cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Block Hashes

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Joshan_Lakhani
L3 Networker
‎03-28-2020 10:33 PM
‎03-28-2020 10:33 PM

Block Hashes

how to block hashes in firewall . 

0 Likes
Reply
Highlighted
SutareMayur
L5 Sessionator
‎03-28-2020 11:58 PM
‎03-28-2020 11:58 PM

Re: Block Hashes

@Joshan_Lakhani,

 

Currently it is not possible to block hashes in Palo Alto Firewall.

 

Mayur



Mayur Sutare
0 Likes
Reply
Highlighted
Joshan_Lakhani
L3 Networker
‎03-29-2020 03:54 AM
‎03-29-2020 03:54 AM

Re: Block Hashes

Can we block file hashes in paloalto

 

0 Likes
Reply
Highlighted
Joshan_Lakhani
L3 Networker
‎03-29-2020 04:27 AM
‎03-29-2020 04:27 AM

Re: Block Hashes

For reference file is pasted below .

 

filename

md5

sha1

sha256

ssdeep

note

CuscalApplication.exe

01d397df2a1cf1d4c8e3615b7064856c

43a7858a0564c500e7f248762353f5b1ec3f3ef8

d928b1c1096e636463afbd19f40a6b325e159196b4497895748c31535ea503dc

3072:Ub9gBv06BB7AIiTYhs5UCe0lvtvxQGsRrDhuO7GXFeD1nylc/Bx4:Ubi+6LAIJhs551xFsF5S1eUYO

Lazarus/FASTCash malware, fraudulent job application campaign

0 Likes
Reply
Highlighted
SutareMayur
L5 Sessionator
‎03-29-2020 05:21 AM
‎03-29-2020 05:21 AM

Re: Block Hashes

@Joshan_Lakhani,

 

Unfortunately, right now there no option to block file hashes in Palo Alto. You can try by creating Custom Signature for your use case.

 

Mayur



Mayur Sutare
0 Likes
Reply
Highlighted
Joshan_Lakhani
L3 Networker
‎03-29-2020 05:23 AM
‎03-29-2020 05:23 AM

Re: Block Hashes

thanks for you reply

 

Is any document for Customer  signature to block this hash

0 Likes
Reply
Highlighted
SutareMayur
L5 Sessionator
‎03-29-2020 06:15 AM
‎03-29-2020 06:15 AM

Re: Block Hashes

@Joshan_Lakhani,

 

Actually it is not possible to create custom Signature in PA based on file hash value. But yes there are options custom signatures based on file types patterns. Please refer below articles.

 

https://live.paloaltonetworks.com/t5/Custom-Signatures/Detecting-a-specific-Linux-binary-ELF-file-us...

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClOFCA0

 

Hope it helps you!

 

Mayur



Mayur Sutare
0 Likes
Reply
Highlighted
OtakarKlier
L7 Applicator
‎03-30-2020 10:07 AM
‎03-30-2020 10:07 AM

Re: Block Hashes

Hello,

Take a look at a program that blocks on these features. Maybe block it with your AV or some other app whitelisting application such as bit9.

 

Regards,

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2020 - Palo Alto Networks