cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Does the below hashes are covered with the existing AMCORE or DAT

Dear All,

Kindly help us to know if the below hashes are covered under the Amcore content or DAT?

 

detection

hash

file type

indicator

Malicious

299399c5a2403080a5bf67fb46faec210025b36d

svchost.com

PE_NESHTA.A-O

Malicious

9d41e2ce06522cc015b48d96202c844e5553e610

Fast.exe

Ransom.Win32.CRYSIS.SMA

Malicious

adf7f0ca73bda0593805771a898e2f5ff3a1d04e

ADF7F0CA73BDA0593805771A898E2F5FF3A1D04E

PE_NESHTA.A

Malicious

6635686ae680ad670d7ebaa678da2a4fb059530b

info.hta

Ransom.HTML.DHARMA.SMRTI.note

Malicious

5ed2759fd0d76208bcb29714624124c9d8edc4f3

info.txt

TROJ_FRS.VSNTII20

 

 

 

Venu
Tags (1)
3 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Does the below hashes are covered with the existing AMCORE or DAT

Hi @vnaidu,

Thank you for your post. of the submitted hashes, we have detections for the below files:

299399c5a2403080a5bf67fb46faec210025b36d - W32/HLLP.41472.e

9d41e2ce06522cc015b48d96202c844e5553e610 - GenericRXJO-ZZ!0A9ADC585506

We do not have samples for the other files to confirm if we detect or not. We require samples to process and provide you a confirmation on the same.

I sincerely hope this is helpful.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Highlighted

Re: Does the below hashes are covered with the existing AMCORE or DAT

@AdithyanT  We are trying to get the IOCs, opened a ticket 4-21293584611 and working with our partners to get the samples.

Venu
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Does the below hashes are covered with the existing AMCORE or DAT

HI @vnaidu,

Thank you for your kind update.

Just for clarity: It is important to note that we need samples only to confirm the detection since our detections are not based on hash values of files we may or may not detect based on our signatures and hence unless we have samples, we may not be able to provide confirmation.

We sincerely appreciate your help with samples.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community