Advice Request How do I submit Samples to Bitdefender?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Antimalware18

Level 10
Thread author
Verified
Well-known
Jan 17, 2014
485

Antimalware18

Level 10
Thread author
Verified
Well-known
Jan 17, 2014
485
Disable adblock?

See, now that's where things get weird. I took your advice and disabled ublock in chrome and tried to load the page and now when the page is still
loading it shows the option to upload a file. But when the page has finished it doesn't any longer.

....weird.
 

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
I remember I had the same problem when I tested the new beta.... I am not sure now how I solved it.
I think I enabled Java script in my browser.
 
Last edited:

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
Anyone have a workaround? anytime I try to via their webpage for it.
https://www.bitdefender.com/submit/
I can fill out everything but when I select "File" it doesn't give me the option to choose a file.
Using Bitdefender Free.
Beside disabling common content blockers, make sure that you haven't disabled Javascript in your browser settings, neither have you kept a Script-blocker addon (etc) enabled.
Many File Uploaders are JS &/OR HTML based and the above could be a potential cause of the problem.
Already tried that one, it just leads to the same webpage.....and same issue.
There is the email link......buuuutttt i use gmail which has built in blockers so i cannot send .exe files or any of the sort so thats a no-go as well.
You can password-protect the samples to be submitted, mention the password, rename the archive file to some other extension (yes, I've done that when sending files to some AV companies) so that the file format does not get blocked by Gmail, then send.
 
  • Like
Reactions: brambedkar59

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
i use gmail which has built in blockers so i cannot send .exe files or any of the sort so thats a no-go as well.
Do not send samples as .EXE. For security reasons, you cannot upload certain file formats.
  • Add the malware file(s) to a zip file using file compression software of your choice (WinZip, WinRAR, etc.)
  • Password protect the zip file with the password "infected".
What to do when Bitdefender does not detect malware
 
  • Like
Reactions: Visa

Antimalware18

Level 10
Thread author
Verified
Well-known
Jan 17, 2014
485
You can password-protect the samples to be submitted, mention the password, rename the archive file to some other extension (yes, I've done that when sending files to some AV companies) so that the file format does not get blocked by Gmail, then send.

Thinking I'm going to do this. Tried all the browsers installed on my system and none of them worked. Of course half of them don't seem to even support java anymore (chrome, firefox) of course I could be wrong on that...

Seems like they may need to update the page imo

thanks for the advice.
 
  • Like
Reactions: Visa and Parsh
F

ForgottenSeer 19494

Reported to webmaster, might be something in the backend. Better to be sure and check.
 

kamla5abi

Level 4
Verified
May 15, 2017
178
FYI: this works for me now, I tried attaching a random small file as a test (sounds like this part of the process was where you had trouble, so didn't actually submit it)

and yes, always zip the file first before sending it as mentioned above (with pw "infected" to be safe - that pw seems to be the universal norm for sharing malware files almost everywhere, so most everyone will know how to extract it)

i doubt this is the case for bitdefender employees who check the submissions (lol) but some people have their browser setup to automatically save downloads to a certain location and then open automatically... If you send them just the straight EXE file, you can see what can happen ;) lol
 
  • Like
Reactions: Visa
F

ForgottenSeer 19494

FYI: this works for me now, I tried attaching a random small file as a test (sounds like this part of the process was where you had trouble, so didn't actually submit it)

and yes, always zip the file first before sending it as mentioned above (with pw "infected" to be safe - that pw seems to be the universal norm for sharing malware files almost everywhere, so most everyone will know how to extract it)

i doubt this is the case for bitdefender employees who check the submissions (lol) but some people have their browser setup to automatically save downloads to a certain location and then open automatically... If you send them just the straight EXE file, you can see what can happen ;) lol
That's why files in the Hub are posted with hxxps and xxx.somedomain.*
 
  • Like
Reactions: Visa

Visa

Level 1
Verified
May 31, 2017
42
i doubt this is the case for bitdefender employees who check the submissions
Of course their employees will guess the password to be "infected", the people responsible for handling the malware sample submissions were not picked out of a zoo... They do have experience and chances are they come to forums like this and use the samples from the hub too (for example) as with many other sources. :D
 
F

ForgottenSeer 19494

Of course their employees will guess the password to be "infected", the people responsible for handling the malware sample submissions were not picked out of a zoo... They do have experience and chances are they come to forums like this and use the samples from the hub too (for example) as with many other sources. :D
Uploaded files are first checked automatically, that's where machine learning can first group files in clusters according to different previously seen files, and when there are enough grouped files there can be picked some attributes that are common to these files while also keeping the level of hits in the clean set to none. Most of the files are automatically analyzed and the researchers don't even see them unless they play with them.
 
  • Like
Reactions: Visa

Visa

Level 1
Verified
May 31, 2017
42
Uploaded files are first checked automatically, that's where machine learning can first group files in clusters according to different previously seen files, and when there are enough grouped files there can be picked some attributes that are common to these files while also keeping the level of hits in the clean set to none. Most of the files are automatically analyzed and the researchers don't even see them unless they play with them.
I would assume they go through a sandbox, like Cuckoo, and then the log generated is used for the submission result. They manually analyse if required. Vendors like Emsisoft analyze their samples manually instead of relying on automatic analysis, and vendors like Avira have their submissions pass through the cloud w/ Cuckoo for example. They do things differently all the time, the way BD might do something doesn't mean they all will.. But nice post.
 
W

WolfensteinXeen

@Visa Man i know it's off topic but that is one cool username and avatar. Would be fun if other members followed the trend and took Mastercard, American Express, etc... ;)
 
  • Like
Reactions: iAwake and Visa
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top