Sophisticated Malicious Applications based on UTRDCL and DCL

Dataset Introduction

File Structure

The dataset is organized in a hierarchical structure to facilitate easy navigation and access to the various components of the malware samples. The structure is as follows:

• Malware Family Name

  : Each malware family is categorized under its respective name.

  • DCL/UTRDCL

    : Within each malware family, there are subdirectories for Dynamic Class Loading (DCL) and UTRDCL (a more sophisticated and covert variant of DCL) techniques.

    • Real Malware: The actual malware samples are stored in these subdirectories, ensuring a clear distinction between the different loading techniques.

  • Report

    : This directory contains the online detection reports for the malware samples.

    • Reporter Name

      : The reports are organized by the name of the security analysis platform, such as VirusTotal, MobSF, and Bazaar (Pithus).

      • DCL/UTRDCL

        : Within each reporter's directory, there are subdirectories for the DCL and UTRDCL variants of the malware samples.

        • Report Content: The actual report files, containing the detailed analysis and detection results, are stored in these subdirectories.

Data Type

The dataset consists of signed Android APK files, which are the primary format for Android applications. This ensures that the malware samples are representative of real-world threats that could be encountered on Android devices.

Content Description

The dataset includes a collection of Android APK files that have been modified to incorporate either traditional DCL or UTRDCL techniques. These techniques are used to load malicious classes dynamically, making the attacks more covert and challenging to detect. Along with the APK files, the dataset also provides online detection reports from reputable sources, offering a comprehensive analysis of the malware samples.

Disclaimer

Disclaimer

The malware samples included in this dataset are live and potentially harmful. They are provided solely for research purposes and should not be used for any malicious or illegal activities. By using this dataset, you acknowledge that you understand the risks associated with handling live malware and agree to use it responsibly.

You are warned that the use of this dataset may pose a risk to your system, network, or data. You are responsible for taking necessary precautions to prevent any damage or harm. The authors of this dataset disclaim any liability for any catastrophic consequences that may arise from the use of this dataset.

By accessing and using this dataset, you agree to hold harmless the authors, their institutions, and their affiliates from any claims, damages, or expenses arising from your use of the dataset. You also agree to comply with all applicable laws and regulations regarding the use of malware samples.

Use of this dataset implies acceptance of these terms.