All contributions welcome, please open a pull request if you have anything to add.
Open discussion/questions about this repository on GitHub here.
Some larger samples are split, to unpack please use 7-Zip:
https://www.7-zip.org/download.html
I disclaim all liability for any issues arising from the use of these constructor/builder samples.
By downloading them, you acknowledge doing so at your own risk and agree to use them lawfully and solely for research purposes.
Notice for anyone who is interested in the origin/creation of this repository.
This collection is collected and checked by myself, not a rip/reupload of any other collection, a few have problems:
1. VX-Undergrounds builder archive is mostly aggregated from 'BlackHatRussia', a site run by 'Adrikadi'.
BlackHatRussia's owner 'Adrikadi' backdoors many tools with a crypto clipper, gaining profit illictly from it.
A few examples of issues, are the LuminosityLink builder being bound to a cryptominer while I provide a clean version.
2. Other GitHub collections have either unclean or purposely infected collections, including binding everything with a miner/backdoor.
For example, if anything here's infected it's cleaned/documented, such examples are 'WizWorm' with a backdoor in the stub.
Cleaned samples include 'MrTeeDol' which had a backdoor embedded in the server itself, which has been removed before uploading.
3. The purpose of this repo is to provide researchers/malware analysts clean builders to create IOCs/Yara rules.
I disclaim all liability for any issues arising from the use of these constructor/builder samples for any purposes other than research.
By downloading them, you acknowledge doing so at your own risk and agree to use them lawfully and solely for research purposes.