Warning: This site contains live malware. Use at your own risk.


Enter your search via MD5, SHA1, SHA256, or an antivirus name.

Why do we require Google Authentication?

One of the unfortunate aspects of a site like this is that we periodically have people that misuse it. We comply fully with any legal law enforcement request. In order to do that, we have to implement some type of authentication to allow downloading of the malware.

In the past, we used our own internal authentication system. That method turned out to be a large burden, and required a lot of time to maintain. Google's authentication service helps us to keep our personal time commitment low, while at the sametime offloading verification of user information.

We do respect those of you who have ethical problems with Google's services. As time progresses we will look at other authentication providers who meet our criteria for effective user authentication. For the forseeable future we do not have plans to support any other authentication.

Downloads are not working

There are a couple of things that you will need in order to be able to download samples. If these are missing you will need to fix them on your end.
  1. Enable Javascript - While we don't use Javascript (yet) Google's authentication does require it. If you use NoScript you can add an exception for their site.
  2. A Supported Browser - The code has been written in a generic manner for universal browser compatibility, however it is only really tested under Chrome and Firefox. We are not web developers, and to make things simpler we test on what we use.
If you still have problems after addressing the above suggestions please email us at our contact addresses and we'll look into your problem.

Someone can register a fake account with Google, why would you use that for authentication?

Google allows us to avoid implementing our own authentication system. We value our time.

What are you doing with the information from Google?

Our previous authentication system required you to give a reason for wanting access to the account, name, and your email address. Google allows us to streamline the process using a known technology. We don't ask for any more information than we previously did.

We keep all information confidential and will only use it to contact you if there is a problem. The information is used as a method for access control and limiting the total number of malware downloads. In the past we have had problems with people using scripts to harvest our collection. This allows us to thwart that process.

We comply fully with any valid legal law enforcement request.

What happened to my old account?

It is gone and no longer exists. You will need to authenticate using your Google account.

How can I get access to your entire repository?

Typically we only provide access to academic and non-profit research institutions. If you are a corporate interest, you will need to have a compelling community contribution to the open field of research. Contact us and we will discuss your sitaution.

There is an invalid sample in your collection, how do I get it removed?

Contact us and we will do everything we can to reasonably solve your problem.

Why can't I upload samples?

Anonymous user uploads caused a lot of problems in the past with copyright issues. We are looking into solutions to this problem. In the meantime we are relying on other collection methods.

Where do you get your malware?

From the Internet and many like-minded people. We cannot reveal our sources or methods for collection. Anonymous contributors are the backbone of this site.

Are you available for contracting, training, or other business opportunities?


I have found a bug with your site, how do I report it?

First, thank you for helping us maintain a quality open malware research site. Please contact us and receive our thanks for reporting the issue.

Who runs Open Malware?

Danny Quist runs the day-to-day operations of collecting and archiving the malware. We are graciously hosted by the Georgia Tech Information Security Center.