Hi There,
Can someone clarify a virus can be spreaded or executed in txt file type.
If yes what are all the possible ways,
Because recently I did EICAR file test with one AV product when I copied EICAR hash code into text file it didnt detected in real time, whereas same files was detected by windows defender in other system. With manual scan the file got detected by both AV.
Thanks,
Deepan S
Greetings @Sdeepan-Subramani
Great question!
Viruses with the .txt file extension can be executed. This is because file extensions are mainly for the benefit of the user. It tells us what program we should associate with that file.
So for instance...
.txt is usually run with a text editor/reader like notepad, vi, nano, cat, type, etc.
.pdf is usually run with Adobe Reader, Acrobat, etc
.py is run with Python
.docx is run with Word
.xlsx is run with Excel
...and so on.
Now that doesn't mean that I can't run/open a file with the .txt extension with another program that isn't normally associated with that extension.
For instance. I can run a .txt file with Python if the file contains information that Python understands.
Now to tackle all the possible ways that this could work itself out is a bit much to take on here, but hopefully you now get the basic idea.
As far as the EICAR test file goes, different AV systems can, and do react differently, so I'm not surprised to hear that you had different experiences with them. There is great information about EICAR on wikipedia here >>> https://en.wikipedia.org/wiki/EICAR_test_file and on the EICAR website here >>> https://www.eicar.org/?page_id=3950 which could give you some insight into why it would be behaving differently across AV systems.
Well I hope that helps you out.
Cheers!
Daniel
ITProTV
Show Host