If you had AutoFocus, you can check these hashes to see how we classify them, IOCs related to the file (if malicious), when it was first seen, and if there is any relevance to threat actors, malware campaigns, etc. As a previous posted noted, Palo doesn't do signatures based on hash, as hashes are more unique than the malware itself and it would be inefficient to create hundreds/thousands or more of signatures for different hashes, especially if the underlying malware or virus is the same. Palo cares more about the underlying malicious file and its underlying activity.
... View more