Downloading the malware samplesMalware Analysis / Reverse Engineering Course

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Home Forums Courses Malware Analysis / Reverse Engineering Course Downloading the malware samples


This topic contains 14 replies, has 10 voices, and was last updated by  originative 1 year, 11 months ago.

Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
  • #39296


    In the first sample of malware dynamic analysis “Dyer”, I have observed that the malware was downloaded to the local host “Windows 7”, then copied to “Win XP”.

    the question, is it safe to download these malware samples directly to the local host? and how to download them securely?

    Also if you have Anti-Virus installed, it will detect these samples and block it from downloading.

    thank you so much for the valuable course.



    You would want to download the files on a machine that does not have an antivirus, as like you said, it will get deleted. As for the downloading the files to any machine ….just download them and not run them. Unless your going to a webpage that has exploits a browser vulnerability, just downloading malware won’t do anything (if you don’t run it). If your going to get into malware analysis you will be working with live malware all the time on different machines.

    Now if you want to send malware between yourself and other researchers, its standard practice to compress it with zip/rar/7zip, password protecting the file with the password: infected
    ^this is an industry standard that we all follow. If one malware researcher sends a file to another “infected” is always the first password they try to decrypt/decompress the file with.



    Thanks a lot for the information 🙂



    You can also zip/tar/rar your malware samples with password (encrypt) to keep it safe in machines, then you can copy to your sandboxing machine and work with the sample.

    Other thing you can do is to “whitelist” a site folder in your machine so your AV solution will not delete it.

    • This reply was modified 4 years, 8 months ago by  oadominguez.


    ^ Yup, I do recommend you whitelist a random folder c:\malwarestuff\* so you can even look at things without your AV deleting it. Its a pita when you are looking at a zero day and the next day you come back to work and see the AV picked it up. Also, if your trying to compare/contrast one piece of malware against another, most of the time (you would hope) your AV will pick it up ….so it will keep deleting it when you copy it to your working machine.

    Its best to have an isolated test network, but also have a working machine on that network that you are “trying to keep clean” but isn’t your main machine that you go to your banking sites etc on.



    Thanks for the good tips @opsecj and @oadominguez
    – was zipping but not using a standard pwd each time 🙂



    Many thanks for the valuable comments 🙂






    I use the suggestions listed and a portable hard drive or usb stick…



    Weird question… Is there anyway alternative way to get malware samples than downloading? I am curious to know if I can get usb stick or a cd with the malware sample.



    ^ sure there are plenty of ways to get USB sticks with malware on them. Just come by Vegas in 3 weeks for blackhat or defcon lol. Your not gonna know there is malware on them but that sounds like what your asking ha



    sir from where i get malware samples






    Hi shubham00,

    You can download malware samples from

    This is description about this site:

    Contagio is a collection of the latest malware samples, threats, observations, and analyses. Note: Zip files passwords: Contact me via email (see my profile) for the passwords or the password scheme. If you see errors, typos, etc, please let me know.

    Malware samples are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection.



    you can download free malware sample for analysis form here Download Free Malware Samples

Viewing 15 posts - 1 through 15 (of 15 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?