Siumot 0 Posted February 28 Share Posted February 28 What could be the reason that some detections do not have SHA-1 calculated? Also in these cases the Signature type and Signer Name are Unknow - the print screen below is for "powershell.exe", which triggers the rule [E0309]. For some events of this type, the SHA-1 calculation is correct, but for some it is empty and I cannot find the reason. I thought we had a compromised version of powershell.exe, but when manually verifying the file from computers, it's ok. Any ideas? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted February 28 Administrators Share Posted February 28 If the problem occurs with the latest version 2.0.3549, please raise a support ticket for further investigation. Link to comment Share on other sites More sharing options...
Siumot 0 Posted February 29 Author Share Posted February 29 Yes, this is exactly this version. Ok, I'll report it to support. Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts