Abuse.ch Malware Submissions (MD5)

Source: Abuse.ch

Feed information: https://bazaar.abuse.ch/faq/#tos

Feed link: https://bazaar.abuse.ch/export/txt/md5/recent/

Defender For Endpoint

let MalwareSampleMD5 = externaldata(MD5: string)[@"https://bazaar.abuse.ch/export/txt/md5/recent"] with (format="txt", ignoreFirstRecord=True);
let MD5Regex = '[a-f0-9]{32}';
let MaliciousMD5 = materialize (
          MalwareSampleMD5
          | where MD5 matches regex MD5Regex
          | distinct MD5
          );
DeviceFileEvents
| where MD5 has_any (MaliciousMD5)

Sentinel

let MalwareSampleMD5 = externaldata(MD5: string)[@"https://bazaar.abuse.ch/export/txt/md5/recent"] with (format="txt", ignoreFirstRecord=True);
let MD5Regex = '[a-f0-9]{32}';
let MaliciousMD5 = materialize (
          MalwareSampleMD5
          | where MD5 matches regex MD5Regex
          | distinct MD5
          );
DeviceFileEvents
| where MD5 has_any (MaliciousMD5)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

TI Feed - AbuseCHMD5Malware.md

TI Feed - AbuseCHMD5Malware.md

Abuse.ch Malware Submissions (MD5)

Source: Abuse.ch

Feed information: https://bazaar.abuse.ch/faq/#tos

Feed link: https://bazaar.abuse.ch/export/txt/md5/recent/

Defender For Endpoint

Sentinel

Files

TI Feed - AbuseCHMD5Malware.md

Latest commit

History

TI Feed - AbuseCHMD5Malware.md

File metadata and controls

Abuse.ch Malware Submissions (MD5)

Source: Abuse.ch

Feed information: https://bazaar.abuse.ch/faq/#tos

Feed link: https://bazaar.abuse.ch/export/txt/md5/recent/

Defender For Endpoint

Sentinel