Blocking a file based on MD5 Hash

[xpreme]

Hi,

    I need to block a file using its MD5 hash. It is not an installed application. It is only a file. Is it possible to block it using MD5 hash or I have to inform Kaspersky about it? Thanks in advance.

[ElvinE5]

Block the launch of the file?

If you only use the basic functionality, you must have the application control component enabled.

However, you will need to get SHA256 since MD5 was used by older versions.

0. Get SHA256

  Reveal hidden contents

1. create a category to control such files.

  Reveal hidden contents

  Reveal hidden contents

  Reveal hidden contents

I skipped some of the steps, it's mostly just Next, Next, Ok.

 

2. Create a rule to prohibit application startup in the policy for KES, select the group we created

  Reveal hidden contents

 

3. Test

  Reveal hidden contents

 

 

PS:

in principle it is not necessary to use external tools ...if there is a sample file all data can be obtained directly from it when creating a category

and use the parameters that suit you best.

  Reveal hidden contents

  Reveal hidden contents

 

Edited December 7, 2023 by ElvinE5

[xpreme]

Dear @ElvinE5

    I really appreciate your all time support and great and complete answers. Thank you so much