SlideShare a Scribd company logo
sigcheck main option
@Sh1n0g1
no option
>sigcheck Shinobot.exe
Sigcheck v2.30 - File version and signature viewer
Copyright (C) 2004-2015 Mark Russinovich
Sysinternals - www.sysinternals.com
E:DesktopShinoBOT.exe:
Verified: Unsigned
Link date: 17:41 2016/12/22
Publisher: n/a
Company: Sh1n0g1 Inc.
Description: ShinoBOT
Product: ShinoBOT
Prod version: 3.1.0.0
File version: 3.1.0.0
MachineType: 32-bit
-q (quiet)
>sigcheck -q ShinoBOT.exe
E:DesktopShinoBOT.exe:
Verified: Unsigned
Link date: 17:41 2016/12/22
Publisher: n/a
Company: Sh1n0g1 Inc.
Description: ShinoBOT
Product: ShinoBOT
Prod version: 3.1.0.0
File version: 3.1.0.0
MachineType: 32-bit
The following banner disappears.
Sigcheck v2.30 - File version and
signature viewer
Copyright (C) 2004-2015 Mark
Russinovich
Sysinternals - www.sysinternals.com
-a (extended version information, entropy)
>sigcheck -a ShinoBOT.exe
Sigcheck v2.30 - File version and signature viewer
Copyright (C) 2004-2015 Mark Russinovich
Sysinternals - www.sysinternals.com
E:DesktopShinoBOT.exe:
Verified: Unsigned
Link date: 17:41 2016/12/22
Publisher: n/a
Company: Sh1n0g1 Inc.
Description: ShinoBOT
Product: ShinoBOT
Prod version: 3.1.0.0
File version: 3.1.0.0
MachineType: 32-bit
Binary Version: 3.1.0.0
Original Name: SHINOBOT_BUILDER.exe
Internal Name: SHINOBOT_BUILDER.exe
Copyright: Sh1n0g1 Inc.
Comments: RAT simulator
Entropy: 4.719
-h (hashes)
>sigcheck -h ShinoBOT.exe
Sigcheck v2.30 - File version and signature viewer
Copyright (C) 2004-2015 Mark Russinovich
Sysinternals - www.sysinternals.com
E:DesktopShinoBOT.exe:
Verified: Unsigned
Link date: 17:41 2016/12/22
Publisher: n/a
Company: Sh1n0g1 Inc.
Description: ShinoBOT
Product: ShinoBOT
Prod version: 3.1.0.0
File version: 3.1.0.0
MachineType: 32-bit
MD5: 9B2166D3B72C84396EDECE1673E923B7
SHA1: CF8C8D3F48FB1304E0AAB7EFB6C3EB9BBE833BC5
PESHA1: 5A7BAE6C68F50ABA37EB0FDC5B698115DB13C14B
PE256: CB30CF07163B72F49DADA51CDC3965E6F79AA6D9A430524AD81C0D445155CDDC
SHA256: BF7EFF73A37965B7ECD784E621F0B7118402C4C03E450E648B8922F070D440C8
IMP: F34D5F2D4577ED6D9CEEC516C1F5A744
-v (VirusTotal)
>sigcheck -v ShinoBOT1326.exe
Sigcheck v2.30 - File version and signature viewer
Copyright (C) 2004-2015 Mark Russinovich
Sysinternals - www.sysinternals.com
e:WorkShinoBOT1326.exe:
Verified: Unsigned
Link date: 9:23 2013/07/25
Publisher: n/a
Company: Sh1n0g1
Description: ShinoBOT
Product: ShinoBOT
Prod version: 1.3.2.6
File version: 1.3.2.6
MachineType: 32-bit
VT detection: 44/57
VT link:
https://www.virustotal.com/file/e10506ed829846ae5b7cddbb7ff636b18f632f28f072f9
b399b9cbdbd643b8d9/analysis/
-i (signed info)
>sigcheck -i DummyPopup_Signed.exe
Sigcheck v2.30 - File version and signature viewer
Copyright (C) 2004-2015 Mark Russinovich
Sysinternals - www.sysinternals.com
E:DesktopDummyPopup_Signed.exe:
Verified: Signed
Catalog: E:DesktopDummyPopup_Signed.exe
Signer:
Sh1n0g1 Inc
Status: ????????????????????????????????
Valid Usage: All
Serial Number: 01
Thumbprint: 9C85EA7F5672E74E3A5C45279EECBD979B559DDB
Algorithm: SHA1
Valid from: 16:54 2013/11/22
Valid to: 16:54 2015/11/22
Signing date: n/a
Publisher: Sh1n0g1 Inc
Company: n/a
Description: Popup
Product: Popup
Prod version: 1.0.0.0
File version: 1.0.0.0
MachineType: 32-bit
aihqv combined
>sigcheck -a -i -h -q -v DummyPopup_Signed.exe
E:DesktopDummyPopup_Signed.exe:
Verified: Signed
Catalog: E:DesktopDummyPopup_Signed.exe
Signer:
Sh1n0g1 Inc
Status: ????????????????????????????????
Valid Usage: All
Serial Number: 01
Thumbprint: 9C85EA7F5672E74E3A5C45279EECBD979B559DDB
Algorithm: SHA1
Valid from: 16:54 2013/11/22
Valid to: 16:54 2015/11/22
Signing date: n/a
Publisher: Sh1n0g1 Inc
Company: n/a
Description: Popup
Product: Popup
Prod version: 1.0.0.0
File version: 1.0.0.0
MachineType: 32-bit
Binary Version: 1.0.0.0
Original Name: DummyPopup.exe
Internal Name: DummyPopup.exe
Copyright: Copyright ゥ 2013
Comments: n/a
Entropy: 6.755
MD5: 66F65B57235F9886537BB791DB6DFB14
SHA1: D71365CCDC97D0A1BD88A97C81DAD6562749CA0A
PESHA1: AC6275E718A4E334B042B870DD66F3BB759B56FA
PE256: 05D0ABD52B5E3A6C9CBD2033FC806568EEDFD235C0F3297FE9F3F409580A1FAA
SHA256: 821B0E74CBBF042C32A691103D5DC449A1812E9FB0E5185B61B2F21CCCC1E883
IMP: F34D5F2D4577ED6D9CEEC516C1F5A744
VT detection: 1/56
VT link: https://www.virustotal.com/file/821b0e74cbbf042c32a691103d5dc449a1812e9fb0e5185b61b2f21cccc1e883/analysis/

More Related Content

Similar to Sigcheck option memo

DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
Felipe Prado
 
Lewis brady engine_terminology (edited version)
Lewis brady engine_terminology (edited version)Lewis brady engine_terminology (edited version)
Lewis brady engine_terminology (edited version)
LewisB2013
 
console32.vswindows32v15.suoconsole32.vswindows32v15.docx
console32.vswindows32v15.suoconsole32.vswindows32v15.docxconsole32.vswindows32v15.suoconsole32.vswindows32v15.docx
console32.vswindows32v15.suoconsole32.vswindows32v15.docx
aidaclewer
 
Active proxied sessions
Active proxied sessionsActive proxied sessions
Active proxied sessions
ds5ysm
 
growthbotics audit.pdf
growthbotics audit.pdfgrowthbotics audit.pdf
growthbotics audit.pdf
Wilson Kao
 
Readme
ReadmeReadme
Readme
David Sting
 
Serial number soft
Serial number softSerial number soft
Serial number soft
sandi271979
 
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5
 Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5 Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5
Roberto Innocenti
 
Open Hardware PowerPC Notebook motherboard V.0.6 August 2020
Open Hardware PowerPC Notebook motherboard V.0.6 August 2020Open Hardware PowerPC Notebook motherboard V.0.6 August 2020
Open Hardware PowerPC Notebook motherboard V.0.6 August 2020
Roberto Innocenti
 
Introducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware AnalysisIntroducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware Analysis
Brian Baskin
 
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4
Roberto Innocenti
 
ambil aja
ambil aja ambil aja
ambil aja
muxander
 
Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
Samy Bahra
 
How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?
How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?
How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?
howtoguides
 
Vulnerabilities in multiplayer games (2001-2012)
Vulnerabilities in multiplayer games (2001-2012)Vulnerabilities in multiplayer games (2001-2012)
Vulnerabilities in multiplayer games (2001-2012)
Luigi Auriemma
 
Improvements in meta spdxscanner through FOSSology - Ueba San
Improvements in meta spdxscanner through FOSSology - Ueba SanImprovements in meta spdxscanner through FOSSology - Ueba San
Improvements in meta spdxscanner through FOSSology - Ueba San
Shane Coughlan
 
Crossing the Production Barrier: Development at Scale
Crossing the Production Barrier: Development at ScaleCrossing the Production Barrier: Development at Scale
Crossing the Production Barrier: Development at Scale
jgoulah
 
Monitoring Containers with Weave Scope
Monitoring Containers with Weave ScopeMonitoring Containers with Weave Scope
Monitoring Containers with Weave Scope
Weaveworks
 
[1C2]webrtc 개발, 현재와 미래
[1C2]webrtc 개발, 현재와 미래[1C2]webrtc 개발, 현재와 미래
[1C2]webrtc 개발, 현재와 미래
NAVER D2
 
LIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORE
LIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORELIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORE
LIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORE
Kweku Zurek
 

Similar to Sigcheck option memo (20)

DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
 
Lewis brady engine_terminology (edited version)
Lewis brady engine_terminology (edited version)Lewis brady engine_terminology (edited version)
Lewis brady engine_terminology (edited version)
 
console32.vswindows32v15.suoconsole32.vswindows32v15.docx
console32.vswindows32v15.suoconsole32.vswindows32v15.docxconsole32.vswindows32v15.suoconsole32.vswindows32v15.docx
console32.vswindows32v15.suoconsole32.vswindows32v15.docx
 
Active proxied sessions
Active proxied sessionsActive proxied sessions
Active proxied sessions
 
growthbotics audit.pdf
growthbotics audit.pdfgrowthbotics audit.pdf
growthbotics audit.pdf
 
Readme
ReadmeReadme
Readme
 
Serial number soft
Serial number softSerial number soft
Serial number soft
 
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5
 Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5 Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.5
 
Open Hardware PowerPC Notebook motherboard V.0.6 August 2020
Open Hardware PowerPC Notebook motherboard V.0.6 August 2020Open Hardware PowerPC Notebook motherboard V.0.6 August 2020
Open Hardware PowerPC Notebook motherboard V.0.6 August 2020
 
Introducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware AnalysisIntroducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware Analysis
 
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4
Electrical Schematic Open Hardware PowerPC Notebook motherboard v. 0.4
 
ambil aja
ambil aja ambil aja
ambil aja
 
Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
 
How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?
How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?
How can you remove Pro PC Cleaner, and avoid other scareware lile optimizers?
 
Vulnerabilities in multiplayer games (2001-2012)
Vulnerabilities in multiplayer games (2001-2012)Vulnerabilities in multiplayer games (2001-2012)
Vulnerabilities in multiplayer games (2001-2012)
 
Improvements in meta spdxscanner through FOSSology - Ueba San
Improvements in meta spdxscanner through FOSSology - Ueba SanImprovements in meta spdxscanner through FOSSology - Ueba San
Improvements in meta spdxscanner through FOSSology - Ueba San
 
Crossing the Production Barrier: Development at Scale
Crossing the Production Barrier: Development at ScaleCrossing the Production Barrier: Development at Scale
Crossing the Production Barrier: Development at Scale
 
Monitoring Containers with Weave Scope
Monitoring Containers with Weave ScopeMonitoring Containers with Weave Scope
Monitoring Containers with Weave Scope
 
[1C2]webrtc 개발, 현재와 미래
[1C2]webrtc 개발, 현재와 미래[1C2]webrtc 개발, 현재와 미래
[1C2]webrtc 개발, 현재와 미래
 
LIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORE
LIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORELIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORE
LIST OF 150 MALICIOUS APPS REMOVED FROM PLAYSTORE
 

More from Shota Shinogi

LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)
Shota Shinogi
 
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptxネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
Shota Shinogi
 
HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)
Shota Shinogi
 
CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)
Shota Shinogi
 
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
Shota Shinogi
 
AndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキングAndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキング
Shota Shinogi
 
Honeypot Spotted
Honeypot SpottedHoneypot Spotted
Honeypot Spotted
Shota Shinogi
 
RISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL ScheduleRISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL Schedule
Shota Shinogi
 
Hexdump memo
Hexdump memoHexdump memo
Hexdump memo
Shota Shinogi
 
ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT Suite
Shota Shinogi
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Shota Shinogi
 

More from Shota Shinogi (11)

LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)
 
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptxネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
 
HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)
 
CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)
 
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
 
AndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキングAndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキング
 
Honeypot Spotted
Honeypot SpottedHoneypot Spotted
Honeypot Spotted
 
RISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL ScheduleRISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL Schedule
 
Hexdump memo
Hexdump memoHexdump memo
Hexdump memo
 
ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT Suite
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
 

Recently uploaded

Optimizing Your E-commerce with WooCommerce.pptx
Optimizing Your E-commerce with WooCommerce.pptxOptimizing Your E-commerce with WooCommerce.pptx
Optimizing Your E-commerce with WooCommerce.pptx
WebConnect Pvt Ltd
 
Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...
Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...
Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...
Luigi Fugaro
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
ervikas4
 
The Role of DevOps in Digital Transformation.pdf
The Role of DevOps in Digital Transformation.pdfThe Role of DevOps in Digital Transformation.pdf
The Role of DevOps in Digital Transformation.pdf
mohitd6
 
Beginner's Guide to Observability@Devoxx PL 2024
Beginner's  Guide to Observability@Devoxx PL 2024Beginner's  Guide to Observability@Devoxx PL 2024
Beginner's Guide to Observability@Devoxx PL 2024
michniczscribd
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
kalichargn70th171
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 
Orca: Nocode Graphical Editor for Container Orchestration
Orca: Nocode Graphical Editor for Container OrchestrationOrca: Nocode Graphical Editor for Container Orchestration
Orca: Nocode Graphical Editor for Container Orchestration
Pedro J. Molina
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
confluent
 
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
XfilesPro
 
42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert
vaishalijagtap12
 
Upturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in NashikUpturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in Nashik
Upturn India Technologies
 
🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻
🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻
🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻
campbellclarkson
 
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
Luigi Fugaro
 
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom KittEnhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Peter Caitens
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
Alina Yurenko
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.
Maitrey Patel
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio, Inc.
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
ShulagnaSarkar2
 

Recently uploaded (20)

Optimizing Your E-commerce with WooCommerce.pptx
Optimizing Your E-commerce with WooCommerce.pptxOptimizing Your E-commerce with WooCommerce.pptx
Optimizing Your E-commerce with WooCommerce.pptx
 
Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...
Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...
Voxxed Days Trieste 2024 - Unleashing the Power of Vector Search and Semantic...
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
 
The Role of DevOps in Digital Transformation.pdf
The Role of DevOps in Digital Transformation.pdfThe Role of DevOps in Digital Transformation.pdf
The Role of DevOps in Digital Transformation.pdf
 
Beginner's Guide to Observability@Devoxx PL 2024
Beginner's  Guide to Observability@Devoxx PL 2024Beginner's  Guide to Observability@Devoxx PL 2024
Beginner's Guide to Observability@Devoxx PL 2024
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 
Orca: Nocode Graphical Editor for Container Orchestration
Orca: Nocode Graphical Editor for Container OrchestrationOrca: Nocode Graphical Editor for Container Orchestration
Orca: Nocode Graphical Editor for Container Orchestration
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
 
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
 
42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert
 
Upturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in NashikUpturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in Nashik
 
🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻
🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻
🏎️Tech Transformation: DevOps Insights from the Experts 👩‍💻
 
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
 
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom KittEnhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
 

Sigcheck option memo

  • 2. no option >sigcheck Shinobot.exe Sigcheck v2.30 - File version and signature viewer Copyright (C) 2004-2015 Mark Russinovich Sysinternals - www.sysinternals.com E:DesktopShinoBOT.exe: Verified: Unsigned Link date: 17:41 2016/12/22 Publisher: n/a Company: Sh1n0g1 Inc. Description: ShinoBOT Product: ShinoBOT Prod version: 3.1.0.0 File version: 3.1.0.0 MachineType: 32-bit
  • 3. -q (quiet) >sigcheck -q ShinoBOT.exe E:DesktopShinoBOT.exe: Verified: Unsigned Link date: 17:41 2016/12/22 Publisher: n/a Company: Sh1n0g1 Inc. Description: ShinoBOT Product: ShinoBOT Prod version: 3.1.0.0 File version: 3.1.0.0 MachineType: 32-bit The following banner disappears. Sigcheck v2.30 - File version and signature viewer Copyright (C) 2004-2015 Mark Russinovich Sysinternals - www.sysinternals.com
  • 4. -a (extended version information, entropy) >sigcheck -a ShinoBOT.exe Sigcheck v2.30 - File version and signature viewer Copyright (C) 2004-2015 Mark Russinovich Sysinternals - www.sysinternals.com E:DesktopShinoBOT.exe: Verified: Unsigned Link date: 17:41 2016/12/22 Publisher: n/a Company: Sh1n0g1 Inc. Description: ShinoBOT Product: ShinoBOT Prod version: 3.1.0.0 File version: 3.1.0.0 MachineType: 32-bit Binary Version: 3.1.0.0 Original Name: SHINOBOT_BUILDER.exe Internal Name: SHINOBOT_BUILDER.exe Copyright: Sh1n0g1 Inc. Comments: RAT simulator Entropy: 4.719
  • 5. -h (hashes) >sigcheck -h ShinoBOT.exe Sigcheck v2.30 - File version and signature viewer Copyright (C) 2004-2015 Mark Russinovich Sysinternals - www.sysinternals.com E:DesktopShinoBOT.exe: Verified: Unsigned Link date: 17:41 2016/12/22 Publisher: n/a Company: Sh1n0g1 Inc. Description: ShinoBOT Product: ShinoBOT Prod version: 3.1.0.0 File version: 3.1.0.0 MachineType: 32-bit MD5: 9B2166D3B72C84396EDECE1673E923B7 SHA1: CF8C8D3F48FB1304E0AAB7EFB6C3EB9BBE833BC5 PESHA1: 5A7BAE6C68F50ABA37EB0FDC5B698115DB13C14B PE256: CB30CF07163B72F49DADA51CDC3965E6F79AA6D9A430524AD81C0D445155CDDC SHA256: BF7EFF73A37965B7ECD784E621F0B7118402C4C03E450E648B8922F070D440C8 IMP: F34D5F2D4577ED6D9CEEC516C1F5A744
  • 6. -v (VirusTotal) >sigcheck -v ShinoBOT1326.exe Sigcheck v2.30 - File version and signature viewer Copyright (C) 2004-2015 Mark Russinovich Sysinternals - www.sysinternals.com e:WorkShinoBOT1326.exe: Verified: Unsigned Link date: 9:23 2013/07/25 Publisher: n/a Company: Sh1n0g1 Description: ShinoBOT Product: ShinoBOT Prod version: 1.3.2.6 File version: 1.3.2.6 MachineType: 32-bit VT detection: 44/57 VT link: https://www.virustotal.com/file/e10506ed829846ae5b7cddbb7ff636b18f632f28f072f9 b399b9cbdbd643b8d9/analysis/
  • 7. -i (signed info) >sigcheck -i DummyPopup_Signed.exe Sigcheck v2.30 - File version and signature viewer Copyright (C) 2004-2015 Mark Russinovich Sysinternals - www.sysinternals.com E:DesktopDummyPopup_Signed.exe: Verified: Signed Catalog: E:DesktopDummyPopup_Signed.exe Signer: Sh1n0g1 Inc Status: ???????????????????????????????? Valid Usage: All Serial Number: 01 Thumbprint: 9C85EA7F5672E74E3A5C45279EECBD979B559DDB Algorithm: SHA1 Valid from: 16:54 2013/11/22 Valid to: 16:54 2015/11/22 Signing date: n/a Publisher: Sh1n0g1 Inc Company: n/a Description: Popup Product: Popup Prod version: 1.0.0.0 File version: 1.0.0.0 MachineType: 32-bit
  • 8. aihqv combined >sigcheck -a -i -h -q -v DummyPopup_Signed.exe E:DesktopDummyPopup_Signed.exe: Verified: Signed Catalog: E:DesktopDummyPopup_Signed.exe Signer: Sh1n0g1 Inc Status: ???????????????????????????????? Valid Usage: All Serial Number: 01 Thumbprint: 9C85EA7F5672E74E3A5C45279EECBD979B559DDB Algorithm: SHA1 Valid from: 16:54 2013/11/22 Valid to: 16:54 2015/11/22 Signing date: n/a Publisher: Sh1n0g1 Inc Company: n/a Description: Popup Product: Popup Prod version: 1.0.0.0 File version: 1.0.0.0 MachineType: 32-bit Binary Version: 1.0.0.0 Original Name: DummyPopup.exe Internal Name: DummyPopup.exe Copyright: Copyright ゥ 2013 Comments: n/a Entropy: 6.755 MD5: 66F65B57235F9886537BB791DB6DFB14 SHA1: D71365CCDC97D0A1BD88A97C81DAD6562749CA0A PESHA1: AC6275E718A4E334B042B870DD66F3BB759B56FA PE256: 05D0ABD52B5E3A6C9CBD2033FC806568EEDFD235C0F3297FE9F3F409580A1FAA SHA256: 821B0E74CBBF042C32A691103D5DC449A1812E9FB0E5185B61B2F21CCCC1E883 IMP: F34D5F2D4577ED6D9CEEC516C1F5A744 VT detection: 1/56 VT link: https://www.virustotal.com/file/821b0e74cbbf042c32a691103d5dc449a1812e9fb0e5185b61b2f21cccc1e883/analysis/