LIBRARY OF MALWARE TRAFFIC PATTERNS

Traffic analysis has been the primary method of malware identification and thousands of IDS signatures developed are the daily proof. Signatures definitely help but ability to visually recognize malware traffic patterns has been always an important skill for anyone tasked with network defense.

The number of malware analysis blogs and papers is overwhelming and it is difficult to keep track of malware features if you don't have access to a well designed and constantly updated malware database. This started as "personal notes" spreadsheet with GET and POST requests for different malware families with information from open sources. We decided others might find it useful too.

Click on the column headers to see recent entries. Use other column headers to sort as needed. Wait a few seconds for the table to load from the Google Sheet. URI and User-Agent fields might have spaces for easier cell wrapping. Remove them if you export the data.

Yes, you can download samples mentioned in the spreadsheet. See the "dl" column in the full spreadsheet table and corresponding links to the download location. Use "Contagio" password scheme (email Mila or admin at deependresearch.org)

VIEW OR DOWNLOAD "MALWARE TRAFFIC PATTERNS"

Source: Deependresearch