Steps to create a malicious test file (EICAR) for testing purposes in a lab environment.

• App Control Agent: All Supported Versions
• Microsoft Windows: All Supported Versions

1. Open a text editor, such as notepad.
2. Paste exactly the following string of text:

   X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

   • Do not add any other characters, spaces, or returns file.
   • Any additional values will generate a different hash, invalidating the test.
3. Save the file as: eicar.com
   • Extension must be .com for the Agent to analyze.
   • If the file name is eicar.com.txt this will invalidate the test.

• This test file and type is designed for testing with Windows and is not a proper test for Linux or macOS endpoints.
• The EICAR test file was developed by the European Institute for Computer Antivirus Research.
• Hashes of eicar.com:
  • SHA-256: 275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F
  • MD5: 44D88612FEA8A8F36DE82E1278ABB02F
  • SHA-1: 3395856CE81F2B7382DEE72602F798B642F14140