Eu encontrei estes via google:
Windows
cargas úteis
- Faça o download dos 5 arquivos abaixo, mais o arquivo descartado da memória
- Faça o download de 2 arquivos pcap de 2 execuções de A2611095F689FADFFD3068E0D4E3E7ED
trecho
ZeroAccess rootkit is far from new and exciting but but this is a fresh lot with still active C2 servers.
Although the dropper is detected by at least half of AV engines, post infection detection is another story. I tried Kaspersky TDSS Killer, Avast Rootkit utility and RootRepeal without any success. I used Gmer and LordPE to carve out the hidden file from the memory. You can use Redline or Volatility too.
You can download 5 files below together with pcaps from one of the files and the file dumped from memory. It appears that free videos and apps names are used as the lure in this case.
Linux
carga útil
trecho
Here is another notable development of 2012 - Linux malware (see Wirenet trojan posted earlier too)
Research: ESET Malicious Apache module used for content injection: Linux/Chapro.A
All the samples are below. I did not test it thus no pcaps this time.
------Linux/Chapro.A e022de72cce8129bd5ac8a0675996318
------Injected iframe 111e3e0bf96b6ebda0aeffdb444bcf8d
------Java exploit 2bd88b0f267e5aa5ec00d1452a63d9dc
------Zeus binary 3840a6506d9d5c2443687d1cf07e25d0
Outras amostras?
Você pode pesquisar no site Cantagio , que é um blog mantido para a coleção de malware & amostras de vírus.