[bitstechs]

Hello,

I just have a question about posting samples. I've seen a lot of samples posted so I understand the format of sample posting. If I have a sample from a customers computer that shares the same name of another sample posted should I still post what I have?

[Cody Johnston]

I usually check to make sure the sample is newer than anything that is already posted, and has some significant change. Example: a lower detection rate on VirusTotal due to new packer/crypter, new functionality, new/changed interface interface, or new C2/configuration. Others may think differently, but that is what I usually try to check before posting nowadays.