I wish to analyze the changes made by a specific virus. For example, Win32.Sality.
Where can I get the sample of this, or other similar, malware for testing?
Asked
Active
Viewed 1.2k times
17
-
2And do AV editors in general have some official feed for malware? – curiousguy Aug 19 '12 at 18:22
-
8+1, always wondered this: where is malware when you need it?! – Luc Aug 19 '12 at 19:00
-
I'm sure you can find some scene websites with virus samples, I can't remember the title exactly but there was one talk at Chaos Comm. Conference who was talking about that. Alternatively I can just give you my old hard drive ;) – rath Jun 16 '13 at 12:17
-
@val you seem to be under the impression theres a complete collection of all viruses ever somewhere? AV vendors might have something like that but the storage requirements would be intense. Regardless your wont be getting a copy from anyone. Also. Ecair test file? – NULLZ Jun 16 '13 at 22:43
-
Can you say me which tools you are using for the analyze? – Hidden Jun 17 '13 at 14:33
7 Answers
3
virusshare.com is another great repository of malware samples, having a huge number of samples. A snapshot from the website's homepage:
Access is by invitation only, so you will need to drop a mail to the site admin.
Another good resource that I know of- www.deependresearch.org
![](../../users/profiles/9778.webp)
pnp
- 1,818
- 2
- 26
- 42
3
Here Are Some List of sites where you can get malware for samples
KernelMode.info
DamageLab.org
MalwareBlacklist
Malware URLs
.
Open Malware
An Blog which has some url's
MalwareTIps
- Virus exchange Forum
The above url's are An Summary from here
![](../../users/profiles/6253.webp)
schroeder
- 123,438
- 55
- 284
- 319
![](../../users/profiles/11679.webp)
BlueBerry - Vignesh4303
- 5,107
- 13
- 34
- 63
-
Tekdefence is the only simply browsed. Openmalvare responds with some list if I enter "windows" into the search windows. I would not find these sites without your help. This trick, with entering "windows" into MD5 window, however, does not succeed with Malshare. It seems really demanding exact MD5 keys, which I do not have without having samples first. – Val Jun 16 '13 at 13:10