top of page
  • Writer's pictureTimmy TSENG

Windows adds a digital signature to exe

Generate a self-signed root certificate

makecert -n "CN=Microfost Windows" -r -sv Root.pvk Root.cer
This command uses the makecert tool to create a self-signed root certificate with the certificate name set to "Microfost Windows" and saves the private key to Root.pvk and the public certificate to Root.cer.

Convert the certificate to a Software Distribution Certificate (SPC):

Cert2Spc.exe Root.cer Root.spc 
Use the Cert2Spc tool to convert the certificate you just created into a software distribution certificate and save it to Root.spc

Combine the private key and SPC into a PFX file:

pvk2pfx.exe -pvk  Root.pvk -pi timmy -spc Root.spc -pfx Root.,pfx -f
Use the pvk2pfx tool to combine the private key (Root.pvk) and SPC (Root.spc) into a PFX file, set the password to "timmy", and save the result to Root.pfx.

Add the certificate to the local computer's trusted root certificate store

CertMgr.Exe -add -c Root.cer -s -r localmachine root
Use the CertMgr tool to add the certificate Root.cer to the local computer's trusted root certificate storage

Signing executable files using PFX files

signtool.exe sign /f Root.pfx /p timmy C:\Users\qoo7972365\Desktop\backdoor\windows_amd_excel.exe

Use the signtool tool and the PFX file just created (password is "timmy") to sign the specified executable file.

0 views0 comments

Recent Posts

See All

AMON-Eye: Advanced Malware Toolkit

Overview In today's digital world, cyber threats have become increasingly serious, and malware attacks have posed a huge threat to the data security of organizations and individuals. Cobaltstrike is a


bottom of page