Obtaining samples

This article was published on the 3rd of April 2019. This article was updated on the 2nd of November 2021.

Within this course, the practical cases and live malware samples serve as samples to analyse. When experimenting beyond this course, additional samples are needed. Depending on the goal of the analysis, the analyst’s experience, and the preferred type of sample to analyse, one will find it useful to be able to search through datasets with labelled malware.

Within this chapter, multiple methods to obtain samples are given. Whereas some methods can be used for multiple goals, others focus on a single goal. Obtaining new malware samples as fast as possible is a different goal than obtaining an intriguing sample that is written in a specific language. There is no way to cater everybody’s needs, but the articles in this section should provide a solid foundation for an analyst to start off with.


To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.