About contagio exchange

CONTAGIO EXCHANGE Contagio exchange was created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection.
Edit Aug 2013 - The community is busy and Mila too so this was not a very active site (my fault probably) so I will be just dumping malware strings here - it often helps in malware identification and googling is the best way.
With just strings, not exactly a fun blog to read but might become s useful resource over time.
I will not be posting samples here, just md5. You can find the corresponding samples on contagio or ping me if you can't find
P.S. Robot pictures delivered by Robohash.com (generated from file hashes)

Thursday, March 1, 2012

Welcome to Contagio Exchange - community malware dump

Mila P.
as you see from the description above, Contagio Exchange is meant to be a communal malware collection. Contagio mobile dump has been very successful and useful because researchers can upload their samples and download them without waiting for me to analyze or post it - directly from the mediafire box.

Whenever I have time, I will moderate and post descriptions for the files and individual download links (in addition to the main dropbox link) in the same format you see on the  mobile malware dump.

This collection is meant to be a shared library of malware samples, not a repository of every type and sample in existence. I would like it to have current and useful samples for everyone to analyze and play with. Links for search and download are in the right hand column.

This collection is not meant to be a
  •  replacement for Contagio malware dump, it will continue to operate as usual.
  •  mega catchall dump of everything you can download from Malwaredomainlist,   Cleanmx, or offensivecomputing.net
  •  competitor to the above or any similar collections and sites
  •  mess of zipped and unzipped generic and "lord knows what it is" files
  •  repository of every sample in existence
  •  danger to society
For this collection to succeed, please follow these simple rules:
  1. Zip all and every file with the password 'infected' before uploading. Zip is better than rar for consistency.
  2. Read #1 again - it is very important to prevent the mediafire dropbox from turning into a hazard
  3. Add your name to the description (if you want a credit), description itself, links to research or sandbox results to explain what it is.  You can add a text file inside the package called description.txt or use the comment box during the upload. Please do not upload mystery files.
  4. Name zip files like this "virusname_md5.zip" or include MD5 in the name of the zip - if possible
  5. If you are not sure what it is and / or the detection is generic, please do not dump it into a sorted main exchange box but use U.F.O. - Unidentified Flying Object box so that others knew what to expect

Mediafire dropbox information
  • This is a paid and long standing mediafire account with unlimited storage and more than enough bandwidth to support it. 
  • Your samples are not held hostage as you can download them and store on your system each time or on a schedule. If there is ever any change to this storage, I will give enough warning or ways to get them.   
  • All links are direct, no ads
  • Dropbox works on all OS but best on Firefox and Chrome. I did not try it on Safari and it has issues on IE and Palemoon. If you have a problem with using it, you can email the samples (rename the file extension and double zip exe files) and indicate it is for the exchange.
  • As an added benefit, you can use the dropbox for malware exchange with anyone - if you don't mind your sample to become public. Once you upload, go to the download link on top of the upload box and click on a round gear next to the sample and select 'share'. It will generate a direct link you can post or email.

P.S. I don't financially benefit from the dropbox downloads (in fact, it is the opposite) , posts, or malware samples. It is for the sake of fun and education.

thank you!