DanielRuf
commented
2 years ago From the repository description:
Malware samples from honeypots
Such collections are just this: someone uploaded such malicious files (can be anybody) to specially created servers (honeypots) which collect these uploaded files.
These honeypots are managed by security researchers in their free time (like the owner of this repo).
The collected samples are then uploaded here. This is to make it easier for others to detect, disassemble / analyze and process them.
For example you can write (better) detection rules for your antivirus scanners (for example yara rules) to prevent that such new samples are going undetected.
The person behind this repo is probably not the user / malicious actor who uploads them on other websites.
It's basically an arms race. Researchers share their findings to help making systems more secure. Beginners in the hacker community may find these and adapt / change the code to bypass detection (they already do that in hacker forums, so such a huge collection of samples is not that interesting for them, they have not the time to look at all 48k files).
just curious if you might happen to know who it was. I was wondering if ur code collection is your own or someone elses compiled