We, as malware analysts, are always in need of new samples to analyze in order to learn, train or develop new techniques and defenses. One of the most common questions I get is “Where to find malware to analyze?” so I’m sharing here my private collection of repositories, databases and lists which I use on a daily basis. Some of them are updated frequently and some of them are not. The short description under each link wasn’t written by me, it was written by the owners of the repositories.

If you want to add another resource to the list please inform me in the comments.

Please, be careful when using these sites. Almost all of them contain malicious files. Use with caution!

General Samples

theZoo

theZoo is a project created to make the possibility of malware analysis open and available to the public.

contagio

Contagio is a collection of the latest malware samples, threats, observations, and analyses.

Hybrid Analysis

Free malware analysis service powered by Payload Security. Using this service you can submit files for in-depth static and dynamic analysis. You can also download samples from analysis submitted by others.

AVCaesar

AVCaesar is a malware analysis engine and repository, developed by malware.lu

Das Malwerk

DAS MALWERK collects executable malware from all kinds of shady places on the internet

KernelMode.info

An active community devoted to malware analysis and kernel development

MalShare

The MalShare Project is a collaborative effort to create a community-driven public malware repository that works to build additional tools to benefit the security community at large.

Megabeets collection of repositories contain malicious samples, domains and more #Malware #Megabeets https://t.co/G5SAWNYzyM — Itay Cohen (@Megabeets_Blog) October 12, 2016

VirusBay

VirusBay is a web-based, collaboration platform where researchers can put their hands on malicious samples uploaded by colleagues and SOC professionals.

FreeTrojanBotnet

FreeTrojanBotnet’s goal is to gather submissions from operators and various mailing lists and concentrate them in a database easy to navigate

Virusign

Virusign downloads malware and sort files in order of relevance, for researchers to download samples and analyze them to create new signatures.

malware.one

A binary substring searchable malware catalog containing terabytes of malicious code. (Samples are not downloadable)

VirusShare

A repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of malicious code.

Malwarebytes Research Center

Forums to post new threats and URLs

Mobile Malware (Google Group)

A mailing list for researching mobile malware. This group allows material related to new mobile malware samples, analysis, new techniques, questions pertaining to the field, and other related material.

SARVAM

Search And RetrieVAl of Malware contains a database with tons of malicious samples.

Malekal

Malekal’s collection of malware

Malc0de

An updated database of domains hosting malicious executables.

VX Vault

S!Ri.URZ Collection of malware and URLs

Scumware

Providing access to a database which contains data such as: URL, MD5, IP, TLD, etc

Sucuri Malware Labs

Latest findings that Sucuri Labs seeing in the “wild”

abuse.ch

abuse.ch is running a couple of projects helping internet service providers and network operators protecting their infrastructure from malware. It includes several malware trackers.

Cybercrime Tracker

Lists the C&C panels of certain in-the-wild botnets.

Android Samples

Koodous

Koodous is a collaborative platform that combines the power of online analysis tools with social interactions between the analysts over a vast APKs repository.

AndroMalShare

AndroMalShare is a project to share Android malware samples

Android-Malware (Github)

Collection of Android malware samples collected from several sources/mailing lists

OSX Samples

Objective-See Mac Malware

Objective-See was created to provide simple, yet effective OS X security tools. Always free of charge. This repository contains malware samples for MAC.

Manwe MAC Malware Samples

Regularly updated fresh MAC malware feed

Linux Samples

Linux Sandbox

Linux Sandbox is a Cuckoo-based sandboxing system specifically crafted and tuned for Linux malware samples analysis.

Detux – The Linux Sandbox

Multiplatform Linux Sandbox. The samples are available to download.

Not working anymore or under maintenance:

OpenMalware

Open Malware Project by Danny Quis

Malwr

Malwr is a free malware analysis service and community launched in January 2011. You can submit files to it and receive the results of a complete dynamic analysis back. You can also download samples from analysis submitted by others.

MalwareBlacklist

Repository of Malware URLs and Samples

Again, please be careful when using these sites. Almost all of them contain malicious files. Use with caution!