Jump to content


Check unsigned files at VirusTotal with Sysinternals' Sigcheck

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 31,818 posts

Posted 28 October 2013 - 06:50 PM

Check unsigned files at VirusTotal with Sysinternals’ Sigcheck
By Mike Williams




icrosoft Sysinternals has released Sigcheck 2.0, the latest edition of its digital signature verification tool. Okay, it’s true, a command line utility which scans for signed executables doesn’t exactly sound interesting. At all. But wait: this version’s new VirusTotal support means it could be a very useful addition to your malware-hunting toolkit.
To get a general feel for how the program works, open a command window, enter something like:


sigcheck -e -u -vn -vt c:\windows\system32

Now the program will scan your \Windows\System32 folder for unsigned files, then upload whatever it finds to VirusTotal, before listing anything that at least one of the engines thinks is malware.


More about: