| Architecture |
IMAGE_FILE_MACHINE_I386
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| Compilation Date | 2015-Sep-20 21:55:43 |
| Detected languages |
English - United States
|
| Debug artifacts |
signtool.pdb
|
| CompanyName | Microsoft Corporation |
| FileDescription | Authenticode(R) - signing and verifying tool |
| FileVersion | 4.00 (WinBuild.160101.0800) |
| InternalName | SignTool |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | SIGNTOOL.EXE |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 10.0.15063.137 |
| Info | Interesting strings found in the binary: |
Contains domain names:
|
| Info | Libraries used to perform cryptographic operations: | Microsoft's Cryptography API |
| Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
| Info | The PE's resources present abnormal characteristics. |
Resource MSAUTHROOT is possibly compressed or encrypted.
Resource MSCVROOT is possibly compressed or encrypted. Resource MSFLIGHTROOT2014 is possibly compressed or encrypted. Resource MSROOT is possibly compressed or encrypted. Resource MSROOTCERT is possibly compressed or encrypted. Resource MSROOTCERT2010 is possibly compressed or encrypted. |
| Info | The PE is digitally signed. |
Signer: Microsoft Corporation
Issuer: Microsoft Code Signing PCA |
| Safe | VirusTotal score: 0/70 (Scanned on 2019-10-07 22:27:29) | All the AVs think this file is safe. |
| e_magic | MZ |
|---|---|
| e_cblp | 0x90 |
| e_cp | 0x3 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0xe0 |
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections | 5 |
| TimeDateStamp | 2015-Sep-20 21:55:43 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xe0 |
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
| Magic | PE32 |
|---|---|
| LinkerVersion | 14.0 |
| SizeOfCode | 0x35e00 |
| SizeOfInitializedData | 0x1a200 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x0002EB70 (Section: .text) |
| BaseOfCode | 0x1000 |
| BaseOfData | 0x37000 |
| ImageBase | 0x400000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | A.0 |
| ImageVersion | A.0 |
| SubsystemVersion | 6.0 |
| Win32VersionValue | 0 |
| SizeOfImage | 0x52000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0x5b22f |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve | 0x40000 |
| SizeofStackCommit | 0x2000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
| ADVAPI32.dll |
CryptDestroyKey
CryptReleaseContext CryptGetUserKey CryptEnumProvidersW CryptAcquireContextW CryptDestroyHash CryptCreateHash CryptSetHashParam CryptSignHashA |
|---|---|
| KERNEL32.dll |
HeapFree
FileTimeToSystemTime FileTimeToLocalFileTime FindNextFileW FindFirstFileW GetProcessHeap WriteFile LoadLibraryW GetDateFormatEx GetTimeFormatEx GetLastError GetFullPathNameW MultiByteToWideChar WideCharToMultiByte GetStringTypeW EncodePointer DecodePointer InitializeCriticalSection EnterCriticalSection LeaveCriticalSection DeleteCriticalSection Sleep UnhandledExceptionFilter SetUnhandledExceptionFilter GetCurrentProcess TerminateProcess QueryPerformanceCounter GetCurrentProcessId GetCurrentThreadId GetSystemTimeAsFileTime GetTickCount GetVersionExA ExpandEnvironmentStringsW GetModuleHandleA HeapSetInformation LocalAlloc EnumResourceNamesW EnumResourceLanguagesW LockResource LoadResource SizeofResource FindResourceExW HeapAlloc GetEnvironmentVariableW MapViewOfFile CreateFileMappingA GetFileSize GetSystemInfo UnmapViewOfFile LocalFree FormatMessageW CloseHandle SetLastError CreateFileW GetProcAddress Wow64RevertWow64FsRedirection FreeLibrary FindClose LoadLibraryA GetModuleHandleW GetFileType |
| MFC42.dll |
#825
#823 |
| msvcrt.dll |
__crtLCMapStringA
isupper setlocale malloc ___lc_codepage_func ___lc_handle_func __pctype_func _errno ___mb_cur_max_func fputc __uncaught_exception strerror __mb_cur_max memset memcpy memcpy_s ungetwc ungetc setvbuf _XcptFilter _fseeki64 fsetpos fgetpos fgetc fflush calloc _CxxThrowException _wsetlocale _purecall puts _time64 realloc strchr _cexit _wtoi __p__commode _amsg_exit towlower fclose fseek __wgetmainargs __set_app_type exit _exit _mktime64 wcsncmp ??4exception@@QAEAAV0@ABV0@@Z _except_handler4_common _controlfp ?terminate@@YAXXZ __crtLCMapStringW ??0exception@@QAE@XZ ___lc_collate_cp_func __crtCompareStringW memcmp islower __iob_func abort _wfopen _wcsnicmp __dllonexit _onexit _unlock _lock fwrite ??1type_info@@UAE@XZ _wcsicmp towupper iswdigit iswalpha fgetwc wprintf fwprintf wcsstr free ??1bad_cast@@UAE@XZ ??0bad_cast@@QAE@ABV0@@Z ??_V@YAXPAX@Z strcspn memchr localeconv memmove_s sprintf_s putchar _wctime64 mktime fputwc memmove ??0exception@@QAE@ABV0@@Z ??0exception@@QAE@ABQBD@Z ??1exception@@UAE@XZ ?what@exception@@UBEPBDXZ __CxxFrameHandler3 __setusermatherr swscanf __p__fmode _initterm qsort_s |
| ntdll.dll |
RtlWow64EnableFsRedirectionEx
RtlFreeHeap RtlAllocateHeap |
| CRYPT32.dll |
CertDuplicateCertificateContext
CertFreeCertificateChain CryptMsgGetParam CryptDecodeObject CryptFindOIDInfo CertFindAttribute CertGetEnhancedKeyUsage CryptMsgClose CertCreateCertificateContext CertCompareCertificate CryptMsgControl CertDuplicateStore CertCloseStore CertDuplicateCertificateChain CryptEncodeObjectEx CertGetCertificateContextProperty CryptQueryObject CertAddCertificateContextToStore CertOpenStore CertEnumCertificatesInStore CertVerifyCertificateChainPolicy CryptStringToBinaryW CryptMemFree CryptVerifyMessageSignature CryptMsgOpenToDecode CryptMsgUpdate CryptExportPublicKeyInfoEx CryptAcquireCertificatePrivateKey CertGetNameStringW CertFindExtension CertGetValidUsages CertGetCertificateChain CryptHashCertificate2 CertSetCertificateContextProperty CryptBinaryToStringA CryptStringToBinaryA CryptBinaryToStringW CertControlStore PFXImportCertStore CertFindCertificateInStore CertAddStoreToCollection CryptMsgOpenToEncode CertComparePublicKeyInfo CryptDecodeObjectEx CryptSIPRetrieveSubjectGuid CryptSIPLoad CertFreeCertificateContext |
| USER32.dll |
LoadStringW
|
| ole32.dll |
CoTaskMemAlloc
CoTaskMemFree |
| OLEAUT32.dll |
#6
#200 |
| WINTRUST.dll |
WTHelperGetProvSignerFromChain
WinVerifyTrust WTHelperGetProvCertFromChain WTHelperProvDataFromStateData |
| SHLWAPI.dll |
PathCanonicalizeW
SHCreateStreamOnFileW |
| bcrypt.dll |
BCryptHashData
BCryptDestroyHash BCryptFinishHash BCryptGetProperty BCryptCloseAlgorithmProvider BCryptOpenAlgorithmProvider BCryptCreateHash |
| ncrypt.dll |
NCryptSignHash
|
| XmlLite.dll |
CreateXmlWriter
|
| MSSIGN32.dll |
SignerFreeSignerContext
SignerSign SignerTimeStamp |
| .1253 |
| Usage: signtool <command> [options] |
| Valid commands: |
| sign -- Sign files using an embedded signature. |
| timestamp -- Timestamp previously-signed files. |
| verify -- Verify embedded or catalog signatures. |
| catdb -- Modify a catalog database. |
| remove -- Remove embedded signature(s) or reduce the size of an |
| embedded signed file. |
| For help on a specific command, enter "signtool <command> /?" |
| Usage: signtool sign [options] <filename(s)> |
| Use the "sign" command to sign files using embedded signatures. Signing |
| protects a file from tampering, and allows users to verify the signer (you) |
| based on a signing certificate. The options below allow you to specify signing |
| parameters and to select the signing certificate you wish to use. |
| Certificate selection options: |
| Signing parameter options: |
| Private Key selection options: |
| Other options: |
| /a Select the best signing cert automatically. SignTool will find all |
| valid certs that satisfy all specified conditions and select the |
| one that is valid for the longest. If this option is not present, |
| SignTool will expect to find only one valid signing cert. |
| /c <name> Specify the Certificate Template Name (Microsoft extension) of the |
| signing cert. |
| /csp <name> Specify the CSP containing the Private Key Container. |
| /d <desc.> Provide a description of the signed content. |
| /du <URL> Provide a URL with more information about the signed content. |
| /f <file> Specify the signing cert in a file. If this file is a PFX with |
| a password, the password may be supplied with the "/p" option. |
| If the file does not contain private keys, use the "/csp" and "/kc" |
| options to specify the CSP and container name of the private key. |
| /i <name> Specify the Issuer of the signing cert, or a substring. |
| /kc <name> Specify the Key Container Name of the Private Key. |
| /n <name> Specify the Subject Name of the signing cert, or a substring. |
| /p <pass.> Specify a password to use when opening the PFX file. |
| /q No output on success and minimal output on failure. As always, |
| SignTool returns 0 on success, 1 on failure, and 2 on warning. |
| /r <name> Specify the Subject Name of a Root cert that the signing cert must |
| chain to. |
| /s <name> Specify the Store to open when searching for the cert. The default |
| is the "MY" Store. |
| /sm Open a Machine store instead of a User store. |
| /sha1 <h> Specify the SHA1 thumbprint of the signing cert. |
| /t <URL> Specify the timestamp server's URL. If this option is not present, |
| the signed file will not be timestamped. A warning is generated if |
| timestamping fails. |
| /u <usage> Specify the Enhanced Key Usage that must be present in the cert. |
| The parameter may be specified by OID or by string. The default |
| usage is "Code Signing" (1.3.6.1.5.5.7.3.3). |
| /uw Specify usage of "Windows System Component Verification" |
| (1.3.6.1.4.1.311.10.3.6). |
| /v Print verbose success and status messages. This may also provide |
| slightly more information on error. |
| /ac <file> Add an additional certificate, from <file>, to the signature block. |
| /ph Generate page hashes for executable files if supported. |
| /nph Suppress page hashes for executable files if supported. |
| The default is determined by the SIGNTOOL_PAGE_HASHES |
| environment variable and by the wintrust.dll version. |
| /as Append this signature. If no primary signature is present, this |
| signature will be made the primary signature instead. |
| /es Enumerate signatures on a file. |
| /debug Display additional debug information. |
| /fd Specifies the file digest algorithm to use for creating file |
| signatures. (Default is SHA1) |
| /tr <URL> Specifies the RFC 3161 timestamp server's URL. If this option |
| (or /t) is not specified, the signed file will not be timestamped. |
| A warning is generated if timestamping fails. This switch cannot |
| be used with the /t switch. |
| /tseal <URL> Specifies the RFC 3161 timestamp server's URL for timestamping a |
| sealed file. |
| /td <alg> Used with the /tr or /tseal switch to request a digest algorithm |
| used by the RFC 3161 timestamp server. |
| /ed Enumerates digest algorithms supported on this machine that can be used for signing, page hashes and timestamps. |
| PKCS7 options: |
| /p7 <path> Specifies that for each specified content file a PKCS7 file is |
| produced. The PKCS7 file will be named: <path>\<file>.p7 |
| /p7co <OID> Specifies the <OID> that identifies the signed content. |
| /p7ce <Value> Defined values: |
| Embedded - Embeds the signed content in the PKCS7. |
| DetachedSignedData - Produces the signed data part of |
| a detached PKCS7. |
| The default is 'Embedded' |
| /seal Add a sealing signature if the file format supports it. |
| /itos Create a primary signature with the intent-to-seal attribute. |
| /force Continue to seal or sign in situations where the existing signature |
| or sealing signature needs to be removed to support sealing. |
| /nosealwarn Sealing-related warnings do not affect SignTool's return code. |
| Digest options: |
| /dg <path> Generates the to be signed digest and the unsigned PKCS7 files. |
| The output digest and PKCS7 files will be: <path>\<file>.dig and |
| <path>\<file>.p7u. To output an additional XML file, see /dxml. |
| /ds Signs the digest only. The input file should be the digest |
| generated by the /dg option. The output file will be: |
| <file>.signed. |
| /di <path> Creates the signature by ingesting the signed digest to the |
| unsigned PKCS7 file. The input signed digest and unsigned |
| PKCS7 files should be: <path>\<file>.dig.signed and |
| <path>\<file>.p7u. |
| /dxml When used with the /dg option, produces an XML file. The output |
| file will be: <path>\<file>.dig.xml. |
| /dlib <dll> Specifies the DLL implementing the AuthenticodeDigestSign |
| function to sign the digest with. This option is equivalent |
| to using SignTool separately with the /dg, /ds, and /di switches, |
| except this option invokes all three as one atomic operation. |
| /dmdf <file> When used with the /dlib option, passes the file's contents to |
| the AuthenticodeDigestSign function without modification. |
| /sa <OID> <value> Specify an OID and value to be included as an authenticated |
| attribute in the signature. The value will be encoded as an |
| ASN1 UTF8 string. This option may be given multiple times. |
| /rmc Specifies signing a PE file with the relaxed marker check semantic. |
| The flag is ignored for non-PE files. During verification, certain |
| authenticated sections of the signature will bypass invalid PE |
| markers check. This option should only be used after careful |
| consideration and reviewing the details of MSRC case MS12-024 to |
| ensure that no vulnerabilities are introduced. |
| Usage: signtool verify [options] <filename(s)> |
| Use the "verify" command to verify embedded or catalog signatures. |
| Verification determines if the signing certificate was issued by a trusted |
| party, whether that certificate has been revoked, and whether the certificate |
| is valid under a specific policy. Options allow you to specify requirements |
| that must be met and to specify how to find the catalog, if appropriate. |
| Catalogs are used by Microsoft and others to sign many files very efficiently. |
| Catalog options: |
| Other options: |
| SignTool uses the "Windows Driver" Verification Policy by default. The options |
| below allow you to use alternate Policies. |
| Verification Policy options: |
| Signature requirement options: |
| /a Automatically attempt to verify the file using all methods. First |
| search for a catalog using all catalog databases. If the file is |
| not signed in any catalog, attempt to verify the embedded |
| signature. When verifying files that may or may not be signed in a |
| catalog, such as Windows files and drivers, this option is the |
| easiest way to ensure that the signature is found. |
| /ad Find the catalog automatically using the default catalog database. |
| /as Find the catalog automatically using the system component (driver) |
| catalog database. |
| /ag <GUID> Find the catalog automatically in the specified catalog database. |
| Catalog databases are identified by GUID. |
| Example GUID: {F750E6C3-38EE-11D1-85E5-00C04FC295EE} |
| /c <file> Specify the catalog file. |
| /ca <h> Verify that the file is signed with an intermediate CA cert with |
| the specified hash. This option may be specified multiple times; |
| one of the specified hashes must match. |
| /o <ver> When verifying a file that is in a signed catalog, verify that the |
| file is valid for the specified platform. |
| Parameter format is: PlatformID:VerMajor.VerMinor.BuildNumber |
| /pa Use the "Default Authenticode" Verification Policy. |
| /pg <GUID> Specify the verification policy by GUID (also called ActionID). |
| /q No output on success and minimal output on failure. As always, |
| SignTool returns 0 on success, 1 on failure, and 2 on warning. |
| /r <name> Specify the Subject Name of a Root cert that the signing cert must |
| chain to. |
| /sha1 <h> Verify that the signer certificate has the specified hash. This |
| option may be specified multiple times; one of the specified hashes |
| must match. |
| /tw Generate a Warning if the signature is not timestamped. |
| /u <usage> Generate a Warning if the specified Enhanced Key Usage is not |
| present in the cert. This option may be given multiple times. |
| /v Print verbose success and status messages. This may also provide |
| slightly more information on error. If you want to see information |
| about the signer, you should use this option. |
| /kp Perform the verification with the kernel-mode driver signing policy. |
| Manifest options: |
| /ph Print and verify page hash values. |
| /d Print Description and Description URL. |
| /all Verify all signatures in a file with multiple signatures. |
| /ds <index> Verify the signature at <index>. |
| /ms Use multiple verification semantics. This is the default behavior |
| of a Win8 WinVerifyTrust call. |
| /p7 Verify PKCS7 files. No existing policies are used for p7 validation. |
| The signature is checked and a chain is built for the signing |
| certificate. |
| /hash <SHA1 | SHA256> Optional hash algorithm to use when searching for |
| a file in a catalog. |
| /sl Verify sealing signatures for supported file types. |
| /bp Perform the verification with the Biometric mode signing policy. |
| Usage: signtool timestamp [options] <filename(s)> |
| Use the "timestamp" command to add a timestamp to a previously-signed file. |
| The "/t" option is required. |
| /q No output on success and minimal output on failure. As always, |
| SignTool returns 0 on success and 1 on failure. |
| /t <URL> Specify the timestamp server's URL. |
| /v Print verbose success and status messages. This may also provide |
| slightly more information on error. |
| /tr <URL> Specifies the RFC 3161 timestamp server's URL. |
| /tseal <URL> Specifies the RFC 3161 timestamp server's URL for timestamping a |
| sealed file. One of /t, /tr or /tseal is required. |
| /td <alg> Used with the /tr or /tseal switch to request a digest algorithm |
| used by the RFC 3161 timestamp server. |
| /tp <index> Timestamps the signature at <index>. |
| /p7 Timestamps PKCS7 files. |
| /force Remove any sealing signature that is present in order to timestamp. |
| /nosealwarn Warnings for removing a sealing signature do not affect SignTool's |
| return code. |
| Usage: signtool catdb [options] <filename(s)> |
| Use the "catdb" command to add or remove catalog files to or from a catalog |
| database. Catalog databases are used for automatic lookup of catalog files, |
| and are identified by GUID. |
| Catalog Database options allow you to select which catalog database to operate |
| on. If you do not specify a catalog database, SignTool operates on the system |
| component (driver) database. |
| Catalog Database options: |
| Other options specify what to do with the selected catalog database, and other |
| behavior. If you do not specify any other options, SignTool will add the |
| specified catalogs to the catalog database, replacing any existing catalog |
| which has the same name. |
| Other options: |
| /d Operate on the default catalog database instead of the system |
| component (driver) catalog database. |
| /g <GUID> Operate on the specified catalog database. |
| /q No output on success and minimal output on failure. As always, |
| SignTool returns 0 on success and 1 on failure. |
| /r Remove the specified catalogs from the catalog database. |
| /u Automatically generate a unique name for the added catalogs. The |
| catalog files will be renamed if necessary to prevent name |
| conflicts with existing catalog files. |
| /v Print verbose success and status messages. This may also provide |
| slightly more information on error. |
| Usage: signtool remove [options] <filename(s)> |
| Use the "remove" command to remove the embedded signature(s) or sections of |
| the embedded signature on a PE/COFF file. |
| WARNING: This command will modify the file on the disk. Please create a backup |
| copy if you want to preserve the original file. |
| The option "/c" and/or "/u", or "/s" is required. |
| /u Remove the unauthenticated attributes from the signature |
| e.g. Dual signatures and timestamps. |
| /c Remove all certificates, except for the signer certificate |
| from the signature. |
| /q No output on success and minimal output on failure. As always, |
| SignTool returns 0 on success and 1 on failure. |
| /v Print verbose success and status messages. This may also provide |
| slightly more information on error. |
| /s Remove the signature(s) entirely. |
| SignTool Error: A required parameter is missing. |
| SignTool Error: Invalid command: %1!s! |
| SignTool Error: Missing filename. |
| SignTool Error: File not found: %1!s! |
| SignTool Error: You cannot use the %1!s! option twice. |
| SignTool Error: The %1!s! option requires a parameter. |
| SignTool Error: Invalid option: %1!s! |
| SignTool Error: An unexpected internal error has occurred. |
| SignTool Error: The %1!s! option requires the %2!s! option. |
| SignTool Error: The %1!s! option requires the use of one of the following |
| options: %2!s! |
| SignTool Error: The %1!s! option is incompatible with the %2!s! option. |
| SignTool Error: The %1!s! option cannot be used with any of the following |
| options: %2!s! |
| SignTool Error: The %1!s! option is required. |
| SignTool Error: There was an error opening the file list: %1!s! |
| SignTool Error: Invalid GUID format: %1!s! |
| Expected GUID format: {F750E6C3-38EE-11D1-85E5-00C04FC295EE} |
| SignTool Error: Occurrence of DLL name and parameter mismatched. |
| SignTool Error: This version of signtool does not support the %1!s! functionality. |
| SignTool Error: Missing required parameter(s), expecting %!s!. |
| SignTool Error: The %1!s! option cannot be used with any other option. |
| SignTool Error: The %1!s! option is incompatible with signing multiple files. |
| SignTool Error: Out of memory. |
| SignTool Error: Invalid Enhanced Key Usage: %1!s! |
| SignTool Error: Specify the RFC 3161 timestamp server's URL instead with /tr. |
| SignTool Error: Invalid OID: %1!s! |
| SignTool Error: Invalid SHA1 hash format: %1!s! |
| SignTool Error: The Enhanced Key Usage string is too long. |
| SignTool Error: Invalid Timestamp URL: %1!s! |
| SignTool Error: Invalid hash format: %1!s! |
| SignTool Error: The hash provided is too long. |
| SignTool Error: Invalid DSIG value: %1!s! |
| SignTool Error: Invalid Key Spec value: %1!s! |
| SignTool Error: The signer's certificate is not valid for signing. |
| SignTool Error: The specified algorithm cannot be used or is invalid. |
| SignTool Error: No private key is available. |
| SignTool Error: Only P7 Embedded signatures are supported with Digest Signing. |
| SignTool Error: Invalid OS Version string: %1!s! |
| Expected format: PlatformID:VerMajor.VerMinor |
| Examples: 2:5.0 -- Windows NT, Version 5.0 -- Windows 2000 |
| 2:5.1 -- Windows NT, Version 5.1 -- Windows XP |
| You may optionally add a build number to the Version string. |
| Example: 2:5.1.2600 -- Windows XP final build |
| SignTool Error: Invalid index selected for timestamping. |
| Number of warnings: %1!u! |
| Number of errors: %1!u! |
| SignTool Warning: The following option or combination of options is not |
| supported and will be ignored in whole or in part: %1!s! |
| SignTool Error: No files were processed. |
| SignTool Error: %1!s! returned error: 0x%2!08X! |
| %3!s! |
| SignTool Error: Signtool requires CAPICOM version 2.1.0.1 or higher. Please |
| copy the latest version of CAPICOM.dll into the directory that contains |
| SignTool.exe. If CAPICOM.dll exists, you may not have proper |
| permissions to install CAPICOM. |
| SignTool Error: Access is denied. |
| SignTool Error: The file is being used by another process. |
| SignTool Error: The file cannot be mapped into memory. It may be zero size. |
| SignTool Error: This version of signtool is not supported on this operating system. |
| SignTool Error: A required function is not present. |
| This error likely means that you are running SignTool on an OS that |
| does not support the options you've specified. |
| Number of files successfully Signed: %1!u! |
| The following certificate was selected: |
| Issued to: %1!s! |
| Issued by: %1!s! |
| Expires: %1!s! |
| SHA1 hash: %1!s! |
| Successfully signed: %1!s! |
| Successfully signed and timestamped: %1!s! |
| Attempting to sign: %1!s! |
| SignTool Warning: Signing succeeded, but an error occurred while attempting to |
| timestamp: %1!s! |
| SignTool Error: The specified PFX password is not correct. |
| SignTool Error: No certificates were found that met all the given criteria. |
| SignTool Error: The specified CSP could not be found. |
| SignTool Error: The private key for the selected certificate is not accessible. |
| SignTool Error: An error occurred while attempting to load the signing |
| certificate from: %1!s! |
| SignTool Error: No certificate was found with the specified SHA1 Hash. |
| SignTool Error: No certificate was found with the specified Issuer. |
| SignTool Error: Multiple certificates were found that meet all the given |
| criteria. Use the /a option to allow SignTool to choose the best |
| certificate automatically or use the /sha1 option with the hash of the |
| desired certificate. |
| The following certificates meet all given criteria: |
| SignTool Error: An error occurred while attempting to open the certificate |
| store: "%1!s!" |
| SignTool Error: An error occurred while attempting to sign: %1!s! |
| SignTool Error: This file format cannot be signed because it is not recognized. |
| SignTool Error: The specified private key does not match the public key of the |
| selected certificate. |
| SignTool Error: The "%1!s!" certificate store was not found. |
| SignTool Error: The specified private key container was not found. |
| SignTool Error: An error occurred while attempting to open the specified |
| private key container. |
| Either the file being signed or one of the DLL specified by /j switch |
| SignTool Warning: Unable to enable page-hashes. |
| SignTool Warning: Unable to disable page-hashes. |
| The following certificates have been found to be suitable for signing: |
| The expiration date cannot be determined. |
| Signtool Error: The provided cross certificate would not be present in the certificate chain. |
| Signtool Error: One of the secondary signatures has an invalid or missing sequence number. |
| SignTool Error: Multiple signature support is not implemented for this filetype. |
| SignTool Error: Invalid index specified. |
| SignTool Error: This file is signed with an older version of the Authenticode |
| signature format that does not support sealing. The file will have to |
| have its existing signature(s) removed and resigned with support for |
| sealing. The /force option must be specified as part of the command in |
| order to do so. |
| SignTool Warning: The existing signature was removed and the file was |
| successfully re-signed and sealed. |
| SignTool Error: This file is signed with an older version of the Authenticode |
| signature format that does not support sealing. The file will have to |
| have its existing signature(s) removed and resigned with support for |
| sealing. The /force option must be specified as part of the command in |
| order to do so. |
| SignTool Warning: The existing signature was removed and the file was |
| successfully re-signed with the intentToSeal attribute set. The file |
| will fail verification until the signature is sealed and users are |
| therefore advised to seal. |
| The file was signed with the intentToSeal attribute set. The file will fail |
| verification until the signature is sealed and users are therefore |
| advised to seal. |
| SignTool Error: The file has a sealed signature. In order to append more |
| signatures the seal will have to be removed and the file will have to |
| be re-signed. The /force option must be specified as part of the |
| command in order to do so. |
| SignTool Warning: The existing seal was removed from the file and the desired |
| signature was appended to the file. The file will fail verification |
| until the signature is sealed and users are therefore advised to seal. |
| SignTool Error: The file has a sealing signature. In order to seal with a new |
| signer the existing sealing signature will be replaced. The |
| /force option must be specified as part of the command in order to do |
| so. |
| SignTool Warning: The existing sealing signature was successfully replaced on |
| the file. |
| The file was signed but no sealing operations were performed since the file |
| format does not support sealing signatures. |
| SignTool Error: The existing signature cannot be timestamped and sealed in the |
| same signtool command. Use separate commands to replace or timestamp |
| the signature, and then seal the file. |
| SignTool Error: A signature exists for this signer and the digest algorithm |
| cannot be changed while sealing. Use separate commands to replace the |
| signature, and then seal the file. |
| SignTool Error: There was an unspecified error while sealing. |
| For more information, please see http://aka.ms/badexeformat |
| Number of files successfully Verified: %1!u! |
| Number of failed Verifications: %1!u! |
| Verifying: %1!s! |
| Successfully verified: %1!s! |
| File is signed in catalog: %1!s! |
| Unable to verify this file using a catalog. |
| Signing Certificate Chain: |
| Countersigned by: |
| Timestamp Verified by: |
| File is not timestamped. |
| The signature is timestamped: %1!s! |
| This catalog file has been previously evaluated. |
| SignTool Warning: File is not timestamped: %1!s! |
| SignTool Error: An error occurred while attempting to verify: %1!s! |
| SignTool Error: File not valid: %1!s! |
| SignTool Error: Signing Cert does not chain to the specified Root Cert. |
| SignTool Error: Could not open the specified catalog: %1!s! |
| SignTool Error: File not found in the specified catalog. |
| SignTool Error: This catalog is not valid for the specified OS version. |
| SignTool Error: This catalog is not valid for the current OS version. You may |
| use the /o option to verify against a different OS version. |
| SignTool Error: This file format cannot be verified because it is not |
| recognized. |
| SignTool Error: The signing certificate is not valid for the requested usage. |
| This error sometimes means that you are using the wrong verification |
| policy. Consider using the /pa option. |
| SignTool Error: No signature found. |
| SignTool Error: A certificate chain processed, but terminated in a root |
| certificate which is not trusted by the trust provider. |
| SignTool Error: /kp cannot be used with /bp, /pa, or /pg. |
| The signature is timestamped, however the timestamp time is not valid. |
| SignTool Error: Signing Cert does not chain to a Microsoft Root Cert. |
| SignTool Warning: A discrepancy was detected in the page hashes. |
| The computed page hashes do not match the embedded page hashes. |
| SignTool Warning: No page hashes are present. |
| Page hashes: |
| Computed page hashes: |
| File has page hashes. |
| Cross Certificate Chain: |
| SignTool Error: Signature did not pass crypto policy. |
| Number of signatures successfully Verified: %1!u! |
| SignTool Warning: The timestamp certificate is not valid for the requested usage. |
| SignTool Warning: An error has been found with the timestamp. |
| CERT_TRUST_STATUS.dwErrorStatus: 0x%1!08X! |
| CERT_TRUST_STATUS.dwInfoStatus: 0x%1!08X! |
| SignTool Error: File is marked intent-to-seal but lacks a sealing signature |
| File is marked with intent to seal. |
| File is not marked with intent to seal. |
| File does not support sealing signatures. |
| This signer seals the file. |
| SignTool Error: The signer does not possess the specified EKUs. |
| SignTool Error: No intermediate CA with a specified thumbprint was found. |
| SignTool Error: The signing certificate does not have a specified SHA1 hash. |
| SignTool Error: /bp cannot be used with /kp, /pa, or /pg. |
| SignTool Error: The signing certificate is not valid for Biometric policy. |
| Number of files successfully timestamped: %1!u! |
| Timestamping: %1!s! |
| Successfully timestamped: %1!s! |
| SignTool Error: An error occurred while attempting to timestamp: %1!s! |
| SignTool Error: No signature was found. The file must be signed before it can |
| be timestamped. |
| SignTool Error: The specified timestamp server either could not be reached or |
| returned an invalid response. |
| SignTool Warning: The specified algorithm is not considered secure. |
| SignTool Error: The file has a sealed signature. In order to timestamp the file |
| the seal will have to be removed and the file will have to be resigned. |
| The /force option must be specified as part of the command in order to |
| do so. |
| SignTool Warning: The existing seal was removed from the file and the file was |
| successfully timestamped. The file will fail verification until the |
| signature is sealed and users are therefore advised to seal. |
| SignTool Error: No sealing signature was found. The file must be sealed before |
| it can be seal timestamped. |
| SignTool Error: The file format does not support sealing signatures and cannot |
| be seal timestamped. |
| Adding Catalog: %1!s! |
| Removing Catalog: %1!s! |
| Catalog added successfully: %1!s! |
| Catalog added successfully: %1!s! |
| System assigned name: %2!s! |
| Catalog removed successfully: %1!s! |
| Number of catalog files successfully Added: %1!u! |
| Number of catalog files successfully Removed: %1!u! |
| SignTool Error: An error occurred while attempting to add: %1!s! |
| SignTool Error: An error occurred while attempting to remove: %1!s! |
| SignTool Error: Removing a catalog is not supported on this version of windows. |
| SignTool Error: Invalid catalog name: %1!s! |
| Please specify just the filename, with no path or wildcard specifiers. |
| SignTool Error: Catalog not found in the catalog database: %1!s! |
| SignTool Error: Invalid catalog file: %1!s! |
| Removing unauthenticated attributes from the signature on file: %1!s! |
| Removing CA certificates from the signature on file: %1!s! |
| Successfully committed changes to the file: %1!s! |
| SignTool Error: Unsupported file type: %1!s! |
| SignTool Error: Unsupported number of certificates on image (only one is expected): %1!s! |
| SignTool Warning: No unauthenticated attributes found in the signature. |
| SignTool Warning: No certificates were removed. |
| Number of files successfully processed: %1!u! |
| SignTool Error: Failed to obtain the cryptographic message: %1!s! |
| SignTool Error: Failed to properly build the Subject Info: %1!s! |
| Removing signature on file: %1!s! |
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 10.0.15063.137 |
| ProductVersion | 10.0.15063.137 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language | English - United States |
| CompanyName | Microsoft Corporation |
| FileDescription | Authenticode(R) - signing and verifying tool |
| FileVersion (#2) | 4.00 (WinBuild.160101.0800) |
| InternalName | SignTool |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | SIGNTOOL.EXE |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion (#2) | 10.0.15063.137 |
| Resource LangID | English - United States |
|---|
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2015-Sep-20 21:55:43 |
| Version | 0.0 |
| SizeofData | 37 |
| AddressOfRawData | 0x58a0 |
| PointerToRawData | 0x4ca0 |
| Referenced File | signtool.pdb |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2015-Sep-20 21:55:43 |
| Version | 0.0 |
| SizeofData | 668 |
| AddressOfRawData | 0x58c8 |
| PointerToRawData | 0x4cc8 |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2015-Sep-20 21:55:43 |
| Version | 0.0 |
| SizeofData | 0 |
| AddressOfRawData | 0 |
| PointerToRawData | 0 |
| Size | 0x98 |
|---|---|
| TimeDateStamp | 1970-Jan-01 00:00:00 |
| Version | 0.0 |
| GlobalFlagsClear | (EMPTY) |
| GlobalFlagsSet | (EMPTY) |
| CriticalSectionDefaultTimeout | 0 |
| DeCommitFreeBlockThreshold | 0 |
| DeCommitTotalFreeThreshold | 0 |
| LockPrefixTable | 0 |
| MaximumAllocationSize | 0 |
| VirtualMemoryThreshold | 0 |
| ProcessAffinityMask | 0 |
| ProcessHeapFlags | (EMPTY) |
| CSDVersion | 0 |
| Reserved1 | 0 |
| EditList | 0 |
| SecurityCookie | 0x4375c8 |
| SEHandlerTable | 0x405560 |
| SEHandlerCount | 208 |
| GuardCFCheckFunctionPointer | 4441096 |
| GuardCFDispatchFunctionPointer | 0 |
| GuardCFFunctionTable | 0 |
| GuardCFFunctionCount | 0 |
| GuardFlags | (EMPTY) |
| CodeIntegrity.Flags | 0 |
| CodeIntegrity.Catalog | 0 |
| CodeIntegrity.CatalogOffset | 0 |
| CodeIntegrity.Reserved | 0 |
| GuardAddressTakenIatEntryTable | 0 |
| GuardAddressTakenIatEntryCount | 0 |
| GuardLongJumpTargetTable | 0 |
| GuardLongJumpTargetCount | 0 |
| XOR Key | 0xa1373f74 |
|---|---|
| Unmarked objects | 0 |
| ASM objects (24610) | 4 |
| C++ objects (24610) | 20 |
| C objects (24610) | 32 |
| Imports (24610) | 31 |
| Total imports | 251 |
| 265 (24610) | 32 |
| Resource objects (24610) | 1 |
| Linker (24610) | 1 |