๐Ÿ›ก๏ธ
./Malfav.asm
Linkedin
  • ๐Ÿ‘‹./Malfav.asm
    • ๐Ÿ•ธ๏ธMalfav Agenda
  • ๐Ÿ•ท๏ธMalware Introduction
    • ๐Ÿ’กWhat is Malware
      • ๐ŸŒ FIN Malware
      • ๐Ÿฆ˜Cyber Gang Malware
        • ๐Ÿ•ท๏ธSpiders Malware
      • ๐Ÿ•ต๏ธโ€โ™€๏ธCyber Espionage Malware
      • ๐Ÿ˜Cyber Sabotage Malware
      • ๐Ÿ›ดRootkit
        • ๐ŸซšBootkit
    • ๐ŸฆซNations State APT
      • ๐Ÿ—ฏ๏ธAPT
      • ๐Ÿ‡ฎ๐Ÿ‡ทIran APT
      • ๐Ÿ‡ท๐Ÿ‡บRussian APT
      • ๐Ÿ‡จ๐Ÿ‡ณChines APT
      • ๐Ÿ‡ฎ๐Ÿ‡ณIndia APT
      • ๐Ÿ‡ต๐Ÿ‡ฐPakistan APT
      • ๐Ÿ‡ป๐Ÿ‡ณVietnamese APT
      • ๐Ÿ‡ฐ๐Ÿ‡ตNorth Korean APT
    • ๐Ÿฅ‹Mobile Malware
      • ๐Ÿ“ฒAndroid Malware
        • ๐Ÿ’ฐCommerical Android Malware
          • Common Android Spyware
        • ๐ŸงงCommon Android Exploits
          • 0๏ธCommon Android 0day
      • ๐Ÿ“ฑIPHONE Malware
        • ๐ŸšCommon IPHONE Spyware
        • ๐Ÿ’ฅCommerical IPHONE Malware
        • ๐Ÿ’ฃCommon IPHONE Exploits
    • ๐Ÿ“ƒMalicious Documents
      • ๐Ÿ“จExcel Spreadsheets
      • ๐Ÿ—ผPowerPoint Presentations
      • ๐ŸคบMicrosoft Office Documents
      • ๐Ÿ“‘PDF
      • ๐Ÿ“„Other Document Formats
      • ๐ŸฉผCommon Techniques Used in Malicious Documents
    • ๐Ÿž๏ธAdvanced Persistence Threat - APT
      • ๐Ÿฅ APT Groups
        • ๐Ÿ‡จ๐Ÿ‡ณMustang Panda
        • ๐Ÿ›•Mustard Tempest
        • ๐Ÿ‡จ๐Ÿ‡ณNaikon
        • ๐ŸชกNEODYMIUM
        • ๐Ÿ‡ท๐Ÿ‡บNomadic Octopus
        • ๐Ÿ‡ฎ๐Ÿ‡ทOilRig
        • ๐ŸŠOrangeworm
        • ๐Ÿ‡ฎ๐Ÿ‡ณPatchwork
        • ๐Ÿ‡จ๐Ÿ‡ณPittyTiger
        • ๐ŸŒPLATINUM
        • ๐Ÿ‡ฑ๐Ÿ‡งPOLONIUM
        • ๐Ÿ‡ต๐Ÿ‡นPoseidon Group
        • ๐Ÿ‡น๐Ÿ‡ฒPROMETHIUM
        • ๐Ÿ‡จ๐Ÿ‡ณPutter Panda
        • ๐ŸฆRancor
        • ๐Ÿ‡จ๐Ÿ‡ณRocke
        • ๐ŸขRTM
        • ๐Ÿ‡ท๐Ÿ‡บSandworm Team
        • ๐ŸƒScarlet Mimic
        • ๐Ÿ‡ฌ๐Ÿ‡ฑScattered Spider
        • ๐Ÿ‡ต๐Ÿ‡ฐSideCopy
        • ๐Ÿ‡ฎ๐Ÿ‡ณSidewinder
        • ๐Ÿ”•Silence
        • ๐Ÿ‡ฎ๐Ÿ‡ทSilent Librarian
        • ๐Ÿ‡ณ๐Ÿ‡ฌSilverTerrier
        • ๐ŸžSowbug
        • ๐Ÿ”ฑStrider
        • ๐Ÿ‡จ๐Ÿ‡ณSuckfly
        • ๐ŸฅƒTA2541
        • ๐Ÿ‡จ๐Ÿ‡ณTA459
        • ๐Ÿ’ผTA505
        • ๐Ÿ’ฐTA551
        • โ˜๏ธTeamTNT
        • ๐Ÿ‡ท๐Ÿ‡บTEMP.Veles
        • ๐ŸฆณThe White Company
        • ๐Ÿ’ณThreat Group-1314
        • ๐Ÿซ“Threat Group-3390
        • ๐Ÿ‡จ๐Ÿ‡ณThreat Group-3390
        • ๐ŸฆThrip
        • ๐ŸˆToddyCat
        • ๐Ÿ™Tonto Team
        • ๐Ÿ‡ต๐Ÿ‡ฐTransparent Tribe
        • ๐Ÿ Tropic Trooper
        • ๐ŸขTurla
        • ๐Ÿ‡ฎ๐Ÿ‡ทUNC788
        • ๐Ÿ‡ฑ๐Ÿ‡งVolatile Cedar
        • ๐Ÿ‡จ๐Ÿ‡ณVolt Typhoon
        • ๐Ÿ•Š๏ธWhitefly
        • ๐Ÿ”˜Windigo
        • ๐ŸชฝWindshift
        • ๐Ÿ‡จ๐Ÿ‡ณWinnti Group
        • ๐Ÿฅ€WIRTE
        • ๐Ÿ‡ท๐Ÿ‡บWizard Spider
        • ๐ŸŽชZIRCONIUM
      • ๐ŸนAPT's Software
        • ๐Ÿ€3PARA RAT
        • ๐Ÿ€4H RAT
        • โšฑ๏ธAADInternals
        • ๐Ÿ”ปABK
        • โš—๏ธAbstractEmu
        • ๐ŸชฑACAD/Medre.A
        • ๐Ÿ‡ฒ๐Ÿ‡ฐAcidRain
        • ๐ŸฌAction RAT
  • ๐ŸOS Internal's
    • ๐ŸฉSuspicious API's
      • ๐ŸชจProcess Information API's
      • ๐ŸงฉRegistry API's
      • ๐Ÿ”’Encryption API's
      • ๐Ÿ“ฏRestore Point API's
      • ๐Ÿ‘พExfiltration API's
      • ๐Ÿฆ‰Data Wiping API's
      • ๐Ÿ“จShadow Copy API's
      • ๐ŸชผWhat is Malicious API's Functions
      • ๐ŸŒช๏ธSystem Information API's
      • ๐ŸŒ€Network Information API's
  • ๐ŸชŸWindows Internal
    • ๐Ÿ“กWindows Internal
      • ๐ŸฆWhy Windows Internal ?
        • ๐Ÿต๏ธProcess
        • ๐ŸงตThread
        • ๐ŸชญHandle
        • ๐ŸŒMemory
        • โ˜ข๏ธRam
        • ๐Ÿค–ROM
  • ๐Ÿ‘๏ธโ€๐Ÿ—จ๏ธMalware Technique
    • ๐Ÿ““Malware Technique
    • ๐Ÿ’ขObfuscation
      • ๐ŸฆพAnti-Debugging Techniques
      • ๐Ÿ—๏ธInstruction Substitution
      • ๐Ÿ“”Code Obfuscation
      • ๐Ÿ“ฆCode Packing
      • ๐Ÿ’ˆPolymorphism
      • ๐ŸŒฌ๏ธControl Flow Obfuscation
      • ๐Ÿช…Data Obfuscation
      • ๐Ÿ’…Metadata Obfuscation
      • ๐ŸŽฃMetamorphism
      • โ›ฒRuntime Obfuscation
    • ๐Ÿ›ŒPersistence Mechanism
      • ๐Ÿ”ฐRegistry Persistence Mechanism
      • ๐Ÿ—‘๏ธTask Sch Persistence Mechanism
      • ๐Ÿ“‚Startup Folder
      • ๐ŸŽ‹AppData Folder
      • ๐ŸชนTemp Folder
  • โš”๏ธMalware Resources
    • ๐Ÿ‘ปMalware Resources
    • ๐ŸŽ‡Malware Sample Resources
      • ๐ŸŒก๏ธVirusShare
      • โ™ ๏ธMalShare
      • ๐ŸšฅMalwareTraffic
      • ๐ŸšMalware Bazaar
  • Malware Analysis Toolkit
    • ๐ŸงŒWindows Malware Analysis Toolkit
      • ๐Ÿ’‰Common Online Malware Analysis Toolkit
        • ๐Ÿ’ŽJoe Sandbox
        • ๐ŸŽชVT - VirusTotal
        • ๐Ÿ‘ฝThreat.Zone
        • ๐ŸฆHybrid Analysis
        • ๐Ÿฆ„Any.run
        • ๐ŸฅซFilescan
      • ๐ŸฅStatic Analysis Tools
        • ๐ŸกAdvance Static Analysis Tool
      • ๐Ÿ’ Dynamic Analysis Tool
        • Advance Dynamic Analysis Tool
      • ๐ŸฅœNetwork Analysis Tool
      • ๐ŸฅŸString Dumpers Toolkit
        • ๐Ÿ“Strings
        • ๐ŸฆžFloss
    • ๐Ÿ“ฑAndroid Malware Analysis Toolkit
      • ๐Ÿ•น๏ธStatic Analysis Toolkit
      • ๐Ÿ’ Dynamic Analysis Toolkit
      • ๐Ÿซ’Online Analysis Toolkit
    • ๐Ÿ“ฑIPHONE Malware Analysis Toolkit
      • ๐ŸฅขStatic Analysis Toolkit
      • โ™ฆ๏ธDynamic Analysis Toolkit
    • ๐Ÿ’ปMAC OSX Malware Analysis Toolkit
      • ๐Ÿ“ฏStatic Analysis Toolkit
      • ๐ŸญDynamic Analysis Toolkit
      • ๐ŸŒฌ๏ธOnline Analysis Toolkit
  • Books and Guidelines
    • ๐Ÿ”‹Books and Guidelines for Malware Analysis .
      • ๐Ÿ‹๏ธโ€โ™€๏ธAndroid Malware Analysis 101
      • ๐Ÿฅ–Common Anti-Forensics
      • ๐ŸฆฃMemory Forensics GUI
      • ๐Ÿ“ผAssembly for Malware Analyst
      • ๐Ÿ’พDisk Image Forensics
      • โšกVolatility Noob to Pro
  • ๐Ÿ“‹Malware Analysis Tips
    • ๐Ÿ–‡๏ธMalware Analysis Tips
      • ๐ŸฎMemory Malware Analysis
      • ๐ŸœTechnique to Investigate Process
      • ๐Ÿ’ฅProcess Lists 1
      • ๐Ÿ’ฅProcess Lists 2
      • ๐Ÿ’ฅProcess Lists 3
  • ๐ŸงฝIncident Response
    • ๐ŸณWhat is Incident Response
      • Incident Response Tools
      • Incident Response Toolkit
  • Technical Analysis Report
    • ๐ŸฆŽTechnical Analysis Report
      • ๐ŸงฒStuxnet Memory Analysis
  • ๐ŸšจRootkit Removal
    • ๐Ÿค–Rootkit Removal
  • ๐Ÿ—œ๏ธAntivirus Artifact
    • ใ€ฝ๏ธAntivirus Artifact
      • ๐Ÿ€„Antivirus Process Name
  • ๐Ÿง Malware Author Mindset
    • ๐Ÿ’ฝMalware Author Mindset
      • ๐ŸซHow Malware Author Terminate Antivirus Process during runtime ?
Powered by GitBook
On this page
  1. Malware Resources
  2. Malware Sample Resources

MalwareTraffic

PreviousMalShareNextMalware Bazaar

Last updated 10 months ago

MalwareTraffic is a resource that focuses on providing network traffic captures (PCAP files) from various malware infections. These captures are valuable for researchers and analysts looking to study the network behavior of malware. Hereโ€™s a detailed overview:

Key Features

  1. Network Traffic Samples:

    • MalwareTraffic provides PCAP files that capture network traffic generated by malware infections. These files include details of network communications, such as HTTP requests, DNS queries, and other network activities.

  2. Detailed Analysis:

    • The platform often includes detailed write-ups and analysis of the network traffic, explaining the malwareโ€™s behavior, command and control (C2) communications, and other relevant information.

  3. Educational Value:

    • MalwareTraffic is valuable for educational purposes, providing real-world examples of how malware operates over a network. This can help in understanding attack vectors and developing detection methods.

Access and Use

  • Website:

  • Available Resources: The website offers access to PCAP files, analysis reports, and sometimes additional resources related to specific malware samples or infections.

  • Search and Browse: Users can browse through various network traffic samples organized by date, malware type, or other criteria.

Practical Uses

  1. Network Analysis:

    • Analysts use PCAP files to study the network behavior of malware, including how it communicates with C2 servers, exfiltrates data, or spreads within a network.

  2. Threat Intelligence:

    • Security teams analyze network traffic to improve threat detection capabilities, identify new malware families, and understand attack patterns.

  3. Training and Education:

    • The samples and analyses provided by MalwareTraffic can be used in training environments to teach network forensics and incident response.

Cautions

  • Controlled Environment: Always analyze network traffic in a secure environment. While PCAP files are less risky than executable files, they should still be handled carefully to avoid exposure to potentially harmful information.

  • Legal and Ethical Considerations: Ensure that your use of network traffic samples complies with legal and ethical guidelines, particularly when using or sharing sensitive data.

MalwareTraffic is a valuable resource for those interested in the network aspects of malware, offering practical examples and detailed analyses to aid in understanding and defending against malware threats.

4o mini

MalwareTraffic Analysis
โš”๏ธ
๐ŸŽ‡
๐Ÿšฅ
Page cover image