MalFe

Please wait ...

Public Datasets

API CALL FREQUENCY Rows: 3083 | Cols: 284 | Reports Used: 3084

Description: Frequency of API call types in samples

Dataset SHA256: 257fc6dbd5b73a55e29041724b767242353e6fcf51fd5bf0eb9c869c793c605c

Features (sample):

Ransomware(2512), Development(20), Education(9), Games(52), Graphics(55), Internet(83), Music / Video(47), Office(54), Security(30), Utilities(222)

	Sample Name	category	label	SetErrorMode	OleInitialize	LdrGetDllHandle	LdrLoadDll	LdrGetProcedureAddress	NtOpenSection	NtMapViewOfSection	RegOpenKeyExW	RegQueryValueExW	RegCloseKey	NtClose	NtOpenKey	NtQueryValueKey	GetSystemWindowsDirectoryW	NtCreateFile	NtCreateSection	RegOpenKeyExA	CreateActCtxW	GetSystemDirectoryW	GetVolumeNameForVolumeMountPointW	NtDuplicateObject	LoadStringW	NtCreateMutant	GetNativeSystemInfo	RegEnumKeyW	NtQuerySystemInformation	RegQueryValueExA	NtQueryDirectoryFile	GlobalMemoryStatusEx	CoCreateInstance	NtAllocateVirtualMemory	CreateDirectoryW	DeleteFileW	GetFileSizeEx	NtReadFile	GetFileInformationByHandleEx	GetSystemTimeAsFileTime	GetVolumePathNamesForVolumeNameW	LdrUnloadDll	CoInitializeEx	NtOpenProcess	CoUninitialize	NtFreeVirtualMemory	NtOpenFile	NtQueryInformationFile	GetFileAttributesW	FindFirstFileExW	NtQueryAttributesFile	NtUnmapViewOfSection	SetFilePointerEx	SetFilePointer	GetTempPathW	GetFileSize	NtWriteFile	FindResourceExW	LoadResource	SHGetFolderPathW	NtProtectVirtualMemory	GetFileType	ReadProcessMemory	GetForegroundWindow	GetSystemMetrics	SetFileTime	NtSetInformationFile	SearchPathW	NtOpenMutant	RegEnumKeyExW	DrawTextExW	GetAsyncKeyState	GetDiskFreeSpaceExW	GetKeyState	FindWindowW	FindWindowExA	CreateThread	MoveFileWithProgressW	SetFileAttributesW	RemoveDirectoryW	NtTerminateProcess	CreateToolhelp32Snapshot	Process32FirstW	Process32NextW	FindWindowExW	SetEndOfFile	GetCursorPos	SetUnhandledExceptionFilter	OutputDebugStringA	GetSystemInfo	FindResourceW	SizeofResource	NtDelayExecution	GetKeyboardState	WSAStartup	socket	setsockopt	NtDeviceIoControlFile	closesocket	GetBestInterfaceEx	GetAdaptersAddresses	NtQueryKey	RegCreateKeyExW	GetAddrInfoW	GetUserNameExW	RegSetValueExW	RegDeleteValueW	InternetQueryOptionA	URLDownloadToFileW	IsDebuggerPresent	CreateProcessInternalW	GetTimeZoneInformation	LookupAccountSidW	SendNotifyMessageW	UuidCreate	GetFileVersionInfoSizeW	GetFileVersionInfoW	NtEnumerateValueKey	EnumWindows	OpenSCManagerW	GetComputerNameW	GetUserNameW	NetShareEnum	GetFileInformationByHandle	DeviceIoControl	ShellExecuteExW	RegQueryInfoKeyW	RegEnumValueW	RegDeleteKeyW	NtReadVirtualMemory	NtOpenKeyEx	NtSetValueKey	NtCreateKey	GetVolumePathNameW	GetFileAttributesExW	GetUserNameExA	RegCreateKeyExA	CryptAcquireContextW	NtEnumerateKey	NtDeleteKey	OpenServiceW	NtOpenDirectoryObject	CreateJobObjectW	SetInformationJobObject	RegEnumKeyExA	__exception__	GetShortPathNameW	LoadStringA	FindResourceA	DrawTextExA	RegQueryInfoKeyA	RegSetValueExA	SHGetSpecialFolderLocation	NtCreateThreadEx	NtResumeThread	gethostbyname	GetSystemDirectoryA	FindResourceExA	GetDiskFreeSpaceW	CertOpenStore	CryptDecodeObjectEx	CertControlStore	CryptHashData	NtOpenThread	MessageBoxTimeoutW	LookupPrivilegeValueW	CryptAcquireContextA	SetFileInformationByHandle	RemoveDirectoryA	SetWindowsHookExW	CopyFileW	GetFileVersionInfoSizeExW	GetFileVersionInfoExW	CoInitializeSecurity	WSASocketW	WSAConnect	UnhookWindowsHookEx	CertOpenSystemStoreW	getaddrinfo	InternetCrackUrlW	CoCreateInstanceEx	CoGetClassObject	IWbemServices_ExecQuery	SetStdHandle	GlobalMemoryStatus	NetGetJoinInformation	CryptCreateHash	GetComputerNameA	InternetOpenA	InternetOpenUrlA	InternetCloseHandle	ReadCabinetState	InternetOpenW	InternetConnectW	HttpOpenRequestW	HttpSendRequestW	NtDeleteValueKey	HttpQueryInfoA	RegEnumValueA	CryptProtectMemory	CreateServiceW	WriteConsoleA	CopyFileA	WriteProcessMemory	SendNotifyMessageA	RegDeleteKeyA	WriteConsoleW	JsGlobalObjectDefaultEvalHelper	ObtainUserAgentString	StartServiceW	NtQueueApcThread	RtlAddVectoredContinueHandler	CryptExportKey	CryptGenKey	CryptEncrypt	NetUserGetInfo	GetUserNameA	InternetOpenUrlW	system	GetAdaptersInfo	Module32FirstW	NtGetContextThread	Module32NextW	RtlAddVectoredExceptionHandler	NtSuspendThread	OpenSCManagerA	OpenServiceA	NtQueryMultipleValueKey	MessageBoxTimeoutA	ControlService	NtTerminateThread	EncryptMessage	DecryptMessage	DeleteService	FindWindowA	RtlRemoveVectoredExceptionHandler	ioctlsocket	connect	select	SetWindowsHookExA	CreateServiceA	bind	listen	getsockname	accept	InternetCrackUrlA	InternetConnectA	HttpOpenRequestA	HttpSendRequestA	sendto	shutdown	RtlDecompressBuffer	NtSetContextThread	Thread32First	Thread32Next	CreateRemoteThread	InternetReadFile	CreateRemoteThreadEx	timeGetTime	DnsQuery_A	InternetGetConnectedState	RegisterHotKey	CryptDecrypt	CopyFileExW	NtDeleteFile	send	DeleteUrlCacheEntryA	EnumServicesStatusW	recv	NtWriteVirtualMemory	InternetSetOptionA	NtLoadDriver	__anomaly__	EnumServicesStatusA	RegDeleteValueA	CertCreateCertificateContext	InternetSetStatusCallback	IWbemServices_ExecMethod	AssignProcessToJobObject	StartServiceA	CryptProtectData	CryptUnprotectData	CryptUnprotectMemory	SHA256
0	4e0d1edb76747fd945b87dd18299298f0df719edbea946119d91db59a9b6527a.exe	Ransomware	1	245	6	141	253	1426	49	64	1547	1308	7834	18734	413	172	58	7398	41	6553	6	25	21	46	243	24	9	8	7	6417	920	1	53	3346	9	12	6	11208	3	192	48	74	34	15	40	3771	65	15	149	17478	14	50	0	51483	1	14	40704	32	31	8	6	406	0	4	670	3317	6	0	1	128	86	0	0	0	0	0	6	3507	7016	0	75	0	0	0	134	3314	0	21	0	10	2	1	6552	0	8	6	6	48	6	4	2	12	235	2	8	271	69	0	0	2	28	1	6	0	2	9	9	0	6	2	15	0	1	0	0	5	72	128	0	0	0	0	0	5	16	0	4	1	0	0	2	7	0	0	90	1	0	93	0	0	0	4	6	1	4	0	4	0	0	0	0	0	0	8	0	6	2	0	0	0	1	0	0	8	0	0	0	0	0	4	8	10	4	0	2	0	0	2	3	2	7	0	0	0	0	0	0	0	0	4	0	2	0	3	0	0	108	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	1	1	0	0	0	0	0	0	1	2	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	36	4e0d1edb76747fd945b87dd18299298f0df719edbea946119d91db59a9b6527a
1	GandCrab.exe	Ransomware	1	2	0	11	2	24	0	0	0	0	0	3	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	6	0	0	0	0	0	1	0	0	0	0	0	1	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	3	0	0	0	0	0	0	1	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	22299	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	bfb9db791b8250ffa8ebc48295c5dbbca757a5ed3bbb01de12a871b5cd9afd5a
...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...	...
3081	Zeppelin_7d809e8c9b98c16647bbfac49854c28ecc3fe6d4345410deeaa79445cc50cf51.exe	Ransomware	1	0	0	14	20	252	0	0	33	17	28	44	8	2	0	1	0	25	0	1	0	3	0	0	1	0	0	0	0	0	5	21	0	1	0	0	0	3	0	0	3	0	3	2	0	0	0	22	4	0	0	0	0	0	1	0	0	0	12	0	0	0	5	0	0	0	0	0	0	0	0	0	0	0	1	0	0	0	0	0	0	0	0	0	0	1	0	0	0	0	23	0	4	3	3	22	3	2	1	4	4	1	0	7	2	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	0	31	0	0	0	0	0	0	1	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	1	2	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	7d809e8c9b98c16647bbfac49854c28ecc3fe6d4345410deeaa79445cc50cf51
3082	Zeppelin_eb920e0fc0c360abb901e04dce172459b63bbda3ab8152350885db4b44d63ce5.exe	Ransomware	1	71	0	68	60	324	0	13	155	230	6836	20656	143	79	10	8282	11	6413	0	5	3	16	6	2	3	0	0	6325	1209	0	30	7682	0	3	0	12412	0	32	8	27	12	6	12	10603	52	2	20	19088	12	12	0	58288	0	0	47094	0	0	0	0	82	0	0	9	3836	3	0	0	2	0	0	0	0	0	0	2	3836	8070	0	39	0	0	0	0	3836	0	10	0	0	0	0	6407	0	14	12	12	67	12	4	2	8	337	2	4	347	5	0	0	2	14	0	4	0	0	0	0	0	0	1	13	0	0	0	0	1	2	0	0	0	0	0	0	1	0	0	4	0	0	0	1	2	0	0	7	1	0	93	0	0	0	4	2	0	2	0	0	0	0	0	0	0	0	6	0	6	0	0	0	0	1	0	0	4	0	0	0	0	0	4	6	6	2	0	0	0	0	2	3	2	7	0	0	0	0	0	0	0	0	0	0	2	0	6	0	4	53	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	1	1	0	0	0	0	0	0	2	2	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	1	0	0	0	0	0	0	0	0	eb920e0fc0c360abb901e04dce172459b63bbda3ab8152350885db4b44d63ce5

3083 rows × 284 columns

Created by: VHUHWAVHO
Downloaded 4 times
Comments Enabled: True
Comments: 0

def process(data, filename, sha256, category, malicious):
    try:
        # Implement your data processing here, this function will get called with the data of each 
        # report in the category you have selected along with the filename of the report and hash. 
        # Do your processing and add your data to the features array, and return the features_lables, features, and sha256
        # PLEASE NOTE: THE CODE BELOW SERVES AS AN EXAMPLE ONLY! This example extracts the entropy of the PE Sections. Which can be seen here: https://malfe.cs.up.ac.za/datasets/view/Entropy_of_PE_Sections/5
        ###
        api_types_dict = {"SetErrorMode": 0, "OleInitialize": 0, "LdrGetDllHandle": 0, "LdrLoadDll": 0, "LdrGetProcedureAddress": 0, "NtOpenSection": 0, "NtMapViewOfSection": 0, "RegOpenKeyExW": 0, "RegQueryValueExW": 0, "RegCloseKey": 0, "NtClose": 0, "NtOpenKey": 0, "NtQueryValueKey": 0, "GetSystemWindowsDirectoryW": 0, "NtCreateFile": 0, "NtCreateSection": 0, "RegOpenKeyExA": 0, "CreateActCtxW": 0, "GetSystemDirectoryW": 0, "GetVolumeNameForVolumeMountPointW": 0, "NtDuplicateObject": 0, "LoadStringW": 0, "NtCreateMutant": 0, "GetNativeSystemInfo": 0, "RegEnumKeyW": 0, "NtQuerySystemInformation": 0, "RegQueryValueExA": 0, "NtQueryDirectoryFile": 0, "GlobalMemoryStatusEx": 0, "CoCreateInstance": 0, "NtAllocateVirtualMemory": 0, "CreateDirectoryW": 0, "DeleteFileW": 0, "GetFileSizeEx": 0, "NtReadFile": 0, "GetFileInformationByHandleEx": 0, "GetSystemTimeAsFileTime": 0, "GetVolumePathNamesForVolumeNameW": 0, "LdrUnloadDll": 0, "CoInitializeEx": 0, "NtOpenProcess": 0, "CoUninitialize": 0, "NtFreeVirtualMemory": 0, "NtOpenFile": 0, "NtQueryInformationFile": 0, "GetFileAttributesW": 0, "FindFirstFileExW": 0, "NtQueryAttributesFile": 0, "NtUnmapViewOfSection": 0, "SetFilePointerEx": 0, "SetFilePointer": 0, "GetTempPathW": 0, "GetFileSize": 0, "NtWriteFile": 0, "FindResourceExW": 0, "LoadResource": 0, "SHGetFolderPathW": 0, "NtProtectVirtualMemory": 0, "GetFileType": 0, "ReadProcessMemory": 0, "GetForegroundWindow": 0, "GetSystemMetrics": 0, "SetFileTime": 0, "NtSetInformationFile": 0, "SearchPathW": 0, "NtOpenMutant": 0, "RegEnumKeyExW": 0, "DrawTextExW": 0, "GetAsyncKeyState": 0, "GetDiskFreeSpaceExW": 0, "GetKeyState": 0, "FindWindowW": 0, "FindWindowExA": 0, "CreateThread": 0, "MoveFileWithProgressW": 0, "SetFileAttributesW": 0, "RemoveDirectoryW": 0, "NtTerminateProcess": 0, "CreateToolhelp32Snapshot": 0, "Process32FirstW": 0, "Process32NextW": 0, "FindWindowExW": 0, "SetEndOfFile": 0, "GetCursorPos": 0, "SetUnhandledExceptionFilter": 0, "OutputDebugStringA": 0, "GetSystemInfo": 0, "FindResourceW": 0, "SizeofResource": 0, "NtDelayExecution": 0, "GetKeyboardState": 0, "WSAStartup": 0, "socket": 0, "setsockopt": 0, "NtDeviceIoControlFile": 0, "closesocket": 0, "GetBestInterfaceEx": 0, "GetAdaptersAddresses": 0, "NtQueryKey": 0, "RegCreateKeyExW": 0, "GetAddrInfoW": 0, "GetUserNameExW": 0, "RegSetValueExW": 0, "RegDeleteValueW": 0, "InternetQueryOptionA": 0, "URLDownloadToFileW": 0, "IsDebuggerPresent": 0, "CreateProcessInternalW": 0, "GetTimeZoneInformation": 0, "LookupAccountSidW": 0, "SendNotifyMessageW": 0, "UuidCreate": 0, "GetFileVersionInfoSizeW": 0, "GetFileVersionInfoW": 0, "NtEnumerateValueKey": 0, "EnumWindows": 0, "OpenSCManagerW": 0, "GetComputerNameW": 0, "GetUserNameW": 0, "NetShareEnum": 0, "GetFileInformationByHandle": 0, "DeviceIoControl": 0, "ShellExecuteExW": 0, "RegQueryInfoKeyW": 0, "RegEnumValueW": 0, "RegDeleteKeyW": 0, "NtReadVirtualMemory": 0, "NtOpenKeyEx": 0, "NtSetValueKey": 0, "NtCreateKey": 0, "GetVolumePathNameW": 0, "GetFileAttributesExW": 0, "GetUserNameExA": 0, "RegCreateKeyExA": 0, "CryptAcquireContextW": 0, "NtEnumerateKey": 0, "NtDeleteKey": 0, "OpenServiceW": 0, "NtOpenDirectoryObject": 0, "CreateJobObjectW": 0, "SetInformationJobObject": 0, "RegEnumKeyExA": 0, "__exception__": 0, "GetShortPathNameW": 0, "LoadStringA": 0, "FindResourceA": 0, "DrawTextExA": 0, "RegQueryInfoKeyA": 0, "RegSetValueExA": 0, "SHGetSpecialFolderLocation": 0, "NtCreateThreadEx": 0, "NtResumeThread": 0, "gethostbyname": 0, "GetSystemDirectoryA": 0, "FindResourceExA": 0, "GetDiskFreeSpaceW": 0, "CertOpenStore": 0, "CryptDecodeObjectEx": 0, "CertControlStore": 0, "CryptHashData": 0, "NtOpenThread": 0, "MessageBoxTimeoutW": 0, "LookupPrivilegeValueW": 0, "CryptAcquireContextA": 0, "SetFileInformationByHandle": 0, "RemoveDirectoryA": 0, "SetWindowsHookExW": 0, "CopyFileW": 0, "GetFileVersionInfoSizeExW": 0, "GetFileVersionInfoExW": 0, "CoInitializeSecurity": 0, "WSASocketW": 0, "WSAConnect": 0, "UnhookWindowsHookEx": 0, "CertOpenSystemStoreW": 0, "getaddrinfo": 0, "InternetCrackUrlW": 0, "CoCreateInstanceEx": 0, "CoGetClassObject": 0, "IWbemServices_ExecQuery": 0, "SetStdHandle": 0, "GlobalMemoryStatus": 0, "NetGetJoinInformation": 0, "CryptCreateHash": 0, "GetComputerNameA": 0, "InternetOpenA": 0, "InternetOpenUrlA": 0, "InternetCloseHandle": 0, "ReadCabinetState": 0, "InternetOpenW": 0, "InternetConnectW": 0, "HttpOpenRequestW": 0, "HttpSendRequestW": 0, "NtDeleteValueKey": 0, "HttpQueryInfoA": 0, "RegEnumValueA": 0, "CryptProtectMemory": 0, "CreateServiceW": 0, "WriteConsoleA": 0, "CopyFileA": 0, "WriteProcessMemory": 0, "SendNotifyMessageA": 0, "RegDeleteKeyA": 0, "WriteConsoleW": 0, "JsGlobalObjectDefaultEvalHelper": 0, "ObtainUserAgentString": 0, "StartServiceW": 0, "NtQueueApcThread": 0, "RtlAddVectoredContinueHandler": 0, "CryptExportKey": 0, "CryptGenKey": 0, "CryptEncrypt": 0, "NetUserGetInfo": 0, "GetUserNameA": 0, "InternetOpenUrlW": 0, "system": 0, "GetAdaptersInfo": 0, "Module32FirstW": 0, "NtGetContextThread": 0, "Module32NextW": 0, "RtlAddVectoredExceptionHandler": 0, "NtSuspendThread": 0, "OpenSCManagerA": 0, "OpenServiceA": 0, "NtQueryMultipleValueKey": 0, "MessageBoxTimeoutA": 0, "ControlService": 0, "NtTerminateThread": 0, "EncryptMessage": 0, "DecryptMessage": 0, "DeleteService": 0, "FindWindowA": 0, "RtlRemoveVectoredExceptionHandler": 0, "ioctlsocket": 0, "connect": 0, "select": 0, "SetWindowsHookExA": 0, "CreateServiceA": 0, "bind": 0, "listen": 0, "getsockname": 0, "accept": 0, "InternetCrackUrlA": 0, "InternetConnectA": 0, "HttpOpenRequestA": 0, "HttpSendRequestA": 0, "sendto": 0, "shutdown": 0, "RtlDecompressBuffer": 0, "NtSetContextThread": 0, "Thread32First": 0, "Thread32Next": 0, "CreateRemoteThread": 0, 
"InternetReadFile": 0, "CreateRemoteThreadEx": 0, "timeGetTime": 0, "DnsQuery_A": 0, "InternetGetConnectedState": 0, "RegisterHotKey": 0, "CryptDecrypt": 0, "CopyFileExW": 0, "NtDeleteFile": 0, "send": 0, "DeleteUrlCacheEntryA": 0, "EnumServicesStatusW": 0, "recv": 0, "NtWriteVirtualMemory": 0, "InternetSetOptionA": 0, "NtLoadDriver": 0, "__anomaly__": 0, "EnumServicesStatusA": 0, "RegDeleteValueA": 0, "CertCreateCertificateContext": 0, "InternetSetStatusCallback": 0, "IWbemServices_ExecMethod": 0, "AssignProcessToJobObject": 0, "StartServiceA": 0, "CryptProtectData": 0, "CryptUnprotectData": 0, "CryptUnprotectMemory": 0}

features_labels = ["Sample Name","category", "label"]
        features = []
        label =   1 if malicious else 0
        if "behavior" in data:
            if "processes" in data["behavior"]:
              for proc in data["behavior"]["processes"]:
                api_calls_list = proc["calls"]
                for api_entry in api_calls_list:
                  api_type = api_entry["api"]
                  if api_type in api_types_dict:
                    api_types_dict[api_type]= api_types_dict[api_type] + 1
                  
        
        row = []
        for apikey in api_types_dict.keys():
          features_labels.append(apikey)
          row.append(api_types_dict[apikey])
        entry = [filename, category, label] + row
        features.append(entry)
        
        ###
        return features_labels, features, sha256
        
    except Exception as e:
        log("|process error| " + filename + " -> " + sha256 + " (" + str(e) + ")")
        pass

June 19, 2024, 7:11 p.m. Public Create New Vesion Download Dataset (2.1 MB)

Please wait ...

Public Datasets

API CALL FREQUENCY Rows: 3083 | Cols: 284 | Reports Used: 3084

Reports Used

Dataset Code

Comments

No comments to display