11-24-2020 10:56 AM
Dear Team,
How to identify the malicious hash files and how to block that.
Hash file:
d257f51ab29b4dab07f05412838a1ffc
0610f0b1c37193c6fdf8b2c244dd823d
b66be2f7c046205b01453951c161e6cc
46b318bbb72ee68c9d9183d78e79fb5a
b3efec620885e6cf5b60f72e66d908a9
d790997dd950bb39229dc5bd3c2047ff
58bb2236e5aee39760d3e4fc6ee94a79
89081f2e14e9266de8c042629b764926
a2b1a45a242cee03fab0bedb2e460587
c4141ee8e9594511f528862519480d36
d45931632ed9e11476325189ccb6b530
acd15f4393e96fe5eb920727dc083aed
34404a3fb9804977c6ab86cb991fb130
3122b0130f5135b6f76fca99609d5cbe
889e320cf66520485e1a0475107d7419
97aaf130cfa251e5207ea74b2558293d
3c9e71400b72cc0213c9c3e4ab4df9df
495c3b3714ccc5e09d501aa61465bbc4
5cfa1c2cb430bec721063e3e2d144feb
4f67f3e4a7509af1b2b1c6180a03b3e4
8d9123cd2648020292b5c35edc9ae22e
0ba6bb2ad05d86207b5303657e3f6874
Regards
Karthikeyan Balamurugan
12-14-2020 03:04 AM
Hello @karthikeyanB ,
You can't block hashes in palo alto. You can have WildFire to verify files. If particular file is categorized as malicious, it can be blocked. There is one more way where you can define custom vulnerability signatures to block such malicious content.
Ref - https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClOFCA0
Hope it helps!
12-14-2020 03:04 AM
Hello @karthikeyanB ,
You can't block hashes in palo alto. You can have WildFire to verify files. If particular file is categorized as malicious, it can be blocked. There is one more way where you can define custom vulnerability signatures to block such malicious content.
Ref - https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClOFCA0
Hope it helps!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!