{"id":46018337,"url":"https://github.com/kasuncsb/live-malware-db","last_synced_at":"2026-04-02T20:38:42.266Z","repository":{"id":336813075,"uuid":"1151195321","full_name":"KasunCSB/Live-Malware-DB","owner":"KasunCSB","description":"A collection of latest malware samples","archived":false,"fork":false,"pushed_at":"2026-02-28T10:31:16.000Z","size":2134033,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-28T15:15:57.906Z","etag":null,"topics":["malware","malware-analysis","malware-research","malware-sample"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/KasunCSB.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-06T06:54:49.000Z","updated_at":"2026-02-28T12:10:17.000Z","dependencies_parsed_at":null,"dependency_job_id":"d467cc9e-53d5-4f9f-b51c-795ea6777dfe","html_url":"https://github.com/KasunCSB/Live-Malware-DB","commit_stats":null,"previous_names":["kasuncsb/live-malware-db"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/KasunCSB/Live-Malware-DB","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KasunCSB%2FLive-Malware-DB","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KasunCSB%2FLive-Malware-DB/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KasunCSB%2FLive-Malware-DB/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KasunCSB%2FLive-Malware-DB/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/KasunCSB","download_url":"https://codeload.github.com/KasunCSB/Live-Malware-DB/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KasunCSB%2FLive-Malware-DB/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29958378,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T01:47:18.291Z","status":"online","status_checked_at":"2026-03-01T02:00:07.437Z","response_time":124,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["malware","malware-analysis","malware-research","malware-sample"],"created_at":"2026-03-01T02:00:34.057Z","updated_at":"2026-03-01T02:00:42.729Z","avatar_url":"https://github.com/KasunCSB.png","language":"Python","readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"Assets/logo.png\" width=\"20%\" alt=\"Live Malware Database\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eLive Malware Database\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ci\u003eCurated collection of malware samples for security research and threat analysis\u003c/i\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Samples-3299-6b21a8\" alt=\"Total Samples\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Families-68-red\" alt=\"Malware Families\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Archived-3299-green\" alt=\"Archived\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Updated-2026--03--01-blue\" alt=\"Last Updated\"\u003e\n\u003c/p\u003e\n\n---\n\n**DISCLAIMER**: This repository contains live malware samples intended exclusively for security research, malware analysis, and educational purposes. By accessing this repository, you agree to the [Terms of Use](TERMS_OF_USE.md). The maintainers assume no liability for misuse.\n\n---\n\n## About\n\nThis is a curated collection of live malware samples actively seen in current threat environments. From a large pool of malware samples, specific criteria are used to select only fresh and verified samples - the rest are filtered out. This approach ensures quality over quantity, giving researchers actual current threats rather than historical malware. It supports antivirus detection testing, malware behavior analysis, threat research, and understanding how threat actors are evolving.\n\nThe repository cycles monthly: clone to get current month's samples, and at month-end samples are archived to releases and the repository is refreshed. This keeps the main repository focused on latest threats while maintaining historical archives for further analysis.\n\n## Recent Additions\n\n| Family | Verdict | OS | SHA-256 | Discovered | VT |\n|--------|---------|-----|--------|------------|----|\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[54a790f11f64b2f4a0649f61acd006cefe63147c6d4c122bcbe732fa4c49e320](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/y)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:26:16Z\" tense=\"past\"\u003e40m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/54a790f11f64b2f4a0649f61acd006cefe63147c6d4c122bcbe732fa4c49e320\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[0788c1c249cb3ed3c96f76062f1bfe0091899b3bef78160eb55a8c8014ab4f0e](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/x)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:25:34Z\" tense=\"past\"\u003e41m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/0788c1c249cb3ed3c96f76062f1bfe0091899b3bef78160eb55a8c8014ab4f0e\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[52817af1b60452736b419cfc629f3e2c493ca07b952093c0817be6f118dbabf1](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/w)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:24:54Z\" tense=\"past\"\u003e42m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/52817af1b60452736b419cfc629f3e2c493ca07b952093c0817be6f118dbabf1\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[31af34400c260dbb02de00f976709cce410de17dbc66123cfb11f42f4a3beb08](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/v)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:24:34Z\" tense=\"past\"\u003e42m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/31af34400c260dbb02de00f976709cce410de17dbc66123cfb11f42f4a3beb08\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[c406e9185645c7a40319fabc9b021021a9acffb2ec23253ec38f161be4fc1d20](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/u)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:23:54Z\" tense=\"past\"\u003e43m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/c406e9185645c7a40319fabc9b021021a9acffb2ec23253ec38f161be4fc1d20\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[c9f1e6d5cb31e4efd65a5a3680df0badfda61bb4646c1af0ded9b9e13836c47b](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/t)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:23:34Z\" tense=\"past\"\u003e43m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/c9f1e6d5cb31e4efd65a5a3680df0badfda61bb4646c1af0ded9b9e13836c47b\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ew | Linux | \u003ccode\u003e[a5d3b14ed9482a0c4947dcbcc206c40cee0ceddd0e80985a4be045eaf2fab7c6](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ew/s)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:23:15Z\" tense=\"past\"\u003e43m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/a5d3b14ed9482a0c4947dcbcc206c40cee0ceddd0e80985a4be045eaf2fab7c6\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Unknown | HEUR:Trojan-Downloader.Shell.Agent.p | Linux | \u003ccode\u003e[8b9ea0ab6d318a0bf0e90a2d12c9b2a23d3f242f1b081464e4721fbc12b1ec11](Binaries/Unknown/HEUR-Trojan-Downloader.Shell.Agent.p/ap)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:22:54Z\" tense=\"past\"\u003e44m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/8b9ea0ab6d318a0bf0e90a2d12c9b2a23d3f242f1b081464e4721fbc12b1ec11\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Trojan-Downloader.Shell.Agent.p | Linux | \u003ccode\u003e[24d4f12d88d5d787dffe22d0fb215e00e5f23ae9c9e6702d7aa4da518f93a2f1](Binaries/Mirai/HEUR-Trojan-Downloader.Shell.Agent.p/ba)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:22:36Z\" tense=\"past\"\u003e44m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/24d4f12d88d5d787dffe22d0fb215e00e5f23ae9c9e6702d7aa4da518f93a2f1\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.ba | Linux | \u003ccode\u003e[2e6c6f5a0532054eea876c6d225f1e70d8d24d9952d6aecef799cb6948bc9c0a](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.ba/br)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:20:54Z\" tense=\"past\"\u003e46m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/2e6c6f5a0532054eea876c6d225f1e70d8d24d9952d6aecef799cb6948bc9c0a\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Unknown | HEUR:Trojan-Downloader.Shell.Agent.bc | Linux | \u003ccode\u003e[d51ef350ddbc990d6ca77d90b69a3fc7b959f921abc20423268aeefa7e2c92e3](Binaries/Unknown/HEUR-Trojan-Downloader.Shell.Agent.bc/m)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:20:15Z\" tense=\"past\"\u003e46m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/d51ef350ddbc990d6ca77d90b69a3fc7b959f921abc20423268aeefa7e2c92e3\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| SpyNote | HEUR:Trojan-Spy.AndroidOS.SpyNote.bv | Android | \u003ccode\u003e[2b6d20746ed11f62b35a7c29d1912de18248e9e10247c29a6ee0929877a57d77](Binaries/SpyNote/HEUR-Trojan-Spy.AndroidOS.SpyNote.bv/b)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:19:54Z\" tense=\"past\"\u003e47m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/2b6d20746ed11f62b35a7c29d1912de18248e9e10247c29a6ee0929877a57d77\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| SpyNote | HEUR:Trojan-Spy.AndroidOS.SpyNote.bv | Android | \u003ccode\u003e[ad02db22949f80c2981ae59813672c44d339eb94dfdd4e01ff329470cdd9230e](Binaries/SpyNote/HEUR-Trojan-Spy.AndroidOS.SpyNote.bv/a)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:19:35Z\" tense=\"past\"\u003e47m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/ad02db22949f80c2981ae59813672c44d339eb94dfdd4e01ff329470cdd9230e\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| SpyNote | HEUR:Trojan-Spy.AndroidOS.SpyNote.dk | Android | \u003ccode\u003e[6c1aeaeb5786f3632f0a02356b26bdde2ccf77e1e8c6d3f8f6b88e9458f7839f](Binaries/SpyNote/HEUR-Trojan-Spy.AndroidOS.SpyNote.dk/c)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:18:55Z\" tense=\"past\"\u003e48m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/6c1aeaeb5786f3632f0a02356b26bdde2ccf77e1e8c6d3f8f6b88e9458f7839f\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| SpyNote | HEUR:Trojan-Spy.AndroidOS.SpyNote.dk | Android | \u003ccode\u003e[9aafbc143c66661609f34c483a85015f30f7da2a38f375d9e10c8eeadc6cb5da](Binaries/SpyNote/HEUR-Trojan-Spy.AndroidOS.SpyNote.dk/b)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:18:35Z\" tense=\"past\"\u003e48m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/9aafbc143c66661609f34c483a85015f30f7da2a38f375d9e10c8eeadc6cb5da\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| SpyNote | HEUR:Trojan-Spy.AndroidOS.SpyNote.dk | Android | \u003ccode\u003e[deb2cc80a190e73d81758b738bac4e8f0f116b587b07d65ddc8b668f0b89b0bb](Binaries/SpyNote/HEUR-Trojan-Spy.AndroidOS.SpyNote.dk/a)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:18:15Z\" tense=\"past\"\u003e48m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/deb2cc80a190e73d81758b738bac4e8f0f116b587b07d65ddc8b668f0b89b0bb\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| ConnectWise | not-a-virus:HEUR:RemoteAdmin.Win32.Conne | Windows | \u003ccode\u003e[9c71fca90904adceac3477b5c5a85cbdd3d5b4c4c64bee96730ed68d17441048](Binaries/ConnectWise/not-a-virus-HEUR-RemoteAdmin.Win32.ConnectWise.gen/ac)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:17:34Z\" tense=\"past\"\u003e49m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/9c71fca90904adceac3477b5c5a85cbdd3d5b4c4c64bee96730ed68d17441048\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.r | Linux | \u003ccode\u003e[be75c36a98af6797dfee6a7cde7b0547b460bae66bc8f37a8a949a91b433cb0b](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.r/cv)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:16:34Z\" tense=\"past\"\u003e50m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/be75c36a98af6797dfee6a7cde7b0547b460bae66bc8f37a8a949a91b433cb0b\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.r | Linux | \u003ccode\u003e[a6f5c3ec37d0b63b6d17d93f2b9b5c1c17326191fc83779e436ff3b1ad27d748](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.r/cu)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:16:14Z\" tense=\"past\"\u003e50m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/a6f5c3ec37d0b63b6d17d93f2b9b5c1c17326191fc83779e436ff3b1ad27d748\" target=\"_blank\"\u003elink\u003c/a\u003e |\n| Mirai | HEUR:Backdoor.Linux.Mirai.r | Linux | \u003ccode\u003e[f56a8b969702c6e14fd6be7fa8b680273814c41410525cf514664d097554bc91](Binaries/Mirai/HEUR-Backdoor.Linux.Mirai.r/ct)\u003c/code\u003e | \u003crelative-time datetime=\"2026-02-28T23:15:54Z\" tense=\"past\"\u003e51m ago\u003c/relative-time\u003e | \u003ca href=\"https://www.virustotal.com/gui/file/f56a8b969702c6e14fd6be7fa8b680273814c41410525cf514664d097554bc91\" target=\"_blank\"\u003elink\u003c/a\u003e |\n\n## Repository Structure\n\n```\nBinaries/\n└── \u003cfamily\u003e/\n    └── \u003cverdict\u003e/\n        └── \u003cvariant\u003e/\n            ├── \u003chash\u003e.zip\n            └── \u003chash\u003e.json\n```\n\n**ZIP Password**: `infected`\n\n## Access\n\n**Individual Samples**: Browse the `Binaries` directory.  \n**Monthly Archives**: Download complete monthly datasets from [Releases](../../releases) as compressed tarballs.\n\n## License\n\nSee [LICENSE](LICENSE) file for details.\n\n\u003e **IMPORTANT NOTICE**: This license applies ONLY to the repository structure, documentation, and associated tooling. It does NOT apply to the malware samples contained within. Malware samples are provided solely for educational purposes and use of them is at your own risk.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkasuncsb%2Flive-malware-db","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkasuncsb%2Flive-malware-db","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkasuncsb%2Flive-malware-db/lists"}