Free Malware Sample Sources for Researchers
A curated list of free sources where malware researchers can obtain samples for analysis, including MalwareBazaar, Hybrid Analysis, VirusShare, and vx-underground. Most require registration, and researchers should take precautions to avoid infecting themselves.
Malware researchers frequently seek malware samples to analyze threat techniques and develop defenses. In addition to downloading samples from known malicious URLs, researchers can obtain malware samples from the following free sources:
- ANY.RUN: Registration required
- Contagio Malware Dump: Curated, password required
- CAPE Sandbox: Registration required
- Das Malwerk
- Hatching Triage: Registration required
- Hybrid Analysis: Registration required
- InQuest Labs: Registration required
- InQuest Malware Samples on GitHub
- KernelMode.info: Registration required
- MalShare: Registration required
- MalwareBazaar
- MalwareSamples Malware-Feed: Curated
- Malware DB
- Objective-See Collection: Mac malware
- PacketTotal: Malware inside downloadable PCAP files
- PolySwarm: Registration required
- SNDBOX: Registration required
- SoReL-20M: 10M defanged malware samples (see notes)
- theZoo aka Malware DB
- URLhaus: Links to live sites hosting malware
- VirusBay: Registration required
- VirusShare: Registration required
- VirusSign: Registration required
- Virus and Malware Samples: Includes APT, registration required
- vx-underground
- Yomi: Registration required
Be careful not to infect yourself when accessing and experimenting with malicious software.
My other lists of online security resources outline Automated Malware Analysis Services and On-Line Tools for Malicious Website Lookups. Also, take a look at tips sharing malware samples with other researchers.