malwaRE- Malware repository framework

Malware exist with different behavior and many security research teams install distributed honeypots to detect new malwares. the honeypots will emulate vulnerable services that attract malwares and  they help to catch new binaries. if you are in the malware research field you can take a look at malwaRE project.

malwaRE is a malware repository that helps researchers to store their samples for further analysis or to keep track of any old samples that will be needed in the future. some of the features are:

  • Self-hosted solution (PHP/Mysql server needed)
  • VirusTotal results (option for uploading unknown samples)
  • Search filters available (vendor, filename, hash, tag)
  • Vendor name is picked from VirusTotal results in that order: Microsoft, Kaspersky, Bitdefender
  • Add writeup url(s) for each sample
  • Manage samples by tag
  • Tag autocomplete
  • VirusTotal rescan button (VirusTotal’s score column)
  • Download samples from repository

MalwaRE interface

Screenshot for malwaRE

This allow to have useful integration with virustotal to scan the binary with several antiviruses with a result that are going to be displayed directly on the web interface. you can also integrate the database with your honeypot solution for the reporting purposes.

You can find the latest release for malwaRE over here: https://github.com/c633/malwaRE

Share