About contagio exchange

CONTAGIO EXCHANGE Contagio exchange was created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection.
Edit Aug 2013 - The community is busy and Mila too so this was not a very active site (my fault probably) so I will be just dumping malware strings here - it often helps in malware identification and googling is the best way.
With just strings, not exactly a fun blog to read but might become s useful resource over time.
I will not be posting samples here, just md5. You can find the corresponding samples on contagio or ping me if you can't find
M
P.S. Robot pictures delivered by Robohash.com (generated from file hashes)

Sunday, April 8, 2012

Old (circa 2009-2010) vxhaven's binary collection - 270,000+ files - via torrent

Vxhaven old malware collection.

Vxhavens forum that served malware research community for many years went dark on March 23, 2012. You can read about it (and support if you don't agree with the takedown) here: http://vx.netlux.org/index.html


Regarding the collection:

This collection is not result of the takedown. It has been released as a torrent earlier this year, and but since it is out there in public and already seeded by many and posted in many places, I am posting the torrent link there now as well because it is useful for research and the primary source is not available.  I understand that was not released by owners but I still want to thank Vxhavens members who collected all these samples.

For your convenience, I added a list of binaries in the text file and scroll boxes below.
All binaries in the torrent are older than 2010 (over 270K files, many variants of the same malware), but if you need for some mega testing of your sandbox or need to pick a few special files for some research and comparison, might be useful.

If you need only one or few and desperate/cannot download all on your own, you can ping me, I can send send those few.

Torrent (47GB compressed) - http://thepiratebay.se/torrent/7066921/Vx_heavens_collection%28all%29

Download the text log of all files - no password on the log 

or categorized log is here (save as HTML)



Categories

  1. Backdoors ASP, IRC, BOOT, DOS, Java   BackdoorASPAce
  2. Backdoors - FreeBSD, Linux, Unix, OS2, SunOS, Mac
  3. Backdoors Win16, Win32, Win64
  4. Constructors BAT, DOS, HTML, MSIL, MSWORD, Perl , Ruby, VBS
  5. Constructors Win16, Win32
  6. DoS Linux, Perl, SAP
  7. DoS Win16, Win32, EICAR-Test-File
  8. Email Flooders
  9. Email Win16, Win32
  10. Email Worm BAT, JS, Word, VBS
  11. Exploits Flash/SWF, MSOffice, Perl, MySQL, PHP, Python
  12. Exploits HTML, DOS, IIS, IRC, JAVA/JS
  13. Exploits Linux, Mac OS, Unix, MySQL
  14. Exploits VBS, Win32
  15. Flooder IRC, DOS, Linux, Unix, PHP, Java
  16. Flooder Win32
  17. Hacktools DOS, FreeBSD, Linux, MSIL, Perl, PHP, Shell, SunOS, Unix, Win32,
  18. Hoaxes and Bad Jokes
  19. IM flooders and worms
  20. IRC WormsP2P worms
  21. RATs
  22. SMS Flooders
  23. Sniffers, Spoofers, and Spam tools
  24. some packed samples, Rootkits
  25. Trojans Acad, ANSI, BAT, Boot, DOS
  26. Trojans Bankers
  27. Trojans Clickers
  28. Trojans DDoS
  29. Trojans DOS, Spy
  30. Trojans Downloaders
  31. Trojans Droppers
  32. Trojans EPOC, HTA, HTML, IRC, Java/JS
  33. Trojans Gamethief, IM, Mailfinder, Notifier, Proxy, Password stealers,
  34. Trojans Linux, Unix and Mac
  35. Trojans Lotus, Excel, MSWord, MSIL, Novell, NSIS, OLE2, RAR, Perl, PHP
  36. Trojans Palm, SymbOS
  37. Trojans SMS, SymbOS
  38. Trojans VBS
  39. Trojans Win16, Win32
  40. Virtools
  41. Viruses Acad, 1C, ALS, ABAP, BAT, DOS
  42. Viruses HTML, JS, Java, KIX
  43. Viruses Linux, FreeBSD, Mac,
  44. Viruses Makefile, Matlab, MFL, Menuel, MSAccess, MSExcel, MSWord, MSOffice,
  45. Viruses Multi, PHP, Perl, OS2, Ruby,
  46. Viruses Python, Script, VBS
  47. Viruses Win16, Win32
  48. VWorms BAT, DOS, JS, MSIL, Symbos, VBS, WIn32
  49. Worms Java/JS, PHP, Win32
  50. Worms Linux


Backdoors ASP, IRC, BOOT, DOS, Java

Backdoors - FreeBSD, Linux, Unix, OS2, SunOS, Mac


Backdoors MSIL, MSSQL, Perl, PHP, VBS, Python

Backdoors Win16, Win32, Win64


Constructors BAT, DOS, HTML, MSIL, MSWORD, Perl , Ruby, VBS

Constructors Win16, Win32

DoS Linux, Perl, SAP

DoS Win16, Win32, EICAR-Test-File

Email Flooders

Email Worm BAT, JS, Word, VBS

Email Win16, Win32

Exploits HTML, DOS, IIS, IRC, JAVA/JS

Exploits Linux, Mac OS, Unix, MySQL,

Exploits Flash/SWF, MSOffice, Perl, MySQL, PHP, Python

Exploits VBS, Win32

Flooder IRC, DOS, Linux, Unix, PHP, Java

Flooder Win32

Hacktools DOS, FreeBSD, Linux, MSIL, Perl, PHP, Shell, SunOS, Unix, Win32,

Hoaxes and Bad Jokes

IM flooders and worms

IRC Worms

Worms Linux

Worms Java/JS, PHP, Win32

RATs

P2P worms

some packed samples, Rootkits

SMS Flooders

Sniffers, Spoofers, and Spam tools

Trojans Bankers

Trojans Clickers

Trojans DDoS

Trojans Downloaders

Trojans Droppers

Trojans Gamethief, IM, Mailfinder, Notifier, Proxy, Password stealers,

Trojans SMS, SymbOS

Trojans DOS, Spy

Trojans Acad, ANSI, BAT, Boot, DOS

Trojans EPOC, HTA, HTML, IRC, Java/JS

Trojans Linux, Unix and Mac

Trojans Lotus, Excel, MSWord, MSIL, Novell, NSIS, OLE2, RAR, Perl, PHP

Trojans Palm, SymbOS

Trojans VBS

Trojans Win16, Win32

Virtools

Viruses Acad, 1C, ALS, ABAP, BAT, DOS

Viruses HTML, JS, Java, KIX

Viruses Linux, FreeBSD, Mac,

Viruses Makefile, Matlab, MFL, Menuel, MSAccess, MSExcel, MSWord, MSOffice,

Viruses Multi, PHP, Perl, OS2, Ruby,

Viruses Python, Script, VBS

Viruses Win16, Win32

VWorms BAT, DOS, JS, MSIL, Symbos, VBS, WIn32