0

Hopefully this question isn't get marked as Duplicate, since it differs from the following question: Where can I, as an individual, get malware samples to analyze?

I'm looking for samples (ideally malware) which have already been disassembled. The only useful resource which I could found so far was a dataset provided on kaggle. However, the only note how the ASM files have been generated is:

This was generated using the IDA disassembler tool.

My problem: There are no details about the specifice process of disassembling: I could not find any additional information if or how the disassembler considers special obfuscation mechanisms and if it could be ensured, that the files contain meaningful assembler instructions.

To recall the question: I'm looking for malware samples (windows) with the corresponding disassembly to download in bulk, which have been ideally counterchecked for meaningful instructions (e.g. constant code of the malware).

Community
  • 1
knx
  • 1,257
  • 1
  • 9
  • 26

1 Answers1

4

The archive of disassembled and analysed malware does not exist - at least I haven't heard of any good ones. The closest I can think of is labs files from "Practical Malware Analysis", at https://practicalmalwareanalysis.com/labs/. Each of the files is described and analysed in the "Answers" section of the book, including IIRC obfuscated samples, but actual disassembling is left as an exercise for the reader :)

Another way to achieve your goal is to look for summary articles on topics that interest you, such as https://www.virusbulletin.com/virusbulletin/2014/07/obfuscation-android-malware-and-how-fight-back (Android in this case), take hashes listed in them and download (bulk or not, up to you) samples from VirusTotal.

A rather dated Windows malware analysis set of tutorials with emphasis on reversing - https://fumalwareanalysis.blogspot.com.au/p/malware-analysis-tutorials-reverse.html

Vitaly Osipov
  • 843
  • 4
  • 15