You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When scanning a signed executable with a missing signature timestamp, sigcheck will silently substitute it with the current machine time. The objective of this substitution is unclear while it misleads users.
Interestingly, when run with option -i then the signature timestamp is correctly reported as n/a.
PS C:\> sigcheck64.exe bbflbk5*
Sigcheck v2.60 - File version and signature viewer
Copyright (C) 2004-2017 Mark Russinovich
Sysinternals - www.sysinternals.com
C:\bbflbk5.exe:
Verified: Signed
Signing date: 6:36 PM 6/7/18
Publisher: Blueberry Software Ltd
Company: Blueberry Software (UK) Ltd.
Description: n/a
Product: FlashBack Pro 5
Prod version: 5.31.0.4361
File version: 5.31.0.4361
MachineType: 32-bit
PS C:\> sigcheck64.exe bbflbk5*
Sigcheck v2.60 - File version and signature viewer
Copyright (C) 2004-2017 Mark Russinovich
Sysinternals - www.sysinternals.com
C:\bbflbk5.exe:
Verified: Signed
Signing date: 6:37 PM 6/7/18
Publisher: Blueberry Software Ltd
Company: Blueberry Software (UK) Ltd.
Description: n/a
Product: FlashBack Pro 5
Prod version: 5.31.0.4361
File version: 5.31.0.4361
MachineType: 32-bit
PS C:\> sigcheck64.exe -i bbflbk5*
Sigcheck v2.60 - File version and signature viewer
Copyright (C) 2004-2017 Mark Russinovich
Sysinternals - www.sysinternals.com
C:\bbflbk5.exe:
Verified: Signed
Link date: 1:19 PM 2/24/12
Signing date: n/a
Catalog: C:\bbflbk5.exe
Signers:
Blueberry Software Ltd
Cert Status: Valid
Valid Usage: Code Signing
Cert Issuer: COMODO RSA Code Signing CA
Serial Number: 62 F6 DD E4 D6 02 D4 82 F8 30 41 79 B2 1D 42 70
Thumbprint: D68E7377F726BB5D5E467DFCEE9CE53B80EE1260
Algorithm: sha256RSA
Valid from: 6:00 PM 8/31/17
Valid to: 5:59 PM 8/31/20
COMODO RSA Code Signing CA
Cert Status: Valid
Valid Usage: Code Signing
Cert Issuer: COMODO RSA Certification Authority
Serial Number: 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
Thumbprint: B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Algorithm: sha384RSA
Valid from: 6:00 PM 5/8/13
Valid to: 5:59 PM 5/8/28
COMODO SECURE?
Cert Status: Valid
Valid Usage: Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Cert Issuer: COMODO RSA Certification Authority
Serial Number: 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
Thumbprint: AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Algorithm: sha384RSA
Valid from: 6:00 PM 1/18/10
Valid to: 5:59 PM 1/18/38
Company: Blueberry Software (UK) Ltd.
Description: n/a
Product: FlashBack Pro 5
Prod version: 5.31.0.4361
File version: 5.31.0.4361
MachineType: 32-bit
The text was updated successfully, but these errors were encountered:
When scanning a signed executable with a missing signature timestamp,
sigcheck
will silently substitute it with the current machine time. The objective of this substitution is unclear while it misleads users.Interestingly, when run with option
-i
then the signature timestamp is correctly reported asn/a
.The text was updated successfully, but these errors were encountered: