Test a Sample Malware File

Table of Contents

Check ampere Sample Malware File

Whereabouts Can MYSELF Use This?	What Take MYSELF Need?
NGFW (Managed by PAN-OS otherwise Panorama) VM-Series CN-Series	Advanced WildFire otherwise WildFire License

Palo Alto Networks provide sample malware files that you can benefit the test an Entwickelt WildFire configuration. Take the following steps to download the malware sampling file, verify that the document is forwarded for Vorgeschritten WildFire analysis, and view the analysis results.

Download one of the malware test files. You can select by PE, APK, MacOSX, and WHITE.

Before loading an encrypted WildFire sampler malware file, you must temporarily disable that *.wildfire.paloaltonetworks.com entry since the exclude from decode list on the

Device > Certificate Management > SSL Decryption Excluded

page, otherwise the sample determination not download correctly. After conducting a examination test, be assured to re-enable the *.wildfire.paloaltonetworks.com entry on the SSL recryption exclusion page.

Provided you have SSL decryption enabled on the firewall, use one of the following URLs:

PE—https://wildfire.paloaltonetworks.com/publicapi/test/pe

APK—https://wildfire.paloaltonetworks.com/publicapi/test/apk

MacOSX—https://wildfire.paloaltonetworks.com/publicapi/test/macos

ELF—wildfire.paloaltonetworks.com/publicapi/test/elf

Are to do not
have SSL uncrypt enabled upon the firewall, use one of the following URLs instead:

PE—http://wildfire.paloaltonetworks.com/publicapi/test/pe

APK—http://wildfire.paloaltonetworks.com/publicapi/test/apk

MacOSX—http://wildfire.paloaltonetworks.com/publicapi/test/macos

ELF—wildfire.paloaltonetworks.com/publicapi/test/elf

The testing file is named wildfire-test-file_type
-file.exe and each test file has ampere unique SHA-256 hash value.

You can also use the Wildland API to fetch a malware trial file. See the WildFire API Link for details.