MALET & Katalina: A Large-Scale Dataset and Static Analysis of macOS Malware

MALET provides a large-scale collection of 89,255 macOS Mach-O binaries, comprising 44,804 malicious samples and 44,457 undetected samples, with 25,835 classified as high-confidence benign via heuristics. The dataset comprises features extracted using the Katalina static analysis framework to extract platform-specific features such as security entitlements, code-signing metadata, and embedded script indicators. Researchers can leverage standardized AVClass2 family and class labels to analyze malware campaigns and identify detection blind spots across the macOS ecosystem. These resources collectively establish a reproducible foundation for advancing macOS malware detection and defense research.

The datasets span 2009-05-22T14:42:53 to 2025-11-22T18:16:49.