MAEC Sample Datasets Repository - a collection of MAEC datasets to be used for testing and other informational purposes.
- misc: A collection of miscellaneous samples analyzed with dynamic analysis engines, whose output was then converted into MAEC.
- zeus: A number of Zeus bot samples analyzed with dynamic analysis engines, whose output was then converted into MAEC.
Other MAEC Datasets
- https://github.com/ptrac3/MAEC-Dataset : A collection of MAEC analyses of Cryptolocker, Ghostrat, and several other malware families, analyzed with Cuckoo Sandbox. Thanks to @ptrac3!
NOTE: This content is meant ONLY for testing and analysis related to MAEC. It is not meant to be an up to date resource of malware characterizations or to be used for malware detection in a production environment.
Malware Attribute Enumeration and Characterization (MAEC™) is a standardized language for sharing structured information about malware based upon attributes such as behaviors, artifacts, and attack patterns.
The goal of the MAEC (pronounced "mike") effort is to provide a basis for transforming malware research and response. MAEC aims to eliminate the ambiguity and inaccuracy that currently exists in malware descriptions and to reduce reliance on signatures. In this way, MAEC seeks to improve human-to-human, human-to-tool, tool-to-tool, and tool-to-human communication about malware; reduce potential duplication of malware analysis efforts by researchers; and allow for the faster development of countermeasures by enabling the ability to leverage responses to previously observed malware instances. The MAEC Language enables correlation, integration, and automation.
Please visit the MAEC website for more information about the MAEC Language.
Join the public MAEC Community Email Discussion List.
Email the MAEC Developers at [email protected].