Sometimes you need to verify your security products to be sure that they are working properly and they are able to recognize malware patterns.
For example, to just verify that Malware detection methods in Veeam Backup & Replication 12 are working as expected!
For some simple cases (file deletion, file renaming, file encryption) you can just simulate manually or via scripting.
Also simulate an onion link is easy… they are just simple string patter and you can put in a text file. For example:
- Reddit: reddittorjg6rue252oqsxryoxengawnmo46qy4kyii5wtqnwfj4ooad.onion
- Twitter: twitter3e4tixl4xyajtrzo62zg5vztmjuricljdp2c5kshju4avyoid.onion
- Facebook: facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion
- BBC: bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion
- CNN: qmifwf762qftydprw2adbg7hs2mkunac5xrz3cb5busaflji3rja5lid.onion
- The Washington Post: vfnmxpa6fo4jdpyq3yneqhglluweax2uclvxkytfpmpkp5rsl75ir5qd.onion
For other cases, you need some specific tools.
Simulate a virus
In this case, the de-facto standard methods is using eicar:
https://www.eicar.org/download-anti-malware-testfile
Simulate a malware attack
In this case there are several intering tools, on of those is KnowBe4 RanSim Tool!
https://www.knowbe4.com/typ-ransim-form?submissionGuid=50917aec-5212-48a7-9d8e-77980ea9de08
You can download an encrypted zip file with the tools (the password for this protected zip file is: knowbe4)
Requirements: Windows-based workstations running Windows 10 or higher.
Want to know more before you download? Here is the “How It Works” technical background and FAQ support article here: https://support.knowbe4.com/hc/en-us/articles/229040167
This tools is very simple to use:
It provide also a lot of sample files that can be used to test the renaming/deletion/encrypting discovery.
