Jump to content


Photo

Check unsigned files at VirusTotal with Sysinternals' Sigcheck


  • Please log in to reply
No replies to this topic

#1 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 31,764 posts

Posted 28 October 2013 - 06:50 PM

Check unsigned files at VirusTotal with Sysinternals’ Sigcheck
By Mike Williams

2013-10-28

 

 

icrosoft Sysinternals has released Sigcheck 2.0, the latest edition of its digital signature verification tool. Okay, it’s true, a command line utility which scans for signed executables doesn’t exactly sound interesting. At all. But wait: this version’s new VirusTotal support means it could be a very useful addition to your malware-hunting toolkit.
To get a general feel for how the program works, open a command window, enter something like:

 

sigcheck -e -u -vn -vt c:\windows\system32

Now the program will scan your \Windows\System32 folder for unsigned files, then upload whatever it finds to VirusTotal, before listing anything that at least one of the engines thinks is malware.

 

More about:

http://betanews.com/...rnals-sigcheck/