Submitting Malware to AntiVirus Vendors
Updated: Mar 20, 2021
How to submit malicious artifacts, malware, viruses, trojans, or worms to all the AntiVirus Vendors.
While AntiVirus companies are constantly changing names, ownership, and processes, certain things have remained the same for quite some time. One of those is how to submit malware for review to various vendors. That being said, very few people do this because the process can be quite tedious and unappealing.
There are two primary methods of getting AntiVirus vendor attention on a given file:
1] Submit the file to a company like virustotal.com and hope that their engine is integrated into the platform and that they will be on the constant lookout for files which are not detected by their own engine while still detected by others. This is the most common practice and one that many vendors tend to follow. Most files that get submitted to that service will be made available to the public and also to the AntiVirus vendors that are participating with their own engines on that platform.
2] You may also contact many of the vendors directly by emailing them on their malware inbox or uploading a file to their malware submission portal.
When submitting malware to these vendors and aliases, the only stipulation is that you zip the file prior to sending.
email@example.com | F-Secure
firstname.lastname@example.org | Mcafee
email@example.com | Sophos
Similarly, the following email addresses expect that the file is compressed in 7zip format prior to sending.
For the rest, you are expected to upload your file to the website directly using their upload submission feature. We are not aware of a tool that automates the upload process although that would be a nice feature. In some cases you may be expected to enter in a CAPTCHA as well.
https://success.trendmicro.com/smb-new-request | Trendmicro
https://www.totalav.com/submit | TotalAV (zip)
https://secureaplus.secureage.com/Main/submit_malware.php | SecureAge (zip)
https://www.gdata-software.com/faq/consumer/submit-a-suspicious-file-app-or-url | Gdata
https://community.carbonblack.com/t5/Knowledge-Base/How-To-Provide-A-Malware-Sample-To-Carbon-Black-Support/ta-p/ | CarbonBlack (zip)
If there are any other active submission URLs to AntiVirus vendors that we have not included, please feel free to let us know!
Submitting malware to all the places that it needs to go for maximum detection can be time consuming and difficult. Our goal is to help the community by making that process just a little bit more transparent.