topic Re: check file hash in Firewall and Security Management

check file hash

80fd220b-e3b5-4 — Sun, 01 Oct 2023 09:13:41 GMT

Hi,

given a hash of a malware file took from internet, I would like to know if there is a way to check it to know if it is already known by harmony endpoint antimalware engine (DHS), something like Virustotal.

thanks a lot

Re: check file hash

the_rock — Mon, 02 Oct 2023 01:22:03 GMT

Maybe below would be helpful?

Andy

https://community.checkpoint.com/t5/Endpoint/Block-files-based-on-hash-with-SandBast-Agent/td-p/81496

Re: check file hash

Chris_Atkinson — Mon, 02 Oct 2023 02:03:58 GMT

Please discuss this with your local CP SE, one option would be to explore the Intelligence option of Horizon XDR / SOC.

Re: check file hash

PhoneBoy — Mon, 02 Oct 2023 12:57:49 GMT

We have an API for that: https://app.swaggerhub.com/apis/Check-Point/Threat-Prevention-API/1.0
This queries ThreatCloud, which includes a number of sources.
Note this requires a license and/or a local Threat Emulation appliance.