topic Malicious signature &quot;Virus/Win32.WGeneric.bjpxbe&quot; detected on Cortex XDR in Advanced Threat Prevention Discussions https://live.paloaltonetworks.com/t5/advanced-threat-prevention/malicious-signature-quot-virus-win32-wgeneric-bjpxbe-quot/m-p/433183#M1312 <P>Hi,</P><P>Malicious signature "<SPAN>Virus/</SPAN>Win32.WGeneric.bjpxbe" is detected on Cortex XDR.</P><P>&nbsp;</P><P>When dwelled further, details &amp; screen grab from THREAT VAULT are shared for your perusal&nbsp;</P><P><SPAN>Unique Threat ID: 422569341</SPAN></P><P><SPAN>SHA256 values are (</SPAN>09fb42aa3d9fcb32e2dab5f9e614a1975eac3324647becbb2f703505048c7aaf&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;and&nbsp;c42276b3b59e61e55fdee93223708f0a12bff9d9ebabd640425cbbf5f329ed14<SPAN>) as shown in the screen grab.</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="FarooqHussain_0-1631297224416.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/36322i31ADADBCB2BD2077/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="FarooqHussain_0-1631297224416.png" alt="FarooqHussain_0-1631297224416.png" /></span></P><P>I have explored on virustotal.com &amp;&nbsp;exchange.xforce.ibmcloud.com and "found no matches" &amp; "unknown risk" respectively.</P><P>&nbsp;</P><P>Please suggest if these<SPAN>&nbsp;signatures are built based on WildFire false positives? What could be the impact of this virus &amp; what should be next plan of action. Please suggest.</SPAN></P><P>&nbsp;</P><P><SPAN>Thank you</SPAN></P> Fri, 10 Sep 2021 18:28:07 GMT Farooq_Hussain 2021-09-10T18:28:07Z Malicious signature "Virus/Win32.WGeneric.bjpxbe" detected on Cortex XDR https://live.paloaltonetworks.com/t5/advanced-threat-prevention/malicious-signature-quot-virus-win32-wgeneric-bjpxbe-quot/m-p/433183#M1312 <P>Hi,</P><P>Malicious signature "<SPAN>Virus/</SPAN>Win32.WGeneric.bjpxbe" is detected on Cortex XDR.</P><P>&nbsp;</P><P>When dwelled further, details &amp; screen grab from THREAT VAULT are shared for your perusal&nbsp;</P><P><SPAN>Unique Threat ID: 422569341</SPAN></P><P><SPAN>SHA256 values are (</SPAN>09fb42aa3d9fcb32e2dab5f9e614a1975eac3324647becbb2f703505048c7aaf&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;and&nbsp;c42276b3b59e61e55fdee93223708f0a12bff9d9ebabd640425cbbf5f329ed14<SPAN>) as shown in the screen grab.</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="FarooqHussain_0-1631297224416.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/36322i31ADADBCB2BD2077/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="FarooqHussain_0-1631297224416.png" alt="FarooqHussain_0-1631297224416.png" /></span></P><P>I have explored on virustotal.com &amp;&nbsp;exchange.xforce.ibmcloud.com and "found no matches" &amp; "unknown risk" respectively.</P><P>&nbsp;</P><P>Please suggest if these<SPAN>&nbsp;signatures are built based on WildFire false positives? What could be the impact of this virus &amp; what should be next plan of action. Please suggest.</SPAN></P><P>&nbsp;</P><P><SPAN>Thank you</SPAN></P> Fri, 10 Sep 2021 18:28:07 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/malicious-signature-quot-virus-win32-wgeneric-bjpxbe-quot/m-p/433183#M1312 Farooq_Hussain 2021-09-10T18:28:07Z