DS-1457

GT Malware API Call Daily Feed

Dataset

Georgia Tech

Georgia Tech

05/01/2020

49 (lowest rank is 56)

Cybercrime Infrastructure

malware, cyber crime, application layer security, threat intelligence, local networks

Quasi-Restricted

true

Data Use Terms

Short Description
GT Malware API Call Daily Feed

Long Description
This dataset contains a daily feed of structured host-level API call information produced by the Georgia Tech Information Security Center's malware analysis system. Metadata included with the feed associates each API call log with a specific suspect Windows executable, which is run in a sterile, isolated environment, with controlled access to the Internet, for a short period of time. Each sample's interactions with the operating system is recorded, analyzed, and made available as structured plaintext.

This feed is organized as a set of archives that each correspond to a single day of sample processing-based API call data. Each archive decompresses to a top-level folder containing files that are named according to the SHA256 of the sample that generated them.

Ongoing Measurement

N/A

true

api, malware, georgia, tech, call, feed, daily, gt, 1457, gt malware api call daily feed, level, analysis, cybercrime, host, metadata, threat, host-level, calls, intelligence, api calls, threat intelligence, 2020, georgia tech, sample, structured, system, plaintext, suspect, analyzed, center, specific, windows, dataset, organized, environment, short, controlled, single, infrastructure, time, executable, associates, processing, sterile, folder, produced, archive, period, based, day, generated, correspond, sha256, files, archives, cybercrime infrastructure, included, operating, top, security, interactions, decompresses, isolated, log, access, named

cybercrime, metadata, malware, analysis, threat intelligence, host-level, api calls