Antimalware18

Level 8
Verified
Disable adblock?
See, now that's where things get weird. I took your advice and disabled ublock in chrome and tried to load the page and now when the page is still
loading it shows the option to upload a file. But when the page has finished it doesn't any longer.

....weird.
 

Solarquest

Moderator
Staff member
Malware Hunter
Verified
I remember I had the same problem when I tested the new beta.... I am not sure now how I solved it.
I think I enabled Java script in my browser.
 
Last edited:

Parsh

Level 24
Trusted
Malware Hunter
Verified
Anyone have a workaround? anytime I try to via their webpage for it.
https://www.bitdefender.com/submit/
I can fill out everything but when I select "File" it doesn't give me the option to choose a file.
Using Bitdefender Free.
Beside disabling common content blockers, make sure that you haven't disabled Javascript in your browser settings, neither have you kept a Script-blocker addon (etc) enabled.
Many File Uploaders are JS &/OR HTML based and the above could be a potential cause of the problem.
Already tried that one, it just leads to the same webpage.....and same issue.
There is the email link......buuuutttt i use gmail which has built in blockers so i cannot send .exe files or any of the sort so thats a no-go as well.
You can password-protect the samples to be submitted, mention the password, rename the archive file to some other extension (yes, I've done that when sending files to some AV companies) so that the file format does not get blocked by Gmail, then send.
 
  • Like
Reactions: rockstarrocks

Spawn

Administrator
Staff member
Verified
i use gmail which has built in blockers so i cannot send .exe files or any of the sort so thats a no-go as well.
Do not send samples as .EXE. For security reasons, you cannot upload certain file formats.
  • Add the malware file(s) to a zip file using file compression software of your choice (WinZip, WinRAR, etc.)
  • Password protect the zip file with the password "infected".
What to do when Bitdefender does not detect malware
 
  • Like
Reactions: Visa

Antimalware18

Level 8
Verified
You can password-protect the samples to be submitted, mention the password, rename the archive file to some other extension (yes, I've done that when sending files to some AV companies) so that the file format does not get blocked by Gmail, then send.
Thinking I'm going to do this. Tried all the browsers installed on my system and none of them worked. Of course half of them don't seem to even support java anymore (chrome, firefox) of course I could be wrong on that...

Seems like they may need to update the page imo

thanks for the advice.
 
  • Like
Reactions: Visa and Parsh

kamla5abi

Level 4
FYI: this works for me now, I tried attaching a random small file as a test (sounds like this part of the process was where you had trouble, so didn't actually submit it)

and yes, always zip the file first before sending it as mentioned above (with pw "infected" to be safe - that pw seems to be the universal norm for sharing malware files almost everywhere, so most everyone will know how to extract it)

i doubt this is the case for bitdefender employees who check the submissions (lol) but some people have their browser setup to automatically save downloads to a certain location and then open automatically... If you send them just the straight EXE file, you can see what can happen ;) lol
 
  • Like
Reactions: Visa

liubomirwm

Level 5
FYI: this works for me now, I tried attaching a random small file as a test (sounds like this part of the process was where you had trouble, so didn't actually submit it)

and yes, always zip the file first before sending it as mentioned above (with pw "infected" to be safe - that pw seems to be the universal norm for sharing malware files almost everywhere, so most everyone will know how to extract it)

i doubt this is the case for bitdefender employees who check the submissions (lol) but some people have their browser setup to automatically save downloads to a certain location and then open automatically... If you send them just the straight EXE file, you can see what can happen ;) lol
That's why files in the Hub are posted with hxxps and xxx.somedomain.*
 
  • Like
Reactions: Visa

Visa

Level 1
i doubt this is the case for bitdefender employees who check the submissions
Of course their employees will guess the password to be "infected", the people responsible for handling the malware sample submissions were not picked out of a zoo... They do have experience and chances are they come to forums like this and use the samples from the hub too (for example) as with many other sources. :D
 

liubomirwm

Level 5
Of course their employees will guess the password to be "infected", the people responsible for handling the malware sample submissions were not picked out of a zoo... They do have experience and chances are they come to forums like this and use the samples from the hub too (for example) as with many other sources. :D
Uploaded files are first checked automatically, that's where machine learning can first group files in clusters according to different previously seen files, and when there are enough grouped files there can be picked some attributes that are common to these files while also keeping the level of hits in the clean set to none. Most of the files are automatically analyzed and the researchers don't even see them unless they play with them.
 
  • Like
Reactions: Visa

Visa

Level 1
Uploaded files are first checked automatically, that's where machine learning can first group files in clusters according to different previously seen files, and when there are enough grouped files there can be picked some attributes that are common to these files while also keeping the level of hits in the clean set to none. Most of the files are automatically analyzed and the researchers don't even see them unless they play with them.
I would assume they go through a sandbox, like Cuckoo, and then the log generated is used for the submission result. They manually analyse if required. Vendors like Emsisoft analyze their samples manually instead of relying on automatic analysis, and vendors like Avira have their submissions pass through the cloud w/ Cuckoo for example. They do things differently all the time, the way BD might do something doesn't mean they all will.. But nice post.
 
W

WolfensteinXeen

@Visa Man i know it's off topic but that is one cool username and avatar. Would be fun if other members followed the trend and took Mastercard, American Express, etc... ;)
 
  • Like
Reactions: iAwake and Visa