Jump to content

Recommended Posts

Posted

What could be the reason that some detections do not have SHA-1 calculated? Also in these cases the Signature type and Signer Name are Unknow - the print screen below is for "powershell.exe", which triggers the rule [E0309]. For some events of this type, the SHA-1 calculation is correct, but for some it is empty and I cannot find the reason. I thought we had a compromised version of powershell.exe, but when manually verifying the file from computers, it's ok. Any ideas?

image.png.3e7d9c5a27bdba9a89fb1a32f2c168df.png

  • Administrators
Posted

If the problem occurs with the latest version 2.0.3549, please raise a support ticket for further investigation.

Posted
Yes, this is exactly this version. Ok, I'll report it to support. Thanks.
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...