What is MalwareViz

Malware Visualization shows the simple stuff of malicious software.

MalwareViz was created to display the actions of a bad file by generating a picture. More information can be found by simply clicking on different parts of the picture.

“Everything should be made as simple as possible, but no simpler.”
~Albert Einstein


The simple goal is to make something easier. Explaining the actions of a malicious file is difficult. The language used is not standard. One person may want to know if the file is simply “bad” while another wants all the details. MalwareViz solves this problem by giving a quick picture of important actions and clickable links to the details.


The design inspiration came from the Enterobacteria phage T4 virus. It is a stomach virus that devours bacteria and is shaped like a "T". The T4 virus is basically a syringe that injects code. Someone reading this may actually have this virus in their small intestines and have a computer virus on their machine.

The language used to explain a biological virus is similar to that of a computer virus. A biological/computer virus will overcome defenses in search of a host. It will inject its instructions or “code” into the host. What happens next depends on what is in the code. Analysis will require watching the actions of a virus or learning to read through the virus code. A difficult question to answer is not just technically "what" it is doing, but why.


T4 Virus
MalwareViz_Explained cluster1 Internet Traffic cluster2 Created Files Start VirusTotal Start->VirusTotal point1 VirusTotal->point1 point2 VirusTotal->point2 IP address IP address point1->IP address URL URL point1->URL Executable File Executable File point2->Executable File None Exe Files Other none executable files such as .tmp .bat .html .log point2->None Exe Files

  • The graphs are SVG. Everything in the graphs are clickable and searchable.

Copyright © 2014 MalwareViz.