Malware collections

Forum for analysis and discussion about malware.
Post Reply
shadowlady2009
Posts: 3
Joined: Sun Jan 16, 2011 7:45 am

Malware collections

Post by shadowlady2009 » Sun Jan 16, 2011 7:50 am

:D
I'm new here
I have some malwares want to share for you;

I hope this collection usefully for your work.

Malware collection of Shadowlady2009

Includes: 2697 files
Size: 1000 MB
Pass: shadowlady2009

Code: Select all

http://hotfile.com/dl/97055690/c0e4bf2/MalwaresIofIV_ShadowLady.part01.rar.html
http://hotfile.com/dl/97055691/399e366/MalwaresIofIV_ShadowLady.part02.rar.html
http://hotfile.com/dl/97062435/5c3b6e5/MalwaresIofIV_ShadowLady.part03.rar.html
http://hotfile.com/dl/97065205/17a0a04/MalwaresIofIV_ShadowLady.part04.rar.html
http://hotfile.com/dl/97067846/483ab13/MalwaresIofIV_ShadowLady.part05.rar.html
http://hotfile.com/dl/97073120/618ca5c/MalwaresIofIV_ShadowLady.part06.rar.html
http://hotfile.com/dl/97076583/8cd59b9/MalwaresIofIV_ShadowLady.part07.rar.html
http://hotfile.com/dl/97078228/cd65667/MalwaresIofIV_ShadowLady.part08.rar.html
http://hotfile.com/dl/97083100/5f4aa78/MalwaresIofIV_ShadowLady.part09.rar.html
http://hotfile.com/dl/97085684/41870e4/MalwaresIofIV_ShadowLady.part10.rar.html
Mirrors:

Code: Select all

http://www.duckload.com/download/2194136/MalwaresIofIV_ShadowLady.part01.rar
http://www.duckload.com/download/2194148/MalwaresIofIV_ShadowLady.part02.rar
http://www.duckload.com/download/2194586/MalwaresIofIV_ShadowLady.part04.rar
http://www.duckload.com/download/2194856/MalwaresIofIV_ShadowLady.part03.rar
http://www.duckload.com/download/2195146/MalwaresIofIV_ShadowLady.part05.rar
http://www.duckload.com/download/2197690/MalwaresIofIV_ShadowLady.part06.rar
...(Waiting upload)
http://www.duckload.com/download/2197631/MalwaresIofIV_ShadowLady.part10.rar
Last edited by EP_X0FF on Mon Apr 25, 2011 2:05 pm, edited 1 time in total.
Reason: Title changed

User avatar
EP_X0FF
Global Moderator
Posts: 4775
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Share litle malware collection part I

Post by EP_X0FF » Sun Jan 16, 2011 8:18 am

Hello,

thanks, what kind of malware inside? And what is the source of this collection, manual harvesting?

Regards.
Ring0 - the source of inspiration

shadowlady2009
Posts: 3
Joined: Sun Jan 16, 2011 7:45 am

Re: Share litle malware collection part I

Post by shadowlady2009 » Sun Jan 16, 2011 8:24 am

:mrgreen:
hi,
All kind!
File name has been change to MD5 (none extensions, can't execu if you don't want run it by self :mrgreen: )
This is pack with: scumware.org, malwareurl.com ... and some collection on offensivecomputing.net and some source 8-)

Udate:

Code: Select all

http://www.duckload.com/download/2198120/MalwaresIofIV_ShadowLady.part07.rar

User avatar
EP_X0FF
Global Moderator
Posts: 4775
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Share litle malware collection part I

Post by EP_X0FF » Sun Jan 16, 2011 8:31 am

It's cool :) I'm already reached download limit on hotfile, so 2nd part can be downloaded only after 0.5 hour.
Ring0 - the source of inspiration

shadowlady2009
Posts: 3
Joined: Sun Jan 16, 2011 7:45 am

Re: Share litle malware collection part I

Post by shadowlady2009 » Sun Jan 16, 2011 9:02 am

You can download with ducload mirror. I will make more mirror for it ;)

Update:

Code: Select all

http://www.duckload.com/download/2198804/MalwaresIofIV_ShadowLady.part08.rar
http://www.duckload.com/download/2199199/MalwaresIofIV_ShadowLady.part09.rar
Mirror links:
Part 10:

Code: Select all

http://filestrack.com/j8gicoyj2p9x/MalwaresIofIV_ShadowLady.part10.rar.html

Tesk
Posts: 19
Joined: Mon Mar 29, 2010 8:18 pm

Re: Share litle malware collection part I

Post by Tesk » Sun Jan 16, 2011 11:24 am

I have an hotfile account, I can easily create a 1 link mirror, shall I do that?

User avatar
EP_X0FF
Global Moderator
Posts: 4775
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Share litle malware collection part I

Post by EP_X0FF » Sun Jan 16, 2011 11:44 am

Sure thanks :)
Ring0 - the source of inspiration

Tesk
Posts: 19
Joined: Mon Mar 29, 2010 8:18 pm

Re: Share litle malware collection part I

Post by Tesk » Sun Jan 16, 2011 11:51 am

Here is the download link:
http://www.myupload.dk/showfile/7386784d34b.zip

I can also upload other packages - and if it is to big to even get uploaded to this, I have an ftp server hosted on a 50/50 mbit connection, so I would be able to host most files ;-)

User avatar
EP_X0FF
Global Moderator
Posts: 4775
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Share litle malware collection part I

Post by EP_X0FF » Sun Jan 23, 2011 10:07 am

Collection analyzed.

There about few percents of clean files inside (for example Sandboxie installation), many duplicate malware (only difference is hash), some percents are Adware/Jokes, some clean files belongs to riskware section (remote admins tools, passview etc).

RAR collection size is 800 Mb.

Collection includes many TDL samples, Stuxnet, some Winlocks and FakeAV's, Kido sample - see attached table. In attach generated collection list with the following format

MD5 hash of sample
Item name as detected by Dr.Web 6.0 AV (I choose it only because it has most adequate malware naming which is better than for example Mal/FHdipf.@jffkds crap).

Several hashes listed few times because they are belongs to installation programs and detected malwares were inside installation.

Of course Dr.Web is not 100% detector, so there will be false positives as well as undetected malware (I will take a look on it later).

If you have any other collections you would like to share, please do it. Collection size does not matter.
You do not have the required permissions to view the files attached to this post.
Ring0 - the source of inspiration

gigaz
Posts: 14
Joined: Sat Aug 14, 2010 10:57 am

Re: Share litle malware collection part I

Post by gigaz » Sun Jan 23, 2011 10:43 am

@EP_X0FF
May I ask you a question, how did you sort these malware, is there any specific application or a script?

Post Reply