- Apr 16, 2017
- 2,779
fwiw fyi I created account at tip.neiki.dev but it said it expires in 30 days? This computer is currently not holding a file to submitI mean it's basically an all-in-one package. Definitely a nice tool
Services to check file security online
- Thread starter CyberDevil
- Start date
- Feb 25, 2017
- 2,597
Used to work without an account before. Maybe too many uploads at the moment. I am sure he will enable guest uploads soon again.fwiw fyi I created account at tip.neiki.dev but it said it expires in 30 days? This computer is currently not holding a file to submit
- Feb 25, 2017
- 2,597
No, it's the only one that I am aware of. Still, another good analysis platform that hasn't been mentioned yet is: https://analyze.intezer.com/
- Apr 16, 2017
- 2,779
? re the symsubmit.symantec.com -- appears to say it is for folks using symantec or carbon black, FAQ say something about having ID...?
- Dec 12, 2016
- 1,580
I don't use an ID nor ever paid a penny to Symantec try to upload a file and see for yourself
- Dec 12, 2016
- 1,580
He said on X that it's because of someone who abused it by sending the same non functioning py file but anyway he will certainly bring it back
- Dec 12, 2016
- 1,580
They require a business email is there any provider that can create business mails free ?
- Apr 16, 2017
- 2,124
- Dec 12, 2016
- 1,580
10MB lol but always nice to have more providers
- Apr 16, 2017
- 2,124
I tried an email from https://temp-mail.org/en/ and it worked. It says "Your fully featured trial ends in 14 days. "
Yeah, it's too little.
- Dec 12, 2016
- 1,580
Since it's analyzed by a human after it's sent you get a nice report and I'm always using this nowadays for suspicious files as it defects stuff other can't and has better false positives ratios then virus total
Tx00
New Member
- Dec 3, 2024
- 11
Thanks for sharing valuable information just a few questions :
1-Did you write it correctly ? you wanted to write More than an antivirus or your text is correct ?
2- Why most of this online toolkit could not proceed a file even with less than 1 MB ?
for example Interactive Online Malware Analysis Sandbox - ANY.RUN needs business email and like VirusTotal could not upload a file directly.
3-In the case of inconsistencies among them, which one could be judged as more reliable and confident?
thanks
- Apr 4, 2021
- 413
1. I mean this service is a tool to statically analyze a file, although it can give a verdict that the file is malicious or suspicious, but it is not an antivirus. So it is not an antivirus, but a service for your own analysis. I usually check there what network requests the application makes, if there are unclear url's in non-European (not USA) domains, then it's really suspicious.
2. I honestly didn't understand the question in point 2. You can directly upload a file to any of the services mentioned, especially if it's less than 1 megabyte. Some require registration, but from the list it seems to be only Metadefender and Any.run. I have a free email from tutanota that worked fine for me. I didn't know it required business mail, if that's true, anyway, you can also make a free mailbox on tutanota (it's a German secure private e-mail service).
3. My advice is to first look at the verdicts of engines like Eset, Kaspersky, Bitdefender, Malwarebytes, Sophos, Avast and use VirusTotal, Metadefender, Jotti's malware scan and VirScan.
Next is simple logic:
- If there is a detection of at least 2 of these 6, then the file is 95% really dangerous.
- If the list contains 1-3 detections from little-known companies, it is safe to a higher probability.
- If there are more than 5 detections from any companies, it is most likely dangerous.
If the file is still very suspicious, recheck it after a day and a couple of days after you have uploaded it to dynamic analysis services (Kaspersky, Sophos, Metadefender, Hybrid Analysis).
- Apr 4, 2021
- 413
Oh, I can't edit the first post anymore ... I wanted to add new links there =(
Threat Insights Portal - A really awesome service for complex analysis in the most popular sandboxes..
Sample Submission | SymSubmission - it's great that anyone can upload up to 750 megabytes to Symantec for analysis.
Xcitium Cloud Verdict - Human analysis there seems to be unavailable for free (although it seems to show that the file is in the queue to be analyzed, so I'll check it out.), but if someone wants to check up to 150 megabytes with Xcitium tools, why not. Unfortunately, it doesn't seem to be able to work with archives, so I haven't seen a way to load a full-fledged program with all libraries into it for dynamic behavior analysis..
Triage | Triage - Impressively, you can upload even very big archives or installers for free and run the file in real time on a real OS and then see a report of what the program did in the OS and see on a map what servers it accessed geographically.
Threat Insights Portal - A really awesome service for complex analysis in the most popular sandboxes..
Sample Submission | SymSubmission - it's great that anyone can upload up to 750 megabytes to Symantec for analysis.
Xcitium Cloud Verdict - Human analysis there seems to be unavailable for free (although it seems to show that the file is in the queue to be analyzed, so I'll check it out.), but if someone wants to check up to 150 megabytes with Xcitium tools, why not. Unfortunately, it doesn't seem to be able to work with archives, so I haven't seen a way to load a full-fledged program with all libraries into it for dynamic behavior analysis..
Triage | Triage - Impressively, you can upload even very big archives or installers for free and run the file in real time on a real OS and then see a report of what the program did in the OS and see on a map what servers it accessed geographically.
- Apr 28, 2015
- 8,948
- Apr 4, 2021
- 413
Can you also add for Triage “on a real OS (even macOS, Linux and Android)”? It seems to be the only free sandbox that allows on a real virtual screen to run APKs for analysis.Check now
Thanks a lot!
Tx00
New Member
- Dec 3, 2024
- 11
Hi I appreciate your prompt response.
If you're familiar with static analyze could you give your opinion to my issue ? Question - How to view JS code Embedded in PDF file ?
anyrun needs business email and has not accepted Gmail.
I did with Kaspersky , VirusTotal ,VirScan , Jotti's , does sophos and Eset , avast has online service for file analyzing ? I did with malwareByte premium and last updated free bitdefender and nothing found!
Thank you for pointing out
- Apr 4, 2021
- 413
I'll add two additional scanners for you:
- Malware.AI | Malware Detection Using Artificial Intelligence - this scanner converts the PDF (and other docs) into an image, which is then analyzed by AI, which is trained to find malicious payloads in these images.
- Scan Maldoc - this scanner hasn't been updated in a while, but I think it can still be useful, it decompresses the PDF (and other docs) and analyzes its contents with known vulnerabilities at the time of its creation and maps it to Yara rules.
---
In general, if you just want to view a document and you are concerned about your security, then open it using a sandboxed viewer (Windows sandbox or Sandboxie). It is perfectly safe. There is no point in analyzing a single PDF file for so long. You can also send it to various AB labs if there is no private data.
P.S. Item 8 on my list is a scanner from Sophos. Eset has a free scanner (program). Avast doesn't have anything like that. And sorry for the long reply. Family stuff over the weekend.
Last edited:
Similar threads
