cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

How To Check MD5 Of Files Against CP Threat Database / Report An Unknown File

Good Afternoon,

I have a file that VirusTotal indicates has a known malicious MD5 that may have gotten through our Gateway. The file in question is a Power Point file containing a static image and a hyperlink. There does not appear to be any active content / macro payload / etc... that would cause this file to trigger in Threat Emulation. So, I am assuming the only way CP would be able to catch it would be based on the hash of the file itself. 

Does Check Point have a place to search an MD5 or SHA-1 hash of a potentially malicious file? I know you can use threatpoint.checkpoint.com to send files through Threat Emulation / Threat Extraction. But, I couldn't find any other reference point to check against legacy AV/Malware signatures. Is there a way to see whether CP already has this hash as a malicious file?

If not, what is the best way to go about reporting these kinds of things to CP? This is the first time I've had to deal with this.

Thanks!

Dan

1 Reply

Re: How To Check MD5 Of Files Against CP Threat Database / Report An Unknown File