EICAR test Virus

January 29, 2009 · by · in General · Leave a comment

I had never heard of the EICAR test virus before.  EICAR stands for European Institute for Computer Antivirus Research.  Basically it’s just a 68 or 70 byte com program that all major antivirus should pick up as a virus.  This enables you to test the functionality of your antivirus program without the risk of using a real virus.  To test yours you can simply paste the following into notepad and save it as a .com file.

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

I’ve already thought of a few scenarios where this could be used to the advantage of an attacker, especially in a social engineering engagement.

Perhaps I’ll post such a scenario later.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: