85 [1] 74 [1] 48 [6] 48 [6] 48 [6] E8 [4] 48 } 132 | $a1 = { 48 [4] 48 [4] 48 [6] 48 [4] 4C [6] 41 [5] 49 [2] FF 1? [4] 85 [1] 0F 84 [4] 8B [5] 89 [5] 48 [6] 48 [6] 48 [6] 48 [4] 89 [3] 48 [4] 45 [2] 45 [2] 33 [1] 48 [6] FF 1? [4] 85 [1] 0F 84 [4] 48 [6] 48 [6] 48 [6] E8 [4] 48 } 133 | 134 | condition: 135 | any of them 136 | } 137 | 138 | private rule id_12 139 | { 140 | meta: 141 | author = "Intezer Labs" 142 | strings: 143 | $a0 = { 48 [4] 48 [4] 48 [6] 48 [4] 4C [6] 41 [5] 49 [2] FF 1? [4] 85 [1] 74 [1] 8B [5] 89 [5] 48 [6] 48 [6] 48 [6] 48 [4] 89 [3] 48 [4] 45 [2] 45 [2] 33 [1] 48 [6] FF 1? [4] 85 [1] 0F 84 [4] 48 [6] 48 [6] 48 [6] E8 [4] 48 [2] 48 [2] E8 [4] EB } 144 | 145 | condition: 146 | any of them 147 | } 148 | 149 | rule passcat 150 | { 151 | meta: 152 | author = "Intezer Labs" 153 | date = "June 2020" 154 | condition: 155 | (id_1 or id_2 or id_3 or id_4 or id_5 or id_6 or id_7 or id_8 or id_9 or id_10 or id_11 or id_12) 156 | } -------------------------------------------------------------------------------- /yara/quarkspwdump.yar: -------------------------------------------------------------------------------- 1 | private rule id_1 2 | { 3 | meta: 4 | author = "Intezer Labs" 5 | strings: 6 | $a0 = { BA [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] BA [4] C1 [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] BA [4] 6B [2] 8B [2] 88 [2] BA [4] D1 [1] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B9 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] BA [4] C1 [2] 8B [2] 88 [2] B9 [4] C1 [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] B9 [4] D1 [1] 8B [2] 88 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] B9 [4] 6B [2] 8B [2] 88 [2] C7 [6] 8B [2] 5? FF 1? [4] 8B [2] 5? FF 1? [4] 8B } 7 | 8 | condition: 9 | any of them 10 | } 11 | 12 | private rule id_2 13 | { 14 | meta: 15 | author = "Intezer Labs" 16 | strings: 17 | $a0 = { 8B [5] 83 [6] 0F 85 [4] 8D [5] 5? 6A [1] 8B [5] 81 C? [4] 5? E8 [4] 83 [2] 8D [5] 5? 8B [5] 05 [4] 5? 8B [5] 81 C? [4] 5? 8B [5] 5? 68 [4] 68 [4] 8D [5] 5? E8 [4] 83 [2] 8B [5] 83 [2] 89 [5] 83 [3] 74 [1] 8D [5] 5? E8 [4] 83 [2] EB } 18 | 19 | condition: 20 | any of them 21 | } 22 | 23 | private rule id_3 24 | { 25 | meta: 26 | author = "Intezer Labs" 27 | strings: 28 | $a0 = { 83 [3] 0F 85 [4] BA [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] BA [4] C1 [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] BA [4] 6B [2] 8B [2] 88 [2] BA [4] D1 [1] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B9 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] BA [4] C1 [2] 8B [2] 88 [2] B9 [4] C1 [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] B9 [4] D1 [1] 8B [2] 88 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] B9 [4] 6B [2] 8B [2] 88 [2] C7 [6] 8B [2] 5? FF 1? } 29 | 30 | condition: 31 | any of them 32 | } 33 | 34 | private rule id_4 35 | { 36 | meta: 37 | author = "Intezer Labs" 38 | strings: 39 | $a0 = { 68 [4] E8 [4] 83 [2] 8B [5] 83 [6] 0F 85 [4] 8D [5] 5? 6A [1] 8B [5] 81 C? [4] 5? E8 [4] 83 [2] 8D [5] 5? 8B [5] 05 [4] 5? 8B [5] 81 C? [4] 5? 8B [5] 5? 68 [4] 68 [4] 8D [5] 5? E8 [4] 83 [2] 8B [5] 83 [2] 89 [5] 83 [3] 74 } 40 | 41 | condition: 42 | any of them 43 | } 44 | 45 | private rule id_5 46 | { 47 | meta: 48 | author = "Intezer Labs" 49 | strings: 50 | $a0 = { C7 [6] 6A [1] 6A [1] 6A [1] 6A [1] 6A [1] 6A [1] 6A [1] 6A [1] 6A [1] 8D [2] 5? 8D [2] 5? 8B [2] 5? FF 1? [4] 89 [2] 83 [3] 0F 85 [4] 83 [3] 0F 85 [4] BA [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] BA [4] C1 [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] BA [4] 6B [2] 8B [2] 88 [2] BA [4] D1 [1] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B9 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] BA [4] C1 [2] 8B [2] 88 [2] B9 [4] C1 [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] B9 [4] D1 [1] 8B [2] 88 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] C1 [2] B8 [4] 6B [2] 0F B6 [3] 5? E8 [4] 83 [2] 0F B6 [1] 0B [1] B9 [4] 6B [2] 8B [2] 88 [2] C7 } 51 | 52 | condition: 53 | any of them 54 | } 55 | 56 | private rule id_6 57 | { 58 | meta: 59 | author = "Intezer Labs" 60 | strings: 61 | $a0 = { 8B [5] 83 [2] 89 [5] 83 [6] 0F 8D [4] 6A [1] 8B [2] 03 [5] 5? 8D [2] 5? E8 [4] 83 [2] 8D [2] 5? 8D [2] 5? E8 [4] 83 [2] 8D [2] 5? E8 [4] 83 [2] 8D [5] 5? 8D [2] 5? E8 [4] 83 [2] 6A [1] 8D [5] 5? 8B [5] 8D [3] 5? 8B [5] 8B [2] 8D [3] 5? E8 [4] 83 [2] 8B [5] 83 [2] 89 [5] 8B [5] 83 [2] 83 [2] 76 } 62 | 63 | condition: 64 | any of them 65 | } 66 | 67 | private rule id_7 68 | { 69 | meta: 70 | author = "Intezer Labs" 71 | strings: 72 | $a0 = { 8B [2] 8B [5] 89 [5] C7 [9] 8D [5] 5? 8D [5] 5? B9 [4] D1 [1] 8B [2] 8B [6] 5? 8B [2] 5? 8B [2] 5? E8 [4] 83 [2] 89 [5] 83 [6] 0F 85 [4] 6A [1] 68 [4] 8B [5] 5? 6A [1] FF 1? [4] 8B [2] 89 [5] 8B [2] 83 [6] 75 } 73 | 74 | condition: 75 | any of them 76 | } 77 | 78 | private rule id_8 79 | { 80 | meta: 81 | author = "Intezer Labs" 82 | strings: 83 | $a0 = { 83 [6] 0F 84 [4] 6A [1] 68 [4] 8B [5] 5? 6A [1] FF 1? [4] 8B [2] 89 [5] 6A [1] 68 [4] 8B [5] 5? 6A [1] FF 1? [4] 8B [2] 89 [5] 8B [2] 83 [6] 74 [1] 8B [2] 83 [6] 75 } 84 | 85 | condition: 86 | any of them 87 | } 88 | 89 | private rule id_9 90 | { 91 | meta: 92 | author = "Intezer Labs" 93 | strings: 94 | $a0 = { 5? 8B [1] 81 E? [4] A1 [4] 33 [1] 89 [2] 8B [2] 8B [5] 0F B7 [1] 89 [5] 83 [6] 74 [1] 8B [2] 83 [6] 77 [1] 8B [2] C7 [9] B8 [4] E9 } 95 | 96 | condition: 97 | any of them 98 | } 99 | 100 | private rule id_10 101 | { 102 | meta: 103 | author = "Intezer Labs" 104 | strings: 105 | $a0 = { 83 [6] 0F 8D [4] 6A [1] 8B [2] 03 [5] 5? 8D [2] 5? E8 [4] 83 [2] 8D [2] 5? 8D [2] 5? E8 [4] 83 [2] 8D [2] 5? E8 [4] 83 [2] 8D [5] 5? 8D [2] 5? E8 [4] 83 [2] 6A [1] 8D [5] 5? 8B [5] 8D [3] 5? 8B [5] 8B [2] 8D [3] 5? E8 [4] 83 [2] 8B [5] 83 [2] 89 [5] 8B [5] 83 [2] 83 [2] 76 [1] B8 [4] 2B [5] 89 } 106 | 107 | condition: 108 | any of them 109 | } 110 | 111 | rule quarkspwdump 112 | { 113 | meta: 114 | author = "Intezer Labs" 115 | date = "June 2020" 116 | condition: 117 | (id_1 or id_2 or id_3 or id_4 or id_5 or id_6 or id_7 or id_8 or id_9 or id_10) 118 | } -------------------------------------------------------------------------------- /yara/vncdll.yar: -------------------------------------------------------------------------------- 1 | private rule id_1 2 | { 3 | meta: 4 | author = "Intezer Labs" 5 | strings: 6 | $a0 = { 5? 8B [1] 6A [1] 68 [4] 64 [5] 5? 64 [6] 5? 5? 8B [1] 5? 5? 8D [5] 8B [1] 89 [2] E8 [4] 8B [5] C7 [6] 8B [1] 3B [1] 74 [1] 8B [1] 8B [1] 0F B7 [2] 5? FF 5? [1] 83 [6] 75 [1] 8B [1] 3B [5] 75 } 7 | $a1 = { 5? 8B [1] 6A [1] 68 [4] 64 [5] 5? 64 [6] 5? 5? 5? 8B [1] 8D [5] 5? 8B [1] 89 [2] E8 [4] 8B [5] 8B [1] C7 [6] 3B [1] 74 [1] 0F B7 [2] 8B [1] 8B [2] 5? 8B [1] FF D? 83 [6] 75 [1] 8B [1] 3B [5] 75 } 8 | 9 | condition: 10 | any of them 11 | } 12 | 13 | private rule id_2 14 | { 15 | meta: 16 | author = "Intezer Labs" 17 | strings: 18 | $a0 = { 8B [2] 0F BF [1] C1 [2] 3B [1] 0F BF [1] 89 [2] 8B [2] 89 [2] 75 [1] 3B [1] 0F 84 [4] 0F B7 [1] 0F B7 [1] C1 [2] 0B [1] 0F B7 [5] 5? 5? 5? FF 1? [4] 8B [2] 8D [2] 5? 8D [2] 5? E8 [4] 5? B8 [4] 5? 8B [1] 5? C2 } 19 | $a1 = { 8B [2] 0F BF [1] C1 [2] 0F BF [1] 89 [2] 3B [1] 8B [2] 89 [2] 75 [1] 3B [1] 74 [1] 0F B7 [1] 0F B7 [1] 0F B7 [5] C1 [2] 0B [1] 5? 5? 5? FF 1? [4] 8D [2] 5? 8D [2] 5? 8B [2] E8 [4] 5? B8 [4] 5? 8B [1] 5? C2 } 20 | 21 | condition: 22 | any of them 23 | } 24 | 25 | private rule id_3 26 | { 27 | meta: 28 | author = "Intezer Labs" 29 | strings: 30 | $a0 = { 5? 68 [4] 8D [5] 6A [1] 5? E8 [4] 83 [2] C7 [6] 8D [5] 5? 6A [1] 6A [1] FF 1? [4] 8B [2] C7 [6] 85 [1] 74 [1] 8B [1] 8B [2] 8B [2] 2B [1] 89 [2] 8B [2] 2B [1] C7 [6] 89 [2] 89 [2] 89 [2] 5? 68 [4] C6 [6] E8 [4] 8B [1] 83 [2] 85 [1] 0F 84 } 31 | 32 | condition: 33 | any of them 34 | } 35 | 36 | private rule id_4 37 | { 38 | meta: 39 | author = "Intezer Labs" 40 | strings: 41 | $a0 = { 8B [2] 8D [2] 6A [1] 5? E8 [4] 85 [1] 0F 84 [4] 8B [2] 8B [1] 8B [1] 81 E? [4] C1 [2] 0B [1] 8B [1] C1 [2] 81 E? [4] 0B [1] C1 [2] C1 [2] 0B [1] 8D [2] 5? E8 [4] 8B [1] 83 [2] 85 [1] 0F 84 [4] 5? C6 [3] 8B [2] 5? E8 [4] 85 [1] 75 } 42 | $a1 = { 8B [2] 6A [1] 8D [2] 5? E8 [4] 85 [1] 0F 84 [4] 8B [2] 8B [1] 8B [1] 8B [1] 81 E? [4] C1 [2] 25 [4] C1 [2] 0B [1] 0B [1] C1 [2] C1 [2] 0B [1] 8D [2] 5? E8 [4] 8B [1] 83 [2] 85 [1] 0F 84 [4] 5? C6 [3] 8B [2] 5? E8 [4] 85 [1] 75 } 43 | 44 | condition: 45 | any of them 46 | } 47 | 48 | private rule id_5 49 | { 50 | meta: 51 | author = "Intezer Labs" 52 | strings: 53 | $a0 = { 5? 8B [1] 64 [5] 6A [1] 68 [4] 5? 64 [6] 83 [3] 5? 8B [2] 5? 5? 8B [1] 74 [1] 8B [5] 2B [1] 99 33 [1] 2B [1] 75 [1] 8B [5] 2B [2] 99 33 [1] 2B [1] 74 } 54 | $a1 = { 5? 8B [1] 64 [5] 6A [1] 68 [4] 5? 64 [6] 83 [3] 5? 5? 5? 8B [2] 8B [1] 74 [1] 8B [5] 2B [1] 99 33 [1] 2B [1] 75 [1] 8B [5] 2B [2] 99 33 [1] 2B [1] 74 } 55 | 56 | condition: 57 | any of them 58 | } 59 | 60 | rule vncdll 61 | { 62 | meta: 63 | author = "Intezer Labs" 64 | date = "June 2020" 65 | condition: 66 | (id_1 or id_2 or id_3 or id_4 or id_5) 67 | } --------------------------------------------------------------------------------