- Apr 4, 2021
- 413
Hey, guys. 
I like to check any new files in different services. Typically people only download an unknown file on VirusTotal, but different platforms may have different engine settings and signature relevance, and different platforms share information with antivirus companies, which can increase the speed of spreading data about a new dangerous sample to all people.
So, a list of services I use (for convenience, sorted in order of decreasing file size that can be uploaded for scanning):
1. Internxt – Free Online File Virus Scanner
File size up to 1 GB.
I don't know what engine they are using.
2. VirusTotal
File size up to 256 MB.
The most famous and popular file scanner with multiple engines from Google.
3. Kaspersky Threat Intelligence Portal
File size up to 256 MB.
Online file scanning by the Kaspersky engine, dynamic analysis (additional data is available for subscription only), new threats are immediately added to the database for all.
4. https://virustest.gov.ru/
File size up to 256 MB.
In Russian language only, state service, works sometimes unstable. Uses Kaspersky, Dr. Web, AVSoft for static and dynamic analysis.
5. Jotti's malware scan
File size up to 250 MB.
Uses 14 engine, shares information with antivirus vendors.
6. Free Online Virus Checker - Scan Your Files Free | Gridinsoft
File size up to 200 MB.
A relatively well-known Ukrainian antivirus lab. Quite a lot of false positives.
7. https://metadefender.opswat.com/
File size up to 140 MB.
Uses 21 engines, has dynamic behavior analysis.
8. Intelix Portal
File size up to 100 MB.
UK antivirus company. Uses its own engine, reputation base, and dynamic analysis with virtualization for exe files.
9. VirScan - 多引擎文件在线检测平台
File size up to 100 MB.
Chinese service in Chinese language. Uses many engines, including Chinese ones, which are not on VirusTotal.
10. Hybrid Analysis - Free Automated Malware Analysis Service - powered by Falcon Sandbox
File size up to 100 MB.
Utilizes proprietary machine learning and dynamic analysis.
11. Filescan.IO - Next-Gen Malware Analysis Platform
File size up to 100 MB.
More not an antivirus scanner, but a service for analyzing files.
12. 2ip.io - Check a file for viruses
File size up to 100 MB.
I don't know what engine they're using.
12. Dr.Web ® online check
File size up to 10 MB. (Officially up to 10 megabytes, but I was able to upload files up to 30 megabytes.)
A well-known Russian antivirus.
13. Nano Antivirus - E-Style Software Corp. – Advanced Anti-Virus, Malware and Cyber Threat Protection
File size up to 20 MB.
Very small antivirus company from Russia with very weak antivirus.
14. Interactive Online Malware Analysis Sandbox - ANY.RUN
File size up to 16 MB.
Dynamic analysis service with AI verdict.
15. PolySwarm - Crowdsourced threat detection
File size up to 10 MB.
Uses about 6 engines when scanning, shares information with antivirus companies.
16. Online Scanner | FortiGuard Labs
File size up to 10 MB.
Online service for scanning files with Fortinet's American FortiClient antivirus
Additional:
koodous.com
File size up to 200 MB.
Service for analyzing ONLY APK files using Ikarus engine and machine learning.
Threat Insights Portal - A really awesome service for complex analysis in the most popular sandboxes..
Sample Submission | SymSubmission - it's great that anyone can upload up to 750 megabytes to Symantec for analysis.
Xcitium Cloud Verdict - Human analysis there seems to be unavailable for free (although it seems to show that the file is in the queue to be analyzed, so I'll check it out.), but if someone wants to check up to 150 megabytes with Xcitium tools, why not. Unfortunately, it doesn't seem to be able to work with archives, so I haven't seen a way to load a full-fledged program with all libraries into it for dynamic behavior analysis..
Triage | Triage - Impressively, you can upload even very big archives or installers for free and run the file in real time on a real OS (even macOS, Linux and Android) and then see a report of what the program did in the OS and see on a map what servers it accessed geographically.
--------------------------------------------
Do you know of any other local and little-known checking services? Which ones do you usually use?
I like to check any new files in different services. Typically people only download an unknown file on VirusTotal, but different platforms may have different engine settings and signature relevance, and different platforms share information with antivirus companies, which can increase the speed of spreading data about a new dangerous sample to all people.So, a list of services I use (for convenience, sorted in order of decreasing file size that can be uploaded for scanning):
1. Internxt – Free Online File Virus Scanner
File size up to 1 GB.
I don't know what engine they are using.
2. VirusTotal
File size up to 256 MB.
The most famous and popular file scanner with multiple engines from Google.
3. Kaspersky Threat Intelligence Portal
File size up to 256 MB.
Online file scanning by the Kaspersky engine, dynamic analysis (additional data is available for subscription only), new threats are immediately added to the database for all.
4. https://virustest.gov.ru/
File size up to 256 MB.
In Russian language only, state service, works sometimes unstable. Uses Kaspersky, Dr. Web, AVSoft for static and dynamic analysis.
5. Jotti's malware scan
File size up to 250 MB.
Uses 14 engine, shares information with antivirus vendors.
6. Free Online Virus Checker - Scan Your Files Free | Gridinsoft
File size up to 200 MB.
A relatively well-known Ukrainian antivirus lab. Quite a lot of false positives.
7. https://metadefender.opswat.com/
File size up to 140 MB.
Uses 21 engines, has dynamic behavior analysis.
8. Intelix Portal
File size up to 100 MB.
UK antivirus company. Uses its own engine, reputation base, and dynamic analysis with virtualization for exe files.
9. VirScan - 多引擎文件在线检测平台
File size up to 100 MB.
Chinese service in Chinese language. Uses many engines, including Chinese ones, which are not on VirusTotal.
10. Hybrid Analysis - Free Automated Malware Analysis Service - powered by Falcon Sandbox
File size up to 100 MB.
Utilizes proprietary machine learning and dynamic analysis.
11. Filescan.IO - Next-Gen Malware Analysis Platform
File size up to 100 MB.
More not an antivirus scanner, but a service for analyzing files.
12. 2ip.io - Check a file for viruses
File size up to 100 MB.
I don't know what engine they're using.
12. Dr.Web ® online check
File size up to 10 MB. (Officially up to 10 megabytes, but I was able to upload files up to 30 megabytes.)
A well-known Russian antivirus.
13. Nano Antivirus - E-Style Software Corp. – Advanced Anti-Virus, Malware and Cyber Threat Protection
File size up to 20 MB.
Very small antivirus company from Russia with very weak antivirus.
14. Interactive Online Malware Analysis Sandbox - ANY.RUN
File size up to 16 MB.
Dynamic analysis service with AI verdict.
15. PolySwarm - Crowdsourced threat detection
File size up to 10 MB.
Uses about 6 engines when scanning, shares information with antivirus companies.
16. Online Scanner | FortiGuard Labs
File size up to 10 MB.
Online service for scanning files with Fortinet's American FortiClient antivirus
Additional:
Koodous — Collaborative Platform for Android Malware Analysts
Koodous is a collaborative platform for researching on Android malware that combines online analysis tools with social interactions between the analysts.
Service for analyzing ONLY APK files using Ikarus engine and machine learning.
Threat Insights Portal - A really awesome service for complex analysis in the most popular sandboxes..
Sample Submission | SymSubmission - it's great that anyone can upload up to 750 megabytes to Symantec for analysis.
Xcitium Cloud Verdict - Human analysis there seems to be unavailable for free (although it seems to show that the file is in the queue to be analyzed, so I'll check it out.), but if someone wants to check up to 150 megabytes with Xcitium tools, why not. Unfortunately, it doesn't seem to be able to work with archives, so I haven't seen a way to load a full-fledged program with all libraries into it for dynamic behavior analysis..
Triage | Triage - Impressively, you can upload even very big archives or installers for free and run the file in real time on a real OS (even macOS, Linux and Android) and then see a report of what the program did in the OS and see on a map what servers it accessed geographically.
--------------------------------------------
Do you know of any other local and little-known checking services? Which ones do you usually use?
Last edited by a moderator:
