Discuss this help topic in SecureBlackbox Forum

Remove Authenticode from executable

To remove Authenticode from an executable with SecureBlackbox, use the TElAuthenticodeManager component:

  1. Create the component: TElAuthenticodeManager manager = new TElAuthenticodeManager();
  2. Open the executable: bool signed = manager.Open(@"C:\bin\program.exe");
  3. To remove Authenticode completely, call the RemoveSignatures() method:
    if (signed)
        manager.RemoveSignatures();
    If it is needed to remove only certain signature(s), call the RemoveSignature() method and pass the index of the signature you need to remove:
    if (signed)
        manager.RemoveSignature(0);
    Alternatively, you can locate the desired instance of TElAuthenticodeSignature in the Signatures[] list and call its Remove() method:
    if (signed)
    {
    	TElAuthenticodeSignature signature = manager.get_Signatures(0);
    	signature.Remove();
    }
  4. Call Save() method and pass a file name for the non-signed executable: manager.Save(@"C:\Bin\not_signed_program.exe");
  5. Call Close() in order to close the original file and release allocated resources: manager.Close();

How To articles related to MS Authenticode

Discuss this help topic in SecureBlackbox Forum