malwaRE- Malware repository framework
Malware exist with different behavior and many security research teams install distributed honeypots to detect new malwares. the honeypots will emulate vulnerable services that attract malwares and they help to catch new binaries. if you are in the malware research field you can take a look at malwaRE project.
malwaRE is a malware repository that helps researchers to store their samples for further analysis or to keep track of any old samples that will be needed in the future. some of the features are:
- Self-hosted solution (PHP/Mysql server needed)
- VirusTotal results (option for uploading unknown samples)
- Search filters available (vendor, filename, hash, tag)
- Vendor name is picked from VirusTotal results in that order: Microsoft, Kaspersky, Bitdefender
- Add writeup url(s) for each sample
- Manage samples by tag
- Tag autocomplete
- VirusTotal rescan button (VirusTotal’s score column)
- Download samples from repository
Screenshot for malwaRE
This allow to have useful integration with virustotal to scan the binary with several antiviruses with a result that are going to be displayed directly on the web interface. you can also integrate the database with your honeypot solution for the reporting purposes.
You can find the latest release for malwaRE over here: https://github.com/c633/malwaRE