In this paper, we introduce Malpedia, our take on a collaborative platform for the curation of a coherent corpus of cleanly labeled, unpacked malware samples. Illustrating one of the use cases for this data set, we provide a comparative overview of structural characteristics for more than 300 families of Windows
Author Archives: Elmar Gerhards-Padilla
A daily task of malware analysts is the extraction of behaviors from malicious binaries. Such behaviors include domain generation algorithms, cryptographic algorithms or deinstallation routines. Ideally, this tedious task would be automated. So far scientific solutions have not gotten beyond proof-ofconcepts. Malware analysts continue to reimplement behaviors of interest manually.
An observable trend in recent years of malware development is the increased use of Domain Generation Algorithms (DGAs). After having announced the project “DGArchive” in a lightning talk of last year’s Botconf, we would like to follow up with a full talk proposal for this year. The core idea of