How to Report Malware or False Positives to Multiple Antivirus Vendors

Discussion in 'Malware Analysis Archive' started by Chiron, Jun 17, 2012.

  1. chabbo

    chabbo Level 1

    Jan 30, 2013
    38
    30
    Sweden
    I'm use http://www.raymond.cc/blog/xray/

    X-Ray 2.0: Auto Submit Suspicious Files to Antivirus Analyst

    Automatically submit files to 35 different antivirus companies via email or web based submission method for manual analysis.
    - Abort upload progress
    - Retrieve latest scan report from VirusTotal (API 2.0)
    - Send file to VirusTotal for scanning (API 2.0)
    - Automatic failover when chosen method for sending files to VirusTotal fails.
    - Two methods of sending files to VirusTotal (Email and API)
    - Copying MD5 hash and results to clipboard via right click context menu.
    - History (VirusTotal detection report and Analysis Submission date & time)
    - Clear History
    - Change submission method for a particular antivirus from Settings
    - Test email settings
    - Auto update checker
    - Support 6 CAPTCHA recognition service
    - Proxy Support
    - Right Click “Send To”
    - Support Windows XP/Vista/7/8 (32bit & 64bit)
    - Freeware (no spyware or adware embedded)
    - Portable (history and encrypted settings are stored in AppData)
     
    MalwareDetective and ZeroDay like this.
  2. ZeroDay

    ZeroDay Level 22

    Aug 17, 2013
    1,116
    3,177
    Birmingham UK
    Windows 10
    Kaspersky
    Nice tool, thanks for the share.
     
  3. MalwareDetective

    Dec 16, 2013
    399
    1,421
    cool. thanks for sharing
     
  4. Oxygen

    Oxygen Level 42

    Feb 23, 2014
    3,135
    6,058
    United States
    Windows 10
    Emsisoft
    Thanks for the article... Very good!
     
  5. Wihat

    Wihat Level 3

    Jan 25, 2016
    103
    303
    Viet Nam
    Can you give me a list of e-mail of antivirus manufactures to submit virus sample like this
    -sophos samples@sophos.com
    -bitdefender
    -avast
    etc...
    thanks
     
    Tornado likes this.
  6. Wihat

    Wihat Level 3

    Jan 25, 2016
    103
    303
    Viet Nam
    You can submit as 7zip with the default password
     
  7. Rishi

    Rishi Level 19
    Trusted

    Dec 3, 2015
    910
    8,149
    India
    Windows 10
    Webroot
    #27 Rishi, Mar 8, 2016
    Last edited: Mar 8, 2016
    Check for the updated SUD list sticky post in malware hub for an exhaustive list.To do it in a single go simply add email of all vendors or upload to virustotal.
     
    frogboy likes this.
  8. frogboy

    frogboy Level 61
    Trusted

    Jun 9, 2013
    6,227
    64,788
    Heavy Duty Mechanic.
    Western Australia
    Windows 10
    Emsisoft
  9. Wihat

    Wihat Level 3

    Jan 25, 2016
    103
    303
    Viet Nam
    A guy from Virustotal said that "If you send the file to VirusTotal we share it with the AV vendors. ", it's convenience, but some vendors seem don't care( they do not update or simply think sample "clean", because I check the same sample 2 times a week)
     
    Rishi and frogboy like this.
Loading...