False positive in IronGate IOCs

[bartblaze]

File with hash 7a0c1017e6b5bb5dc776b3b883a1d0e0 in the IronGate IOCs seems to be the legitimate NetResView.

Please verify.

Edit: while it's technically not wrong, I don't think it needs to be included as an IOC. Cheers.

[williamgibb]

That is correct. The hash is logically AND'd with a filename term.

[bartblaze]

Hi William,

Thanks for your reply. That makes sense.

Cheers!