Description The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers (237 file hashes) accepting firmware access. Six allow kernel memory access. All give full control of the devices to non-admin users. By exploiting the vulnerable drivers, an attacker without the system privilege may erase/alter firmware, and/or elevate privileges. As of the time of writing in October 2023, the filenames of the vulnerable drivers have not been made public until now.
UUID : 4f47c65e-2e73-4855-813a-5a823ae845a8Created : 2023-11-02Author : Takahiro HaruyamaDownload
This download link contains the vulnerable driver!
Block tdeio64.sys across your endpoints Add this driver to your block policy in minutes with MagicSword, threat-driven application control. Free for up to 100 endpoints.
Start Blocking for Free Commands sc.exe create tdeio64sys binPath= C:\windows\temp\tdeio64sys.sys type=kernel && sc.exe start tdeio64sys
Use Case Privileges Operating System Elevate privileges kernel Windows 10
Detections Sigma 🛡️ Expand Names
detects loading using name only
Hashes
detects loading using hashes only
Resources https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html Known Vulnerable Samples Download
Certificates Expand Certificate 79a2a585f9d1154213d9b83ef6b68ded Field Value ToBeSigned (TBS) MD5 e6d820afb23af20a65cf0b03247ea05e ToBeSigned (TBS) SHA1 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 ToBeSigned (TBS) SHA256 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 Subject C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 ValidFrom 2012-05-01 00:00:00 ValidTo 2012-12-31 23:59:59 Signature 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority False SerialNumber 79a2a585f9d1154213d9b83ef6b68ded Version 3
Certificate 47bf1995df8d524643f7db6d480d31a4 Field Value ToBeSigned (TBS) MD5 518d2ea8a21e879c942d504824ac211c ToBeSigned (TBS) SHA1 21ce87d827077e61abddf2beba69fde5432ea031 ToBeSigned (TBS) SHA256 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 Subject C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA ValidFrom 2003-12-04 00:00:00 ValidTo 2013-12-03 23:59:59 Signature 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 47bf1995df8d524643f7db6d480d31a4 Version 3
Certificate 291a8c8022af992219298e002861d3e6 Field Value ToBeSigned (TBS) MD5 92ee6d7e7b0fbf4e755ce186dc2e2ed9 ToBeSigned (TBS) SHA1 2fdb5226daef89f545c7c8d0dcc4233d02126e68 ToBeSigned (TBS) SHA256 4fd24c5fdae677d4e66d9d1c7b1417680ed16f69dc94c98698f580afdd3873df Subject C=TW, ST=Taiwan, L=Taipei, O=PEGATRON CORPORATION, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PEGATRON CORPORATION ValidFrom 2012-03-06 00:00:00 ValidTo 2015-03-29 23:59:59 Signature 826501755cb3861a31e06401c06a60985b976786d9ee66655b16dd6d0bee5eb2f1cc78cd3ab42a8074f2ead8703cde54b1abcf4587bf817e30617d1af84751b7500221dcbf4c44dd111da69ee12a89907bdd7dc10234330ba6914f64d2efde98cb0fd05e6e5d934093cbfd4d79999ef382d804516e593f3de809bdf5c9024dad58da6dd9c62f13b75c649bc8f6c3c75f5617b2db0dc20abf47f820e5b01289b457cd234fa59038f0aa7b86c8b7590728fd9252eefeb112de0b8bb6733b162a5596ffb01ec9fa61fc5cad486c4e7f9d24c5fc10a0adf8ba3f70ef4597ab8fe20978346673fffb66fb15373759bf0e1142034440402ab58a2c1bd0e32f7a23a85a SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority False SerialNumber 291a8c8022af992219298e002861d3e6 Version 3
Certificate 611993e400000000001c Field Value ToBeSigned (TBS) MD5 78a717e082dcc1cda3458d917e677d14 ToBeSigned (TBS) SHA1 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 ToBeSigned (TBS) SHA256 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 Subject C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 ValidFrom 2011-02-22 19:25:17 ValidTo 2021-02-22 19:35:17 Signature 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 611993e400000000001c Version 3
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7 Field Value ToBeSigned (TBS) MD5 b30c31a572b0409383ed3fbe17e56e81 ToBeSigned (TBS) SHA1 4843a82ed3b1f2bfbee9671960e1940c942f688d ToBeSigned (TBS) SHA256 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 Subject C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA ValidFrom 2010-02-08 00:00:00 ValidTo 2020-02-07 23:59:59 Signature 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 5200e5aa2556fc1a86ed96c9d44b33c7 Version 3
Imports Expand Imported Functions Expand IoCreateSymbolicLink MmUnmapLockedPages IoCreateDevice IoDeleteSymbolicLink MmAllocateContiguousMemorySpecifyCache MmFreeContiguousMemorySpecifyCache DbgPrint IoAllocateMdl MmAllocateContiguousMemory KeAcquireSpinLockRaiseToDpc IofCompleteRequest IoDeleteDevice KeReleaseSpinLock MmFreeContiguousMemory MmUnmapIoSpace MmBuildMdlForNonPagedPool IoFreeMdl MmGetPhysicalAddress MmMapLockedPagesSpecifyCache KeBugCheckEx RtlInitUnicodeString MmMapIoSpace HalTranslateBusAddress Exported Functions Expand Sections Expand .text .rdata .data .pdata INIT Signature Expand {
"Certificates": [
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "291a8c8022af992219298e002861d3e6",
"Signature": "826501755cb3861a31e06401c06a60985b976786d9ee66655b16dd6d0bee5eb2f1cc78cd3ab42a8074f2ead8703cde54b1abcf4587bf817e30617d1af84751b7500221dcbf4c44dd111da69ee12a89907bdd7dc10234330ba6914f64d2efde98cb0fd05e6e5d934093cbfd4d79999ef382d804516e593f3de809bdf5c9024dad58da6dd9c62f13b75c649bc8f6c3c75f5617b2db0dc20abf47f820e5b01289b457cd234fa59038f0aa7b86c8b7590728fd9252eefeb112de0b8bb6733b162a5596ffb01ec9fa61fc5cad486c4e7f9d24c5fc10a0adf8ba3f70ef4597ab8fe20978346673fffb66fb15373759bf0e1142034440402ab58a2c1bd0e32f7a23a85a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=PEGATRON CORPORATION, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PEGATRON CORPORATION",
"TBS": {
"MD5": "92ee6d7e7b0fbf4e755ce186dc2e2ed9",
"SHA1": "2fdb5226daef89f545c7c8d0dcc4233d02126e68",
"SHA256": "4fd24c5fdae677d4e66d9d1c7b1417680ed16f69dc94c98698f580afdd3873df",
"SHA384": "f4140f9893e8ae98630aca7174509f3b966878caca375fe2865adf98739fae974c43db7e81a1ddffef787ffa0b296867"
},
"ValidFrom": "2012-03-06 00:00:00",
"ValidTo": "2015-03-29 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "291a8c8022af992219298e002861d3e6",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates Expand Certificate 4191a15a3978dfcf496566381d4c75c2 Field Value ToBeSigned (TBS) MD5 41011f8d0e7c7a6408334ca387914c61 ToBeSigned (TBS) SHA1 c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 ToBeSigned (TBS) SHA256 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 Subject C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA ValidFrom 2004-07-16 00:00:00 ValidTo 2014-07-15 23:59:59 Signature ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 4191a15a3978dfcf496566381d4c75c2 Version 3
Certificate 610c120600000000001b Field Value ToBeSigned (TBS) MD5 53c41bc1164e09e0cd1617a5bf913efd ToBeSigned (TBS) SHA1 93c03aac8951d494ecd5696b1c08658541b18727 ToBeSigned (TBS) SHA256 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b Subject C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority ValidFrom 2006-05-23 17:01:29 ValidTo 2016-05-23 17:11:29 Signature 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority True SerialNumber 610c120600000000001b Version 3
Certificate 23eab3ac30c7016a299c8d31d99f3ae8 Field Value ToBeSigned (TBS) MD5 54f73eaca10fe12ff2e14194e2f019b8 ToBeSigned (TBS) SHA1 471cb77202e7d4941a5bff8ba813f5ed221dc32e ToBeSigned (TBS) SHA256 9dba2d4765226ca91fb7104e0cbd01308c4e8ed9727ea661eeaa473d7825ee35 Subject C=TW, ST=Taiwan, L=Taipei / Peitou, O=ASUSTeK Computer Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Quality Testing Department, CN=ASUSTeK Computer Inc. ValidFrom 2007-07-03 00:00:00 ValidTo 2008-07-26 23:59:59 Signature 2eca2db768d60f241f8c155b9db4bc91a02d16a3f1ec09059aa3b91a4ee0e44317d1f286d12133f44f4b282141287a8b9a3781b46184f732a599edb622e6057156d99221a130091c9f171f1a5f75125a68270d5c21ac379541136b8bf164a0ee6c9b9f5557754ea940f1c836e6d823528d764aaa41b038d84523e395c0ada5e17fea7912a0d10aa807fc0b89d4d116b92dbfc7028f1a23d5d679ac9a1023952a2cf98940ad5cc16bd9381403751ebd52c892205205d51d72b2a83ddb92547fce93e2b6617a42c7249312344ee0b9184859e8b1dd39bd5e61ab5999cbc8aa8807c8538c1926e49a9bbc29dcdf266a603c85f8df773c9659bcf08ffe2ba0f1cfa5 SignatureAlgorithmOID 1.2.840.113549.1.1.5 IsCertificateAuthority False SerialNumber 23eab3ac30c7016a299c8d31d99f3ae8 Version 3
Imports Expand Imported Functions Expand IoCreateSymbolicLink MmUnmapLockedPages IoCreateDevice IoDeleteSymbolicLink MmAllocateContiguousMemorySpecifyCache MmFreeContiguousMemorySpecifyCache DbgPrint IoAllocateMdl MmAllocateContiguousMemory KeAcquireSpinLockRaiseToDpc IofCompleteRequest IoDeleteDevice KeReleaseSpinLock MmFreeContiguousMemory MmUnmapIoSpace MmBuildMdlForNonPagedPool IoFreeMdl MmGetPhysicalAddress MmMapLockedPagesSpecifyCache KeBugCheckEx RtlInitUnicodeString MmMapIoSpace HalTranslateBusAddress Exported Functions Expand Sections Expand .text .rdata .data .pdata INIT Signature Expand {
"Certificates": [
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "291a8c8022af992219298e002861d3e6",
"Signature": "826501755cb3861a31e06401c06a60985b976786d9ee66655b16dd6d0bee5eb2f1cc78cd3ab42a8074f2ead8703cde54b1abcf4587bf817e30617d1af84751b7500221dcbf4c44dd111da69ee12a89907bdd7dc10234330ba6914f64d2efde98cb0fd05e6e5d934093cbfd4d79999ef382d804516e593f3de809bdf5c9024dad58da6dd9c62f13b75c649bc8f6c3c75f5617b2db0dc20abf47f820e5b01289b457cd234fa59038f0aa7b86c8b7590728fd9252eefeb112de0b8bb6733b162a5596ffb01ec9fa61fc5cad486c4e7f9d24c5fc10a0adf8ba3f70ef4597ab8fe20978346673fffb66fb15373759bf0e1142034440402ab58a2c1bd0e32f7a23a85a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=PEGATRON CORPORATION, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PEGATRON CORPORATION",
"TBS": {
"MD5": "92ee6d7e7b0fbf4e755ce186dc2e2ed9",
"SHA1": "2fdb5226daef89f545c7c8d0dcc4233d02126e68",
"SHA256": "4fd24c5fdae677d4e66d9d1c7b1417680ed16f69dc94c98698f580afdd3873df",
"SHA384": "f4140f9893e8ae98630aca7174509f3b966878caca375fe2865adf98739fae974c43db7e81a1ddffef787ffa0b296867"
},
"ValidFrom": "2012-03-06 00:00:00",
"ValidTo": "2015-03-29 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "291a8c8022af992219298e002861d3e6",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2026-04-20
