App Control: Allowing a File to Execute that Changes Hash Each Creation
search cancel

App Control: Allowing a File to Execute that Changes Hash Each Creation

book

Article ID: 286534

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • Temporary files need to be allowed to execute
  • Hash changes each time the file is created
  • Files are not signed for Approval by Publisher

Environment

  • App Control: All Supported Versions

Resolution

To allow these files to execute, create an Execution Control Rule.
  1. From the Console go to Rules > Software Rules > Custom > Add Custom Rule
  2. Create a rule with details similar to the sample below
Rule Type: Execution Control 
Execute Action: Allow 
Path or File: c:\windows\temp\FileThatNeedsToRun.bat 
Process: Any process (or specify the process here if applicable to tighten the rule)
User: Any user