NiceHashMiner
NiceHashMiner copied to clipboard
nhm signing cert expired
osslsigncode verify -CAfile /etc/ssl/certs/ca-certificates.crt -in ./nhm_windows_3.1.0.11.exe
Current PE checksum : 03B786AA
Calculated PE checksum: 03B786AA
Signature Index: 0 (Primary Signature)
Message digest algorithm : SHA1
Current message digest : 742006C446A9980EE556A1D507F523C91D14BBDD
Calculated message digest : 742006C446A9980EE556A1D507F523C91D14BBDD
Signer's certificate:
Signer #0:
Subject: /jurisdictionC=SI/businessCategory=Private Organization/serialNumber=6633994000/C=SI/L=MARIBOR/O=H-BIT, d.o.o./OU=SI28401280/CN=H-BIT, d.o.o.
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert EV Code Signing CA (SHA2)
Serial : 0632554C6EEC69C3EFA44F842175E710
Certificate expiration date:
notBefore : Jan 7 00:00:00 2021 GMT
notAfter : Feb 6 23:59:59 2024 GMT
Number of certificates: 5
Signer #0:
Subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
Serial : 0E9B188EF9D02DE7EFDB50E20840185A
Certificate expiration date:
notBefore : Aug 1 00:00:00 2022 GMT
notAfter : Nov 9 23:59:59 2031 GMT
------------------
Signer #1:
Subject: /jurisdictionC=SI/businessCategory=Private Organization/serialNumber=6633994000/C=SI/L=MARIBOR/O=H-BIT, d.o.o./OU=SI28401280/CN=H-BIT, d.o.o.
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert EV Code Signing CA (SHA2)
Serial : 0632554C6EEC69C3EFA44F842175E710
Certificate expiration date:
notBefore : Jan 7 00:00:00 2021 GMT
notAfter : Feb 6 23:59:59 2024 GMT
------------------
Signer #2:
Subject: /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4
Serial : 073637B724547CD847ACFD28662A5E5B
Certificate expiration date:
notBefore : Mar 23 00:00:00 2022 GMT
notAfter : Mar 22 23:59:59 2037 GMT
------------------
Signer #3:
Subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert EV Code Signing CA (SHA2)
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Serial : 03F1B4E15F3A82F1149678B3D7D8475C
Certificate expiration date:
notBefore : Apr 18 12:00:00 2012 GMT
notAfter : Apr 18 12:00:00 2027 GMT
------------------
Signer #4:
Subject: /C=US/O=DigiCert, Inc./CN=DigiCert Timestamp 2023
Issuer : /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
Serial : 0544AFF3949D0839A6BFDB3F5FE56116
Certificate expiration date:
notBefore : Jul 14 00:00:00 2023 GMT
notAfter : Oct 13 23:59:59 2034 GMT
Authenticated attributes:
Message digest algorithm: SHA1
Message digest: 0402492B093F975CC3A45C0884E7EF5998BA2265
Signing time: N/A
Microsoft Individual Code Signing purpose
The signature is timestamped: Mar 7 17:58:22 2024 GMT
Hash Algorithm: sha256
Timestamp Verified by:
Issuer : /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
Serial : 0544AFF3949D0839A6BFDB3F5FE56116
CAfile: /etc/ssl/certs/ca-certificates.crt
TSA's certificates file: /usr/lib/ssl/certs/ca-bundle.crt
CRL distribution point: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl
Error: no certificate found
Use the "-TSA-CAfile" option to add the Time-Stamp Authority certificates bundle to verify timestamp server.
806939BCF77F0000:error:1700006B:CMS routines:cms_get_enveloped_type:content type not enveloped data:../crypto/cms/cms_env.c:41:
806939BCF77F0000:error:80000002:system library:file_ctrl:No such file or directory:../crypto/bio/bss_file.c:297:calling fopen(/usr/lib/ssl/certs/ca-bundle.crt, r)
806939BCF77F0000:error:10080002:BIO routines:file_ctrl:system lib:../crypto/bio/bss_file.c:300:
806939BCF77F0000:error:05880002:x509 certificate routines:X509_load_cert_file_ex:system lib:../crypto/x509/by_file.c:100:
Timestamp Server Signature verification: failed
PKCS7_verify error
806939BCF77F0000:error:10800075:PKCS7 routines:PKCS7_verify:certificate verify error:../crypto/pkcs7/pk7_smime.c:293:Verify error: certificate has expired
Signature verification: failed
Number of verified signatures: 1
Failed
it would appear:
Signer's certificate:
Signer #0:
Subject: /jurisdictionC=SI/businessCategory=Private Organization/serialNumber=6633994000/C=SI/L=MARIBOR/O=H-BIT, d.o.o./OU=SI28401280/CN=H-BIT, d.o.o.
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert EV Code Signing CA (SHA2)
Serial : 0632554C6EEC69C3EFA44F842175E710
Certificate expiration date:
notBefore : Jan 7 00:00:00 2021 GMT
notAfter : Feb 6 23:59:59 2024 GMT
Means the cert is expired and why defender is grabbing it under PUA