- Apr 16, 2017
- 2,797
fwiw fyi I created account at tip.neiki.dev but it said it expires in 30 days? This computer is currently not holding a file to submitI mean it's basically an all-in-one package. Definitely a nice tool
fwiw fyi I created account at tip.neiki.dev but it said it expires in 30 days? This computer is currently not holding a file to submitI mean it's basically an all-in-one package. Definitely a nice tool
Used to work without an account before. Maybe too many uploads at the moment. I am sure he will enable guest uploads soon again.fwiw fyi I created account at tip.neiki.dev but it said it expires in 30 days? This computer is currently not holding a file to submit
No, it's the only one that I am aware of. Still, another good analysis platform that hasn't been mentioned yet is: https://analyze.intezer.com/Any other nice all in one scanners that have a lot of providers ?
Btw thanks for sharing it now I can download samples from virus total using it anyway if anyone is willing to donate to Threat Insights Portal they definitely deserve some donations to keep it running (my new favorite online scanner )
? re the symsubmit.symantec.com -- appears to say it is for folks using symantec or carbon black, FAQ say something about having ID...?Any other nice all in one scanners that have a lot of providers ?
Btw thanks for sharing it now I can download samples from virus total using it anyway if anyone is willing to donate to Threat Insights Portal they definitely deserve some donations to keep it running (my new favorite online scanner )
I don't use an ID nor ever paid a penny to Symantec try to upload a file and see for yourself? re the symsubmit.symantec.com -- appears to say it is for folks using symantec or carbon black, FAQ say something about having ID...?
He said on X that it's because of someone who abused it by sending the same non functioning py file but anyway he will certainly bring it backUsed to work without an account before. Maybe too many uploads at the moment. I am sure he will enable guest uploads soon again.
They require a business email is there any provider that can create business mails free ?No, it's the only one that I am aware of. Still, another good analysis platform that hasn't been mentioned yet is: https://analyze.intezer.com/
10MB lol but always nice to have more providersWebroot File submission (10MB max limit)
I tried an email from https://temp-mail.org/en/ and it worked. It says "Your fully featured trial ends in 14 days. "They require a business email is there any provider that can create business mails free ?
Yeah, it's too little.10MB lol but always nice to have more providers
I didn't pay comodo you have to singup as an enterprise to get it free for auto human analysis
About Symantec they tell you what technologies it detected it if it's malicious and if not it will just say it's clean and you can test yourself it's pretty nice as it goes through manual analysis and you get results in the mail
View attachment 286440
Thanks for sharing valuable information just a few questions :More not an antivirus scanner, but a service for analyzing files.
1. I mean this service is a tool to statically analyze a file, although it can give a verdict that the file is malicious or suspicious, but it is not an antivirus. So it is not an antivirus, but a service for your own analysis. I usually check there what network requests the application makes, if there are unclear url's in non-European (not USA) domains, then it's really suspicious.1-Did you write it correctly ? you wanted to write More than an antivirus or your text is correct ?
2- Why most of this online toolkit could not proceed a file even with less than 1 MB ?
for example Interactive Online Malware Analysis Sandbox - ANY.RUN needs business email and like VirusTotal could not upload a file directly.
3-In the case of inconsistencies among them, which one could be judged as more reliable and confident?
Can you also add for Triage “on a real OS (even macOS, Linux and Android)”? It seems to be the only free sandbox that allows on a real virtual screen to run APKs for analysis.Check now
Hi I appreciate your prompt response.1. I mean this service is a tool to statically analyze a file, although it can give a verdict that the file is malicious or suspicious, but it is not an antivirus. So it is not an antivirus, but a service for your own analysis. I usually check there what network requests the application makes, if there are unclear url's in non-European (not USA) domains, then it's really suspicious.
anyrun needs business email and has not accepted Gmail.2. I honestly didn't understand the question in point 2. You can directly upload a file to any of the services mentioned, especially if it's less than 1 megabyte. Some require registration, but from the list it seems to be only Metadefender and Any.run. I have a free email from tutanota that worked fine for me. I didn't know it required business mail, if that's true, anyway, you can also make a free mailbox on tutanota (it's a German secure private e-mail service).
I did with Kaspersky , VirusTotal ,VirScan , Jotti's , does sophos and Eset , avast has online service for file analyzing ? I did with malwareByte premium and last updated free bitdefender and nothing found!3. My advice is to first look at the verdicts of engines like Eset, Kaspersky, Bitdefender, Malwarebytes, Sophos, Avast and use VirusTotal, Metadefender, Jotti's malware scan and VirScan.
Thank you for pointing outNext is simple logic:
- If there is a detection of at least 2 of these 6, then the file is 95% really dangerous.
- If the list contains 1-3 detections from little-known companies, it is safe to a higher probability.
- If there are more than 5 detections from any companies, it is most likely dangerous.
If the file is still very suspicious, recheck it after a day and a couple of days after you have uploaded it to dynamic analysis services (Kaspersky, Sophos, Metadefender, Hybrid Analysis).
I'll add two additional scanners for you:If you're familiar with static analyze could you give your opinion to my issue ? Question - How to view JS code Embedded in PDF file ?