Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

Pg. 07
Boot PersistenceBoot PersistenceBoot
Persistence
44. SysIntenals SigCheck
The Sysinternals tool SigCheck performs executable signature verification including validating
the code signing certificate chain of trust. This tools is capable of recursively scanning contents
of a directory and listing those files that are unsigned. The command line "sigcheck -e -s -u
c:\windows\system32" will recursively scan all the directories under Windows\System32 and list
only the unsigned DLLs.

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh