{"id":5418,"date":"2023-07-18T07:39:14","date_gmt":"2023-07-18T07:39:14","guid":{"rendered":"\/cybersecurity-blog\/?p=5418"},"modified":"2023-07-18T08:29:53","modified_gmt":"2023-07-18T08:29:53","slug":"digital-signatures","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/","title":{"rendered":"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Speed is one of the biggest advantages of the <a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;amp%3Butm_medium=article&amp;amp%3Butm_campaign=signatures&amp;amp%3Butm_content=landing\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN sandbox<\/a>. You can often recognize that a file is potentially malicious in under 20 seconds \u2014 whether it\u2019s through the process tree, network stream analysis, or config extraction. <strong>Today, we&#8217;re adding a new feature to enhance your threat detection: digital signatures. Now, you can easily identify files that have been counterfeited or tampered with.<\/strong>\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Digital signatures act like official seals, validating the code&#8217;s issuer and signaling to analysts that a file can be trusted. Most large companies use them, signing every file. Kept up to date in public databases, signatures provide robust authenticity checks.\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"615\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-1024x615.jpg\" alt=\"Signature indicators in ANY.RUN\" class=\"wp-image-5431\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-1024x615.jpg 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-300x180.jpg 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-768x462.jpg 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-1536x923.jpg 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-370x222.jpg 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-270x162.jpg 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1-740x445.jpg 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/signature-indicators-1-1.jpg 1684w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">In ANY.RUN, <strong>you&#8217;ll find new digital signature icons next to processes in the process tree<\/strong>. Semi-transparent icons at the bottom indicate that a process or module has a certificate. Bigger icons at the top mark processes that require further investigation. Here\u2019s when we display them:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>When a module certificate is missing, revoked, or untrusted\u00a0<\/li>\n\n\n\n<li>When a process certificate is missing, revoked, or untrusted\u00a0<\/li>\n<\/ul>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nTrack <span class=\"highlight\">signatures<\/span> in ANY.RUN&nbsp;\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/app.any.run\/#register\" rel=\"noopener\" target=\"_blank\">\nCreate free account\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">How new signature icons work in ANY.RUN&nbsp;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Note that <strong>we show different icons for process and module signatures<\/strong>. Even if a process has a valid signature, if its module doesn\u2019t have one \u2014 it\u2019s a red flag.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A small cog overlay makes it easy to identify a module signature, differentiating it from its process counterpart.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Using these icons, you can quickly:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Spot malicious software<\/strong>. A red &#8220;untrusted&#8221; icon means the signature issuer isn&#8217;t recognized. And a hollow icon indicates that a signature is missing.&nbsp;<\/li>\n\n\n\n<li><strong>Identify untrustworthy files<\/strong>. A yellow &#8220;revoked&#8221; icon appears if the signature&#8217;s public key is compromised.&nbsp;<\/li>\n\n\n\n<li><strong>Track expired signatures<\/strong>. A light-blue icon shows when the signature&#8217;s validity has run out.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Want to know more about the signature? Click on the icon and a code signing window will appear.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"572\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-1024x572.png\" alt=\"A code signing window\" class=\"wp-image-5423\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-1024x572.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-300x168.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-768x429.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-1536x858.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-370x207.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-270x151.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8-740x413.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-8.png 1600w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Dive Even Deeper with the ASN.1 Tree<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Expired signatures are a dime a dozen in older or end-of-life software. <strong>But what if you encounter a suspicious file and want to investigate it further? This is when ASN.1 trees come into the picture. <\/strong>These structured records dive deep into the issuer&#8217;s details, revealing who signed the file, when it was signed, and more.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In cases that leave you on the fence, this breakdown can provide the missing piece of the puzzle, enabling you to confidently say if the file is trustworthy.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"572\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-1024x572.png\" alt=\"Signatures' ASN.1 tree \" class=\"wp-image-5422\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-1024x572.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-300x167.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-768x429.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-1536x857.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-370x207.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-270x151.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7-740x413.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-7.png 1600w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">To view the ASN.1 tree, first click on a process and then scroll to the bottom of the process tree, to the process detail window. Then, click the \u201c<strong>More info<\/strong>\u201d button. Once the advanced process details page appears, select the new \u201c<strong>Code signing<\/strong>\u201d tab. You will see the signature overview on the left side of the window, and the ASN.1 tree will occupy the right side.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">From here, you can search the ASN.1 record right in ANY.RUN or download and analyze it further in your system.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Here\u2019s How You Can Use Digital Signatures in the Real-world &nbsp;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Certificates can be one of the first red flags indicating that a sample warrants a closer look.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"851\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-1024x851.png\" alt=\"Untrusted signature\" class=\"wp-image-5421\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-1024x851.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-300x249.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-768x638.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-1536x1277.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-370x308.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-270x224.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6-740x615.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-6.png 1600w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">An <strong>untrusted <\/strong>status \u2014 <a href=\"https:\/\/app.any.run\/tasks\/cf4441e8-23c1-41ba-8fe7-6a92926aec0d?utm_source=anyrunblog&amp;amp%3Butm_medium=article&amp;amp%3Butm_campaign=signatures&amp;amp%3Butm_content=task1\" target=\"_blank\" rel=\"noreferrer noopener\">like in this example<\/a> \u2014\u00a0is an obvious indication of malicious code, as the name implies. That is something you will never come across in a legitimate program. \u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"852\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-1024x852.png\" alt=\"Revoked signature\" class=\"wp-image-5420\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-1024x852.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-300x250.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-768x639.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-1536x1278.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-370x308.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-270x225.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5-740x616.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/image-5.png 1600w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Revoked <\/strong>certificates are similarly unambiguous \u2014 this status often indicates that a company has manually called back that certificate. Chances are, they suspect or know that it\u2019s become compromised. That\u2019s exactly what we see in <a href=\"https:\/\/app.any.run\/tasks\/16ca227b-ef3b-4264-a6d8-9be561731cc0?utm_source=anyrunblog&amp;amp%3Butm_medium=article&amp;amp%3Butm_campaign=signatures&amp;amp%3Butm_content=task2\" target=\"_blank\" rel=\"noreferrer noopener\">this sample<\/a>.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">And in <a href=\"https:\/\/app.any.run\/tasks\/03d248df-1fdc-475d-b837-73f4c0f57b81?utm_source=anyrunblog&amp;amp%3Butm_medium=article&amp;amp%3Butm_campaign=signatures&amp;amp%3Butm_content=task3\" target=\"_blank\" rel=\"noreferrer noopener\">this task<\/a>, the certificate is <strong>expired<\/strong>. On the surface, this tells us that its validity period has passed and there is foul play, but such cases are still worth a look.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Sometimes <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/malware-now-using-nvidias-stolen-code-signing-certificates\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">attackers steal certificates<\/a> when they compromise a company. And that is precisely what happened in this task.\u00a0We\u2019re looking at Agent Tesla, signed with a leaked certificate. Even in a complicated case like this, the system notifies us about a potential certificate irregularity. \u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Also, there is an icon for <strong>valid certificates <\/strong>\u2014 it will show up in the process tree if a module signature is missing, indicating a suspicious case.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">A few words about ANY.RUN&nbsp;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">ANY.RUN is a cloud malware sandbox that handles the heavy lifting of malware analysis for SOC and DFIR teams. Every day, 300,000 professionals use our platform to investigate incidents and streamline threat analysis.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Request a demo today and enjoy 14 days of free access to our enterprise plan. &nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/any.run\/demo\/?utm_source=anyrunblog&amp;amp%3Butm_medium=article&amp;amp%3Butm_campaign=signatures&amp;amp%3Butm_content=trial\" target=\"_blank\" rel=\"noreferrer noopener\">Request demo \u2192<\/a>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Speed is one of the biggest advantages of the ANY.RUN sandbox. You can often recognize that a file is potentially malicious in under 20 seconds \u2014 whether it\u2019s through the process tree, network stream analysis, or config extraction. Today, we&#8217;re adding a new feature to enhance your threat detection: digital signatures. Now, you can easily [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":5424,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[9],"tags":[10,34,55,56],"class_list":["post-5418","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-service-updates","tag-cybersecurity","tag-malware-analysis","tag-release","tag-update"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0<\/title>\n<meta name=\"description\" content=\"Enhance your threat detection with digital signatures. You can easily identify files that have been counterfeited or tampered with.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"headline\":\"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0\",\"datePublished\":\"2023-07-18T07:39:14+00:00\",\"dateModified\":\"2023-07-18T08:29:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/\"},\"wordCount\":778,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Signatures.jpg\",\"keywords\":[\"cybersecurity\",\"malware analysis\",\"release\",\"update\"],\"articleSection\":[\"Service Updates\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/\",\"name\":\"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Signatures.jpg\",\"datePublished\":\"2023-07-18T07:39:14+00:00\",\"dateModified\":\"2023-07-18T08:29:53+00:00\",\"description\":\"Enhance your threat detection with digital signatures. You can easily identify files that have been counterfeited or tampered with.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#primaryimage\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Signatures.jpg\",\"contentUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Signatures.jpg\",\"width\":1400,\"height\":680,\"caption\":\"Identify Suspicious or Tampered Files Faster with Digital Signatures\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/digital-signatures\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Service Updates\",\"item\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/category\\\/service-updates\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/any.run\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\\\/\\\/any.run\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/www.any.run\\\/\",\"https:\\\/\\\/x.com\\\/anyrun_app\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/30692044\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/author\\\/a-bespalova\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0","description":"Enhance your threat detection with digital signatures. You can easily identify files that have been counterfeited or tampered with.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0","datePublished":"2023-07-18T07:39:14+00:00","dateModified":"2023-07-18T08:29:53+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/"},"wordCount":778,"commentCount":0,"publisher":{"@id":"https:\/\/any.run\/"},"image":{"@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#primaryimage"},"thumbnailUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/Signatures.jpg","keywords":["cybersecurity","malware analysis","release","update"],"articleSection":["Service Updates"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/","url":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/","name":"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0","isPartOf":{"@id":"https:\/\/any.run\/"},"primaryImageOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#primaryimage"},"image":{"@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#primaryimage"},"thumbnailUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/Signatures.jpg","datePublished":"2023-07-18T07:39:14+00:00","dateModified":"2023-07-18T08:29:53+00:00","description":"Enhance your threat detection with digital signatures. You can easily identify files that have been counterfeited or tampered with.\u00a0","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#primaryimage","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/Signatures.jpg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/07\/Signatures.jpg","width":1400,"height":680,"caption":"Identify Suspicious or Tampered Files Faster with Digital Signatures"},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/digital-signatures\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Service Updates","item":"https:\/\/any.run\/cybersecurity-blog\/category\/service-updates\/"},{"@type":"ListItem","position":3,"name":"Identify Suspicious or Tampered Files Faster with Digital Signatures\u00a0\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/x.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/5418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=5418"}],"version-history":[{"count":3,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/5418\/revisions"}],"predecessor-version":[{"id":5433,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/5418\/revisions\/5433"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/5424"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=5418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=5418"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=5418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}