Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Daniel_Taney
Advisor

How To Check MD5 Of Files Against CP Threat Database / Report An Unknown File

Good Afternoon,

I have a file that VirusTotal indicates has a known malicious MD5 that may have gotten through our Gateway. The file in question is a Power Point file containing a static image and a hyperlink. There does not appear to be any active content / macro payload / etc... that would cause this file to trigger in Threat Emulation. So, I am assuming the only way CP would be able to catch it would be based on the hash of the file itself. 

Does Check Point have a place to search an MD5 or SHA-1 hash of a potentially malicious file? I know you can use threatpoint.checkpoint.com to send files through Threat Emulation / Threat Extraction. But, I couldn't find any other reference point to check against legacy AV/Malware signatures. Is there a way to see whether CP already has this hash as a malicious file?

If not, what is the best way to go about reporting these kinds of things to CP? This is the first time I've had to deal with this.

Thanks!

Dan

R80 CCSA / CCSE
1 Reply
Daniel_Taney
Advisor

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events