A dataset of windows malware execution traces
Raducu, Razvan (Universidad de Zaragoza) ; Villagrasa-Labrador, Alain (Universidad de Zaragoza) ; Rodríguez, Ricardo J. (Universidad de Zaragoza) ; Álvarez, Pedro (Universidad de Zaragoza)
Resumen: Malware continues to be a major cybersecurity concern, with increasing volume and sophistication making effective detection methods essential. Behavior-based approaches rely on high-quality execution trace data to analyze how malicious software interacts with systems during runtime. Publicly available datasets often lack sufficient detail, contain limited family diversity, or provide only simplified API call sequences. In this paper, we present a dataset that addresses this gap by offering a large collection of richly detailed Windows malware execution traces generated in controlled environments. It has been generated through automated dynamic analysis, executing the malware samples in a controlled virtualized environment, specifically, in the CAPEv2 Sandbox on Windows 10 virtual machines. The raw sandbox analysis reports have been then processed using the MALVADA framework, a modular Python-based pipeline that filters, structures, labels, and standardizes execution traces. The resulting dataset consists of 31,844 JSON execution trace files where each trace contains static metadata, dynamic behavioral information, and labelling fields. The dataset is suitable for reuse in multiple research contexts, including the development and benchmarking of malware detection methods, behavioral clustering, dynamic analysis of malicious software, and automated labelling studies. Its standardized JSON structure facilitates integration with existing data analysis and machine learning pipelines, as well as combination with other datasets for extended studies.
Idioma: Inglés
DOI: 10.1016/j.dib.2025.112273
Año: 2025
Publicado en: Data in Brief 63 (2025), 112273 [8 pp. ]
ISSN: 2352-3409
Financiación: info:eu-repo/grantAgreement/ES/DGA/T21-23R
Financiación: info:eu-repo/grantAgreement/ES/MCIU/PID2023-151467OA-I00
Financiación: info:eu-repo/grantAgreement/EUR/MICINN/TED2021-131115A-I00
Tipo y forma: Article (Published version)
Área (Departamento): Área Lenguajes y Sistemas Inf. (Dpto. Informát.Ingenie.Sistms.)
You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. You may not use the material for commercial purposes.
Exportado de SIDERAL (2025-12-19-14:44:42)
Visitas y descargas
Idioma: Inglés
DOI: 10.1016/j.dib.2025.112273
Año: 2025
Publicado en: Data in Brief 63 (2025), 112273 [8 pp. ]
ISSN: 2352-3409
Financiación: info:eu-repo/grantAgreement/ES/DGA/T21-23R
Financiación: info:eu-repo/grantAgreement/ES/MCIU/PID2023-151467OA-I00
Financiación: info:eu-repo/grantAgreement/EUR/MICINN/TED2021-131115A-I00
Tipo y forma: Article (Published version)
Área (Departamento): Área Lenguajes y Sistemas Inf. (Dpto. Informát.Ingenie.Sistms.)
You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. You may not use the material for commercial purposes. Exportado de SIDERAL (2025-12-19-14:44:42)
Permalink:
Visitas y descargas
Este artículo se encuentra en las siguientes colecciones:
Articles > Artículos por área > Lenguajes y Sistemas Informáticos
Record created 2025-12-19, last modified 2025-12-19