Create a Post
Showing results for 
Search instead for 
Did you mean: 

How To Check MD5 Of Files Against CP Threat Database / Report An Unknown File

Good Afternoon,

I have a file that VirusTotal indicates has a known malicious MD5 that may have gotten through our Gateway. The file in question is a Power Point file containing a static image and a hyperlink. There does not appear to be any active content / macro payload / etc... that would cause this file to trigger in Threat Emulation. So, I am assuming the only way CP would be able to catch it would be based on the hash of the file itself. 

Does Check Point have a place to search an MD5 or SHA-1 hash of a potentially malicious file? I know you can use to send files through Threat Emulation / Threat Extraction. But, I couldn't find any other reference point to check against legacy AV/Malware signatures. Is there a way to see whether CP already has this hash as a malicious file?

If not, what is the best way to go about reporting these kinds of things to CP? This is the first time I've had to deal with this.



1 Reply