Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Samples?


  • This topic is locked This topic is locked
12 replies to this topic

#1 drjack6

drjack6

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 08 May 2017 - 08:09 AM

I've seen some youtube videos for anti-virus testing and they have thousands of samples of malware and ransomware. A google search turned up nothing, at least nothing i felt safe clicking on.. Is there a legitimate online source somewhere where all these samples are? 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:19 PM

Posted 08 May 2017 - 08:14 AM

Bleeping Computer is in the Malware Removal business and we do not encourage our members to go looking for malware. However if you are still interested the best suggestion we can make is what has been said previously by Grinler our site owner:

Warez and crack sites are a good source and should only be used from a virtual machine. That's the best information and most specific information we can provide.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Tivum

Tivum

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:19 PM

Posted 08 May 2017 - 09:45 AM

I've seen some youtube videos for anti-virus testing and they have thousands of samples of malware and ransomware. A google search turned up nothing, at least nothing i felt safe clicking on.. Is there a legitimate online source somewhere where all these samples are? 

 

It is in your best interest to use a virtual machine as these may take over your computer.

 

A great virtual machine program to use is VirtualBox, you can find out more about it and download it clicking HERE.

 

 

As for the source, I don't feel comfortable giving out those dangerous links, just go to any website and click a few ads, download some stuff and you're almost guaranteed to have some kind of virus, as for ransomware and malware, can't help you with that bud.

 

Why are you so interested in getting these anyway, you aren't trying to do something malicious are you? :(


Edited by Tivum, 08 May 2017 - 09:47 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:19 PM

Posted 08 May 2017 - 06:09 PM

As noted by boopme...one of the primary goals of Bleeping Computer is to assist victims of malware infection with removal and to prevent the spread of malicious programs, not encourage them. Therefore, we will not provide links to malware samples or malicious sites where infections have been contracted and spread. Others reading this topic may use the information for nefarious purposes or an unwitting novice user may accidentally click a link and end up infecting their own computer.

 


Bleeping Computer's main mission is to help people rid their computers of malware not infect them. For legal and liability purposes we do not endorse or permit the sharing of malware samples via the forums. There are plenty of 'in the wild' samples available by using unsafe browsing tactics.

The main goal of BleepingComputer is to help users resolve various computer problems, not to distribute malware samples for whatever purpose. Requesting and/or providing links to live malware or live malware samples does not fall under that objective and is for that reason not something we allow or encourage.

Warez and crack sites are a good source and should only be used from a virtual machine. That's the best information and most specific information we can provide.

For those and other obvious reasons, we are not going to provide more specific information in a public forum. There are a number of sites which specialized in malware samples where questions like yours can be asked. You can register at Hybrid Analysis, MALWR Analysis and VirusShare. You can always open spam email attachments you receive, practice unsafe surfing habits, perform a simple Google search to find malware or even search on "how to infect my computer on purpose" which will provide information such as these articles.

While I understand you may have good reasons to look for specific malware samples, Bleeping Computer is not the place to ask for assistance on how to obtain them.
 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 drjack6

drjack6
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 08 May 2017 - 06:11 PM

Excuse my sarcasm, but how exactly do i test the efficiency of anti-malware without, hmm lets see, the malware?

I know i can get malware by clicking on ads. What im saying is, tons of videos seem to have a group of 1000 infections in a folder for the purpose of comparing security software. Either several channels all got exactly the same number of files by chance, or they all got them from somewhere specific.

So my question is, does anywhere know where that folder of 1000 samples is coming from. Im especially looking to test out malwarebytes anti/ransomware with tons of different varieties.

Edit- Just saw the third one. Ill check those sites you recomended. Thanks

Edited by drjack6, 08 May 2017 - 06:14 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:19 PM

Posted 08 May 2017 - 06:14 PM


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:19 PM

Posted 08 May 2017 - 06:16 PM

Looking at the time stamp of your previous reply, you may have missed my previous posting so also be sure to read that.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,706 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 AM

Posted 09 May 2017 - 01:53 PM

If they are all using the same set of malware, then this is a set of stale malware and not enough to test AV.

 

You also need malware that has never been scanned before. But that's hard to get. That's one of the reasons why AV testing with malware is very hard to do properly.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#9 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:12:19 PM

Posted 09 May 2017 - 07:33 PM

Here is a link to many malware sample sites, but its been XOR encrypted. Your task should you choose to be a malware researcher is to decrypt the XOR string and read the link.

Decrypting obfuscated malware will be common.


Numerical Key found on this page: *********
HINT: count #*<

7c-53-5f-43-54-44-52-18-6a-50-5f-43-58-50-16-64-57-4c-43-51-56-47-15-50-58-4a-19-63-57-40-51-54-44-54-50-5c-43-41-1d-14-3f-5e-43-4c-49-42-08-1c-1b-4f-53-5b-4c-4a-54-40-1d-57-5a-5b-18-55-58-5d-45-52-46-50-1b-44-59-54-41-5e-56-19-46-59-42-4a-5a-54-41-1c

Use the XOR-decrypt tool! https://www.browserling.com/tools/xor-decrypt

Edited by Crazy Cat, 09 May 2017 - 10:44 PM.

 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#10 WilDoherty

WilDoherty

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 22 May 2017 - 11:54 AM

( Joke )

 

Step 1:   Tape 20 lbs of rancid comp-b to the computer that is malfunctioning, light it on fire, then throw it into a canyon from a cliff. 

 

Step 2:   Purchase a new computer.

 

See, simple.

 



#11 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:12:19 PM

Posted 22 May 2017 - 06:52 PM

( Joke )
 
Step 1:   Tape 20 lbs of rancid comp-b to the computer that is malfunctioning, light it on fire, then throw it into a canyon from a cliff. 
 
Step 2:   Purchase a new computer.
 
See, simple.


I'll use C-4 or BGP http://www.pyrosociety.org.uk/forum/topic/7285-bgp-formulation-and-impetus/#entry87454

C-4 has contained:

90.0–91.0% of cyclonite (RDX explosives)
~2.1% of polyisobutylene (short chain)
~1.6% of motor oil
~5.3% of di-(2-ethylhexyl)sebacate (sometimes it was replaced partly by similar compounds: dioctyl sebacate or dioctyl adipate)
less than 0.6% of water
(small amount of marker or odorizing taggant)

C4 has a detonation velocity of 8092 m/s (26550 ft/s) at high density and velocity of 7550 m/s (24770 ft/s) at low density 1.48 g/ml.
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#12 WilDoherty

WilDoherty

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 23 May 2017 - 01:41 PM

 

( Joke )
 
Step 1:   Tape 20 lbs of rancid comp-b to the computer that is malfunctioning, light it on fire, then throw it into a canyon from a cliff. 
 
Step 2:   Purchase a new computer.
 
See, simple.


I'll use C-4 or BGP http://www.pyrosociety.org.uk/forum/topic/7285-bgp-formulation-and-impetus/#entry87454

C-4 has contained:

90.0–91.0% of cyclonite (RDX explosives)
~2.1% of polyisobutylene (short chain)
~1.6% of motor oil
~5.3% of di-(2-ethylhexyl)sebacate (sometimes it was replaced partly by similar compounds: dioctyl sebacate or dioctyl adipate)
less than 0.6% of water
(small amount of marker or odorizing taggant)

C4 has a detonation velocity of 8092 m/s (26550 ft/s) at high density and velocity of 7550 m/s (24770 ft/s) at low density 1.48 g/ml.

 

Real C-4 only has a substance like motor oil that forms on the outside of it when it is rancid. It is kinda like motor oil with diluted nitro-meth mixed in. LOL.  Somebody at OED sent you an analysis of rancid C-4.  C-4 is Nitroglycerin, sodium bicarbonate, clay powder, sulfur, and cordite......and I am not going to tell you the proper mixture ratios.   wink.



#13 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 6,891 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:19 AM

Posted 24 May 2017 - 05:46 PM

This topic has now gone far too far off-topic and is now closed.

 

Chris Cosgrove






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users