Hash Cards

Hash Intelligence Cards (aka Hash Cards) provide an on-demand summary of essential information related to a specific Hash, and are updated in real time as Recorded Future collects new information. You can use Hash Cards as a starting point when assessing whether observation of a given Hash in a specific context is an Indicator of Compromise, and further can be used in security control rules to block or detect incidents. Hash Cards are also pivot points during investigations that start with another indicator, a malware tool, a vulnerability, or a threat actor.

Descriptions of several common components of the Hash Card are found in the Overview of Intelligence Cards; the details below are specific to the Hash Card:

Hash Card: Risk Scoring

Hash Risk Scores distinguish malicious file hashes from web reporting on hashes used for other technical purposes: passwords, digital fingerprints, certificates, etc. The risk rules for Hashes currently do not have an age out criteria. Once scored as malicious, a hash Risk Score will not decrease due to age and will generally remain permanently malicious (but could change based on discovery of new information).

Hash Cards provide full transparency, sourcing all of the evidence behind a Risk Score.

Intelligence Partner Extensions

Extensions are integrations that enhance Hash Cards with content from our Intelligence Partners. Click here to learn more.  We also have training page specific to the extensions available on a Hash Card.  

Was this article helpful?
0 out of 0 found this helpful

This content is confidential. Downloading or distributing this content is in violation of your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Have more questions? Submit a request



Please sign in to leave a comment. Please note that your name will be displayed. If you would like to change how your name appears, please update your profile name.