# Malware

# Distribution Centers

  • Any.Run - Interactive online malware analysis service for dynamic and static research of most types of threats using any environments.
  • Contagio Malware Dump - Password Required. A collection of the latest malware samples, threats, observations, and analyses.
  • Cape Sandbox - A malware sandbox derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration from malware.
  • Das Malwerk - The daily zip-file aims to serve you a batch of malware ranging from annoying adware to bank trojans and beyond!
  • Hatching Triage - A malware sandboxing solution. It leverages a unique architecture, developed with scaling in mind from the start!
  • Hybrid Analysis - A free malware analysis service for the community. Using this service you can submit files for in-depth static and dynamic analysis.
  • InQuest - A free malware analysis service for the community. Using this service you can submit files for in-depth static and dynamic analysis. last-commit
  • KernelMode.Info - A forum for reverse engineerin, OS internals and malware analysis.
  • Malshare - A free Malware repository providing researchers access to samples, malicious feeds, and Yara results.
  • Malware Bazaar - Project operated by abuse.ch. A project to collect and share malware samples.
  • Malware Samples - An ongoing and updated archive of files collected which are associated with specific public malicious threat reports last-commit
  • Malware-DB (theZoo) - theZoo is a project created to make the possibility of malware analysis open and available to the public. last-commit
  • Objective-See - Mac malware samples collected by the Objective-See team
  • Packet Total - Simple, free, high-qualityh PCAP file analysis
  • PhishingKitTracker - An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats last-commit
  • Polyswarm - Threat Intelligence Marketplace
  • SNDBOX - Malware sandbox platform
  • SoReL-20M - Sophos-ReversingLabs 20 Million dataset. HUGE dataset. last-commit
  • URLhaus - Project operated by abuse.ch. A project to collect and share malware samples.
  • VirusBay - A web-based, collaboration platform that connects security operations center professionals with relevant malware researchers.
  • VirusShare - Because Sharing is Caring
  • VirusSign - A huge collection of high quality malware samples
  • Virus Samples - Over 150,000+ malicious files, viruses, malware, trojans, executables, scripts, and other forms of malware payloads across a variety of file types and architectures
  • VX-Underground - Over 150,000+ malicious files, viruses, malware, trojans, executables, scripts, and other forms of malware payloads across a variety of file types and architectures. last-commit
  • Yori - Free sandbox-based file analysis service.

# Emulation

  • Al-Khaser - Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection. last-commit

# Ransomware Decryption

# Ransomware/Malware/Worms/etc.

  • Coldfire - Golang malware development library. last-commit
  • GonnaCry - A linux ransomware that encrypts all the user files with a strong encryption scheme. last-commit
  • Neurax - A framework for constructing self-spreading binaries. last-commit

# Scanners

  • FileScan - Next-Gen Sandbox and free malware analysis service. Operating at 10x speed compared to traditional sandboxes with 90% less resource usage, its unique adaptive threat analysis technology also enables zero-day malware detection and more Indicator of Compromise (IOCs) extraction.
  • Hybrid Analysis - A free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
  • ID Ransomware - Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
  • Jotti - Free service that lets you scan suspicious files with several anti-virus programs.
  • Kaspersky Threat Portal - Сheck any suspicious threat indicator, whether it is a file, file hash, IP address or web address.
  • Malcore - An advanced sandbox solution that is designed with speed and scalability in mind. Most leading sandbox solutions can take multiple minutes to perform analysis on a single file, Malcore solves this problem by taking seconds where it takes minutes.
  • Opswat - Simply submit suspicious files to MetaDefender Cloud for analysis.
  • VirusTotal - Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community.