The primary goal of Malpedia is to provide a resource for rapid identification and actionable context when investigating malware. Openness to curated contributions shall ensure an accountable level of quality in order to foster meaningful and reproducible research.

Not all content on Malpedia is publicly available. More specifically, you will need an account to access all data (malware samples, non-public YARA rules, etc). In this regard, Malpedia is operated as an invite-only trust group.

This integration is broken up into 3 feeds:

Malpedia Malware: The Malpedia Malware feed ingests all malware families from Malpedia into ThreatQ, along with their related YARA Rules and Threat Actors.

Malpedia Threat Actors: The Malpedia Threat Actor feed ingests all threat actors from Malpedia into ThreatQ. This feed does not bring in any other relationships, however, by running the other feeds, they will automatically be inter-related.

Malpedia YARA Rules: The Malpedia YARA Rules feed pulls in the new YARA Rules that are added to Malpedia. These YARA rules are parsed and their metadata is added to ThreatQ as attributes.