Environment
- App Control: All Supported Versions
Objective
Explain how to create a malicious test file (EICAR) for testing purposes in a lab environment
Resolution
- Open a text editor, such as notepad.
- Copy/paste the string below. Do not add any other characters, spaces, or return marks in the text file. Additional values will generate a different hash and your test file will not be effective
- X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
- Save the document as eicar.com. File extension will have to be .com for App Control to analyze the file
Additional Notes
Hashes of eicar.com:
SHA-256: 275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F
MD5: 44D88612FEA8A8F36DE82E1278ABB02F
SHA-1: 3395856CE81F2B7382DEE72602F798B642F14140
Related Content
The content of this file was developed by the European Institute for Computer Antivirus Research. Additional information can be found here:
http://en.wikipedia.org/wiki/EICAR