>
    Strata Copilot
    file-unknown-body
    Focus
    Download PDF
    Focus
    1. Home
    2. Advanced Threat Prevention Powered by Precision AI®
    3. Custom Application IDs and Signatures Reference
    4. Custom Signature Contexts
    5. String Contexts
    6. file-unknown-body
    Download PDF
    Advanced Threat Prevention Powered by Precision AI®

    file-unknown-body

    Table of Contents

    file-unknown-body

    Where Can I Use This?What Do I Need?
    • Prisma Access (Managed by Panorama or Strata Cloud Manager)
    • NGFW (Managed by Panorama or Strata Cloud Manager)
    • VM-Series
    • CN-Series
    • Advanced Threat Prevention (for enhanced feature support) or Threat Prevention License
    This context provides data after the first 8 bytes and up to 7 packets of an unknown file we couldn’t otherwise identify.

    Additional Details

    None

    Context Capture

    xxd is a cli-based hex editor; every byte after the 8th is provided up until 7 bytes is seen. In this example the first 8 bytes are numbered to easily show what wouldn’t be matched. Next are “A’s” followed by “shellcode” in hex. You could block this file by adding ‘\x7368656c6c636f6465\x’ in the “Pattern” field of the custom signature.

    © 2026 Palo Alto Networks, Inc. All rights reserved.