|
|
|
|
|
|
by NortySpock
4314 days ago
|
|
|
From the article:
"Our custom tool allows us to create an unverified section of the binary in a way that is compliant with the Authenticode spec. We make the tag buffer an unverified section so that the tag buffer can change without having to re-sign the binary." So they sign 90% of the executable, but 10% of it is unsigned. |
|
|