Pavol Calfa
Pavol Calfa
Ralph, do you mean to extract the the certificate from a binary and validate it by ```certvalidator``` module?
> I think this is something that should be implemented by certvalidator, though that library appears to no longer be getting feature updates. This your statement...
> The multi_verify_mode argument is not yet supported in the live version, so that's why you see that error. I installed module directly from github > > Regarding the certificate,...
Hi Ralph, I used the solution you proposed and it works, but I have another 2 cases, that according to ```Get-AuthenticodeSignature``` are valid signatures.... (issues split... as per Ralph's request...
Hi Ralph, thanks for the answer, I created separate issues for both my questions...
Please can you add them too? Thanks. Pavol
The official response from Microsoft is, that this file is signed via catalog.
Yes, This is what I have learned yesterday, but I hadn't chance to examine Windows directory for .cat file yet...
Ralph, I've done a small research: 1. The windows catalogs for files signed "by catalog" are stored in ```\Winodws\system32\CatRoot```. 2. There's a tool ```sigcheck``` from sysinternals that tells you the...