Malware

WARNING!!!! This page contains malicious and extremely damaging malware. By accessing this resource you acknowledge that:
– You understand how to safely handle malware (help here)
– You agree to this website’s terms of use

Available Malware

Today’s menu of new malware

Average Combined (100)

  • Ransomware 75%

  • Packed Ransomware 15%

  • Other malware 10%

Ransomware (50)

  • Ransomware 100%

Single Test File (1 x Ransomware)

  • Ransomware 100%

Each malware directory contains encrypted zip files, each containing the malware as executables

Malware Repository

Our collection of fresh malware samples, updated twice per day



You’ll need to register/login to access the malware files



Want to share your own malware on here? Let us know.

Malware Samples

Some more information on the malware we have available

Which malware package should I use?

Start with the “Average Combined” malware package. It has a mix of malware that is most similar to what most organisations are seeing on a daily basis. We update the recipe of malware type percentages as we hear of real world changes.

Where does this malware come from?

We collect malware from a number of sources and specific contributors, including honeypots, automated feeds and manual creations. Most sources have chosen to stay private but we’ll gladly publicise the names of any contributors should they approve it.

Why do you mix the malware samples?

The idea of creating these malware “packages” of mixed samples in a recipe of percentage ratios is to reflect real world scenarios. It allows us to easily create and provide different packages that relate to different people and different tests. For example, a test of an endpoint PC that has several layers of AV protection before it (e.g. email / web filters) might require testing against proportionately much more aggressive and evasive malware than a perimeter anti-malware product. Feel free to suggest a different recipe for a malware package here.

Can I get a different mix of malware samples?

Yes, feel free to get in touch and ask about a different recipe for a malware package.

How do I open these encrypted zip files?

The zip files containing the malware executables are all encrypted with a password of “testmyav”. “7-Zip” is a great (and free) tool to open these zip files and extract the malware inside. More tools are available on the Tools page.

What's the password for the malware zip files?

The password is “testmyav” (without the ” “). We chose this over the industry standard “infected” for a number of reasons.

  1. Some web filters attempt to decrypt and open encrypted zip files with the well known password of “infected” so we wanted something different. (Note, if your web filter blocks zips or encrypted zips your out of luck anyway.)
  2. The password isn’t a secret, it’s just there to stop the zip’s contents being scanned and the malware detected. It also protects you from accidental opening. So the password doesn’t need to be complex.
  3. The most simple, memorable and relevant password we could think of was the all lowercase “testmyav”.

Want a few pointers? Fancy a chat? Just want an antivirus product recommendation?