GT Malware API Call Daily Feed (2020-05-01)

This dataset contains a daily feed of structured host-level API call information produced by the Georgia Tech Information Security Center's malware analysis system. Metadata included with the feed associates each API call log with a specific suspect Windows executable, which is run in a sterile, isolated environment, with controlled access to the Internet, for a short period of time. Each sample's interactions with the operating system is recorded, analyzed, and made available as structured plaintext. This feed is organized as a set of archives that each correspond to a single day of sample processing-based API call data. Each archive decompresses to a top-level folder containing files that are named according to the MD5 of the sample that generated them.