000165301 001__ 165301 000165301 005__ 20251219174252.0 000165301 0247_ $$2doi$$a10.1016/j.dib.2025.112273 000165301 0248_ $$2sideral$$a146982 000165301 037__ $$aART-2025-146982 000165301 041__ $$aeng 000165301 100__ $$0(orcid)0000-0002-8938-755X$$aRaducu, Razvan$$uUniversidad de Zaragoza 000165301 245__ $$aA dataset of windows malware execution traces 000165301 260__ $$c2025 000165301 5060_ $$aAccess copy available to the general public$$fUnrestricted 000165301 5203_ $$aMalware continues to be a major cybersecurity concern, with increasing volume and sophistication making effective detection methods essential. Behavior-based approaches rely on high-quality execution trace data to analyze how malicious software interacts with systems during runtime. Publicly available datasets often lack sufficient detail, contain limited family diversity, or provide only simplified API call sequences. In this paper, we present a dataset that addresses this gap by offering a large collection of richly detailed Windows malware execution traces generated in controlled environments. It has been generated through automated dynamic analysis, executing the malware samples in a controlled virtualized environment, specifically, in the CAPEv2 Sandbox on Windows 10 virtual machines. The raw sandbox analysis reports have been then processed using the MALVADA framework, a modular Python-based pipeline that filters, structures, labels, and standardizes execution traces. The resulting dataset consists of 31,844 JSON execution trace files where each trace contains static metadata, dynamic behavioral information, and labelling fields. The dataset is suitable for reuse in multiple research contexts, including the development and benchmarking of malware detection methods, behavioral clustering, dynamic analysis of malicious software, and automated labelling studies. Its standardized JSON structure facilitates integration with existing data analysis and machine learning pipelines, as well as combination with other datasets for extended studies. 000165301 536__ $$9info:eu-repo/grantAgreement/ES/DGA/T21-23R$$9info:eu-repo/grantAgreement/ES/MCIU/PID2023-151467OA-I00$$9info:eu-repo/grantAgreement/EUR/MICINN/TED2021-131115A-I00 000165301 540__ $$9info:eu-repo/semantics/openAccess$$aby-nc$$uhttps://creativecommons.org/licenses/by-nc/4.0/deed.es 000165301 655_4 $$ainfo:eu-repo/semantics/article$$vinfo:eu-repo/semantics/publishedVersion 000165301 700__ $$aVillagrasa-Labrador, Alain$$uUniversidad de Zaragoza 000165301 700__ $$0(orcid)0000-0001-7982-0359$$aRodríguez, Ricardo J.$$uUniversidad de Zaragoza 000165301 700__ $$0(orcid)0000-0002-6584-7259$$aÁlvarez, Pedro$$uUniversidad de Zaragoza 000165301 7102_ $$15007$$2570$$aUniversidad de Zaragoza$$bDpto. Informát.Ingenie.Sistms.$$cÁrea Lenguajes y Sistemas Inf. 000165301 773__ $$g63 (2025), 112273 [8 pp. ]$$pData brief$$tData in Brief$$x2352-3409 000165301 8564_ $$s775639$$uhttps://zaguan.unizar.es/record/165301/files/texto_completo.pdf$$yVersión publicada 000165301 8564_ $$s1338847$$uhttps://zaguan.unizar.es/record/165301/files/texto_completo.jpg?subformat=icon$$xicon$$yVersión publicada 000165301 909CO $$ooai:zaguan.unizar.es:165301$$particulos$$pdriver 000165301 951__ $$a2025-12-19-14:44:42 000165301 980__ $$aARTICLE