https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331282#M165 <P>wildfire only showing the result of files were forwarded from our security devices.its not showing the global database over there.</P><P>for eg:&nbsp;7e27e33ec3df0ea9e89d32b050f1f0a211e3764818b9cad19308b8c954a02f03</P><P>&nbsp;</P> Wed, 03 Jun 2020 05:58:59 GMT Marsooq_A 2020-06-03T05:58:59Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/330411#M155 <P>Hi Team,</P><P>&nbsp;</P><P>Our cyber security department has shared few hashes and asked to check the these hashes verdict? How to check a hash is malware or benign? how to perform this on cortex xdr portal?</P> Thu, 28 May 2020 20:37:17 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/330411#M155 Marsooq_A 2020-05-28T20:37:17Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331251#M160 <P>Your best bet is to use the WildFire portal to do a hash lookup.&nbsp;</P><P>&nbsp;</P><P><A href="https://wildfire.paloaltonetworks.com/wildfire/reportlist/Manual" target="_blank">https://wildfire.paloaltonetworks.com/wildfire/reportlist/Manual</A></P><P>&nbsp;</P><P>Keep in mind, this only shows results for files known by WildFire.&nbsp; If it is as unknown file, Local Analysis can still provide a verdict.&nbsp; The only downside is, there is no way to know what scoring Local Analysis will give a file until the agent has a chance to see the actual file.&nbsp;</P> Wed, 03 Jun 2020 04:26:34 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331251#M160 dfalcon 2020-06-03T04:26:34Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331282#M165 <P>wildfire only showing the result of files were forwarded from our security devices.its not showing the global database over there.</P><P>for eg:&nbsp;7e27e33ec3df0ea9e89d32b050f1f0a211e3764818b9cad19308b8c954a02f03</P><P>&nbsp;</P> Wed, 03 Jun 2020 05:58:59 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331282#M165 Marsooq_A 2020-06-03T05:58:59Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331286#M166 <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="vt.jpg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/25985i69D1D20E5DA3B9C8/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="vt.jpg" alt="vt.jpg" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="wf.jpg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/25984i93F273D8BDC1AFF7/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="wf.jpg" alt="wf.jpg" /></span></P> Wed, 03 Jun 2020 05:59:41 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/331286#M166 Marsooq_A 2020-06-03T05:59:41Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/332169#M175 <P>Hello <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/141755">@Marsooq_A</a>&nbsp;,</P><P>&nbsp;</P><P>You can check the coverage of the hashes from threatvault.paloaltonetworks.com</P><P>&nbsp;</P><P>If the hashes show up as malicious in VT and other trusted resources, do go ahead and blacklist the files.</P><P>If you raise a case for hash coverage check, the sample/file will be asked of you by the team; for the hashes which don't show up in wildfire db or threatvault.</P><P>&nbsp;</P> Sun, 07 Jun 2020 12:42:28 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-hash-verdict/m-p/332169#M175 LokeshKumar 2020-06-07T12:42:28Z