MalShare is a free initiative for researchers to share malware samples for research purposes, which can be accessed via the website and via the API. Before open-sourcing this API client, there was no publicly supported Java library. The code can be found on Github. Below, more information on the usage is given, as well as a rationale on the code.
Table of contents
The API client contains several classes, where the MalShareApi class exposes the API’s functionality. Any exposed function returns either an object that contains the parsed values, or it returns a native byte array. The latter is used when downloading a sample.
Building it as a JAR that includes the dependencies can be done using the command that is given below.
mvn clean compile assembly:single
The MalShareApi object requires the API key in the constructor. The public functions of the class expose the API endpoints, as well as other convenient functions. The returned JSON data is converted into Java classes, which provides easy access to the service’s data in an automated way.
Below, links are given to the blogs that contain the version specific release notes. The most recent release is the first link in the list.
- Version 1.2-stable [22nd of August 2021]
- Version 1.1-stable [11th of May 2021]
- Version 1.0-stable [8th of August 2020]