How does a CAT file digital signature work and how is it applied?

A CAT file stores the SHA1 hashes of multiple files. You generate a .cat file using `makecat.exe`, sign the .cat file with a certificate via `signtool.exe`, and then add it to the system’s security catalog database with `signtool catdb`. Once added, any file whose hash is in the CAT file is considered signed by the system, even though the digital signature cannot be viewed through file properties or `Get-AuthenticodeSignature` on older Windows versions.