Jump to content
Kaspersky Support Forum

Blocking a file based on MD5 Hash

xpreme

By xpreme
in Kaspersky Security Center

 Share

Recommended Posts

xpreme

xpreme

Posted
Posted

Hi,

    I need to block a file using its MD5 hash. It is not an installed application. It is only a file. Is it possible to block it using MD5 hash or I have to inform Kaspersky about it? Thanks in advance.

ElvinE5

ElvinE5

Posted
Posted (edited)

Block the launch of the file?

If you only use the basic functionality, you must have the application control component enabled.

However, you will need to get SHA256 since MD5 was used by older versions.

0. Get SHA256

Спойлер

.thumb.png.a27e98620148647ff2b37d0c5120687b.png

1. create a category to control such files.

Спойлер

.thumb.png.02404c514bfee222614f3f6fbd7684c0.png

Спойлер

.thumb.png.3649a91b3d859c136d2dfb15cf93b630.png

Спойлер

336299124_.png.7e09caed82a0b17e6dcf1b4ab1a25c0b.png

I skipped some of the steps, it's mostly just Next, Next, Ok.

 

2. Create a rule to prohibit application startup in the policy for KES, select the group we created

Спойлер

.thumb.png.dfd8df405c89a05dc533788f63b13961.png

 

3. Test

Спойлер

.thumb.png.cd185ccf6e119ab108c9b921b481a7b7.png

 

 

PS:

in principle it is not necessary to use external tools ...if there is a sample file all data can be obtained directly from it when creating a category

and use the parameters that suit you best.

Спойлер

267522724_.png.afe63af192faa0750c82bc6d65c55f7b.png

Спойлер

1708306098_.png.9c216fd94e43bcb08cebb7d33ad2f3a4.png

 

Edited by ElvinE5
  • Like 1
xpreme

xpreme

Posted
  • Author
Posted

Dear @ElvinE5

    I really appreciate your all time support and great and complete answers. Thank you so much

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...