To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.

Summary

DS-1457
GT Malware API Call Daily Feed
Dataset
Georgia Tech
Georgia Tech
05/01/2020
Data collection is ongoing
49 (lowest rank is 52)

Category & Restrictions

Cybercrime Infrastructure
malware, cyber crime, application layer security, threat intelligence, local networks
Quasi-Restricted
true

Description


GT Malware API Call Daily Feed

This dataset contains a daily feed of structured host-level API call information produced by the Georgia Tech Information Security Center's malware analysis system. Metadata included with the feed associates each API call log with a specific suspect Windows executable, which is run in a sterile, isolated environment, with controlled access to the Internet, for a short period of time. Each sample's interactions with the operating system is recorded, analyzed, and made available as structured plaintext.

This feed is organized as a set of archives that each correspond to a single day of sample processing-based API call data. Each archive decompresses to a top-level folder containing files that are named according to the SHA256 of the sample that generated them.
This dataset is the subject of ongoing measurement and data collection. As such the data is continuously growing. Researchers who are granted access will be able to download updates for a period of one year after their request.

Additional Details

N/A
Size is growing as more data is collected
true
api, malware, georgia, tech, call, feed, daily, gt, 1457, gt malware api call daily feed, level, analysis, metadata, cybercrime, host, calls, threat, intelligence, host-level, api calls, threat intelligence, 2020, georgia tech, sample, structured, system, plaintext, analyzed, suspect, single, center, specific, windows, executable, controlled, interactions, environment, infrastructure, organized, short, time, dataset, processing, named, sha256, correspond, generated, day, based, period, archive, produced, folder, sterile, associates, files, archives, access, log, isolated, decompresses, security, top, operating, included, cybercrime infrastructure
cybercrime, metadata, malware, analysis, threat intelligence, host-level, api calls