Description WinDivert is a user-mode packet capture and network packet manipulation utility designed for Windows. It provides a powerful and flexible framework for intercepting, modifying, injecting, and dropping network packets at the network stack level. It operates as a lightweight, high-performance driver that interfaces directly with the network stack, allowing for detailed packet inspection and manipulation in real time.
UUID : 45a31a17-f78d-48ec-beba-74f6bfc5f96eCreated : 2024-09-10Author : Michael HaagDownload
This download link contains the malicious driver!
Block windivert.sys across your endpoints Add this driver to your block policy in minutes with MagicSword, threat-driven application control. Free for up to 100 endpoints.
Start Blocking for Free Commands sc.exe create windivert.sys binPath=C:\windows\temp\windivert.sys type=kernel && sc.exe start windivert.sys
Use Case Privileges Operating System Elevate privileges kernel Windows 10
Detections Sigma 🛡️ Expand Names
detects loading using name only
Hashes
detects loading using hashes only
Resources https://www.3nailsinfosec.com/post/edrprison-borrow-a-legitimate-driver-to-mute-edr-agent https://github.com/basil00/WinDivert Known Vulnerable Samples Download
Certificates Expand Certificate 01 Field Value ToBeSigned (TBS) MD5 93b601b98fc29a9e89a704048928b85f ToBeSigned (TBS) SHA1 3e8e6487f8fd27d322a269a71edaac5d57811286 ToBeSigned (TBS) SHA256 bedd4b1831f17c7ec1d507380f4c9836baa8ce20065a67db8b43acea14294ba4 Subject C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services ValidFrom 2004-01-01 00:00:00 ValidTo 2028-12-31 23:59:59 Signature 0856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 01 Version 3
Certificate 48fc93b46055948d36a7c98a89d69416 Field Value ToBeSigned (TBS) MD5 207045ce7b7ab131e78e459b13825902 ToBeSigned (TBS) SHA1 bcf7530a1ab309fb1926cb720f9fd58cff1cb88f ToBeSigned (TBS) SHA256 0f31a4237992e1ea623baf4c29480afb6d913e10f1fb1d56bb56f5b03fbff13b Subject C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46 ValidFrom 2021-05-25 00:00:00 ValidTo 2028-12-31 23:59:59 Signature 12bfa1ef8b749a9844b86946b5ab240a0ca48a67b83a81bf458a7d5207a88d1f4e218539a36b5e2d2086bf10b8ae793b53cdb4fbd844be06d95c6367d44016874486722ad63215f51283c2f9e15d114067f6422772c523e202381a4c20e2db01f7cd464f26a27c66c05136b6890254c7fc58fb6c00eefe98a62e95a10c53291f6fd819a64f9ef7ac09ea5d82c68baf80a7bd8148528431da32ec15e4a64c3d6c3973d40b853920e0851a68e1a74838a9d1362577c18d1916c5884c667d2f63ce98e869dfac3ca85d9dc91c5baed8f32f74cfb87ef6d7839d1196629aae4513da7fdc47fbdfc3529fe60655e99d8cf23a6251bcec240f29d4588084e4457b5ad8 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 48fc93b46055948d36a7c98a89d69416 Version 3
Certificate 33d708a891405319e2a5bbd339b9ad6e Field Value ToBeSigned (TBS) MD5 b81404c775a2621debdb7825b87b8316 ToBeSigned (TBS) SHA1 47ae94067c3c59b13605192288705db7b52f3685 ToBeSigned (TBS) SHA256 9893b35b3dcefe53d8d24b887569dfe21f9aef27bd57b61c06fcf7438b89c33a Subject C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36 ValidFrom 2021-03-22 00:00:00 ValidTo 2036-03-21 23:59:59 Signature 5f36acfbf9f6725a14b7f00b1dded8fd9701d2fd01ee992d86e8f6b7f039ffd6814a5aa7424a0a2d159de694fdc5694ab2d74bf116124cf6be9066658b2d74d4ab08f76a110308777cbe69e1b0db9f248903d6de5ca4e0b2d6b4cfe338d5b96dcc27d6ce6411e8107276d3f9e0e92c89e949d3b39796060ae1f60ac8419a915d81d8367798ca804197a8f8913f639faacd54544b80eaf51766d39471fd9efd4731e3e91a861dd3be20d23fb1525fb293bd8c950998728f9501f49843a54afb1426aa9d36bf72b0fcdcbd840deced34a85e952b3816630575d9f6312e156be294b22ad27435b5989aa3fef82b2fb6174b276c5ae6b9765eda86ddab64d66aea8318881b3182f588b39425c0212f086902e34cbb4c2a1130eb817906e141952ad420f60b93e47c760c9d1d266b5f8401f62a99cdafdec7f0e418a24e9b2f2a0c66a6927526bed94035136faea6371a7ae8ad1c5163072a56066ced7e18f6e3ec6473a66d08368baf0f99ae756b172bc24d6ac351464156e98fc28dff13719bdaed9ed39fabe545a612c5145a524197a3060008c5e61cea27823c3bdbe646c4ef2d003513cd367d9de5aa270805cccec0360e4b194fd0639a6dbfc529533122db75507786d0f2f86aee6b061b3e85232b97c87e7a99410cdd587f0ea8c3123d3a359be09d2c8c17815444a87a1d989d967f5958a65465ff51420bf847ebcff8e5bf SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 33d708a891405319e2a5bbd339b9ad6e Version 3
Certificate 300f6facdd6698747ca94636a7782db9 Field Value ToBeSigned (TBS) MD5 63499ed59a1293b786649470e4ce0bd7 ToBeSigned (TBS) SHA1 7309d8eaa65da1f3da7030c08f00a3b0a20fa908 ToBeSigned (TBS) SHA256 8c8d2046b29e792e71b28705fe67c435208a336dde074a75452d98e72c734937 Subject C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Time Stamping CA ValidFrom 2019-05-02 00:00:00 ValidTo 2038-01-18 23:59:59 Signature 6d5481a5335d16e1b553819175df037a320b2d258411b2b0db2a7d2a05f5bc3b27f45aa0b9495990296c61cbb550dbe27df99f00ef40c3add3e2e456f95841cff142e5107dffb0741f8fc65c09f9335eeaa01c26585cf3b4110fd5d5c3e2bcd55878bf4876e144676d8fb043100f8de4f93862bf1301c585a34cc5ccb2533095a4d6f4965608b8cd5c7f0196be72526a3b42377c1678399393949bb1dcb26d416d67cdc96f903d7f4572c11b23d6c2558466e4b3c56606f6f3d64b5eada32b428a2192fea86f5a2570628173635ea0bbd8dcd74ad33daf830638121d24872de4fc02d63e7704bc0436b5e777cb9c2e8d2318b9a3c2471df05dd6a1735705689aa7c937651dbeeabcd842834305a58ba609ffd1a194a64eaa3d09f5056cb7d2645ad82a22c24b9df1395e4cde483d9b34969a095f8efdf7b15291ce3f89f61ca1b5a9751f71bf5b435d653d50816eabf0d0d3fcb2b31fb6999626f43c798b5c64cccdee279ae5a0c00c7287c16e4d5ad31eeaf044e6326f1ceb174e94c37865203b0f41aa1fe9a1419dfeb1b8a0652a34e0dea8f93ce6c130bbc0a0632cfc5c1600a8d0c47fea119d1e06c6a66d325db438092b4907aafdec30daf1a72fcfb7fdfad0a384d9279efb016677b95610e1206ec6aeb1f9b6bac8355d33768ef17c200c2a77aeb5a20286ba29eeb45a00b18cabe3f90ac9545dd4b96a749ebd48ae98 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 300f6facdd6698747ca94636a7782db9 Version 3
Certificate 0090397f9ad24a3a13f2bd915f0838a943 Field Value ToBeSigned (TBS) MD5 26ec2c9bfcb06fdf8a6d95f2c616fd72 ToBeSigned (TBS) SHA1 635466f1432046f6fd338624c068872ab6488b12 ToBeSigned (TBS) SHA256 2219bd6adf84dc8f6f04833974d150f75f5ce79cbf85788a6f7efaa4a5205839 Subject C=GB, ST=Manchester, O=Sectigo Limited, CN=Sectigo RSA Time Stamping Signer #3 ValidFrom 2022-05-11 00:00:00 ValidTo 2033-08-10 23:59:59 Signature 73daed6872cbc2b940a131bbb403a32d147b24e7b45b157da8e9fdadd1920d7c3d36a069d9f39a30daac69d67457243f7e0f3cd9f5c379256c26e88d6893cef17789397fa80405da34c314ea9f0854abffc47e966c2bd394ebb46ce0454d2cb2f73b3b5ab5c1fbd789756d987272f6f70728f3d3b2d0eb19be152c78efcd45a000e4f80476bb57c590be775490749e0b4f4dc4aa138f97af01352bcb9b1178e9f2f989043c4ee3821262ebb4440c7541c20f34b8889dc822f1136adb182f6e78adc405b4e884089307f97d83fe689834e477e5b1ce8c946cdb036d2805477e9b2ef064fbdba40331107c1afb3c1980d10b70b9555f47be3964ceb7da235432e346b232d8d22986c9155d8095af02fbb4d12e9d387c35e00f1ced1b47489c226a5582d9f2ba086503e5f129f3488a09014ca679f2a2b61a9994eb9728e1be7d1ba17ced5680a6f4223390e48453fc2afac0a797a8eab58d7acee4e04ba133ab0b76a0d56916b78e66bf5ffa1fc4a87fa7a14814910d82fcbd4d99edc9e66c36fe774399b8692d7c612feda3b049fe5bbe692491ff93fc5769924bd9053f6d8672d3a2d0c064d23a42c11a03fbd0ed9a21b83fafa6b25154d54cc5ca1f128d57c639ed5cffec9f2676ad646667e8aa30e0d2adb77db16a41276e038aa374e08a09826ebfe3f6b7bc9e0b29186881a19c3f6e16594b1409099ae6aebf6015dd86f5 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority False SerialNumber 0090397f9ad24a3a13f2bd915f0838a943 Version 3
Certificate 61501991b18f323804525137dc25005a Field Value ToBeSigned (TBS) MD5 4e472f9ccab63d22f0b9a6dbeb4969f4 ToBeSigned (TBS) SHA1 764f7c4f78d03485ef024a68a86370a43dca402e ToBeSigned (TBS) SHA256 5623801ef2108741513b5941be10dcf08095e4ee9f1aaf62ac9773cce497a8ad Subject serialNumber=91510107MA7E8Y2876, ??=CN, ??=Private Organization, C=CN, ST=, O=, CN= ValidFrom 2022-05-25 00:00:00 ValidTo 2023-05-25 23:59:59 Signature b75f493e19a27fd2fb38884a1c07997ab236a090a9299ad269b17a711f034b6b9b9686ecce7330d3ee9692c63be512b6c84ac3cca2b89606296226c512075251deca429743e7950038f9b5ee7f0d31e8b77e3f8aa11209fca096788a3679c9b68b2187e32ce6348c217e89066ac5758b87fe04e1e8a070194bcc034a8cc9e3e8e4cf67df553f3e4e55627971461eb011c4ee7ffdf1b3a388642ccfd7b7d272cd0d855ec7b9287d482a14c366f668a32c3daf404e9cda6296aff82fe45c7b1bfdc94ae6d0a08796685828dc250495e69b0c42daa45fb7dab634df7799c474b7c00da1104c5c7ce17c5587ccbcfa4949ee29c862a4482ee6e5cb5cc9871b4ce075974f6547e84d23eb494e831371f431c31d570daddec0988360a4023be17b2a8729d675aad81cdfd380738802d379131353dd22dae12912514e668ecda25b79888543e398bbd1e1d869131c9c5135ec75b7718537f69e2585363e0de3d42982f200ad88b2f9ce4f6abb2790771b638411013c80ce8055514c9351e403e438995f SignatureAlgorithmOID 1.2.840.113549.1.1.11 IsCertificateAuthority False SerialNumber 61501991b18f323804525137dc25005a Version 3
Imports Expand ntoskrnl.exe HAL.dll NDIS.SYS fwpkclnt.sys WDFLDR.SYS Imported Functions Expand RtlCopyUnicodeString KeBugCheckEx IoGetRequestorProcess PsGetProcessId ExUuidCreate ObfDereferenceObject ObfReferenceObject IoWriteErrorLogEntry IoGetCurrentProcess IoFreeMdl IoAllocateMdl IoAllocateErrorLogEntry MmMapLockedPagesSpecifyCache MmBuildMdlForNonPagedPool ExFreePoolWithTag ExAllocatePoolWithTag KeReleaseInStackQueuedSpinLock KeAcquireInStackQueuedSpinLock RtlGetVersion RtlIntegerToUnicodeString KeQueryPerformanceCounter NdisAllocateNetBufferPool NdisFreeNetBufferPool NdisAllocateNetBufferListPool NdisGetDataBuffer NdisAdvanceNetBufferDataStart NdisRetreatNetBufferDataStart NdisFreeNetBufferListPool FwpmTransactionAbort0 FwpmTransactionBegin0 FwpmEngineClose0 FwpmEngineOpen0 FwpsQueryPacketInjectionState0 FwpmProviderAdd0 FwpmProviderDeleteByKey0 FwpsInjectNetworkReceiveAsync0 FwpmSubLayerAdd0 FwpmSubLayerDeleteByKey0 FwpmCalloutAdd0 FwpmCalloutDeleteByKey0 FwpmFilterAdd0 FwpmFilterDeleteByKey0 FwpmTransactionCommit0 FwpsCalloutRegister0 FwpsCalloutUnregisterByKey0 FwpsFlowAssociateContext0 FwpsFlowRemoveContext0 FwpsInjectionHandleCreate0 FwpsInjectionHandleDestroy0 FwpsAllocateNetBufferAndNetBufferList0 FwpsFreeNetBufferList0 FwpsInjectNetworkSendAsync0 FwpsInjectForwardAsync0 WdfVersionBindClass WdfVersionUnbindClass WdfVersionBind WdfVersionUnbind Exported Functions Expand Sections Expand .text .rdata .data .pdata .gfids INIT .rsrc .reloc Signature Expand {
"Certificates": [
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "01",
"Signature": "0856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"TBS": {
"MD5": "93b601b98fc29a9e89a704048928b85f",
"SHA1": "3e8e6487f8fd27d322a269a71edaac5d57811286",
"SHA256": "bedd4b1831f17c7ec1d507380f4c9836baa8ce20065a67db8b43acea14294ba4",
"SHA384": "5019d634bf6be7246128e117bfdf533f97aa574fae9080307b427fc77998fe9f280ba23b051cfbd6cf5d37c6e578d698"
},
"ValidFrom": "2004-01-01 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "48fc93b46055948d36a7c98a89d69416",
"Signature": "12bfa1ef8b749a9844b86946b5ab240a0ca48a67b83a81bf458a7d5207a88d1f4e218539a36b5e2d2086bf10b8ae793b53cdb4fbd844be06d95c6367d44016874486722ad63215f51283c2f9e15d114067f6422772c523e202381a4c20e2db01f7cd464f26a27c66c05136b6890254c7fc58fb6c00eefe98a62e95a10c53291f6fd819a64f9ef7ac09ea5d82c68baf80a7bd8148528431da32ec15e4a64c3d6c3973d40b853920e0851a68e1a74838a9d1362577c18d1916c5884c667d2f63ce98e869dfac3ca85d9dc91c5baed8f32f74cfb87ef6d7839d1196629aae4513da7fdc47fbdfc3529fe60655e99d8cf23a6251bcec240f29d4588084e4457b5ad8",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46",
"TBS": {
"MD5": "207045ce7b7ab131e78e459b13825902",
"SHA1": "bcf7530a1ab309fb1926cb720f9fd58cff1cb88f",
"SHA256": "0f31a4237992e1ea623baf4c29480afb6d913e10f1fb1d56bb56f5b03fbff13b",
"SHA384": "a229d2722bc6091d73b1d979b81088c977cb028a6f7cbf264bb81d5cc8f099f87d7c296e48bf09d7ebe275f5498661a4"
},
"ValidFrom": "2021-05-25 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "33d708a891405319e2a5bbd339b9ad6e",
"Signature": "5f36acfbf9f6725a14b7f00b1dded8fd9701d2fd01ee992d86e8f6b7f039ffd6814a5aa7424a0a2d159de694fdc5694ab2d74bf116124cf6be9066658b2d74d4ab08f76a110308777cbe69e1b0db9f248903d6de5ca4e0b2d6b4cfe338d5b96dcc27d6ce6411e8107276d3f9e0e92c89e949d3b39796060ae1f60ac8419a915d81d8367798ca804197a8f8913f639faacd54544b80eaf51766d39471fd9efd4731e3e91a861dd3be20d23fb1525fb293bd8c950998728f9501f49843a54afb1426aa9d36bf72b0fcdcbd840deced34a85e952b3816630575d9f6312e156be294b22ad27435b5989aa3fef82b2fb6174b276c5ae6b9765eda86ddab64d66aea8318881b3182f588b39425c0212f086902e34cbb4c2a1130eb817906e141952ad420f60b93e47c760c9d1d266b5f8401f62a99cdafdec7f0e418a24e9b2f2a0c66a6927526bed94035136faea6371a7ae8ad1c5163072a56066ced7e18f6e3ec6473a66d08368baf0f99ae756b172bc24d6ac351464156e98fc28dff13719bdaed9ed39fabe545a612c5145a524197a3060008c5e61cea27823c3bdbe646c4ef2d003513cd367d9de5aa270805cccec0360e4b194fd0639a6dbfc529533122db75507786d0f2f86aee6b061b3e85232b97c87e7a99410cdd587f0ea8c3123d3a359be09d2c8c17815444a87a1d989d967f5958a65465ff51420bf847ebcff8e5bf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36",
"TBS": {
"MD5": "b81404c775a2621debdb7825b87b8316",
"SHA1": "47ae94067c3c59b13605192288705db7b52f3685",
"SHA256": "9893b35b3dcefe53d8d24b887569dfe21f9aef27bd57b61c06fcf7438b89c33a",
"SHA384": "f55821c081b58e86eaa202923e715e1524c422c7be0469b13a9e7a319e50d70cb5b67e864273029a79250f9dc3203cbd"
},
"ValidFrom": "2021-03-22 00:00:00",
"ValidTo": "2036-03-21 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "300f6facdd6698747ca94636a7782db9",
"Signature": "6d5481a5335d16e1b553819175df037a320b2d258411b2b0db2a7d2a05f5bc3b27f45aa0b9495990296c61cbb550dbe27df99f00ef40c3add3e2e456f95841cff142e5107dffb0741f8fc65c09f9335eeaa01c26585cf3b4110fd5d5c3e2bcd55878bf4876e144676d8fb043100f8de4f93862bf1301c585a34cc5ccb2533095a4d6f4965608b8cd5c7f0196be72526a3b42377c1678399393949bb1dcb26d416d67cdc96f903d7f4572c11b23d6c2558466e4b3c56606f6f3d64b5eada32b428a2192fea86f5a2570628173635ea0bbd8dcd74ad33daf830638121d24872de4fc02d63e7704bc0436b5e777cb9c2e8d2318b9a3c2471df05dd6a1735705689aa7c937651dbeeabcd842834305a58ba609ffd1a194a64eaa3d09f5056cb7d2645ad82a22c24b9df1395e4cde483d9b34969a095f8efdf7b15291ce3f89f61ca1b5a9751f71bf5b435d653d50816eabf0d0d3fcb2b31fb6999626f43c798b5c64cccdee279ae5a0c00c7287c16e4d5ad31eeaf044e6326f1ceb174e94c37865203b0f41aa1fe9a1419dfeb1b8a0652a34e0dea8f93ce6c130bbc0a0632cfc5c1600a8d0c47fea119d1e06c6a66d325db438092b4907aafdec30daf1a72fcfb7fdfad0a384d9279efb016677b95610e1206ec6aeb1f9b6bac8355d33768ef17c200c2a77aeb5a20286ba29eeb45a00b18cabe3f90ac9545dd4b96a749ebd48ae98",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Time Stamping CA",
"TBS": {
"MD5": "63499ed59a1293b786649470e4ce0bd7",
"SHA1": "7309d8eaa65da1f3da7030c08f00a3b0a20fa908",
"SHA256": "8c8d2046b29e792e71b28705fe67c435208a336dde074a75452d98e72c734937",
"SHA384": "5dbc5eae13908fee4c4e5216f87e3e87208fff0d1052f5fa9f0856a429d6a6c422c625f2318f2f29aea26ece09c1e811"
},
"ValidFrom": "2019-05-02 00:00:00",
"ValidTo": "2038-01-18 23:59:59",
"Version": 3
},
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "0090397f9ad24a3a13f2bd915f0838a943",
"Signature": "73daed6872cbc2b940a131bbb403a32d147b24e7b45b157da8e9fdadd1920d7c3d36a069d9f39a30daac69d67457243f7e0f3cd9f5c379256c26e88d6893cef17789397fa80405da34c314ea9f0854abffc47e966c2bd394ebb46ce0454d2cb2f73b3b5ab5c1fbd789756d987272f6f70728f3d3b2d0eb19be152c78efcd45a000e4f80476bb57c590be775490749e0b4f4dc4aa138f97af01352bcb9b1178e9f2f989043c4ee3821262ebb4440c7541c20f34b8889dc822f1136adb182f6e78adc405b4e884089307f97d83fe689834e477e5b1ce8c946cdb036d2805477e9b2ef064fbdba40331107c1afb3c1980d10b70b9555f47be3964ceb7da235432e346b232d8d22986c9155d8095af02fbb4d12e9d387c35e00f1ced1b47489c226a5582d9f2ba086503e5f129f3488a09014ca679f2a2b61a9994eb9728e1be7d1ba17ced5680a6f4223390e48453fc2afac0a797a8eab58d7acee4e04ba133ab0b76a0d56916b78e66bf5ffa1fc4a87fa7a14814910d82fcbd4d99edc9e66c36fe774399b8692d7c612feda3b049fe5bbe692491ff93fc5769924bd9053f6d8672d3a2d0c064d23a42c11a03fbd0ed9a21b83fafa6b25154d54cc5ca1f128d57c639ed5cffec9f2676ad646667e8aa30e0d2adb77db16a41276e038aa374e08a09826ebfe3f6b7bc9e0b29186881a19c3f6e16594b1409099ae6aebf6015dd86f5",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Manchester, O=Sectigo Limited, CN=Sectigo RSA Time Stamping Signer #3",
"TBS": {
"MD5": "26ec2c9bfcb06fdf8a6d95f2c616fd72",
"SHA1": "635466f1432046f6fd338624c068872ab6488b12",
"SHA256": "2219bd6adf84dc8f6f04833974d150f75f5ce79cbf85788a6f7efaa4a5205839",
"SHA384": "62d3259a3af5706e5bd6ca3f7ca35c0978253facbf7bee54f61d6afdd548e39e435fb55f952dbf8ed2bd6ee0c6b69660"
},
"ValidFrom": "2022-05-11 00:00:00",
"ValidTo": "2033-08-10 23:59:59",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "61501991b18f323804525137dc25005a",
"Signature": "b75f493e19a27fd2fb38884a1c07997ab236a090a9299ad269b17a711f034b6b9b9686ecce7330d3ee9692c63be512b6c84ac3cca2b89606296226c512075251deca429743e7950038f9b5ee7f0d31e8b77e3f8aa11209fca096788a3679c9b68b2187e32ce6348c217e89066ac5758b87fe04e1e8a070194bcc034a8cc9e3e8e4cf67df553f3e4e55627971461eb011c4ee7ffdf1b3a388642ccfd7b7d272cd0d855ec7b9287d482a14c366f668a32c3daf404e9cda6296aff82fe45c7b1bfdc94ae6d0a08796685828dc250495e69b0c42daa45fb7dab634df7799c474b7c00da1104c5c7ce17c5587ccbcfa4949ee29c862a4482ee6e5cb5cc9871b4ce075974f6547e84d23eb494e831371f431c31d570daddec0988360a4023be17b2a8729d675aad81cdfd380738802d379131353dd22dae12912514e668ecda25b79888543e398bbd1e1d869131c9c5135ec75b7718537f69e2585363e0de3d42982f200ad88b2f9ce4f6abb2790771b638411013c80ce8055514c9351e403e438995f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "serialNumber=91510107MA7E8Y2876, ??=CN, ??=Private Organization, C=CN, ST=, O=, CN=",
"TBS": {
"MD5": "4e472f9ccab63d22f0b9a6dbeb4969f4",
"SHA1": "764f7c4f78d03485ef024a68a86370a43dca402e",
"SHA256": "5623801ef2108741513b5941be10dcf08095e4ee9f1aaf62ac9773cce497a8ad",
"SHA384": "576c29b57e4fb80ecb32810155daee135aa5f3541cc89bc84cf1e11ed58a8d2d63fa60a84d4f36e8003312891a2383c6"
},
"ValidFrom": "2022-05-25 00:00:00",
"ValidTo": "2023-05-25 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36",
"SerialNumber": "61501991b18f323804525137dc25005a",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates Expand Certificate 01 Field Value ToBeSigned (TBS) MD5 93b601b98fc29a9e89a704048928b85f ToBeSigned (TBS) SHA1 3e8e6487f8fd27d322a269a71edaac5d57811286 ToBeSigned (TBS) SHA256 bedd4b1831f17c7ec1d507380f4c9836baa8ce20065a67db8b43acea14294ba4 Subject C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services ValidFrom 2004-01-01 00:00:00 ValidTo 2028-12-31 23:59:59 Signature 0856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 01 Version 3
Certificate 48fc93b46055948d36a7c98a89d69416 Field Value ToBeSigned (TBS) MD5 207045ce7b7ab131e78e459b13825902 ToBeSigned (TBS) SHA1 bcf7530a1ab309fb1926cb720f9fd58cff1cb88f ToBeSigned (TBS) SHA256 0f31a4237992e1ea623baf4c29480afb6d913e10f1fb1d56bb56f5b03fbff13b Subject C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46 ValidFrom 2021-05-25 00:00:00 ValidTo 2028-12-31 23:59:59 Signature 12bfa1ef8b749a9844b86946b5ab240a0ca48a67b83a81bf458a7d5207a88d1f4e218539a36b5e2d2086bf10b8ae793b53cdb4fbd844be06d95c6367d44016874486722ad63215f51283c2f9e15d114067f6422772c523e202381a4c20e2db01f7cd464f26a27c66c05136b6890254c7fc58fb6c00eefe98a62e95a10c53291f6fd819a64f9ef7ac09ea5d82c68baf80a7bd8148528431da32ec15e4a64c3d6c3973d40b853920e0851a68e1a74838a9d1362577c18d1916c5884c667d2f63ce98e869dfac3ca85d9dc91c5baed8f32f74cfb87ef6d7839d1196629aae4513da7fdc47fbdfc3529fe60655e99d8cf23a6251bcec240f29d4588084e4457b5ad8 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 48fc93b46055948d36a7c98a89d69416 Version 3
Certificate 33d708a891405319e2a5bbd339b9ad6e Field Value ToBeSigned (TBS) MD5 b81404c775a2621debdb7825b87b8316 ToBeSigned (TBS) SHA1 47ae94067c3c59b13605192288705db7b52f3685 ToBeSigned (TBS) SHA256 9893b35b3dcefe53d8d24b887569dfe21f9aef27bd57b61c06fcf7438b89c33a Subject C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36 ValidFrom 2021-03-22 00:00:00 ValidTo 2036-03-21 23:59:59 Signature 5f36acfbf9f6725a14b7f00b1dded8fd9701d2fd01ee992d86e8f6b7f039ffd6814a5aa7424a0a2d159de694fdc5694ab2d74bf116124cf6be9066658b2d74d4ab08f76a110308777cbe69e1b0db9f248903d6de5ca4e0b2d6b4cfe338d5b96dcc27d6ce6411e8107276d3f9e0e92c89e949d3b39796060ae1f60ac8419a915d81d8367798ca804197a8f8913f639faacd54544b80eaf51766d39471fd9efd4731e3e91a861dd3be20d23fb1525fb293bd8c950998728f9501f49843a54afb1426aa9d36bf72b0fcdcbd840deced34a85e952b3816630575d9f6312e156be294b22ad27435b5989aa3fef82b2fb6174b276c5ae6b9765eda86ddab64d66aea8318881b3182f588b39425c0212f086902e34cbb4c2a1130eb817906e141952ad420f60b93e47c760c9d1d266b5f8401f62a99cdafdec7f0e418a24e9b2f2a0c66a6927526bed94035136faea6371a7ae8ad1c5163072a56066ced7e18f6e3ec6473a66d08368baf0f99ae756b172bc24d6ac351464156e98fc28dff13719bdaed9ed39fabe545a612c5145a524197a3060008c5e61cea27823c3bdbe646c4ef2d003513cd367d9de5aa270805cccec0360e4b194fd0639a6dbfc529533122db75507786d0f2f86aee6b061b3e85232b97c87e7a99410cdd587f0ea8c3123d3a359be09d2c8c17815444a87a1d989d967f5958a65465ff51420bf847ebcff8e5bf SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 33d708a891405319e2a5bbd339b9ad6e Version 3
Certificate 300f6facdd6698747ca94636a7782db9 Field Value ToBeSigned (TBS) MD5 63499ed59a1293b786649470e4ce0bd7 ToBeSigned (TBS) SHA1 7309d8eaa65da1f3da7030c08f00a3b0a20fa908 ToBeSigned (TBS) SHA256 8c8d2046b29e792e71b28705fe67c435208a336dde074a75452d98e72c734937 Subject C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Time Stamping CA ValidFrom 2019-05-02 00:00:00 ValidTo 2038-01-18 23:59:59 Signature 6d5481a5335d16e1b553819175df037a320b2d258411b2b0db2a7d2a05f5bc3b27f45aa0b9495990296c61cbb550dbe27df99f00ef40c3add3e2e456f95841cff142e5107dffb0741f8fc65c09f9335eeaa01c26585cf3b4110fd5d5c3e2bcd55878bf4876e144676d8fb043100f8de4f93862bf1301c585a34cc5ccb2533095a4d6f4965608b8cd5c7f0196be72526a3b42377c1678399393949bb1dcb26d416d67cdc96f903d7f4572c11b23d6c2558466e4b3c56606f6f3d64b5eada32b428a2192fea86f5a2570628173635ea0bbd8dcd74ad33daf830638121d24872de4fc02d63e7704bc0436b5e777cb9c2e8d2318b9a3c2471df05dd6a1735705689aa7c937651dbeeabcd842834305a58ba609ffd1a194a64eaa3d09f5056cb7d2645ad82a22c24b9df1395e4cde483d9b34969a095f8efdf7b15291ce3f89f61ca1b5a9751f71bf5b435d653d50816eabf0d0d3fcb2b31fb6999626f43c798b5c64cccdee279ae5a0c00c7287c16e4d5ad31eeaf044e6326f1ceb174e94c37865203b0f41aa1fe9a1419dfeb1b8a0652a34e0dea8f93ce6c130bbc0a0632cfc5c1600a8d0c47fea119d1e06c6a66d325db438092b4907aafdec30daf1a72fcfb7fdfad0a384d9279efb016677b95610e1206ec6aeb1f9b6bac8355d33768ef17c200c2a77aeb5a20286ba29eeb45a00b18cabe3f90ac9545dd4b96a749ebd48ae98 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 300f6facdd6698747ca94636a7782db9 Version 3
Certificate 0090397f9ad24a3a13f2bd915f0838a943 Field Value ToBeSigned (TBS) MD5 26ec2c9bfcb06fdf8a6d95f2c616fd72 ToBeSigned (TBS) SHA1 635466f1432046f6fd338624c068872ab6488b12 ToBeSigned (TBS) SHA256 2219bd6adf84dc8f6f04833974d150f75f5ce79cbf85788a6f7efaa4a5205839 Subject C=GB, ST=Manchester, O=Sectigo Limited, CN=Sectigo RSA Time Stamping Signer #3 ValidFrom 2022-05-11 00:00:00 ValidTo 2033-08-10 23:59:59 Signature 73daed6872cbc2b940a131bbb403a32d147b24e7b45b157da8e9fdadd1920d7c3d36a069d9f39a30daac69d67457243f7e0f3cd9f5c379256c26e88d6893cef17789397fa80405da34c314ea9f0854abffc47e966c2bd394ebb46ce0454d2cb2f73b3b5ab5c1fbd789756d987272f6f70728f3d3b2d0eb19be152c78efcd45a000e4f80476bb57c590be775490749e0b4f4dc4aa138f97af01352bcb9b1178e9f2f989043c4ee3821262ebb4440c7541c20f34b8889dc822f1136adb182f6e78adc405b4e884089307f97d83fe689834e477e5b1ce8c946cdb036d2805477e9b2ef064fbdba40331107c1afb3c1980d10b70b9555f47be3964ceb7da235432e346b232d8d22986c9155d8095af02fbb4d12e9d387c35e00f1ced1b47489c226a5582d9f2ba086503e5f129f3488a09014ca679f2a2b61a9994eb9728e1be7d1ba17ced5680a6f4223390e48453fc2afac0a797a8eab58d7acee4e04ba133ab0b76a0d56916b78e66bf5ffa1fc4a87fa7a14814910d82fcbd4d99edc9e66c36fe774399b8692d7c612feda3b049fe5bbe692491ff93fc5769924bd9053f6d8672d3a2d0c064d23a42c11a03fbd0ed9a21b83fafa6b25154d54cc5ca1f128d57c639ed5cffec9f2676ad646667e8aa30e0d2adb77db16a41276e038aa374e08a09826ebfe3f6b7bc9e0b29186881a19c3f6e16594b1409099ae6aebf6015dd86f5 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority False SerialNumber 0090397f9ad24a3a13f2bd915f0838a943 Version 3
Certificate 61501991b18f323804525137dc25005a Field Value ToBeSigned (TBS) MD5 4e472f9ccab63d22f0b9a6dbeb4969f4 ToBeSigned (TBS) SHA1 764f7c4f78d03485ef024a68a86370a43dca402e ToBeSigned (TBS) SHA256 5623801ef2108741513b5941be10dcf08095e4ee9f1aaf62ac9773cce497a8ad Subject serialNumber=91510107MA7E8Y2876, ??=CN, ??=Private Organization, C=CN, ST=, O=, CN= ValidFrom 2022-05-25 00:00:00 ValidTo 2023-05-25 23:59:59 Signature b75f493e19a27fd2fb38884a1c07997ab236a090a9299ad269b17a711f034b6b9b9686ecce7330d3ee9692c63be512b6c84ac3cca2b89606296226c512075251deca429743e7950038f9b5ee7f0d31e8b77e3f8aa11209fca096788a3679c9b68b2187e32ce6348c217e89066ac5758b87fe04e1e8a070194bcc034a8cc9e3e8e4cf67df553f3e4e55627971461eb011c4ee7ffdf1b3a388642ccfd7b7d272cd0d855ec7b9287d482a14c366f668a32c3daf404e9cda6296aff82fe45c7b1bfdc94ae6d0a08796685828dc250495e69b0c42daa45fb7dab634df7799c474b7c00da1104c5c7ce17c5587ccbcfa4949ee29c862a4482ee6e5cb5cc9871b4ce075974f6547e84d23eb494e831371f431c31d570daddec0988360a4023be17b2a8729d675aad81cdfd380738802d379131353dd22dae12912514e668ecda25b79888543e398bbd1e1d869131c9c5135ec75b7718537f69e2585363e0de3d42982f200ad88b2f9ce4f6abb2790771b638411013c80ce8055514c9351e403e438995f SignatureAlgorithmOID 1.2.840.113549.1.1.11 IsCertificateAuthority False SerialNumber 61501991b18f323804525137dc25005a Version 3
Imports Expand ntoskrnl.exe HAL.dll NDIS.SYS fwpkclnt.sys WDFLDR.SYS Imported Functions Expand MmMapLockedPagesSpecifyCache IoAllocateErrorLogEntry IoAllocateMdl IoFreeMdl IoGetCurrentProcess IoWriteErrorLogEntry ObfReferenceObject ObfDereferenceObject RtlCopyUnicodeString ExUuidCreate PsGetProcessId IoGetRequestorProcess _alldiv KeBugCheckEx memset memcpy _allmul MmBuildMdlForNonPagedPool ExFreePoolWithTag ExAllocatePoolWithTag RtlGetVersion RtlIntegerToUnicodeString KeReleaseInStackQueuedSpinLock KeQueryPerformanceCounter KeAcquireInStackQueuedSpinLock NdisAllocateNetBufferPool NdisFreeNetBufferPool NdisAdvanceNetBufferDataStart NdisRetreatNetBufferDataStart NdisFreeNetBufferListPool NdisAllocateNetBufferListPool NdisGetDataBuffer FwpsAllocateNetBufferAndNetBufferList0 FwpmFilterDeleteByKey0 FwpmFilterAdd0 FwpmCalloutDeleteByKey0 FwpmCalloutAdd0 FwpmSubLayerDeleteByKey0 FwpmSubLayerAdd0 FwpmProviderDeleteByKey0 FwpmProviderAdd0 FwpmTransactionAbort0 FwpmTransactionCommit0 FwpmTransactionBegin0 FwpmEngineClose0 FwpmEngineOpen0 FwpsQueryPacketInjectionState0 FwpsInjectNetworkReceiveAsync0 FwpsInjectForwardAsync0 FwpsInjectNetworkSendAsync0 FwpsCalloutRegister0 FwpsCalloutUnregisterByKey0 FwpsFlowAssociateContext0 FwpsFlowRemoveContext0 FwpsInjectionHandleCreate0 FwpsInjectionHandleDestroy0 FwpsFreeNetBufferList0 WdfVersionBind WdfVersionBindClass WdfVersionUnbindClass WdfVersionUnbind Exported Functions Expand Sections Expand .text .rdata .data INIT .rsrc .reloc Signature Expand {
"Certificates": [
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "01",
"Signature": "0856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"TBS": {
"MD5": "93b601b98fc29a9e89a704048928b85f",
"SHA1": "3e8e6487f8fd27d322a269a71edaac5d57811286",
"SHA256": "bedd4b1831f17c7ec1d507380f4c9836baa8ce20065a67db8b43acea14294ba4",
"SHA384": "5019d634bf6be7246128e117bfdf533f97aa574fae9080307b427fc77998fe9f280ba23b051cfbd6cf5d37c6e578d698"
},
"ValidFrom": "2004-01-01 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "48fc93b46055948d36a7c98a89d69416",
"Signature": "12bfa1ef8b749a9844b86946b5ab240a0ca48a67b83a81bf458a7d5207a88d1f4e218539a36b5e2d2086bf10b8ae793b53cdb4fbd844be06d95c6367d44016874486722ad63215f51283c2f9e15d114067f6422772c523e202381a4c20e2db01f7cd464f26a27c66c05136b6890254c7fc58fb6c00eefe98a62e95a10c53291f6fd819a64f9ef7ac09ea5d82c68baf80a7bd8148528431da32ec15e4a64c3d6c3973d40b853920e0851a68e1a74838a9d1362577c18d1916c5884c667d2f63ce98e869dfac3ca85d9dc91c5baed8f32f74cfb87ef6d7839d1196629aae4513da7fdc47fbdfc3529fe60655e99d8cf23a6251bcec240f29d4588084e4457b5ad8",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46",
"TBS": {
"MD5": "207045ce7b7ab131e78e459b13825902",
"SHA1": "bcf7530a1ab309fb1926cb720f9fd58cff1cb88f",
"SHA256": "0f31a4237992e1ea623baf4c29480afb6d913e10f1fb1d56bb56f5b03fbff13b",
"SHA384": "a229d2722bc6091d73b1d979b81088c977cb028a6f7cbf264bb81d5cc8f099f87d7c296e48bf09d7ebe275f5498661a4"
},
"ValidFrom": "2021-05-25 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "33d708a891405319e2a5bbd339b9ad6e",
"Signature": "5f36acfbf9f6725a14b7f00b1dded8fd9701d2fd01ee992d86e8f6b7f039ffd6814a5aa7424a0a2d159de694fdc5694ab2d74bf116124cf6be9066658b2d74d4ab08f76a110308777cbe69e1b0db9f248903d6de5ca4e0b2d6b4cfe338d5b96dcc27d6ce6411e8107276d3f9e0e92c89e949d3b39796060ae1f60ac8419a915d81d8367798ca804197a8f8913f639faacd54544b80eaf51766d39471fd9efd4731e3e91a861dd3be20d23fb1525fb293bd8c950998728f9501f49843a54afb1426aa9d36bf72b0fcdcbd840deced34a85e952b3816630575d9f6312e156be294b22ad27435b5989aa3fef82b2fb6174b276c5ae6b9765eda86ddab64d66aea8318881b3182f588b39425c0212f086902e34cbb4c2a1130eb817906e141952ad420f60b93e47c760c9d1d266b5f8401f62a99cdafdec7f0e418a24e9b2f2a0c66a6927526bed94035136faea6371a7ae8ad1c5163072a56066ced7e18f6e3ec6473a66d08368baf0f99ae756b172bc24d6ac351464156e98fc28dff13719bdaed9ed39fabe545a612c5145a524197a3060008c5e61cea27823c3bdbe646c4ef2d003513cd367d9de5aa270805cccec0360e4b194fd0639a6dbfc529533122db75507786d0f2f86aee6b061b3e85232b97c87e7a99410cdd587f0ea8c3123d3a359be09d2c8c17815444a87a1d989d967f5958a65465ff51420bf847ebcff8e5bf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36",
"TBS": {
"MD5": "b81404c775a2621debdb7825b87b8316",
"SHA1": "47ae94067c3c59b13605192288705db7b52f3685",
"SHA256": "9893b35b3dcefe53d8d24b887569dfe21f9aef27bd57b61c06fcf7438b89c33a",
"SHA384": "f55821c081b58e86eaa202923e715e1524c422c7be0469b13a9e7a319e50d70cb5b67e864273029a79250f9dc3203cbd"
},
"ValidFrom": "2021-03-22 00:00:00",
"ValidTo": "2036-03-21 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "300f6facdd6698747ca94636a7782db9",
"Signature": "6d5481a5335d16e1b553819175df037a320b2d258411b2b0db2a7d2a05f5bc3b27f45aa0b9495990296c61cbb550dbe27df99f00ef40c3add3e2e456f95841cff142e5107dffb0741f8fc65c09f9335eeaa01c26585cf3b4110fd5d5c3e2bcd55878bf4876e144676d8fb043100f8de4f93862bf1301c585a34cc5ccb2533095a4d6f4965608b8cd5c7f0196be72526a3b42377c1678399393949bb1dcb26d416d67cdc96f903d7f4572c11b23d6c2558466e4b3c56606f6f3d64b5eada32b428a2192fea86f5a2570628173635ea0bbd8dcd74ad33daf830638121d24872de4fc02d63e7704bc0436b5e777cb9c2e8d2318b9a3c2471df05dd6a1735705689aa7c937651dbeeabcd842834305a58ba609ffd1a194a64eaa3d09f5056cb7d2645ad82a22c24b9df1395e4cde483d9b34969a095f8efdf7b15291ce3f89f61ca1b5a9751f71bf5b435d653d50816eabf0d0d3fcb2b31fb6999626f43c798b5c64cccdee279ae5a0c00c7287c16e4d5ad31eeaf044e6326f1ceb174e94c37865203b0f41aa1fe9a1419dfeb1b8a0652a34e0dea8f93ce6c130bbc0a0632cfc5c1600a8d0c47fea119d1e06c6a66d325db438092b4907aafdec30daf1a72fcfb7fdfad0a384d9279efb016677b95610e1206ec6aeb1f9b6bac8355d33768ef17c200c2a77aeb5a20286ba29eeb45a00b18cabe3f90ac9545dd4b96a749ebd48ae98",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Time Stamping CA",
"TBS": {
"MD5": "63499ed59a1293b786649470e4ce0bd7",
"SHA1": "7309d8eaa65da1f3da7030c08f00a3b0a20fa908",
"SHA256": "8c8d2046b29e792e71b28705fe67c435208a336dde074a75452d98e72c734937",
"SHA384": "5dbc5eae13908fee4c4e5216f87e3e87208fff0d1052f5fa9f0856a429d6a6c422c625f2318f2f29aea26ece09c1e811"
},
"ValidFrom": "2019-05-02 00:00:00",
"ValidTo": "2038-01-18 23:59:59",
"Version": 3
},
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "0090397f9ad24a3a13f2bd915f0838a943",
"Signature": "73daed6872cbc2b940a131bbb403a32d147b24e7b45b157da8e9fdadd1920d7c3d36a069d9f39a30daac69d67457243f7e0f3cd9f5c379256c26e88d6893cef17789397fa80405da34c314ea9f0854abffc47e966c2bd394ebb46ce0454d2cb2f73b3b5ab5c1fbd789756d987272f6f70728f3d3b2d0eb19be152c78efcd45a000e4f80476bb57c590be775490749e0b4f4dc4aa138f97af01352bcb9b1178e9f2f989043c4ee3821262ebb4440c7541c20f34b8889dc822f1136adb182f6e78adc405b4e884089307f97d83fe689834e477e5b1ce8c946cdb036d2805477e9b2ef064fbdba40331107c1afb3c1980d10b70b9555f47be3964ceb7da235432e346b232d8d22986c9155d8095af02fbb4d12e9d387c35e00f1ced1b47489c226a5582d9f2ba086503e5f129f3488a09014ca679f2a2b61a9994eb9728e1be7d1ba17ced5680a6f4223390e48453fc2afac0a797a8eab58d7acee4e04ba133ab0b76a0d56916b78e66bf5ffa1fc4a87fa7a14814910d82fcbd4d99edc9e66c36fe774399b8692d7c612feda3b049fe5bbe692491ff93fc5769924bd9053f6d8672d3a2d0c064d23a42c11a03fbd0ed9a21b83fafa6b25154d54cc5ca1f128d57c639ed5cffec9f2676ad646667e8aa30e0d2adb77db16a41276e038aa374e08a09826ebfe3f6b7bc9e0b29186881a19c3f6e16594b1409099ae6aebf6015dd86f5",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Manchester, O=Sectigo Limited, CN=Sectigo RSA Time Stamping Signer #3",
"TBS": {
"MD5": "26ec2c9bfcb06fdf8a6d95f2c616fd72",
"SHA1": "635466f1432046f6fd338624c068872ab6488b12",
"SHA256": "2219bd6adf84dc8f6f04833974d150f75f5ce79cbf85788a6f7efaa4a5205839",
"SHA384": "62d3259a3af5706e5bd6ca3f7ca35c0978253facbf7bee54f61d6afdd548e39e435fb55f952dbf8ed2bd6ee0c6b69660"
},
"ValidFrom": "2022-05-11 00:00:00",
"ValidTo": "2033-08-10 23:59:59",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "61501991b18f323804525137dc25005a",
"Signature": "b75f493e19a27fd2fb38884a1c07997ab236a090a9299ad269b17a711f034b6b9b9686ecce7330d3ee9692c63be512b6c84ac3cca2b89606296226c512075251deca429743e7950038f9b5ee7f0d31e8b77e3f8aa11209fca096788a3679c9b68b2187e32ce6348c217e89066ac5758b87fe04e1e8a070194bcc034a8cc9e3e8e4cf67df553f3e4e55627971461eb011c4ee7ffdf1b3a388642ccfd7b7d272cd0d855ec7b9287d482a14c366f668a32c3daf404e9cda6296aff82fe45c7b1bfdc94ae6d0a08796685828dc250495e69b0c42daa45fb7dab634df7799c474b7c00da1104c5c7ce17c5587ccbcfa4949ee29c862a4482ee6e5cb5cc9871b4ce075974f6547e84d23eb494e831371f431c31d570daddec0988360a4023be17b2a8729d675aad81cdfd380738802d379131353dd22dae12912514e668ecda25b79888543e398bbd1e1d869131c9c5135ec75b7718537f69e2585363e0de3d42982f200ad88b2f9ce4f6abb2790771b638411013c80ce8055514c9351e403e438995f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "serialNumber=91510107MA7E8Y2876, ??=CN, ??=Private Organization, C=CN, ST=, O=, CN=",
"TBS": {
"MD5": "4e472f9ccab63d22f0b9a6dbeb4969f4",
"SHA1": "764f7c4f78d03485ef024a68a86370a43dca402e",
"SHA256": "5623801ef2108741513b5941be10dcf08095e4ee9f1aaf62ac9773cce497a8ad",
"SHA384": "576c29b57e4fb80ecb32810155daee135aa5f3541cc89bc84cf1e11ed58a8d2d63fa60a84d4f36e8003312891a2383c6"
},
"ValidFrom": "2022-05-25 00:00:00",
"ValidTo": "2023-05-25 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36",
"SerialNumber": "61501991b18f323804525137dc25005a",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates Expand Certificate 01 Field Value ToBeSigned (TBS) MD5 93b601b98fc29a9e89a704048928b85f ToBeSigned (TBS) SHA1 3e8e6487f8fd27d322a269a71edaac5d57811286 ToBeSigned (TBS) SHA256 bedd4b1831f17c7ec1d507380f4c9836baa8ce20065a67db8b43acea14294ba4 Subject C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services ValidFrom 2004-01-01 00:00:00 ValidTo 2028-12-31 23:59:59 Signature 0856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 01 Version 3
Certificate 48fc93b46055948d36a7c98a89d69416 Field Value ToBeSigned (TBS) MD5 207045ce7b7ab131e78e459b13825902 ToBeSigned (TBS) SHA1 bcf7530a1ab309fb1926cb720f9fd58cff1cb88f ToBeSigned (TBS) SHA256 0f31a4237992e1ea623baf4c29480afb6d913e10f1fb1d56bb56f5b03fbff13b Subject C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46 ValidFrom 2021-05-25 00:00:00 ValidTo 2028-12-31 23:59:59 Signature 12bfa1ef8b749a9844b86946b5ab240a0ca48a67b83a81bf458a7d5207a88d1f4e218539a36b5e2d2086bf10b8ae793b53cdb4fbd844be06d95c6367d44016874486722ad63215f51283c2f9e15d114067f6422772c523e202381a4c20e2db01f7cd464f26a27c66c05136b6890254c7fc58fb6c00eefe98a62e95a10c53291f6fd819a64f9ef7ac09ea5d82c68baf80a7bd8148528431da32ec15e4a64c3d6c3973d40b853920e0851a68e1a74838a9d1362577c18d1916c5884c667d2f63ce98e869dfac3ca85d9dc91c5baed8f32f74cfb87ef6d7839d1196629aae4513da7fdc47fbdfc3529fe60655e99d8cf23a6251bcec240f29d4588084e4457b5ad8 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 48fc93b46055948d36a7c98a89d69416 Version 3
Certificate 33d708a891405319e2a5bbd339b9ad6e Field Value ToBeSigned (TBS) MD5 b81404c775a2621debdb7825b87b8316 ToBeSigned (TBS) SHA1 47ae94067c3c59b13605192288705db7b52f3685 ToBeSigned (TBS) SHA256 9893b35b3dcefe53d8d24b887569dfe21f9aef27bd57b61c06fcf7438b89c33a Subject C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36 ValidFrom 2021-03-22 00:00:00 ValidTo 2036-03-21 23:59:59 Signature 5f36acfbf9f6725a14b7f00b1dded8fd9701d2fd01ee992d86e8f6b7f039ffd6814a5aa7424a0a2d159de694fdc5694ab2d74bf116124cf6be9066658b2d74d4ab08f76a110308777cbe69e1b0db9f248903d6de5ca4e0b2d6b4cfe338d5b96dcc27d6ce6411e8107276d3f9e0e92c89e949d3b39796060ae1f60ac8419a915d81d8367798ca804197a8f8913f639faacd54544b80eaf51766d39471fd9efd4731e3e91a861dd3be20d23fb1525fb293bd8c950998728f9501f49843a54afb1426aa9d36bf72b0fcdcbd840deced34a85e952b3816630575d9f6312e156be294b22ad27435b5989aa3fef82b2fb6174b276c5ae6b9765eda86ddab64d66aea8318881b3182f588b39425c0212f086902e34cbb4c2a1130eb817906e141952ad420f60b93e47c760c9d1d266b5f8401f62a99cdafdec7f0e418a24e9b2f2a0c66a6927526bed94035136faea6371a7ae8ad1c5163072a56066ced7e18f6e3ec6473a66d08368baf0f99ae756b172bc24d6ac351464156e98fc28dff13719bdaed9ed39fabe545a612c5145a524197a3060008c5e61cea27823c3bdbe646c4ef2d003513cd367d9de5aa270805cccec0360e4b194fd0639a6dbfc529533122db75507786d0f2f86aee6b061b3e85232b97c87e7a99410cdd587f0ea8c3123d3a359be09d2c8c17815444a87a1d989d967f5958a65465ff51420bf847ebcff8e5bf SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 33d708a891405319e2a5bbd339b9ad6e Version 3
Certificate 300f6facdd6698747ca94636a7782db9 Field Value ToBeSigned (TBS) MD5 63499ed59a1293b786649470e4ce0bd7 ToBeSigned (TBS) SHA1 7309d8eaa65da1f3da7030c08f00a3b0a20fa908 ToBeSigned (TBS) SHA256 8c8d2046b29e792e71b28705fe67c435208a336dde074a75452d98e72c734937 Subject C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Time Stamping CA ValidFrom 2019-05-02 00:00:00 ValidTo 2038-01-18 23:59:59 Signature 6d5481a5335d16e1b553819175df037a320b2d258411b2b0db2a7d2a05f5bc3b27f45aa0b9495990296c61cbb550dbe27df99f00ef40c3add3e2e456f95841cff142e5107dffb0741f8fc65c09f9335eeaa01c26585cf3b4110fd5d5c3e2bcd55878bf4876e144676d8fb043100f8de4f93862bf1301c585a34cc5ccb2533095a4d6f4965608b8cd5c7f0196be72526a3b42377c1678399393949bb1dcb26d416d67cdc96f903d7f4572c11b23d6c2558466e4b3c56606f6f3d64b5eada32b428a2192fea86f5a2570628173635ea0bbd8dcd74ad33daf830638121d24872de4fc02d63e7704bc0436b5e777cb9c2e8d2318b9a3c2471df05dd6a1735705689aa7c937651dbeeabcd842834305a58ba609ffd1a194a64eaa3d09f5056cb7d2645ad82a22c24b9df1395e4cde483d9b34969a095f8efdf7b15291ce3f89f61ca1b5a9751f71bf5b435d653d50816eabf0d0d3fcb2b31fb6999626f43c798b5c64cccdee279ae5a0c00c7287c16e4d5ad31eeaf044e6326f1ceb174e94c37865203b0f41aa1fe9a1419dfeb1b8a0652a34e0dea8f93ce6c130bbc0a0632cfc5c1600a8d0c47fea119d1e06c6a66d325db438092b4907aafdec30daf1a72fcfb7fdfad0a384d9279efb016677b95610e1206ec6aeb1f9b6bac8355d33768ef17c200c2a77aeb5a20286ba29eeb45a00b18cabe3f90ac9545dd4b96a749ebd48ae98 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority True SerialNumber 300f6facdd6698747ca94636a7782db9 Version 3
Certificate 0090397f9ad24a3a13f2bd915f0838a943 Field Value ToBeSigned (TBS) MD5 26ec2c9bfcb06fdf8a6d95f2c616fd72 ToBeSigned (TBS) SHA1 635466f1432046f6fd338624c068872ab6488b12 ToBeSigned (TBS) SHA256 2219bd6adf84dc8f6f04833974d150f75f5ce79cbf85788a6f7efaa4a5205839 Subject C=GB, ST=Manchester, O=Sectigo Limited, CN=Sectigo RSA Time Stamping Signer #3 ValidFrom 2022-05-11 00:00:00 ValidTo 2033-08-10 23:59:59 Signature 73daed6872cbc2b940a131bbb403a32d147b24e7b45b157da8e9fdadd1920d7c3d36a069d9f39a30daac69d67457243f7e0f3cd9f5c379256c26e88d6893cef17789397fa80405da34c314ea9f0854abffc47e966c2bd394ebb46ce0454d2cb2f73b3b5ab5c1fbd789756d987272f6f70728f3d3b2d0eb19be152c78efcd45a000e4f80476bb57c590be775490749e0b4f4dc4aa138f97af01352bcb9b1178e9f2f989043c4ee3821262ebb4440c7541c20f34b8889dc822f1136adb182f6e78adc405b4e884089307f97d83fe689834e477e5b1ce8c946cdb036d2805477e9b2ef064fbdba40331107c1afb3c1980d10b70b9555f47be3964ceb7da235432e346b232d8d22986c9155d8095af02fbb4d12e9d387c35e00f1ced1b47489c226a5582d9f2ba086503e5f129f3488a09014ca679f2a2b61a9994eb9728e1be7d1ba17ced5680a6f4223390e48453fc2afac0a797a8eab58d7acee4e04ba133ab0b76a0d56916b78e66bf5ffa1fc4a87fa7a14814910d82fcbd4d99edc9e66c36fe774399b8692d7c612feda3b049fe5bbe692491ff93fc5769924bd9053f6d8672d3a2d0c064d23a42c11a03fbd0ed9a21b83fafa6b25154d54cc5ca1f128d57c639ed5cffec9f2676ad646667e8aa30e0d2adb77db16a41276e038aa374e08a09826ebfe3f6b7bc9e0b29186881a19c3f6e16594b1409099ae6aebf6015dd86f5 SignatureAlgorithmOID 1.2.840.113549.1.1.12 IsCertificateAuthority False SerialNumber 0090397f9ad24a3a13f2bd915f0838a943 Version 3
Certificate 61501991b18f323804525137dc25005a Field Value ToBeSigned (TBS) MD5 4e472f9ccab63d22f0b9a6dbeb4969f4 ToBeSigned (TBS) SHA1 764f7c4f78d03485ef024a68a86370a43dca402e ToBeSigned (TBS) SHA256 5623801ef2108741513b5941be10dcf08095e4ee9f1aaf62ac9773cce497a8ad Subject serialNumber=91510107MA7E8Y2876, ??=CN, ??=Private Organization, C=CN, ST=, O=, CN= ValidFrom 2022-05-25 00:00:00 ValidTo 2023-05-25 23:59:59 Signature b75f493e19a27fd2fb38884a1c07997ab236a090a9299ad269b17a711f034b6b9b9686ecce7330d3ee9692c63be512b6c84ac3cca2b89606296226c512075251deca429743e7950038f9b5ee7f0d31e8b77e3f8aa11209fca096788a3679c9b68b2187e32ce6348c217e89066ac5758b87fe04e1e8a070194bcc034a8cc9e3e8e4cf67df553f3e4e55627971461eb011c4ee7ffdf1b3a388642ccfd7b7d272cd0d855ec7b9287d482a14c366f668a32c3daf404e9cda6296aff82fe45c7b1bfdc94ae6d0a08796685828dc250495e69b0c42daa45fb7dab634df7799c474b7c00da1104c5c7ce17c5587ccbcfa4949ee29c862a4482ee6e5cb5cc9871b4ce075974f6547e84d23eb494e831371f431c31d570daddec0988360a4023be17b2a8729d675aad81cdfd380738802d379131353dd22dae12912514e668ecda25b79888543e398bbd1e1d869131c9c5135ec75b7718537f69e2585363e0de3d42982f200ad88b2f9ce4f6abb2790771b638411013c80ce8055514c9351e403e438995f SignatureAlgorithmOID 1.2.840.113549.1.1.11 IsCertificateAuthority False SerialNumber 61501991b18f323804525137dc25005a Version 3
Imports Expand ntoskrnl.exe HAL.dll NDIS.SYS fwpkclnt.sys WDFLDR.SYS Imported Functions Expand RtlCopyUnicodeString KeBugCheckEx IoGetRequestorProcess PsGetProcessId ExUuidCreate ObfDereferenceObject ObfReferenceObject IoWriteErrorLogEntry IoGetCurrentProcess IoFreeMdl IoAllocateMdl IoAllocateErrorLogEntry MmMapLockedPagesSpecifyCache MmBuildMdlForNonPagedPool ExFreePoolWithTag ExAllocatePoolWithTag KeReleaseInStackQueuedSpinLock KeAcquireInStackQueuedSpinLock RtlGetVersion RtlIntegerToUnicodeString KeQueryPerformanceCounter NdisAllocateNetBufferPool NdisFreeNetBufferPool NdisAllocateNetBufferListPool NdisGetDataBuffer NdisAdvanceNetBufferDataStart NdisRetreatNetBufferDataStart NdisFreeNetBufferListPool FwpmTransactionAbort0 FwpmTransactionBegin0 FwpmEngineClose0 FwpmEngineOpen0 FwpsQueryPacketInjectionState0 FwpmProviderAdd0 FwpmProviderDeleteByKey0 FwpsInjectNetworkReceiveAsync0 FwpmSubLayerAdd0 FwpmSubLayerDeleteByKey0 FwpmCalloutAdd0 FwpmCalloutDeleteByKey0 FwpmFilterAdd0 FwpmFilterDeleteByKey0 FwpmTransactionCommit0 FwpsCalloutRegister0 FwpsCalloutUnregisterByKey0 FwpsFlowAssociateContext0 FwpsFlowRemoveContext0 FwpsInjectionHandleCreate0 FwpsInjectionHandleDestroy0 FwpsAllocateNetBufferAndNetBufferList0 FwpsFreeNetBufferList0 FwpsInjectNetworkSendAsync0 FwpsInjectForwardAsync0 WdfVersionBindClass WdfVersionUnbindClass WdfVersionBind WdfVersionUnbind Exported Functions Expand Sections Expand .text .rdata .data .pdata .gfids INIT .rsrc .reloc Signature Expand {
"Certificates": [
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "01",
"Signature": "0856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"TBS": {
"MD5": "93b601b98fc29a9e89a704048928b85f",
"SHA1": "3e8e6487f8fd27d322a269a71edaac5d57811286",
"SHA256": "bedd4b1831f17c7ec1d507380f4c9836baa8ce20065a67db8b43acea14294ba4",
"SHA384": "5019d634bf6be7246128e117bfdf533f97aa574fae9080307b427fc77998fe9f280ba23b051cfbd6cf5d37c6e578d698"
},
"ValidFrom": "2004-01-01 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "48fc93b46055948d36a7c98a89d69416",
"Signature": "12bfa1ef8b749a9844b86946b5ab240a0ca48a67b83a81bf458a7d5207a88d1f4e218539a36b5e2d2086bf10b8ae793b53cdb4fbd844be06d95c6367d44016874486722ad63215f51283c2f9e15d114067f6422772c523e202381a4c20e2db01f7cd464f26a27c66c05136b6890254c7fc58fb6c00eefe98a62e95a10c53291f6fd819a64f9ef7ac09ea5d82c68baf80a7bd8148528431da32ec15e4a64c3d6c3973d40b853920e0851a68e1a74838a9d1362577c18d1916c5884c667d2f63ce98e869dfac3ca85d9dc91c5baed8f32f74cfb87ef6d7839d1196629aae4513da7fdc47fbdfc3529fe60655e99d8cf23a6251bcec240f29d4588084e4457b5ad8",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46",
"TBS": {
"MD5": "207045ce7b7ab131e78e459b13825902",
"SHA1": "bcf7530a1ab309fb1926cb720f9fd58cff1cb88f",
"SHA256": "0f31a4237992e1ea623baf4c29480afb6d913e10f1fb1d56bb56f5b03fbff13b",
"SHA384": "a229d2722bc6091d73b1d979b81088c977cb028a6f7cbf264bb81d5cc8f099f87d7c296e48bf09d7ebe275f5498661a4"
},
"ValidFrom": "2021-05-25 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "33d708a891405319e2a5bbd339b9ad6e",
"Signature": "5f36acfbf9f6725a14b7f00b1dded8fd9701d2fd01ee992d86e8f6b7f039ffd6814a5aa7424a0a2d159de694fdc5694ab2d74bf116124cf6be9066658b2d74d4ab08f76a110308777cbe69e1b0db9f248903d6de5ca4e0b2d6b4cfe338d5b96dcc27d6ce6411e8107276d3f9e0e92c89e949d3b39796060ae1f60ac8419a915d81d8367798ca804197a8f8913f639faacd54544b80eaf51766d39471fd9efd4731e3e91a861dd3be20d23fb1525fb293bd8c950998728f9501f49843a54afb1426aa9d36bf72b0fcdcbd840deced34a85e952b3816630575d9f6312e156be294b22ad27435b5989aa3fef82b2fb6174b276c5ae6b9765eda86ddab64d66aea8318881b3182f588b39425c0212f086902e34cbb4c2a1130eb817906e141952ad420f60b93e47c760c9d1d266b5f8401f62a99cdafdec7f0e418a24e9b2f2a0c66a6927526bed94035136faea6371a7ae8ad1c5163072a56066ced7e18f6e3ec6473a66d08368baf0f99ae756b172bc24d6ac351464156e98fc28dff13719bdaed9ed39fabe545a612c5145a524197a3060008c5e61cea27823c3bdbe646c4ef2d003513cd367d9de5aa270805cccec0360e4b194fd0639a6dbfc529533122db75507786d0f2f86aee6b061b3e85232b97c87e7a99410cdd587f0ea8c3123d3a359be09d2c8c17815444a87a1d989d967f5958a65465ff51420bf847ebcff8e5bf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36",
"TBS": {
"MD5": "b81404c775a2621debdb7825b87b8316",
"SHA1": "47ae94067c3c59b13605192288705db7b52f3685",
"SHA256": "9893b35b3dcefe53d8d24b887569dfe21f9aef27bd57b61c06fcf7438b89c33a",
"SHA384": "f55821c081b58e86eaa202923e715e1524c422c7be0469b13a9e7a319e50d70cb5b67e864273029a79250f9dc3203cbd"
},
"ValidFrom": "2021-03-22 00:00:00",
"ValidTo": "2036-03-21 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "300f6facdd6698747ca94636a7782db9",
"Signature": "6d5481a5335d16e1b553819175df037a320b2d258411b2b0db2a7d2a05f5bc3b27f45aa0b9495990296c61cbb550dbe27df99f00ef40c3add3e2e456f95841cff142e5107dffb0741f8fc65c09f9335eeaa01c26585cf3b4110fd5d5c3e2bcd55878bf4876e144676d8fb043100f8de4f93862bf1301c585a34cc5ccb2533095a4d6f4965608b8cd5c7f0196be72526a3b42377c1678399393949bb1dcb26d416d67cdc96f903d7f4572c11b23d6c2558466e4b3c56606f6f3d64b5eada32b428a2192fea86f5a2570628173635ea0bbd8dcd74ad33daf830638121d24872de4fc02d63e7704bc0436b5e777cb9c2e8d2318b9a3c2471df05dd6a1735705689aa7c937651dbeeabcd842834305a58ba609ffd1a194a64eaa3d09f5056cb7d2645ad82a22c24b9df1395e4cde483d9b34969a095f8efdf7b15291ce3f89f61ca1b5a9751f71bf5b435d653d50816eabf0d0d3fcb2b31fb6999626f43c798b5c64cccdee279ae5a0c00c7287c16e4d5ad31eeaf044e6326f1ceb174e94c37865203b0f41aa1fe9a1419dfeb1b8a0652a34e0dea8f93ce6c130bbc0a0632cfc5c1600a8d0c47fea119d1e06c6a66d325db438092b4907aafdec30daf1a72fcfb7fdfad0a384d9279efb016677b95610e1206ec6aeb1f9b6bac8355d33768ef17c200c2a77aeb5a20286ba29eeb45a00b18cabe3f90ac9545dd4b96a749ebd48ae98",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Time Stamping CA",
"TBS": {
"MD5": "63499ed59a1293b786649470e4ce0bd7",
"SHA1": "7309d8eaa65da1f3da7030c08f00a3b0a20fa908",
"SHA256": "8c8d2046b29e792e71b28705fe67c435208a336dde074a75452d98e72c734937",
"SHA384": "5dbc5eae13908fee4c4e5216f87e3e87208fff0d1052f5fa9f0856a429d6a6c422c625f2318f2f29aea26ece09c1e811"
},
"ValidFrom": "2019-05-02 00:00:00",
"ValidTo": "2038-01-18 23:59:59",
"Version": 3
},
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "0090397f9ad24a3a13f2bd915f0838a943",
"Signature": "73daed6872cbc2b940a131bbb403a32d147b24e7b45b157da8e9fdadd1920d7c3d36a069d9f39a30daac69d67457243f7e0f3cd9f5c379256c26e88d6893cef17789397fa80405da34c314ea9f0854abffc47e966c2bd394ebb46ce0454d2cb2f73b3b5ab5c1fbd789756d987272f6f70728f3d3b2d0eb19be152c78efcd45a000e4f80476bb57c590be775490749e0b4f4dc4aa138f97af01352bcb9b1178e9f2f989043c4ee3821262ebb4440c7541c20f34b8889dc822f1136adb182f6e78adc405b4e884089307f97d83fe689834e477e5b1ce8c946cdb036d2805477e9b2ef064fbdba40331107c1afb3c1980d10b70b9555f47be3964ceb7da235432e346b232d8d22986c9155d8095af02fbb4d12e9d387c35e00f1ced1b47489c226a5582d9f2ba086503e5f129f3488a09014ca679f2a2b61a9994eb9728e1be7d1ba17ced5680a6f4223390e48453fc2afac0a797a8eab58d7acee4e04ba133ab0b76a0d56916b78e66bf5ffa1fc4a87fa7a14814910d82fcbd4d99edc9e66c36fe774399b8692d7c612feda3b049fe5bbe692491ff93fc5769924bd9053f6d8672d3a2d0c064d23a42c11a03fbd0ed9a21b83fafa6b25154d54cc5ca1f128d57c639ed5cffec9f2676ad646667e8aa30e0d2adb77db16a41276e038aa374e08a09826ebfe3f6b7bc9e0b29186881a19c3f6e16594b1409099ae6aebf6015dd86f5",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Manchester, O=Sectigo Limited, CN=Sectigo RSA Time Stamping Signer #3",
"TBS": {
"MD5": "26ec2c9bfcb06fdf8a6d95f2c616fd72",
"SHA1": "635466f1432046f6fd338624c068872ab6488b12",
"SHA256": "2219bd6adf84dc8f6f04833974d150f75f5ce79cbf85788a6f7efaa4a5205839",
"SHA384": "62d3259a3af5706e5bd6ca3f7ca35c0978253facbf7bee54f61d6afdd548e39e435fb55f952dbf8ed2bd6ee0c6b69660"
},
"ValidFrom": "2022-05-11 00:00:00",
"ValidTo": "2033-08-10 23:59:59",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "61501991b18f323804525137dc25005a",
"Signature": "b75f493e19a27fd2fb38884a1c07997ab236a090a9299ad269b17a711f034b6b9b9686ecce7330d3ee9692c63be512b6c84ac3cca2b89606296226c512075251deca429743e7950038f9b5ee7f0d31e8b77e3f8aa11209fca096788a3679c9b68b2187e32ce6348c217e89066ac5758b87fe04e1e8a070194bcc034a8cc9e3e8e4cf67df553f3e4e55627971461eb011c4ee7ffdf1b3a388642ccfd7b7d272cd0d855ec7b9287d482a14c366f668a32c3daf404e9cda6296aff82fe45c7b1bfdc94ae6d0a08796685828dc250495e69b0c42daa45fb7dab634df7799c474b7c00da1104c5c7ce17c5587ccbcfa4949ee29c862a4482ee6e5cb5cc9871b4ce075974f6547e84d23eb494e831371f431c31d570daddec0988360a4023be17b2a8729d675aad81cdfd380738802d379131353dd22dae12912514e668ecda25b79888543e398bbd1e1d869131c9c5135ec75b7718537f69e2585363e0de3d42982f200ad88b2f9ce4f6abb2790771b638411013c80ce8055514c9351e403e438995f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "serialNumber=91510107MA7E8Y2876, ??=CN, ??=Private Organization, C=CN, ST=, O=, CN=",
"TBS": {
"MD5": "4e472f9ccab63d22f0b9a6dbeb4969f4",
"SHA1": "764f7c4f78d03485ef024a68a86370a43dca402e",
"SHA256": "5623801ef2108741513b5941be10dcf08095e4ee9f1aaf62ac9773cce497a8ad",
"SHA384": "576c29b57e4fb80ecb32810155daee135aa5f3541cc89bc84cf1e11ed58a8d2d63fa60a84d4f36e8003312891a2383c6"
},
"ValidFrom": "2022-05-25 00:00:00",
"ValidTo": "2023-05-25 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing CA EV R36",
"SerialNumber": "61501991b18f323804525137dc25005a",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2026-04-14
