cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MDATP File Hash Indicators

AnuragSrivastava
Iron Contributor

‎Dec 24 2020 02:26 AM

‎Dec 24 2020 02:26 AM

MDATP File Hash Indicators

Hi,

I am not allowed to upload MD5 file hashes into the Indicators Tab for Microsoft Defender Security Center. It also shows a message that MD5 file hash method is not recommended.

 

I have around 500 MD5 hashes for IOCs which I need to upload. Is there a way around through which I can cover these MD5 file hashes to SHA-1 or SHA-256 and then upload in Defender Security Center.

3,782 Views
1 Like
1 Reply
Reply
1 Reply
AnuragSrivastava

‎Jan 03 2021 05:16 AM

‎Jan 03 2021 05:16 AM

Re: MDATP File Hash Indicators

This is now resolved. Used the Virustotal api to get the corresponding SHA-256 hash for MD5Hash.

 

For the MD5 hashes where there were no results on Virus Total, raised the case with Microsoft. I believe some changes were done from MS end after which I got MD5 file hashes uploaded.

 

1 Like
Reply