How to submit malicious artifacts, malware, viruses, trojans, or worms to all the AntiVirus Vendors.
While AntiVirus companies are constantly changing names, ownership, and processes, certain things have remained the same for quite some time. One of those is how to submit malware for review to various vendors. That being said, very few people do this because the process can be quite tedious and unappealing.
There are two primary methods of getting AntiVirus vendor attention on a given file:
1] Submit the file to a company like virustotal.com and hope that their engine is integrated into the platform and that they will be on the constant lookout for files which are not detected by their own engine while still detected by others. This is the most common practice and one that many vendors tend to follow. Most files that get submitted to that service will be made available to the public and also to the AntiVirus vendors that are participating with their own engines on that platform.
2] You may also contact many of the vendors directly by emailing them on their malware inbox or uploading a file to their malware submission portal.
Email Aliases
ZIP Encryption
When submitting malware to these vendors and aliases, the only stipulation is that you zip the file prior to sending.
v3sos@ahnlab.com
virus@avast.com
virus@avira.com
virus_submission@bitdefender.com
samples@bluepointsecurity.com
malwaresubmit@avlab.comodo.com
vms@drweb.com
malware@emcosoftware.com
submit@emsisoft.com
virus@esafe.com
samples@escanav.com
submitvirus@fortinet.com
research@spy-emergency.com
viruslab@f-prot.com
labs@fsb-antivirus.com
vsamples@f-secure.com | F-Secure
samples@ikarus.at
submit@samples.immunet.com
newvirus@kaspersky.com
support@jiangmin.com
research@lavasoft.com
virus_research@avertlabs.com | Mcafee
virus@micropoint.com.cn
avsubmit@submit.microsoft.com
windefend@submit.microsoft.com
malware.samples@opendns.com
virus@nanoav.ru
samples@eset.com
support@noralabs.com
support@norman.com
virus_info@inca.co.kr
virus@pandasecurity.com
virussamples@pandasecurity.com
psafe@psafe.com
kefu@360.cn
support@rubus.co.in
newvirus@s-cop.com
samples@sophos.com | Sophos
detections@spybot.info
vlab@srnmicro.com
avsubmit@symantec.com
virus@hacksoft.com.pe
virus@thirtyseven4.com
virus@ca.com
submit@trojanhunter.com
support@simplysup.com
virus@filseclab.com
malware-cruncher@sunbelt-software.com
viruslab@hauri.co.kr
newvirus@anti-virus.by
virus@zillya.com
huangruimin@kingsoft.com
pomoc@mks.com.pl
support@aegislab.com
viruslab@quickheal.com
trojans@agnitum.com
bav@baidu.com
bkav@bkav.com.vn
huangruimin@kingsoft.com
samples@mysecuritywin.com
7zip Encryption
Similarly, the following email addresses expect that the file is compressed in 7zip format prior to sending.
support.is@cmclab.net
samples@digital-defender.com
sample@preventon.com
support-tech@returnil.com
malwaresample@herdprotect.com
info@chicalogic.com
submit@antiy.com
URL Submissions
For the rest, you are expected to upload your file to the website directly using their upload submission feature. We are not aware of a tool that automates the upload process although that would be a nice feature. In some cases you may be expected to enter in a CAPTCHA as well.
https://success.trendmicro.com/smb-new-request | Trendmicro
https://www.totalav.com/submit | TotalAV (zip)
https://secureaplus.secureage.com/Main/submit_malware.php | SecureAge (zip)
https://community.carbonblack.com/t5/Knowledge-Base/How-To-Provide-A-Malware-Sample-To-Carbon-Black-Support/ta-p/ | CarbonBlack (zip)
Conclusion
If there are any other active submission URLs to AntiVirus vendors that we have not included, please feel free to let us know!
Submitting malware to all the places that it needs to go for maximum detection can be time consuming and difficult. Our goal is to help the community by making that process just a little bit more transparent.
I suggest adding more https://malshare.com/ https://www.hybrid-analysis.com/
This message can also be deleted after updating the information.
It is proposed to update/add the following ways to report a harmful file:
https://www.malware.us-cert.gov/
https://bleepingcomputer.com/submit-malware.php
response@cert-gib.com, info@cert.ru - in any form, specify in a comment if necessary. It is better to give a link to VirusTotal.
https://opentip.kaspersky.com/
https://z-oleg.com/secur/avz/support.php
scam@netcraft.com - send / forward everything in a "live" form.
https://bazaar.abuse.ch/upload/
This comment can be removed after updating the shipping methods