One of the biggest troubles for understanding or beginning malware analysis for others is the lack of having complete sample(s) as most repos only focus on the dropped executable and not the initial payload(s) as well. The aim of this repository is to have a collection of live samples with all the additional payloads or potential payloads for use in learning how to reverse engineer, deobfuscate, and improve your REM skills with the various samples that you may encounter in the wild.

The samples contained in this archive are in various formats such Powershell, JScript, Malicious Office documents, VBA Macro code, EXE, etc. These samples were obtained through various malware DBs, through archives, or on the dark web. The files have been renamed with its associating SHA256 hash or malware family name, followed by its file type, and with their file extension replaced with ".file" for your safety.

Example: ReEvil_PS.file

Samples are zipped & password protected

Password: infected

For more malware details or Security blog posts visit https://maltek-labs.com