🎇Malware Sample Resources

When researching and analyzing malware, having access to a variety of sample resources is crucial. Here are some common sources where you can obtain malware samples for analysis:

1. Malware Analysis Platforms

• VirusTotal: A widely used online service that analyzes files and URLs for malicious content using multiple antivirus engines. You can also upload and examine samples here.

  • Website: VirusTotal

• Hybrid Analysis: A platform that provides detailed behavioral analysis of malware samples, including dynamic analysis and static analysis reports.

  • Website: Hybrid Analysis

• Any.Run: An interactive malware analysis sandbox that allows you to run and analyze malware samples in a virtual environment.

  • Website: Any.Run

2. Threat Intelligence Repositories

• MalwareBazaar: A repository for sharing and downloading malware samples. It's a valuable resource for researchers looking to obtain various malware samples.

  • Website: MalwareBazaar

• TheZoo: An open-source project that maintains a collection of malware samples for educational and research purposes.

  • Website: TheZoo

• Cuckoo Sandbox Samples: A project that provides access to malware samples analyzed by Cuckoo Sandbox, which offers detailed reports and behavior analysis.

  • Website: Cuckoo Sandbox

3. Malware Sharing Communities

• Red Canary’s CanaryTokens: Provides a variety of tokens that can be used to detect malware activity and collect samples.

  • Website: CanaryTokens

• AlienVault Open Threat Exchange (OTX): A community-driven platform where you can find information on known malware, including samples and indicators of compromise (IoCs).

  • Website: OTX

4. Public Datasets

• Contagio Malware Dump: A collection of malware samples shared by the Contagio Malware Dump group, which includes various types of malware.

  • Website: Contagio Malware Dump

• VxVault: An archive of malware samples, including trojans, worms, and other malicious software, shared for research purposes.

  • Website: VxVault

5. Academic and Research Institutions

• Malware Traffic Analysis: A site that provides traffic samples from various malware infections, including PCAP files and analysis reports.

  • Website: Malware Traffic Analysis

• MITRE ATT&CK: While not a sample repository, ATT&CK provides detailed information on techniques used by various types of malware, which can help in identifying and analyzing samples.

  • Website: MITRE ATT&CK

6. Commercial Threat Intelligence Providers

• FireEye/Mandiant: Offers access to threat intelligence and malware samples through their services and reports.

  • Website: FireEye

• CrowdStrike: Provides information and samples related to advanced persistent threats and other cyber threats.

  • Website: CrowdStrike

When working with malware samples, ensure you have a controlled and isolated environment for analysis, such as a virtual machine or sandbox, to avoid accidental infection and damage to your system.