Free resources for malware researchers

Many free data sources can provide useful information about malware samples they have already seen. They can be queried by file hash or other IOC. Do not upload samples to public tools, such as VirusTotal or public sandboxes. These tools allow others to download samples, which may include sensitive data. Instead, build your own sandbox using CAPE, or use a commercial sandbox service with a contract that protects the confidentiality of your data.

And obviously, be extra careful when handling malware.

Malware data repositories

• VirusTotal
• Malware Hash Registry (MHR)
• MalwareBazaar
• Malshare Warning: Downloads are raw samples, not password-protected archives
• URLhaus
• Malpedia
• Alien Vault Open Threat Exchange (OTX)
• ThreatFox

Malware samples

• https://github.com/Virus-Samples/Malware-Sample-Sources

Multi-engine anti-virus scanners

• VirusTotal
• MetaDefender
• Polyswarm

File Reputation

• VirusTotal
• Malware Hash Registry (MHR)

Automated sandboxes

• Joe Sandbox
• Any.run
• Intezer Analyze
• Hybrid Analysis
• Triage

Website investigation

• URLScan.io

Others

• UnpacMe
• Censys Search
• Shodan