Still ISO a complete ZeroAccess malware sample…
But thought I would share a few spots I’ve found to pick up various malware samples for others in their search…
A lot of people know of www.malwaredomainlist.com a site listing infected domains. Unfortunately all but the most recent entries on the site are usually already taken down or no longer spread infection.
Then there is http://www.offensivecomputing.net/ where you can directly download samples. I have several notes for you on this site. First they require registration – no prob – they do email you a supposedly “temporary” password to gain access, and in the same email they request that you write them explaining *why* you want access to the site, for permanent access. It’s been several weeks and I’ve not yet received a response, however my supposedly “temporary” login credentials still work.
The downside to their direct downloads is most of the samples seem to be stubs or incomplete – at least in the sense that it will be difficult to find a file there capable of actually giving you a nice, full infection. Some of the samples don’t even execute…
But the site does have a forum where you can request samples – most people on the forum do provide nice samples from 3rd party download sites, but get them while you can as the older entries tend to get removed from the download site, of course…
Last, I found this blog, http://contagiodump.blogspot.com/ where the owner does provide direct downloads of some samples. You’ll need to email her for the password scheme to decompress the samples; though she is quick at getting back to you! I emailed her this morning after a download, and received a response within half an hour.
If you know of any other good locations to download nice, full malware samples, please let me know!
Thanks! Happy hunting!
EDIT: new spot, the forums over at http://www.kernelmode.info !!
1 Comment
Leave your reply.