Blocked Hashes
Blocked hashes contain a list of executables/hashes blocked by all security products connected to ESET Inspect. You can add blocked hashes from executables or executables detail, or type manually from any other source.
Hashes support only SHA-1. It enables companies to remediate any malicious code (prevent its execution ex-post, or even proactively, getting the hashes in an IoC feed).
Whenever an attempt to execute a blocked executable occurs, it is reported as a security incident to ESET PROTECT and listed under a specific threats section category - blocked files.
The Blocked hashes enable you to interact with the list of hashes. It enables blocking hashes from external tools as well.
Click an executable name to take further actions:
Details |
Go to the Executable details tab. |
|---|---|
Statistics |
Go to the Statistics tab. |
Detections |
Go to the Detections tab. |
Seen On |
Go to the Seen On tab. |
Sources |
Go to the Executable sources tab. |
Unblock |
Unblocks the hash and make it possible to work with the executable without blocking it. Available only if some blocked hashes are selected. You can select all blocked hashes by selecting the check box on the left side of the Name column header, or you can select each blocked hash individually by selecting its corresponding check box. |
Clean & Quarantine |
Deletes the file and put it to quarantine in the Endpoint. Available only if some blocked hashes are selected. You can select all blocked hashes by clicking the check box on the left side of the Name column header, or you can select each blocked hash individually by selecting its corresponding check box. |
Tags |
Assign tag(s) to a blocked hash from the list of existing, or create a new custom tag(s). |
Filter |
Quick filters, depending on the column where you activated the context menu (Show only this, Hide this). |
Add hashes |
Redirects you to Block Hashes window. |
|
Do not Block or Kill any process or executable of any Windows system processes and files. (for example, svchost.exe) Otherwise, this may cause a crash of the Operating system. |
