Malware Analysis
Malbox is a Online service for malware analysis. Submit your Windows executable(*.exe) or compressed(*.zip)

Anubis is a service for analyzing malware.
Submit your Windows executable and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL.

netscty malware analysis tool is a "Sandbox" used for testing suspicious software (binaries) in a controlled environment. Wikipedia refers to a sandbox as "a security mechanism for separating running programs. Some Sandboxes are used to execute untested code, or un-trusted programs from unverified third-parties, suppliers and un-trusted users."
Capable File Extensions to upload:

Wepawet is a framework for the analysis of web-based threats.
Wepawet is able to determine if visiting a web page would lead to an attempt to compromise the visitor's environment.

Eureka is a binary static analysis preparation framework. It implements a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing. Eureka incorporates advanced API deobfuscation capabilities to facilitate the structural analysis of the underlying malware logic. For each uploaded binary, the Eureka service will attempt to unpack and (for Eureka I, disassemble; for Eureka II (not yet available), decompile) the binary, and will produce an annotated callgraph, subroutine/data index page, strings summary, and a list of embedded DNS entries.

PDF X-RAY is a PDF scanner that will try and classify if a suspicious PDF is malicious or not. It does this using a number of different data sources, statistical analysis and comparisons of collected malware samples based on months of research. PDF X-RAY will provide more detailed results compared to a traditional anti-virus because it compares the uploaded sample to other known malicious documents.

A Generic JavaScript Unpacker
Upload a PDF, pcap, HTML, or JavaScript file

HTTP Web-Sniffer 1.0.37
View HTTP Request and Response Header

GFI Sandbox™ (formerly CWSandbox) is an industry leading dynamic malware analysis tool. It gives you the power to analyze virtually any Windows application or file including infected: Office documents, PDF's, malicious URL's and Flash ads.
Once you submit your sample below we will email you an executive level PDF and an XML report containing all the behavior information gathered during analysis.

If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, COMODO Automated Analysis System will scan it and report back its findings.

You may also use our mail submission feature. To use this service, please send an email to and attach the a ZIP file containing the files you want to analyse. The ZIP file can be password-protected using the password 'infected'. The links to the corresponding reports will be sent to the sender's e-mail address.
ZIP packed files can also be submitted, if the password is 'infected'. A maximum of 50 files per ZIP is allowed.

ThreatExpert Free Online File Scanner
If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, ThreatExpert will scan it and report back its findings.

malware tracker
PDF Examiner
View PDF objects as hex/text, PDF dissector and inspector, scan for known exploits (CVE-2007-5659, CVE-2009-0927, CVE-2008-2992, CVE-2009-4324, CVE-2009-3954, CVE-2009-3953, CVE-2009-3959, CVE-2009-1493, CVE-2010-0188, CVE-2010-1297, CVE-2010-2883, CVE-2010-3654, CVE-2010-4091, CVE-2011-0609, CVE-2011-0611 and embedded /Action commands), process PDF compression (FlateDecode, ASCIIHexDecode, LZWDecode, ASCII85Decode, RunLengthDecode), encryption (40+128 bit RC4, 128 bit AESV2), and obfuscation (unicode, Hex, fromCharCode)

malware tracker
Shellcode Analysis
Unpack and analyze shellcode. Paste hex of shellcode.

See what's inside an EXE file or DLL

Shellcode 2 EXE
See what's inside an EXE file

NSI Sandbox
Our malware analysis sandbox tool performs cutting edge analysis of the potentially malicious file in our controlled environment. Our free online malicious software (malware) analysis tool provides a fast comprehensive evaluation of a variety of malware such as botnet software, viruses, spyware, trojans, and keyloggers. Once you upload your potential malware sample to be analyzed a custom report will be generated for you. Upon completion of the analysis, an e-mail will be sent back to you in a PDF format. The report will outline the activity generated and observed once the file is executed within our controlled environment.

Malware Analysis via Hardware Virtualization Extensions

We can accept any type of file including executables, documents, spreadsheets, presentations, compiled help files, database packages, PDF, images, emails, or archives. You can also submit a file from a remote web address.

Your Online Binary Analyzer

Norman SandBox

GFI Sandbox

Zulu URL Risk Analyzer
Zulu is a dynamic risk scoring engine for web based content. For a given URL, Zulu will retrieve the content and apply a variety of checks in three different categories:
Content Checks – Inspection of page content to identify potentially malicious code in a variety of categories
URL Checks – Inspection of the full URL to identify malicious patterns and check the URL/FQDN/TLD against third party and Zscaler block lists
Host Checks – IP, DNS and netblock reputation checks