Sophisticated Malicious Applications based on UTRDCL and DCL

Citation Author(s):
Xin
Zhao
Submitted by:
Xin Zhao
Last updated:
Sat, 09/21/2024 - 01:52
DOI:
10.21227/jh03-mt35
License:
0
0 ratings - Please login to submit your rating.

Abstract 

Our dataset is constructed by leveraging existing malware samples and utilizing both UTRDCL and traditional DCL techniques to load the malicious components, thereby launching attacks. In addition to the malware samples themselves, we also provide online detection reports from reputable sources, including VirusTotal, MobSF, and Bazaar (Pithus). These reports offer a comprehensive analysis of the malware samples, enabling researchers to gain a deeper understanding of the attacks and their characteristics. The dataset is designed to facilitate the development and evaluation of effective detection and mitigation strategies against dynamic class loading attacks.

Instructions: 

Dataset Introduction

File Structure

The dataset is organized in a hierarchical structure to facilitate easy navigation and access to the various components of the malware samples. The structure is as follows:

  • Malware Family Name

    : Each malware family is categorized under its respective name.

    • DCL/UTRDCL

      : Within each malware family, there are subdirectories for Dynamic Class Loading (DCL) and UTRDCL (a more sophisticated and covert variant of DCL) techniques.

      • Real Malware: The actual malware samples are stored in these subdirectories, ensuring a clear distinction between the different loading techniques.

    • Report

      : This directory contains the online detection reports for the malware samples.

      • Reporter Name

        : The reports are organized by the name of the security analysis platform, such as VirusTotal, MobSF, and Bazaar (Pithus).

        • DCL/UTRDCL

          : Within each reporter's directory, there are subdirectories for the DCL and UTRDCL variants of the malware samples.

          • Report Content: The actual report files, containing the detailed analysis and detection results, are stored in these subdirectories.

Data Type

The dataset consists of signed Android APK files, which are the primary format for Android applications. This ensures that the malware samples are representative of real-world threats that could be encountered on Android devices.

Content Description

The dataset includes a collection of Android APK files that have been modified to incorporate either traditional DCL or UTRDCL techniques. These techniques are used to load malicious classes dynamically, making the attacks more covert and challenging to detect. Along with the APK files, the dataset also provides online detection reports from reputable sources, offering a comprehensive analysis of the malware samples.

Disclaimer

Disclaimer

The malware samples included in this dataset are live and potentially harmful. They are provided solely for research purposes and should not be used for any malicious or illegal activities. By using this dataset, you acknowledge that you understand the risks associated with handling live malware and agree to use it responsibly.

You are warned that the use of this dataset may pose a risk to your system, network, or data. You are responsible for taking necessary precautions to prevent any damage or harm. The authors of this dataset disclaim any liability for any catastrophic consequences that may arise from the use of this dataset.

By accessing and using this dataset, you agree to hold harmless the authors, their institutions, and their affiliates from any claims, damages, or expenses arising from your use of the dataset. You also agree to comply with all applicable laws and regulations regarding the use of malware samples.

Use of this dataset implies acceptance of these terms.

Comments

Hi Xin Zhao .How are you ? My Name is Harshit Kumar. I am a student of Second Year studying in Graphic Era Deemed University Dehradun,Uttarakhand,India.I am pursuing BTECH CSE in specialization with Cyber Security. Nowadays i am currently working on my mini project titled Malware Analysis. So i require your researched datasets for my reference.So pls share your Datasets with me.You can mail me on this email id also hr171004@gmail.com.

Submitted by Harshit Kumar on Mon, 10/21/2024 - 11:55

Dataset Files

    Files have not been uploaded for this dataset