What is Authenticode signature forgery and how is it performed?

Authenticode signature forgery involves copying a valid digital signature from a trusted Microsoft-signed PE file (e.g., `consent.exe`) and appending it to a different executable. Tools like SigThief automate this by extracting the signature's Security Directory RVA and Size and patching them into the target file, as detailed in Authenticode Signature Forgery - PE File Signature Forgery and Signature Verification Hijacking. However, this technique alone results in a 'HashMismatch' error because the file's hash no longer matches the embedded signature.