Authenticode and Antivitus Detection
Editors note: This used to be multiple blogposts that have been collected together in chronological order It turns out that many antivirus engines white list authenticode signed binaries regardless of the trustworthiness of the signature. Here's an experiment that I performed, feel free to play along at home (remember to be careful when working with malware). Step 1: Find some malware This was actually the most time consuming step, a lot of places talk about…
Read more →