I want to test to see if my antivirus works properly and if possible to see which one is the best. As each antivirus has two parts, I want to test both.
For signature-based detection, I use the EICAR test file and I can also use some known viruses in restricted environments.
But what about behavioral detection like HIPS (Eset and others) and PDM (Kaspersky and maybe others)?
I wrote a small program that combines two parts of the EICAR chain and writes it into a file. At first, Kaspersky detected the exe file with PDM when I ran it.
After a while, he stopped detecting the exe file and simply deleted the file my exe wrote on the disk.
Is there a test file similar to EICAR except for behavioral detection (I doubt it exists)? Do you have any suggestions for a program to write for this purpose?