I've found an Excel Macro which can pull VirusTotal malicious data into the aaron Workbook results, but it doesn't accept Hash from the workbook. I believe it's Microsoft Authenticode Hash and not a true SHA256 hash. However, if possible I'd like to check the unsigned files etc for VirusTotal suspicious type etc
I guess my major issue is, how do you check these AppLocker HASH values against Virus Total, otherwise I have to pull the DLL or EXE and upload it manually, which I could do but that runs the risk of spreading a suspicious file.
I've found an Excel Macro which can pull VirusTotal malicious data into the aaron Workbook results, but it doesn't accept Hash from the workbook. I believe it's Microsoft Authenticode Hash and not a true SHA256 hash. However, if possible I'd like to check the unsigned files etc for VirusTotal suspicious type etc
I guess my major issue is, how do you check these AppLocker HASH values against Virus Total, otherwise I have to pull the DLL or EXE and upload it manually, which I could do but that runs the risk of spreading a suspicious file.