Test Samples
You can use these test samples to test ScanCloud plugins are installed correctly and also to click ‘Try It’ to choose and provider and submit for analysis. Read more....Test Samples
You can use these test samples to test ScanCloud plugins are installed correctly and also to click ‘Try It’ to choose and provider and submit for analysis.
From the list you can also download or link to the sample, unless it’s real malware.
Source
This column tells you where the sample comes from
- WICAR - These urls are from www.wicar.org The wicar.org website was designed to test the correct operation your anti-virus / anti-malware software. There are many more samples on the site that may be useful to test.
- ZOO - These files are from GitHub theZoo A Live Malware Repository.
- SECPLUGS - These are ScanCloud specific URLs, files and emails. They are not really malicous but they will cause detections in ScanCloud platform. They are useful to verify that the ScanCloud plugin and platform is working as they do not rely on provider detection.
- GTUBE - This is simply the industry standard Anti-Spam test string. Created by SpamAssassin but detected by many Anti-Spam providers. See SpamAssassin GTUBE
| Name | Description | Type | Source | Actions |
|---|---|---|---|---|
EICAR | Industry standard Anti-Virus test file | File | EICAR | |
EICAR (ZIP) | Industry standard Anti-Virus test file in a zip | File | EICAR | |
CLEAN EMAIL | An email with a clean attachment (RFC822) | Email | SECPLUGS | |
EICAR EMAIL | An email with a eicar attached (RFC822) | Email | EICAR | |
SPAM EMAIL | A spam email with the industry test spam string (RFC822, GTUBE) | Email | GTUBE | |
HAM EMAIL | An clean email should not be detected as spam (RFC822) | Email | SECPLUGS | |
CLEAN TEST FILE | A Secplugs standard install check file that Secplugs will NEVER detect | File | SECPLUGS | |
MALICOUS TEST FILE | A Secplugs standard install check file the Secplugs will ALWAYS detect | File | SECPLUGS | |
11.5MB ZIP ARCHIVE FILE | A 10MB zip with multiple files and directories that contains no malicous code | File | SECPLUGS | |
20MB NESTED ARCHIVE FILE | A 20MB zip containing multiple nested zip files and other files wich contain no malicous code | File | SECPLUGS | |
15MB PDF DOC | A 15MB PDF file with no malicous code | File | SECPLUGS | |
5MB WORD DOC | A 5MB Microsoft Word document with no malicous code | File | SECPLUGS | |
20MB BINARY FILE | A 20MB Binary data file with no malicous code | File | SECPLUGS | |
15MB BINARY FILE | A 15MB Binary data file with no malicous code | File | SECPLUGS | |
10MB BINARY FILE | A 10MB Binary data file with no malicous code | File | SECPLUGS | |
5MB BINARY FILE | A 5MB Binary data file with no malicous code | File | SECPLUGS | |
WINDOWS NOTEPAD | Perhaps the most common Windows application | File | SECPLUGS | |
CRYPTOLOCKER NOV 2013 | Live Crypto Locker malware from 20 Nov 2013. This is a real live malware sample that vendors should detect. You can submit it but not download it. | File | ZOO | |
WANNACRY | Live WannaCry Ransomware industry zoo sample. This is a real live malware sample that vendors should detect. You can submit it but not download it. | File | ZOO | |
LOCKY MARCH 2010 | Live Ransomeware Locky zoo sample. This is a real live malware sample that vendors should detect. You can submit it but not download it. | File | ZOO | |
ANDROID SPY 49 | Live Android.Spy.49_iBanking. This is a real live malware sample that vendors should detect. You can submit it but not download it. | File | ZOO | |
CLEAN TEST URL | A Secplugs standard install check Url that the secplugs platform will NEVER detect | Url | SECPLUGS | |
MALICOUS TEST URL | A Secplugs standard install check Url that the secplugs platform will ALWAYS detect | Url | SECPLUGS | |
MS0320 URL | WICAR test link for MS03-020 IE's handling of the OBJECT type attribute CVE-2003-0344 | Url | WICAR | |
JAVA JRE 1.7 APPLET | WICAR test link Java 7 Applet Remote Code Execution (Browser Independent) CVE-2012-4681 | Url | WICAR | |
MS14-064 2003 TO WIN 10 | WICAR test link Windows 2003/Vista/2008/7/8/10 IE6+ Windows OLE Automation Array (post XP) CVE-2014-6332 | Url | WICAR | |
ADOBE FLASH HACKING TEAM LEAK | WICAR test link for Hacking Team July 2015 data leak Adobe Flash 18.0.0.194 Use After Free CVE-2015-5119 | Url | WICAR |