-
Notifications
You must be signed in to change notification settings - Fork 85
Certificates
Tony Phipps edited this page Mar 28, 2018
·
6 revisions
These thumbprints are expired, but are "OK" to have on a typical Windows system.
D559A586669B08F46A30A133F8A9ED3D038E2EA8, Verisign
245C97DF7514E7CF2DF8BE72AE957B9E04741E85, Microsoft
7F88CD7223F3C813818C994614A89C99FA3B5247, Microsoft
109F1CAED645BB78B3EA2B94C0697C740733031C, Microsoft
Tactic: Defense Evasion
- Select Thumbprint, Issuer, Subject where Path equals "LocalMachine\Root"
Monitor new certificates installed on a system that could be due to malicious activity. Check pre-installed certificates on new systems to ensure unnecessary or suspicious certificates are not present.