Detected presence of malicious files through analyst-vetted file reputation. (x3)

Detected presence of known software supply chain attack artifacts. (x3)

Detected digital signatures that were countersigned by an unknown time-stamping service. (x1)

Detected digital signatures that have not been performed with an extended validation certificate. (x1)

Detected digital signatures that rely on a weak digest algorithm for integrity validation. (x1)

Detected digital signatures made with a certificate issued by an unknown certificate authority. (x1)