Why is my Advanced Hunting Query unable to show the records that I want?

N

Nathaniel Kwok

I am trying to see if a PowerShell file that I signed (signtools) shows up in an Advanced Hunting Query, but it does not. I ran the signtools command in powershell, and it shows that the file was signed successfully. Yet, when I go to the query to try to look for it, the signed file does not show up. Below is my Advanced Hunting Query:DeviceFileCertificateInfo//get files where certificate older than today| where Timestamp > ago(90d)| where CertificateExpirationTime < now()| distinct SHA1, Issuer, Signer, CertificateExpirationTime, IsTrusted, IsRootSignerMicrosoft, SignerHash| project-kee

Continue reading...
 
You must log in or register to reply here.

Similar threads

C
hi i want to help my camera is not working is show that the camera is not find and when i access to device maneger the camera driver is not showing he
Replies
0
Views
52
chenatif mohamed
C
A
I am trying to delete Keeper from my wallet but it doesn't even show that it is there. How can I delete it?
Replies
0
Views
49
Amy Ezzell
A
D
Why can't I see the image of my attachment in Gmail while I am attaching it? Why does my Windows 10 want to do something after using IObitunlocker?
Replies
0
Views
52
David Lobato1
D
E
The “choose where to get my apps” option is NOT available in the window when I open”Advanced app settings”. It just had “Share Across Devices” and “Ar
Replies
0
Views
51
Elliot Pacheco
E
M
Windows crashed and now won't show all the folders in This PC and is requiring a security credential to be entered to access my Network Drives
Replies
0
Views
30
MartinWalker6
M
Back
Top Bottom