Why do not include the name of the generated mutexes in the virus signature?

[kat3chrome]

I read one article about the analysis of the some Trojan, there a friend wrote that "hardly anyone needs the name of the mutex." With what it can be connected? It’s just that hashes are usually translated along with the virus by which they can be easily determined, but it seems to me that mutexes are also getting better in this.

[Xyl2k]

File hashes are only used to get/recognize a sample that is already know. You can't really do the same with a mutex as there is probably tons of files having the same mutex already and they can be also generated on the fly by the malware so it would be unreliable 'alone'.  If you know already the hash of a file (sha256 preferably) then you don't need more.
Mutexes are only good to find new similar samples, but once again you need to couple that with some other indicators, otherwise you will get many false positives if you rely only on that.

[kat3chrome]

23 hours ago, Xyl2k said:

File hashes are only used to get/recognize a sample that is already know. You can't really do the same with a mutex as there is probably tons of files having the same mutex already and they can be also generated on the fly by the malware so it would be unreliable 'alone'.  If you know already the hash of a file (sha256 preferably) then you don't need more.
Mutexes are only good to find new similar samples, but once again you need to couple that with some other indicators, otherwise you will get many false positives if you rely only on that.

Thanks for so full answer.