Efficient Way to Obtain Malware Samples.

It’s fun to experiment with Malware from within a virtual machine. The only problem is getting the samples. You have to go to the MalwareDomainList, Malc0de Database, and CleanMX. Most of the PHP redirection malware don’t work and it’s a pain to get non-duplicate samples. I have found this nice way of obtaining hundreds of Zero-Day malware within less than an hour.

  1. Download and install a copy of Backtrack 5 Linux
  2. Install Python magic (apt-get update && apt-get install python-magic)
  3. Download the MWCRAWLER script (https://github.com/ricardo-dias/mwcrawler/)
  4. Right click the script, click properties, and under permissions check “Allow Executing File as Program”
  5. Simply double click the script and it will download the samples to /opt/malware/unsorted/
  6. Just rename the files under “PE32” to “.exe” (Use the Bulk Rename Utility) Bulk Rename Utility - Free File Renaming Software

If any of you have enjoyed this or have a better way of obtaining samples please write below. :smiley:

Pretty cool 8)
BackTrack 5 is a powerful tool and well worth the time learning Linux commands

Thanks for this post :-TU

As always be very careful when dealing with malware even in a vm:

I see you are very prepared. My warning is for the less experienced users to be very careful when starting to play around with this.