Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 20 subscribers
  • Views 3243 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sample submission for analysis, bulk submission

Mike Vu

 Hello Community,

 

I have a few samples (about 10) that I would like to submit for analysis to Sophos using their Service Portal.  What is not clear is whether I can put all malicious files in one ZIP archive, password protect it and upload via their portal.  The total size of all the files is less than 30mb and this is the method I used to submit to other vendors.  Wondering if the same goes when submitting to Sophos.  Thanks for the support in advance. 

 



This thread was automatically locked due to age.
  • 0

    Hello Mike Vu,

    while the Submitting samples ... article mentions .zip only under the by-email section you can upload a .zip file as well (I've never uploaded individual files - I wouldn't pack unrelated samples together though).

    Christian

  • 0 in reply to QC

    Thanks for the reply Christian - what do you mean by packing unrelated samples together?  They are all executables but different types of malware.  Do you mean we shouldn't pack pdfs, exe, docs, etc. all in on package? 

  • 0 in reply to Mike Vu

    Hello Mike Vu,

    unrelated meaning files from different incidents like some from a USB stick and others from a download. Makes it easier to track submissions and their status especially when detections are subsequently updated. BTW, it's usually a good idea to include potentially related files as well, for example for a suspicious file from the web items from around the same time found in the browser cache, %TEMP% and %APPDATA% directories.

    Christian

Unfiltered HTML