```
SELECT *
FROM authenticode
WHERE path = (
SE...
# sqla
alessandrogario
07/30/2018, 4:21 PM
Copy code
SELECT *
FROM authenticode
WHERE path = (
SELECT substr(path, 0, 21)
FROM processes
WHERE path LIKE "%winlogon%"
) || "procexp.exe";m
Mustafa
07/31/2018, 1:10 PMthanks for your supports @terracatta @alessandrogario this gives ..Windows\System32 instead of ..Windows
a
alessandrogario
07/31/2018, 1:16 PM
You can adjust the substr parameters (21) to cut away the System32 portion
m
Mustafa
07/31/2018, 1:29 PMit works thank you very much.
4 Views