{"id":140,"date":"2023-01-24T17:30:32","date_gmt":"2023-01-24T16:30:32","guid":{"rendered":"https:\/\/worldofsecurity.de\/?p=140"},"modified":"2023-01-25T16:44:41","modified_gmt":"2023-01-25T15:44:41","slug":"wildfire-test-a-sample-malware-file","status":"publish","type":"post","link":"https:\/\/blog.helge-meyer.de\/?p=140","title":{"rendered":"Wildfire Test a Sample Malware File"},"content":{"rendered":"<p><b>1.<\/b> Download one of the malware test files. You can select from PE, APK, MacOSX, and ELF.<\/p>\n<div class=\"infoout\">If you <strong>have SSL decryption<\/strong> enabled on the firewall, use one of the following URLs:<br \/>\n<a href=\"https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/pe\" target=\"_blank\" rel=\"noopener\">PE\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/pe<\/a><br \/>\n<a href=\"https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/apk\" target=\"_blank\" rel=\"noopener\">APK\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/apk<\/a><br \/>\n<a href=\"https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/macos\" target=\"_blank\" rel=\"noopener\">MacOSX\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/macos<\/a><br \/>\n<a href=\"https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/elf\" target=\"_blank\" rel=\"noopener\">ELF\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/elf<\/a><\/div>\n<div class=\"infoout\">If you <strong>do not have SSL decryption<\/strong> enabled on the firewall, use one of the following URLs instead:<br \/>\n<a href=\"http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/pe\" target=\"_blank\" rel=\"noopener\">PE\u2014http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/pe<\/a><br \/>\n<a href=\"http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/apk\" target=\"_blank\" rel=\"noopener\">APK\u2014http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/apk<\/a><br \/>\n<a href=\"http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/macos\" target=\"_blank\" rel=\"noopener\">MacOSX\u2014http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/macos<\/a><br \/>\n<a href=\"http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/elf\" target=\"_blank\" rel=\"noopener\">ELF\u2014http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/elf<\/a><\/div>\n<p>The test file is named wildfire-test-file_type-file.exe and each test file has a unique SHA-256 hash value.<\/p>\n<p><b>2.<\/b> On the firewall web interface, select <b>Monitor&gt;WildFire Submissions<\/b> to confirm that the file was forwarded for analysis.<\/p>\n<div class=\"info\">\n<p><strong>Note<\/strong><br \/>\nIt might take about five minutes for analysis results to be displayed for the file on the WildFire Submissions page. The verdict for the test file will always display as malware.<\/p>\n<\/div>\n<p>Reference: <a href=\"https:\/\/docs.paloaltonetworks.com\/advanced-wildfire\/administration\/configure-advanced-wildfire-analysis\/verify-wildfire-submissions\/test-a-sample-malware-file\" target=\"_blank\" rel=\"noopener\">Test a Sample Malware File<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>1. Download one of the malware test files. You can select from PE, APK, MacOSX, and ELF. If you have SSL decryption enabled on the firewall, use one of the following URLs: PE\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/pe APK\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/apk MacOSX\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/macos ELF\u2014https:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/elf If you do not have SSL decryption enabled on the firewall, use one of the following URLs instead: PE\u2014http:\/\/wildfire.paloaltonetworks.com\/publicapi\/test\/pe [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[17,6,16],"class_list":["post-140","post","type-post","status-publish","format-standard","hentry","category-palo-alto-networks","tag-malware","tag-palo-alto-networks","tag-wildfire"],"_links":{"self":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts\/140","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=140"}],"version-history":[{"count":15,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts\/140\/revisions"}],"predecessor-version":[{"id":484,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts\/140\/revisions\/484"}],"wp:attachment":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}