Description
Confirmed vulnerable driver from Microsoft Block List
- UUID: a5eb98bf-2133-46e8-848f-a299ea0ddefa
- Created: 2023-07-22
- Author: Michael Haag
- Acknowledgement: |
Download
| Use Case | Privileges | Operating System |
|---|
| Elevate privileges | kernel | Windows |
Detections
YARA 🏹
Expand
Sigma 🛡️
Expand
Names
detects loading using name only
Hashes
detects loading using hashes only
Resources
https://gist.github.com/mgraeber-rc/1bde6a2a83237f17b463d051d32e802cCVE
Known Vulnerable Samples
Download
Certificates
Expand
Certificate 00bae5fa7e148e727ecf4481e69416f9a0
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e60d2ebd77b703a3f6628183b0ad1262 |
| ToBeSigned (TBS) SHA1 | 9e82200e82226ceae142ac8b8cd9580dd585c0c7 |
| ToBeSigned (TBS) SHA256 | 587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a |
| Subject | C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE |
| ValidFrom | 2021-03-25 00:00:00 |
| ValidTo | 2024-03-24 23:59:59 |
| Signature | 519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.11 |
| IsCertificateAuthority | False |
| SerialNumber | 00bae5fa7e148e727ecf4481e69416f9a0 |
| Version | 3 |
Certificate 3972443af922b751d7d36c10dd313595
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 3f5b269ded03667a7bad47c1885062b0 |
| ToBeSigned (TBS) SHA1 | 0f01247aaf8b46e3617880e0f5f5dfac696ed7a3 |
| ToBeSigned (TBS) SHA256 | 593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c |
| Subject | C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority |
| ValidFrom | 2019-03-12 00:00:00 |
| ValidTo | 2028-12-31 23:59:59 |
| Signature | 188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.12 |
| IsCertificateAuthority | True |
| SerialNumber | 3972443af922b751d7d36c10dd313595 |
| Version | 3 |
Certificate 1da248306f9b2618d082e0967d33d36a
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | c1eabfb5994258ad955adb7c2df165e6 |
| ToBeSigned (TBS) SHA1 | fa33b3c00cebc469b269220d9eab26926c9b8ad8 |
| ToBeSigned (TBS) SHA256 | 70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA |
| ValidFrom | 2018-11-02 00:00:00 |
| ValidTo | 2030-12-31 23:59:59 |
| Signature | 4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.12 |
| IsCertificateAuthority | True |
| SerialNumber | 1da248306f9b2618d082e0967d33d36a |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwClose
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- MmFreeContiguousMemory
- IoFreeMdl
- MmMapLockedPages
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- MmAllocateContiguousMemory
- MmUnmapLockedPages
- IoDeleteDevice
- IoDeleteSymbolicLink
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoAllocateMdl
- MmMapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 0e55cdb4e7e8eeb9dd5d89fc1d7588ca
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a5de00a04f3cc5cb19818f21f9dfb050 |
| ToBeSigned (TBS) SHA1 | ca921c1b360b04765d8eec4edb88438ba7a28049 |
| ToBeSigned (TBS) SHA256 | 4c8b0e0cfde13478b5bc8b7e58a4b5f0971d324c17fa908b79816e5efa86e10c |
| Subject | ??=US, ??=Georgia, ??=Private Organization, serialNumber=J912954, C=US, ST=Georgia, L=Norcross, O=American Megatrends, Inc., CN=American Megatrends, Inc. |
| ValidFrom | 2017-08-30 00:00:00 |
| ValidTo | 2020-09-24 12:00:00 |
| Signature | 5a00ce1b66cc04a3be37c0926957fc54b1f2904c69a3555d90a15e3c7b7133e76583a0fe5c13c21cdddda40e6f0ba958964796abcfbb7fbe4de15a009f80e653556e29cac9d208645b8154f52f6045fa268f6e6b57536f21833f2cc92c5e9a51636cfeaa74f0b8ab80a8649d68c7c46f51a534c0697a426aa37337c7956268f4cdc8d88adbd1aa0cb620abeb7166172e914016c84e00824751b4f7142b54c56b74d578fd97aadda3e8e777ec22c34460a8dc7e0392a9adab018b16699d9ddd7551fd5c5924f3d1ccb9e6ef67ca0ab2107d1abf158add6d42ba18dee5ec35e3445627df4744d71f73ee3a199aaa42993ebaaa7f91f8b6d1b623350744853c1b38 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.11 |
| IsCertificateAuthority | False |
| SerialNumber | 0e55cdb4e7e8eeb9dd5d89fc1d7588ca |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 03f1b4e15f3a82f1149678b3d7d8475c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 83f5de89f641d0fbf60248e10a7b9534 |
| ToBeSigned (TBS) SHA1 | 382a73a059a08698d6eb98c87e1b36fc750933a4 |
| ToBeSigned (TBS) SHA256 | eec58131dc11cd7f512501b15fdbc6074c603b68ca91f7162d5a042054edb0cf |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert EV Code Signing CA (SHA2) |
| ValidFrom | 2012-04-18 12:00:00 |
| ValidTo | 2027-04-18 12:00:00 |
| Signature | 19334a0c813337dbad36c9e4c93abbb51b2e7aa2e2f44342179ebf4ea14de1b1dbe981dd9f01f2e488d5e9fe09fd21c1ec5d80d2f0d6c143c2fe772bdbf9d79133ce6cd5b2193be62ed6c9934f88408ecde1f57ef10fc6595672e8eb6a41bd1cd546d57c49ca663815c1bfe091707787dcc98d31c90c29a233ed8de287cd898d3f1bffd5e01a978b7cda6dfba8c6b23a666b7b01b3cdd8a634ec1201ab9558a5c45357a860e6e70212a0b92364a24dbb7c81256421becfee42184397bba53706af4dff26a54d614bec4641b865ceb8799e08960b818c8a3b8fc7998ca32a6e986d5e61c696b78ab9612d93b8eb0e0443d7f5fea6f062d4996aa5c1c1f0649480 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.11 |
| IsCertificateAuthority | True |
| SerialNumber | 03f1b4e15f3a82f1149678b3d7d8475c |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- ZwClose
- ObReferenceObjectByHandle
- ZwOpenSection
- MmUnmapLockedPages
- MmMapLockedPages
- MmFreeContiguousMemory
- MmBuildMdlForNonPagedPool
- IoFreeMdl
- MmGetPhysicalAddress
- MmMapIoSpace
- PsGetVersion
- MmIsAddressValid
- IoAllocateMdl
- MmAllocateContiguousMemory
- DbgPrint
- IoDeleteSymbolicLink
- IoDeleteDevice
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- KeBugCheckEx
- MmMapLockedPagesSpecifyCache
- MmUnmapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1ecbf523c0f14748fe14841dbb88c365
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 64f5c20bac3ca9a20857800f4df459c1 |
| ToBeSigned (TBS) SHA1 | a74a6dc7bbed636d0dd81f4c568e8ba9a1b4f63c |
| ToBeSigned (TBS) SHA256 | b719be4421509ea4032925e523e7045900feda002cc27f69031630da48e7c132 |
| Subject | C=US, ST=Georgia, L=Norcross, O=American Megatrends, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Headquarters, CN=American Megatrends, Inc. |
| ValidFrom | 2010-05-07 00:00:00 |
| ValidTo | 2012-05-06 23:59:59 |
| Signature | 41aa6f714033d64479b8e3492829a9435eeaaa4d4d82b4a95192c18a07ab08afe25582abe5acaea015492a737f7bdd4591fdb50b670888a4d66dae5fc240fbd68276b8264e9f438df308568bbae1a06544acd767d960475aaf62cbce8e8feea6eafd802954e28ecf016620e7686727c6b75ddfb2818317e1e333641aae42d1cf6ec8f95bcc96a647143801547c6b3857323c08b552602724268d3c35569e83368bfed55c81cee51ac4a16db9f81fff47687ad82c20ef5fb7ea9102a43de699caa0b86c1a07b4a4b6f949c28cec24892a74461a0d3f8659f2abfc58818ba2b44393970d08bde058c694a73e335eab3a17df129668db432e2ea659f1f4774a1bdc |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1ecbf523c0f14748fe14841dbb88c365 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwClose
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- MmFreeContiguousMemory
- IoFreeMdl
- MmMapLockedPages
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- MmAllocateContiguousMemory
- MmUnmapLockedPages
- IoDeleteDevice
- IoDeleteSymbolicLink
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoAllocateMdl
- MmMapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 5ba2905d11f5cfbbc53ab21bfd39defe
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 5fa5fe411cf2f824dba6ce8c34a7c1a2 |
| ToBeSigned (TBS) SHA1 | 3c83886e28508f0cf5222ae6e8ffdb874144d42d |
| ToBeSigned (TBS) SHA256 | 9a70952ea856e2791bbdfad165dea69c7e57236053401fca97c67f95799efc41 |
| Subject | C=US, ST=Georgia, L=Norcross, O=American Megatrends, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Headquarters, CN=American Megatrends, Inc. |
| ValidFrom | 2012-06-26 00:00:00 |
| ValidTo | 2015-06-26 23:59:59 |
| Signature | 5460beb703f166c9e6162d718f8e007272cb4311c796179a1d9f961bf90afd5019666505230d293cec6536bdeb283d167d4aa10d10e1693a9203ac123052e9a85dd70e698e1d4d27609892c789a423afb9f4db6063873df482e41c4533931ba6e85bf70f6ba1ffeed4dbb4a9d8d64698eca2b119fdb150d1d371cf7bf66f91ee76c743a8da01a13748dcd300def65d094ea4c9298d897e7c2e35c1445445b8570fd3cf14e966c35206d738b2074cc4e1a09e467e4d817a4bb8ba5c4ae69e30682ce55df79f9bc796dc0fc60fba1b5ecca4c3b963e7b666cd1b7eddc0dd4f0f1ec95e1c77aeb4081e4d0e44ff28c243945a6e6e14eaf39b76856e93b0f4843384 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 5ba2905d11f5cfbbc53ab21bfd39defe |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- ZwClose
- ObReferenceObjectByHandle
- ZwOpenSection
- MmUnmapLockedPages
- MmMapLockedPages
- MmFreeContiguousMemory
- MmBuildMdlForNonPagedPool
- MmMapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- IoAllocateMdl
- MmAllocateContiguousMemory
- IoDeleteSymbolicLink
- IoDeleteDevice
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- KeBugCheckEx
- IoFreeMdl
- MmUnmapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1ecbf523c0f14748fe14841dbb88c365
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 64f5c20bac3ca9a20857800f4df459c1 |
| ToBeSigned (TBS) SHA1 | a74a6dc7bbed636d0dd81f4c568e8ba9a1b4f63c |
| ToBeSigned (TBS) SHA256 | b719be4421509ea4032925e523e7045900feda002cc27f69031630da48e7c132 |
| Subject | C=US, ST=Georgia, L=Norcross, O=American Megatrends, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Headquarters, CN=American Megatrends, Inc. |
| ValidFrom | 2010-05-07 00:00:00 |
| ValidTo | 2012-05-06 23:59:59 |
| Signature | 41aa6f714033d64479b8e3492829a9435eeaaa4d4d82b4a95192c18a07ab08afe25582abe5acaea015492a737f7bdd4591fdb50b670888a4d66dae5fc240fbd68276b8264e9f438df308568bbae1a06544acd767d960475aaf62cbce8e8feea6eafd802954e28ecf016620e7686727c6b75ddfb2818317e1e333641aae42d1cf6ec8f95bcc96a647143801547c6b3857323c08b552602724268d3c35569e83368bfed55c81cee51ac4a16db9f81fff47687ad82c20ef5fb7ea9102a43de699caa0b86c1a07b4a4b6f949c28cec24892a74461a0d3f8659f2abfc58818ba2b44393970d08bde058c694a73e335eab3a17df129668db432e2ea659f1f4774a1bdc |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1ecbf523c0f14748fe14841dbb88c365 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwClose
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- MmFreeContiguousMemory
- IoFreeMdl
- MmMapLockedPages
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- MmAllocateContiguousMemory
- MmUnmapLockedPages
- IoDeleteDevice
- IoDeleteSymbolicLink
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoAllocateMdl
- MmMapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 08dfd80b2826716554b1fb8cfa5043d7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 960327b70b290ec28fa2e85cbb7a41fa |
| ToBeSigned (TBS) SHA1 | a2ac59e0c82196d6661212232bd3bcf0588e40ea |
| ToBeSigned (TBS) SHA256 | 8bb26b4dc7c105fd9cdd0604cedbf3647a700dc4ddadcad839d8e27312253e73 |
| Subject | C=US, ST=Georgia, L=Norcross, O=American Megatrends, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Headquarters, CN=American Megatrends, Inc. |
| ValidFrom | 2006-09-30 00:00:00 |
| ValidTo | 2009-11-16 23:59:59 |
| Signature | 7cb6b8f10c441fc01d130c6ae39a287be5cb175f02ae6c214f0034c77f262006f866180e4db8619079a50fef4fde71927b061ef79f3d0e1be1bba040afd81f202bb10892ce7a0549506158a1d15067dd7a82488cc4bd2c3f408ee928c85117ee0d080d9dc24b571b5d75e3ef1e87d3d6b755ab6f9c07ff92e3b2d515ab1219424bf288aed36595d534d91b905b80378c02bd470dd0fb8150888cd0ac3c98cd62becd7c274469167be833f226b05b822d875efa40863faa10e358edd17e3f4d1ee7d62590d1d3e26e9c953be9e1d9a309990e0bb9c06cdfaa89f7b021aaa8d933440d432eab2e7676bda57841b3e7a8933da8b1e047e9cde29ea89b62b4eb48b8 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 08dfd80b2826716554b1fb8cfa5043d7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwClose
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- MmFreeContiguousMemory
- IoFreeMdl
- MmMapLockedPages
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- MmAllocateContiguousMemory
- MmUnmapLockedPages
- IoDeleteDevice
- IoDeleteSymbolicLink
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoAllocateMdl
- MmMapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- ZwClose
- ObReferenceObjectByHandle
- ZwOpenSection
- MmUnmapLockedPages
- MmMapLockedPages
- MmFreeContiguousMemory
- MmBuildMdlForNonPagedPool
- MmMapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- IoAllocateMdl
- MmAllocateContiguousMemory
- IoDeleteSymbolicLink
- IoDeleteDevice
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- KeBugCheckEx
- IoFreeMdl
- MmUnmapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Imports
Expand
Imported Functions
Expand
- ZwClose
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- RtlInitUnicodeString
- ZwUnmapViewOfSection
- MmFreeContiguousMemory
- IoFreeMdl
- MmMapLockedPages
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmIsAddressValid
- MmAllocateContiguousMemory
- MmUnmapLockedPages
- IoDeleteDevice
- IoDeleteSymbolicLink
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoAllocateMdl
- MmMapIoSpace
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Signature": "519d68e4d16da2927761a469f3e722556dc89310e1cc9b215e8992da99d01a265aba54680568e7addbc248e894045a18190d3e05ac35109fbc8518bdf7e68a28e853bff1b2291d84ec03550569a0fa8331c5de89c4c9c47911c902a40cd4772b2086b541a8c57d3a30c05858d717dec7f859c66895ee1bea0b5a9c871a297efed221348320c85aebcda9a210e7f7b3ac88325041ea330fa5ca0cba6ecf07861e3e665c8095df135706b033b38d9567fd9b2c745e3afab8048e7aa41a4b7b0ef7ef39315a98026983b9fa9fe775c15452d18b124890fb9b52db063cbd3dc0d58b3eeb894262c74bd791efe66bf49f071ee4796aa7b3c983b29b05a53c3a0bd507",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
"Subject": "C=DE, postalCode=81673, ST=Bayern, L=Mnchen, ??=Tomannweg 6, O=NOVENTI Health SE, CN=NOVENTI Health SE",
"TBS": {
"MD5": "e60d2ebd77b703a3f6628183b0ad1262",
"SHA1": "9e82200e82226ceae142ac8b8cd9580dd585c0c7",
"SHA256": "587d3e589c526256b69c3836ba380c292f11cba42bd7ad847cdb8922d5c0c66a",
"SHA384": "266ef698aa66c7948f7a0f9989e4e086e7821b768ebbe85f439aa3fafccbc5eefbde84ac00ad3a18aeb2777b3a682d42"
},
"ValidFrom": "2021-03-25 00:00:00",
"ValidTo": "2024-03-24 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "3972443af922b751d7d36c10dd313595",
"Signature": "188751dc74213d9c8ae027b733d02eccecf0e6cb5e11de226f9b758e9e72fee4d6feaa1f9c962def034a7eaef48d6f723c433bc03febb8df5caaa9c6aef2fcd8eea37b43f686367c14e0cdf4f73ffedeb8b48af09196fefd43647efdccd201a17d7df81919c9422b13bf588bbaa4a266047688914e0c8914cea24dc932b3bae8141abc71f15bf0410b98000a220310e50cb1f9cd923719ed3bf1e43ab6f945132675afbbaaef3f7b773bd2c402913d1900d3175c39db3f7b180d45cd9385962f5ddf59164f3f51bdd545183fed4a8ee80661742316b50d50732744477f105d892a6b853114c4e8a96a4c80bc6a78cfb87f8e7672990c9dfed7910816a1a35f95",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"TBS": {
"MD5": "3f5b269ded03667a7bad47c1885062b0",
"SHA1": "0f01247aaf8b46e3617880e0f5f5dfac696ed7a3",
"SHA256": "593e2d49a74023555526aef9b7422b19e5b8b167391b6dee5ed292b1ca23a74c",
"SHA384": "13baa039635f1c5292a8c2f36aae7e1d25c025202e9092f5b0f53f5f752dfa9c71b3d1b8d9a6358fcee6ec75622fabf9"
},
"ValidFrom": "2019-03-12 00:00:00",
"ValidTo": "2028-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "1da248306f9b2618d082e0967d33d36a",
"Signature": "4d6350ed47344a61a4dbde6a2a8c9bf100001e1d627b3ad732c2f6b3e063b3fb6100889a1b6d1007044fbeb8ea897822eb0f46ecf3465e40468912f40b775a9c2a413afcd6f4ebe7f7159533c3a18328b7de2fe494f78533832d4a4048bf9ac24f4ab18f24f4b38137d3b764b0a6236a596852425fff04ebe174657908f5a993de6b71409996ba78f1b9c8e2c30816b1ab635ac815806d745e4a757ea5b8c36cb5cfdf4a79875cc7404d6335f630d3cfb50a0e0b047fa04baebba3a5d08400933e535d34a50035696cbe9f2025100d19fb509061be398f7a8e4df69f0e1efe075112668326194895ce4ac9c17ff33a059bf96fdf887fc0239ed21e437a4531c19c4da9f059b25919e86a8d290402777c4b4bcd70be3ab2555a783ebcbb6f0310257715348af936cc4392e4ba4ff1629328255729fb5119c7a125406a8457c6b29db1bc1c0ada7c677e7d2ee9284c187ec47b3141719a4b29ec0b3d5750d2caddfd9e0551e54478dd01deb175980d5424fdf04ee3e2f883bd72bacb3d3aeef05e1792686dc861f9a6f12a0a0ba5b9f49eee983205859eebf98329d3c62c7dbd3a772e8b3742a06a82ed3b4aaa9410a4e10df817c5b65a79331892e3b575f8a1e98e0a251ee41ef19f5a8723ff9fa4519efb398011cddbb5c4a7a8806fe553d4e0e3a2c2d25b1afa32262d6a57701c3ca4582ea3f35b4b07dc3259f387a71a6d58",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.12",
"Subject": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"TBS": {
"MD5": "c1eabfb5994258ad955adb7c2df165e6",
"SHA1": "fa33b3c00cebc469b269220d9eab26926c9b8ad8",
"SHA256": "70dffac37eb787b2198816982c7d44f541d2e39a7dac069d37b367dc9f354b32",
"SHA384": "20adc5b59cb532e215f01ba09a9c745898c206555613512fea7c295ccfd17ced4fe2c5bc3274ca8a270fc68799b8343c"
},
"ValidFrom": "2018-11-02 00:00:00",
"ValidTo": "2030-12-31 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Code Signing CA",
"SerialNumber": "00bae5fa7e148e727ecf4481e69416f9a0",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2024-04-09
