c01dsnap/MaliciousPEs

--- license: other --- # Dataset Description Detailed description: [www.kaggle.com/competitions/malware-classification/overview/description](https://www.kaggle.com/competitions/malware-classification/overview/description) Warning: this dataset is almost half a terabyte uncompressed! We have compressed the data using 7zip to achieve the smallest file size possible. Note that the rules do not allow sharing of the data outside of Kaggle, including bit torrent ([why not?](https://www.kaggle.com/wiki/ANoteOnTorrents)). You are provided with a set of known malware files representing a mix of 9 different families. Each malware file has an Id, a 20 character hash value uniquely identifying the file, and a Class, an integer representing one of 9 family names to which the malware may belong: * Ramnit * Lollipop * Kelihos_ver3 * Vundo * Simda * Tracur * Kelihos_ver1 * Obfuscator.ACY * Gatak For each file, the raw data contains the hexadecimal representation of the file's binary content, without the PE header (to ensure sterility). You are also provided a metadata manifest, which is a log containing various metadata information extracted from the binary, such as function calls, strings, etc. This was generated using the IDA disassembler tool. Your task is to develop the best mechanism for classifying files in the test set into their respective family affiliations. The dataset contains the following files: * train.7z - the raw data for the training set (MD5 hash = 4fedb0899fc2210a6c843889a70952ed) * trainLabels.csv - the class labels associated with the training set * test.7z - the raw data for the test set (MD5 hash = 84b6fbfb9df3c461ed2cbbfa371ffb43) * sampleSubmission.csv - a file showing the valid submission format * dataSample.csv - a sample of the dataset to preview before downloading

This dataset is a large-scale malware classification dataset, containing approximately half a terabyte of uncompressed data, compressed using 7zip to reduce file size. The dataset includes known malware files belonging to 9 different families, each file having a unique 20-character hash value and an integer class representing its family. The raw data for each file is the hexadecimal representation of the files binary content, excluding the PE header to ensure sterility. Additionally, a metadata manifest is provided, which contains various metadata information extracted from the binary, such as function calls and strings, generated using the IDA disassembler tool. The dataset files include the raw data for the training set, class labels for the training set, raw data for the test set, a sample submission file, and a data sample.