Signed executable imports unsigned DLL

ID PE189 Level ERROR Category Security

Cross-executable rule

Description

The digitally signed executable imports the unsigned dynamic library (DLL). This is a security risk which significantly diminishes the value of the executable digital signature.

Mitigation

  • Make sure all DLL files imported by the executable file are digitally signed.

Arguments

This rule has the following output arguments:

  • imported_library - Name of the unsigned imported DLL