Mossé Security

icon indicating a website link https://www.mosse-security.com/

icon company Mossé Security icon location Melbourne, Australia. icon location Mossé Security provides world-class cyber security solutions and strategic security advice.

Results 3 comments of Mossé Security

PE signature validation doesn't detect malware signed with sigthief

Here's a Mimikatz sample where a Microsoft signature has been applied using Sigthief: https://www.virustotal.com/gui/file/cb9e7cae11788bb2cd3a41536ec072e89c0aa691d396a9d24b1d8ccc4418a638/detection

PE signature validation doesn't detect malware signed with sigthief

This may be of interest to you too: ``` >c:\yara\yara64.exe -s -w -D c:\yara\debug.yara e308e12336fb5d097c9512d8f48b2d86 pe number_of_signatures = 1 signatures [0] thumbprint = "9dc17888b5cfad98b3cb35c1994e96227f061675" issuer = "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing...

PE signature validation doesn't detect malware signed with sigthief

Hi wxsBSD! First and foremost, thank you for looking into this quickly and being opened to the discussion. Based on your response, it seems that we are on the same...