Verify Code Signature

This command verifies that a file has been signed using authenticode, and optionally verifies the signing entity against the expected one, guaranteeing that the file has not been tampered with.

This command may also be used to obtain the name of the entity that performed the signing on a code signed file.

File Path

Type the full path (as it would be found on the target system) to the file to verify the signature of.

Company

If you would only like to verify that the file has been signed, leave this field blank.

To verify that the name of the signing entity matches the original one, enter the expected name of the signing entity in this field. This helps detect cases wherein a file may have been tampered with, and then signed again.

You may also enter the special character ? in this field. Instead of performing verification, this will then return the full name of the signing entity in the variable specified in the field below. Where the file is not signed, the variable will hold an empty value.

Return Result in Variable

With the exception as noted in the paragraph above, where the file being tested has been code signed (with the proper company name where applicable), this variable will hold TRUE; and FALSE otherwise.