- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-31-2020 12:47 AM
1) Why is this virus triggering in Palo Alto events and Palo detecting this & alerting ?
2) How hashes are different, is there false positive.
Details | Source | MD5 | SHA-1 | SHA-256 |
Virus/Win32.WGeneric.akbori(345886398) | Paloalto | ce27d52c7d1f59ad2c867e97339fa212 | 2dda6a0bb6c587c0b8731c094d76187b80c866d1 | 37aa186c2e7ca3e3f22264da9744995252e131469a8261761ce2ae3364d0997e |
Virus/Win32.WGeneric.akbori(345886398) | Paloalto | 0b69e97f461827d7f66ce8eabd67b10c | ad5be496881825c6d599139b64bc8c4df63909ee | fe7cb37b5121f2f66364df4a4209a8a26a1337834b801b260e79473f23705979 |
Firefox_Setup_77.0_x86_tw39634-49573en.exe | Virus Total | df809a7e3e54e574010c82ac8d71910e | 2a9e2b1eb0249d0b0dd8e397c160db3d633e2dbb | 48512979e3b9ac475fdd5168cc8d4006d2f36064cb0bf4db8c3100a9b1e532b9 |
Firefox_Setup_77.0_x64_tw39634-49574en.exe | Virus Total | 27ddba3ec5ac277f3b4ccebb09dd4989 | 62cd3506ea794b01b4f32a79e6cf257cb57d5876 | 859efffc777b2260250c982036920baef79369cbce08822ba8700db1ec7e8b88 |
07-31-2020 02:31 AM
Threat ID: 2851273 for Virus/Win32.WGeneric.akbori.
This alert is generated because of Antivirus Signatures and WildFire Signatures.
We have installed Antivirus Signatures Release: 3423 updates.
here is link how to add exception
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClcrCAC
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!