Malware submission question

Discussion in 'other anti-virus software' started by solcroft, Apr 13, 2007.

Thread Status:
Not open for further replies.
  1. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    When encountering an unknown sample, is it sufficient to scan the sample using VT or Jotti, since those services claim to distribute uploaded samples to malware vendors?
     
  2. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    I would just zip it and sent it ti the vendor you like.
    I'm not sure if jotti does the same thing
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I was thinking to ask almost the same question.
     
  4. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    also Jotti does. But some av vendors give low priority to mass submitted samples that come e.g. from jotti or virustotal.
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks for the reply.
     
  6. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    it would be better to send them to the vendor itself. As far as I've seen Avira is watching more carefully the VirusTotal and Jotti's submission, others don't.
     
  7. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    You forget Ewido. ;)

    Anyway, I also think its better to send samples directly to vendors. Jotti's and VT samples are usually lower priority because they often contain lots of corrupted files, which leads to increased amount of time wasted in analysing such files.
     
Loading...
Thread Status:
Not open for further replies.