Blocked Hashes

Blocked hashes contain a list of executables/hashes blocked by all security products connected to ESET Inspect. You can add blocked hashes from executables or executables detail, or type manually from any other source.

Hashes support only SHA-1. It enables companies to remediate any malicious code (prevent its execution ex-post, or even proactively, getting the hashes in an IoC feed).

Whenever an attempt to execute a blocked executable occurs, it is reported as a security incident to ESET PROTECT and listed under a specific threats section category - blocked files.

The Blocked hashes enable you to interact with the list of hashes. It enables blocking hashes from external tools as well.

Click an executable name to take further actions:

Details

Go to the Executable details tab.

Statistics

Go to the Statistics tab.

Detections

Go to the Detections tab.

Seen On

Go to the Seen On tab.

Sources

Go to the Executable sources tab.

Unblock

Unblocks the hash and make it possible to work with the executable without blocking it. Available only if some blocked hashes are selected. You can select all blocked hashes by selecting the check box on the left side of the Name column header, or you can select each blocked hash individually by selecting its corresponding check box.

Clean & Quarantine

Deletes the file and put it to quarantine in the Endpoint. Available only if some blocked hashes are selected. You can select all blocked hashes by clicking the check box on the left side of the Name column header, or you can select each blocked hash individually by selecting its corresponding check box.

Tags

Assign tag(s) to a blocked hash from the list of existing, or create a new custom tag(s).

Filter

Quick filters, depending on the column where you activated the context menu (Show only this, Hide this).

Add hashes

Redirects you to Block Hashes window.