[nsp-sec] New service: The Malware Hash Registry

Rob Thomas robt at cymru.com
Mon Oct 27 12:56:43 EDT 2008 

Hi, team.

[ Apologies to those of you who endure this post in multiple forums. ]

My thanks to our own Steve Gill for creating this new service, the
Malware Hash Registry.  I'll leave it to our own eloquent Steve
Santorelli to describe it.  This is a public, free (for NON-COMMERCIAL
use) service; feel free to share this announcement and the service widely.


This email is to announce a new look-up service that Team Cymru is
launching today. The Malware Hash Registry (MHR) service allows you to
query our database of many millions of unique malware samples for a
computed MD5 or SHA-1 hash of a file. If it is malware and we know about
it, we return the last time we've seen it along with an approximate
anti-virus detection percentage.

THERE IS NO COST FOR NON-COMMERCIAL USE OF THIS TOOL. ACCESS IS PUBLICLY
AVAILABLE TO ANYONE.

Upon submission of a malware hash, the output of the command will return
a date the sample was first seen as well as the detection rate we've
seen using up to 30 AV packages. The detection rate is based on the
first time we scanned the sample.

Queries, including reasonable bulk queries, may be made using the
command line only.

The MHR compliments an anti-virus (AV) strategy by helping to identify
unknown or suspicious files that we have already identified as
malicious. This enables you to take action earlier than you would
otherwise be able to.

Full details including command syntax and procedures can be found at
<http://www.team-cymru.org/Services/MHR/>.

This is one of several new (free) data sets and services we are
currently providing to the community; if you haven't visited our
(recently revamped) site recently please do so for details of the
extensive work we do for the security community as well as further
advice, data and tips to help you make your networks more secure:
<http://www.team-cymru.org/Services>

We very much look forward to working with you all on this new project
and we sincerely hope that as many of you as possible will be able to
actively participate in the use of this unique and very exciting new
service.

warm regards,

Team Cymru.

-- 
Rob Thomas
Team Cymru
http://www.team-cymru.org/
cmn_err(CEO_PANIC, "Out of coffee!");

More information about the nsp-security mailing list