Executing unsigned code is very easy when you have a signed .exe loading a DLL with a predetermined file name.
This is a case of a Dell’s Viewer Executable that expects to see a DLL named <file>retv.dll in the same directory where it is placed. Launching the .exe loads and executes the DLL immediately, e.g. using a pair of signed test.exe + unsigned testretv.dll.
Verified: Signed
Signing date: 10:42 2008-03-04
Publisher: Dell Inc.
Company: n/a
Description: Viewer Executable
Product: n/a
Prod version: 1.86.0.0
File version: 1.86.0.0
MachineType: 64-bitSample:
001494D4BC994C453F5055D01FB39B1BFA6738AA31E3DE4DD32D3850946ACA4A