Jump to content


Photo

Purpose of this forum


  • This topic is locked This topic is locked
1 reply to this topic

#1 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Root Admin
  • PipPipPipPipPipPip
  • 4,148 posts
  • Gender:Male

Posted 18 November 2009 - 02:59 PM

The purpose of this forum is for users to have a fast-track method of submitting current unknown rogue applications to the Malwarebytes database.

To contribute: please first make sure you run the files against a service such as VirusTotal, Jotti, or Virscan and include a report (important). Next, try to upload the files in a ZIP/RAR folder and do not use a password. If you have a source link(s) available please paste this into a text file and put in with suspected rogue file(s) in the zip folder to be uploaded.

We request that contributors within their technical abilities confirm that the suspected rogue application is not already known to the latest Malwarebytes database.

Thank you in advance for your contributions!
Marcin Kleczynski
Chief Executive Officer



Follow us: Twitter, Become a fan: Facebook

#2 miekiemoes

miekiemoes

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 7,673 posts
  • Gender:Female
  • Location:Belgium

Posted 06 July 2010 - 03:48 PM

If you post samples, ideal would be if it's posted like this:

--------------------------

Topic Title Field: name of the sample(s)
You can use the Topic description field as well if you have multiple samples.

Content of post:

samplename : MD5 hash - url to Virustotalreport
samplename : MD5 hash - url to Virustotalreport
samplename : MD5 hash - url to Virustotalreport
....

* Attachement = the sample(s)+URL(s) to the sample (if available).
If you want, you can zip the textfile of URL(s) and add as a second attachement in your post, your choice.

--------------------------

The MD5 hash can be copied/pasted from the Virustotal report.

This way, it's easier for us and you to find and avoid duplicate samples/postings. That's also why it is recommended, before you submit a sample, to use the searchfunction in this forum to see if the sample was already posted or not.
Since we also suggest to post the MD5 hash of the sample, you can search on that as well. (This since some samples can have same names, but may be different files).


Extra note:

In the interest of optimizing space/time, both yours and ours, please consolidate groups of samples into packages rather than 1 file per package. For example if you download some files in the morning and this nets 5 samples, zip them all into one package and use only one thread for that.

The same goes for multiple samples from one base URL, one thread is preferable.
Mieke Verburgh
Director of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users