When users search for a specific hash value(MD5 value bd2103035a8021942390a78a431ba0c4 OR SHA256 value ceec12762e66397b56dad64fd270bb3d694c78fb9cd665354383c0626dbab01), ATP returned many different files that were not associated with that hash.
For a very specific type of BASH events, ATP incorrectly mapped the above dummy hash to the file associated with the event. This resulted in search results against that hash to include inaccurate, unrelated files.
This issue is resolved in ATP 3.0. However, this issue will continue to occur on ATP databases prior to 3.0.
Subscribing will provide email updates when this Article is updated. Login is required.