«
»

Simple python code to create an eicar virus

Published July 16, 2013 | By phillips321

So it’s annoying when you’re testing AV and you need to create an eicar virus. Usually the AV will keep deleting the file and your text string.

This simple code is given the file name and will produce the output file. The benefit of using this script is that the eicar string is not actually stored inside the script as clear text.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/usr/bin/env python
# Author: phillips321
# Site: www.phillips321.co.uk
# Version: 0.1
# About: Creates a file containing eicar test string

import sys, time
try:
    filename=sys.argv[1]
except:
    filename="eicar.txt"
eicarhex="58354f2150254041505b345c505a58353428505e2937434329377d2445494341522d5354414e444152442d414e544956495255532d544553542d46494c452124482b482a"

try:
    print "Writing to %s..." % filename
    for l in eicarhex.decode("hex"):
        sys.stdout.write(l)
        time.sleep(0.05)
    print "\nComplete"
    fdesc = open(filename, "w")
except:
    print "Unable to write to eicar.txt"
else:
    fdesc.write(eicarhex.decode("hex"))
    fdesc.close()
Posted in Uncategorized | Tagged , , ,

Leave a Reply

Please feel free to share my content but always link back here :-)