Endpoint Protection

 View Only

  • 1.  need to submit suspicous files

    Posted Nov 07, 2012 08:55 AM

    hi i suspect a file which is more than 20 mb.when i contacted symantec they suggested me to zip the file to less than 10 mb which seems to impossible..

    can any help me with this



  • 2.  RE: need to submit suspicous files
    Best Answer

    Trusted Advisor
    Posted Nov 07, 2012 08:56 AM

    Hello,

    You may upload multiple files at once by using WinZip or WinRar. A zipped file must not be password-protected. The maximum size for one submission is 10 MB. Please submit no more than 9 files in any zip file regardless of size. Its important to note that some file types, like .jar and .cab may be containers and may contain files that will exceed the maximum file count. 

    However, In case if you have Large file, you could either break the file with the assistance of Winzip and submit the same and then create a case with Symantec Technical Support Team.

    OR

    Upload the file on your FTP website and then create a case with Symantec Technical Support Team.

    Once done, the Technical Support Team with direct the same to Symantec Security Response Team.

    NOTE: Make sure the file is not password protected.

    Reference:

    How to Use the Web Submission Process to Submit Suspicious Files 

    http://www.symantec.com/docs/TECH102419

    Symantec Support Tool: How to collect suspicious files and submit the samples to the Symantec Security Response Team.

    http://www.symantec.com/docs/TECH147870

    Hope that helps!!



  • 3.  RE: need to submit suspicous files

    Posted Nov 07, 2012 08:58 AM

    https://www.symantec.com/security_response/submitsamples.jsp?inid=us_sr_flyout_contact_submit

    How big is the file?

    Just try to submit



  • 4.  RE: need to submit suspicous files

    Broadcom Employee
    Posted Nov 07, 2012 11:18 AM

    Hi,

    Please go through the following article.

    How to Use the Web Submission Process to Submit Suspicious Files

    http://www.symantec.com/docs/TECH102419

    Specifically this question

    Q) How many files may I submit?
    A) You may upload multiple files at once by using WinZip or WinRar. A zipped file must not be password-protected. The maximum size for one submission is 10 MB. Please submit no more than 9 files in any zip file regardless of size. Its important to note that some file types, like .jar and .cab may be containers and may contain files that will exceed the maximum file count.

    OR 

    Generally, infectious files are not that large, however if a files is still suspected and is more than 10 Megabytes, it can either be split into parts and upload those or upload them to the customers FTP site.  Then create a Security Response task including the path, username and password for the site.

    Submission by splitting the file.

    Follow the instructions in the below KB article from WinZip to split the file in to parts.
    http://kb.winzip.com/kb/entry/86

    Then submit the files one by one to https://submit.symantec.com/gold  (Submission site to use depends on customer’s entitlement)

    Collect the tracking IDs that is sent through mail.
    Create a SRL task informing them about the split file submission & mention the tracking IDs.
    SRL will then take over the task & proceed appropriately.

    Symantec Support Tool: How to collect suspicious files and submit the samples to the Symantec Security Response Team.

    http://www.symantec.com/docs/TECH147870

     



  • 5.  RE: need to submit suspicous files

    Posted Nov 07, 2012 04:47 PM

    For a quick check, you can submit the file (up to 32MB) to VirusTotal for analysis.

    https://www.virustotal.com/