Introduction:
Scanning a malware through a list of antiviruses is as important as developing a malware. I would say it is more important than the malware itself. I say it because a malware can only be called as a malware when it will actually work as it was intended to work, and that is only after bypassing an antivirus software.
If you’re genuinely interested in knowing more about this, go ahead and read the complete blog, else ‘antiscan.me’ is what you’re looking for.
Reproduction Steps:
You can refer below video to know the steps required.
NOTE: DO NOT, I REPEAT, DO NOT use virustotal.com to scan your malware. They'll distribute your file to antivirus companies and you know, it will always get detected as a virus.
I assume that you’ve already developed a malware and want to check whether it bypasses most of the antiviruses or not. Installing each antivirus in your system and scanning your file through it, wouldn’t be a smart decision. This is the reason we will be using a website who offers this scanning service for free of charge and WITHOUT distributing the results.
Once you've managed to develop a clean malware, you might want to bind it to any other file such as a PDF or MP3/MP4, DOC or TXT, if so, please go through this blog.
You might have heard about a website called as ‘nodistribute.com’, it was the most famous among hackers and pentesters. Unfortunately, this website no long works as expected, I’ve been checking it through ages and at this moment I’m pretty much sure it will never work in the near future.
The solution?
‘antiscan.me’ is an identical website where you can scan your file online with multiple different antiviruses without distributing the results of your scan. They’ll scan your file through atleast 30 major antiviruses by using an API from a reliable provider (DynCheck) which has been around since 2016. Most importantly, they DO NOT share your results.
Below is the list of antiviruses that are supported at the moment.
Ad-Aware, AhnLab V3 Light, ArcaVir, Avast, AVG, Avira, 360
Total Security, BitDefender, BullGuard, ClamAV, DrWeb, Emsisoft, eScan, ESET, Fortinet, F-PROT, F-Secure,
G Data, K7 AntiVirus Premium, Kaspersky, McAfee Endpoint Protection, Sophos, TrustPort, Windows Defender,
Zone Alarm Extreme Security, IKARUS, Malwarebytes, Norton, VBA32, Zillya.
You get 6 free scans for a day, everyday. You can simply use a VPN to get more free scans.
I would really encourage you to get their paid service only if you can, they charge $0.1 for each scan and it will help them in keeping the project alive.
Steps:
Goto antiscan.me and click on ‘Choose File’.
Once chosen, click on ‘Scan File’.
It will take some time to scan the file and then you’ll see results as seen below.
Additional Features:
This website offers three main features.
- Text Results - Same as seen in the above screenshots.
- Image Results - Same results but on an image.
- Links - You get an HTML element to show on your website.
How does an Antivirus work?
In simple terms, these antivirus companies checks the file through it’s massive database where all previously flagged viruses are kept.
They’ve designed their software in such a way that it scans for any malicious code within your file. If it detects any such code, the file is quarantined and the report along with the file is sent to them. Their security researcher then checks the file manually by reverse engineering it. It it’s an actual virus, they’ll update their global database so in future when similar file roams around, it detects the virus and quarantine it automatically.
