Description
DirectIo32.sys is a vulnerable driver and more information will be added as found.
- UUID: ee2d68aa-1a65-4967-8627-73590b041538
- Created: 2023-05-06
- Author: Nasreddine Bencherchali
- Acknowledgement: |
Download
This download link contains the vulnerable driver!
Commands
sc.exe create DirectIo32.sys binPath=C:\windows\temp\DirectIo32.sys type=kernel && sc.exe start DirectIo32.sys
| Use Case | Privileges | Operating System |
|---|
| Elevate privileges | kernel | Windows 10 |
Detections
Sigma 🛡️
Expand
Names
detects loading using name only
Hashes
detects loading using hashes only
Resources
Internal ResearchKnown Vulnerable Samples
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 38e7fa0db1a398f805bb85a69171dc9d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 159feaed9447c7d71653069c337ec2b3 |
| ToBeSigned (TBS) SHA1 | 5079a8aa946ee016c86153d4456f58277360c036 |
| ToBeSigned (TBS) SHA256 | e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf |
| Subject | C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd |
| ValidFrom | 2009-09-22 00:00:00 |
| ValidTo | 2012-10-18 23:59:59 |
| Signature | b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 38e7fa0db1a398f805bb85a69171dc9d |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- memcpy
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IofCompleteRequest
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- RtlIntegerToUnicodeString
- RtlAppendUnicodeToString
- ObfDereferenceObject
- RtlQueryRegistryValues
- ZwOpenKey
- _snwprintf
- RtlWriteRegistryValue
- KeWaitForSingleObject
- IofCallDriver
- IoBuildDeviceIoControlRequest
- KeInitializeEvent
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- wcsrchr
- DbgPrintEx
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- ZwClose
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- IoDeleteSymbolicLink
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 38e7fa0db1a398f805bb85a69171dc9d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 159feaed9447c7d71653069c337ec2b3 |
| ToBeSigned (TBS) SHA1 | 5079a8aa946ee016c86153d4456f58277360c036 |
| ToBeSigned (TBS) SHA256 | e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf |
| Subject | C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd |
| ValidFrom | 2009-09-22 00:00:00 |
| ValidTo | 2012-10-18 23:59:59 |
| Signature | b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 38e7fa0db1a398f805bb85a69171dc9d |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- memcpy
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IofCompleteRequest
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- ObfDereferenceObject
- RtlAppendUnicodeToString
- IoDeleteSymbolicLink
- RtlQueryRegistryValues
- ZwOpenKey
- RtlWriteRegistryValue
- KeWaitForSingleObject
- IofCallDriver
- IoBuildDeviceIoControlRequest
- KeInitializeEvent
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- ZwClose
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- RtlIntegerToUnicodeString
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 47974d7873a5bcab0d2fb370192fce5e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e3a93dc2a8a8a668fdbb286bfe9afab5 |
| ToBeSigned (TBS) SHA1 | 95795d2aa2a554a423bc8c6e5b0a016d14887d35 |
| ToBeSigned (TBS) SHA256 | d8844186775bddbccaf3dc017064df7d760fd4b85c5d07561a3efd7da950f89e |
| Subject | C=US, O=Thawte, Inc., CN=Thawte Code Signing CA , G2 |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 56fe535ce1c79ebca7ed7e536d6a144b518c405e805faaa4e82fef38c804c9ca3ecfdf3a584eb0d4b663c52957fa02059a454d68db2a1bd4343d9f00c35acb9549a56ee1b0c5fc414d414a6fd377c8d7388de419de18f31f1565836d450c53f90a9a2ea55dbf6f32811892196a5500ad631c52067e55d92968ae4a7c189a79886b2323d827382a298776cafbc7b662231fed7a564cdd9c325bf53d0c4618953b2a2368836441d9006d0f1924156872bdc571676eac4cdb90eb51a51a6207d0be6a00473c722fec4f613e7385ce5a0ab7bac01c1375e3223928dd6d1d09469d4fbae8408191c6a4ce94721b01cf2a6e15679589ae7db7b7cdf90a3d75b66b3c25 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47974d7873a5bcab0d2fb370192fce5e |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 5ece8cdb4d508efee821a7cfff5b8016
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | fbbc2fd31bef7df6deb6127e593c71bb |
| ToBeSigned (TBS) SHA1 | 82b8bf771c8f1b038935f84e2a41a37c30650003 |
| ToBeSigned (TBS) SHA256 | ed0d4e6cc774379d4622d107da1a202d9f330e7a68b03abd182ec86685ec7067 |
| Subject | C=AU, ST=New South Wales, L=Sydney, O=PassMark Software Pty Ltd, OU=Secure Application Development, CN=PassMark Software Pty Ltd |
| ValidFrom | 2014-10-23 00:00:00 |
| ValidTo | 2017-01-13 23:59:59 |
| Signature | 2a7625d379f9d98000b6a91746a285e932f9b02086b92f0f5511369a2fe6917b6b0b1f833094654288a1b282fe4057f84aa07a68c19a460d989c2935df87248a85456b058fcb53b1a5f3d037735374336fb58c1ff3d8973017b0aefac3e114f0d439239b2c7f3e1ef073bd38748dfd81ad871e50e71ece4cb43d44de9b36f13240b52c20a02a74581ba72f526f8362bf8bff2e51884cfdaf89859fe8ffd32e82d36745d05754c7161ee5945647d6fb907f347f0448761bf6dcd40ead8a425b4e575fc13ce3a74d1b99504a6db112fb1fb930c11488f702bc9fc78f278c4a987fa4de2382839206d25290cb74895c82be23d5d44002745c4e7a3cab28f42583f1 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 5ece8cdb4d508efee821a7cfff5b8016 |
| Version | 3 |
Certificate 611fb0a400000000001d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a3f222107d4e1085e73b5b589c2f480b |
| ToBeSigned (TBS) SHA1 | b94aa26cd77c48d91a53ac44506cbd255e1d362c |
| ToBeSigned (TBS) SHA256 | a39ed0d6fd4eb1a6f7fed60f726e23eae668b7591bc004644625d22c701213fa |
| Subject | C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. , For authorized use only, CN=thawte Primary Root CA |
| ValidFrom | 2011-02-22 19:31:57 |
| ValidTo | 2021-02-22 19:41:57 |
| Signature | 2dcc71b5e8ba94ff5ee64467007b6afc412c3ee70e41855ab12a932ba95b89f2f72b499c8003f297b8e760a80ed7fd5de545467594f4ed1c9de166228b61fb29f2c6a8bdf387c98f7f47e1c058b64a1aa2e7f718606969e083069e26c775c40c0d79da746b52b9fae8ea3359b9bb18dd291a14dfd36a37277a9da0dacffffc22c4faf009ff33e93e17ba1cc742cfce2743d30c0c5581303db96060ce02ece19ee81ddc852ce0a18d966d95ac17a4713ea16741b6281d2ce3b615e5b7e5a2f6256d86e320acf9f8314f8e629b9833376d6af735523e90feb03b5fc5b852a9e06ea0479a279e97aea24a9e531939ec357ec659de3ae0aaf533f06abda0821812dea18c4570ca2bd62e959145995a5c240049bd23b30ceca43df5b9e1d1b1825a38eea3fba1ab483a8c5dffa065223fd3d3fe4990db1446a3852e8a554b09ab38b2ab63a008d1fdad48e273d812bcc26ca516fad09ac05e38383a2b718e553aac42197a1f0d4220e7ab5d8c6880524ca1c0d488d02321fb901309007b4937afa9df486022abf4f6c2363bf8513c34bbc586e43ae19f4b90fe5461024b159c34176aa94b8d4cb69d2326c83af1d6b805cdda1d6240183a2f1b41cd3a993a0aa9d1d77eb8c4aff7b8c980105ed55df6ce7a9a02c50f6381efb564e9fc5bd8d2619a68c37cf9c78df91e87d5fa2cf816ae9dab068fc86dc741cda14e84e3dac26ebcfb |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611fb0a400000000001d |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- IoBuildSynchronousFsdRequest
- KeInitializeEvent
- IoGetDeviceProperty
- ObfDereferenceObject
- IoEnumerateDeviceObjectList
- ObReferenceObjectByName
- IoDriverObjectType
- IoGetAttachedDeviceReference
- IoFreeMdl
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- IoAllocateMdl
- MmMapIoSpace
- ZwMapViewOfSection
- ZwClose
- ObReferenceObjectByHandle
- ZwOpenSection
- MmUnmapLockedPages
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- IofCallDriver
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- RtlQueryRegistryValues
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- RtlIntegerToUnicodeString
- RtlAppendUnicodeToString
- IoDeleteSymbolicLink
- ZwOpenKey
- RtlWriteRegistryValue
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- wcsrchr
- DbgPrintEx
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- KeWaitForSingleObject
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- _vsnwprintf
- memcpy
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeStallExecutionProcessor
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 38e7fa0db1a398f805bb85a69171dc9d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 159feaed9447c7d71653069c337ec2b3 |
| ToBeSigned (TBS) SHA1 | 5079a8aa946ee016c86153d4456f58277360c036 |
| ToBeSigned (TBS) SHA256 | e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf |
| Subject | C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd |
| ValidFrom | 2009-09-22 00:00:00 |
| ValidTo | 2012-10-18 23:59:59 |
| Signature | b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 38e7fa0db1a398f805bb85a69171dc9d |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- memcpy
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IofCompleteRequest
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- ObfDereferenceObject
- RtlAppendUnicodeToString
- IoDeleteSymbolicLink
- RtlQueryRegistryValues
- ZwOpenKey
- RtlWriteRegistryValue
- KeWaitForSingleObject
- IofCallDriver
- IoBuildDeviceIoControlRequest
- KeInitializeEvent
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- ZwClose
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- RtlIntegerToUnicodeString
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 38e7fa0db1a398f805bb85a69171dc9d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 159feaed9447c7d71653069c337ec2b3 |
| ToBeSigned (TBS) SHA1 | 5079a8aa946ee016c86153d4456f58277360c036 |
| ToBeSigned (TBS) SHA256 | e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf |
| Subject | C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd |
| ValidFrom | 2009-09-22 00:00:00 |
| ValidTo | 2012-10-18 23:59:59 |
| Signature | b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 38e7fa0db1a398f805bb85a69171dc9d |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ObfDereferenceObject
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- memcpy
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IofCompleteRequest
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- RtlIntegerToUnicodeString
- ZwClose
- IoDeleteSymbolicLink
- RtlQueryRegistryValues
- ZwOpenKey
- RtlWriteRegistryValue
- KeWaitForSingleObject
- IofCallDriver
- IoBuildDeviceIoControlRequest
- KeInitializeEvent
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- wcsrchr
- DbgPrintEx
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- _vsnwprintf
- RtlAppendUnicodeToString
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 6ec5060c23b767aa5eb4fe5ddad4af2d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 68d63143985e350ea05f95c3c989d910 |
| ToBeSigned (TBS) SHA1 | 35d4099366238cdf0d0568367df87e76a721e4e4 |
| ToBeSigned (TBS) SHA256 | 565f57952c378ad23755193c410d80a4b4cf11374e8d68ae7ad35d58f7bd2705 |
| Subject | C=AU, ST=New South Wales, L=Sydney, O=PassMark Software Pty Ltd, OU=Secure Application Development, CN=PassMark Software Pty Ltd |
| ValidFrom | 2013-01-14 00:00:00 |
| ValidTo | 2015-01-14 23:59:59 |
| Signature | 962575976d67babaeead5b02f75eb90413510ab88431e41e557b88607fdb1788cc2a92e9314ec15ad64a575e59ad1d56b393600e9821e2ba7e50a4e8c7a8bbac03da75a6aa19c5ea5a74e541a0ee96928771368dce74948facce20e2fde3165fb5f5a5aa1c7f1809fca417d1179e7f4f46ade45c1c9f1b9696337719ca36dc304a0df468908064e37f878eeddc42a4b417652d563615134bc7f52927f8f96717b63631df61403dbad145e56ad07a466c911fca193cbe2e013925287326bf7c4870c0a7564be57688769c742685822b853bcc7ef4d53e322ac619c85a90693ecf40674cd9286cdac7da899b50a13c69433cbc298e176d7dbecf178fffd66a79f3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 6ec5060c23b767aa5eb4fe5ddad4af2d |
| Version | 3 |
Certificate 47974d7873a5bcab0d2fb370192fce5e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e3a93dc2a8a8a668fdbb286bfe9afab5 |
| ToBeSigned (TBS) SHA1 | 95795d2aa2a554a423bc8c6e5b0a016d14887d35 |
| ToBeSigned (TBS) SHA256 | d8844186775bddbccaf3dc017064df7d760fd4b85c5d07561a3efd7da950f89e |
| Subject | C=US, O=Thawte, Inc., CN=Thawte Code Signing CA , G2 |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 56fe535ce1c79ebca7ed7e536d6a144b518c405e805faaa4e82fef38c804c9ca3ecfdf3a584eb0d4b663c52957fa02059a454d68db2a1bd4343d9f00c35acb9549a56ee1b0c5fc414d414a6fd377c8d7388de419de18f31f1565836d450c53f90a9a2ea55dbf6f32811892196a5500ad631c52067e55d92968ae4a7c189a79886b2323d827382a298776cafbc7b662231fed7a564cdd9c325bf53d0c4618953b2a2368836441d9006d0f1924156872bdc571676eac4cdb90eb51a51a6207d0be6a00473c722fec4f613e7385ce5a0ab7bac01c1375e3223928dd6d1d09469d4fbae8408191c6a4ce94721b01cf2a6e15679589ae7db7b7cdf90a3d75b66b3c25 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47974d7873a5bcab0d2fb370192fce5e |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 611fb0a400000000001d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a3f222107d4e1085e73b5b589c2f480b |
| ToBeSigned (TBS) SHA1 | b94aa26cd77c48d91a53ac44506cbd255e1d362c |
| ToBeSigned (TBS) SHA256 | a39ed0d6fd4eb1a6f7fed60f726e23eae668b7591bc004644625d22c701213fa |
| Subject | C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. , For authorized use only, CN=thawte Primary Root CA |
| ValidFrom | 2011-02-22 19:31:57 |
| ValidTo | 2021-02-22 19:41:57 |
| Signature | 2dcc71b5e8ba94ff5ee64467007b6afc412c3ee70e41855ab12a932ba95b89f2f72b499c8003f297b8e760a80ed7fd5de545467594f4ed1c9de166228b61fb29f2c6a8bdf387c98f7f47e1c058b64a1aa2e7f718606969e083069e26c775c40c0d79da746b52b9fae8ea3359b9bb18dd291a14dfd36a37277a9da0dacffffc22c4faf009ff33e93e17ba1cc742cfce2743d30c0c5581303db96060ce02ece19ee81ddc852ce0a18d966d95ac17a4713ea16741b6281d2ce3b615e5b7e5a2f6256d86e320acf9f8314f8e629b9833376d6af735523e90feb03b5fc5b852a9e06ea0479a279e97aea24a9e531939ec357ec659de3ae0aaf533f06abda0821812dea18c4570ca2bd62e959145995a5c240049bd23b30ceca43df5b9e1d1b1825a38eea3fba1ab483a8c5dffa065223fd3d3fe4990db1446a3852e8a554b09ab38b2ab63a008d1fdad48e273d812bcc26ca516fad09ac05e38383a2b718e553aac42197a1f0d4220e7ab5d8c6880524ca1c0d488d02321fb901309007b4937afa9df486022abf4f6c2363bf8513c34bbc586e43ae19f4b90fe5461024b159c34176aa94b8d4cb69d2326c83af1d6b805cdda1d6240183a2f1b41cd3a993a0aa9d1d77eb8c4aff7b8c980105ed55df6ce7a9a02c50f6381efb564e9fc5bd8d2619a68c37cf9c78df91e87d5fa2cf816ae9dab068fc86dc741cda14e84e3dac26ebcfb |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611fb0a400000000001d |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- IoBuildSynchronousFsdRequest
- KeInitializeEvent
- IoGetDeviceProperty
- ObfDereferenceObject
- IoEnumerateDeviceObjectList
- ObReferenceObjectByName
- IoDriverObjectType
- IoGetAttachedDeviceReference
- IoFreeMdl
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmUnmapIoSpace
- IoAllocateMdl
- MmMapIoSpace
- ZwMapViewOfSection
- ZwClose
- ObReferenceObjectByHandle
- ZwOpenSection
- MmUnmapLockedPages
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- IofCallDriver
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- RtlIntegerToUnicodeString
- RtlAppendUnicodeToString
- IoDeleteSymbolicLink
- RtlQueryRegistryValues
- ZwOpenKey
- RtlWriteRegistryValue
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- wcsrchr
- DbgPrintEx
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- KeWaitForSingleObject
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- _vsnwprintf
- memcpy
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeStallExecutionProcessor
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 38e7fa0db1a398f805bb85a69171dc9d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 159feaed9447c7d71653069c337ec2b3 |
| ToBeSigned (TBS) SHA1 | 5079a8aa946ee016c86153d4456f58277360c036 |
| ToBeSigned (TBS) SHA256 | e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf |
| Subject | C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd |
| ValidFrom | 2009-09-22 00:00:00 |
| ValidTo | 2012-10-18 23:59:59 |
| Signature | b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 38e7fa0db1a398f805bb85a69171dc9d |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- memcpy
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IofCompleteRequest
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- RtlIntegerToUnicodeString
- RtlAppendUnicodeToString
- ObfDereferenceObject
- RtlQueryRegistryValues
- ZwOpenKey
- _snwprintf_s
- RtlWriteRegistryValue
- KeWaitForSingleObject
- IofCallDriver
- IoBuildDeviceIoControlRequest
- KeInitializeEvent
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- wcscpy_s
- wcsrchr
- DbgPrintEx
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- ZwClose
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- IoDeleteSymbolicLink
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 38e7fa0db1a398f805bb85a69171dc9d
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 159feaed9447c7d71653069c337ec2b3 |
| ToBeSigned (TBS) SHA1 | 5079a8aa946ee016c86153d4456f58277360c036 |
| ToBeSigned (TBS) SHA256 | e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf |
| Subject | C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd |
| ValidFrom | 2009-09-22 00:00:00 |
| ValidTo | 2012-10-18 23:59:59 |
| Signature | b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 38e7fa0db1a398f805bb85a69171dc9d |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ZwMapViewOfSection
- ObReferenceObjectByHandle
- ZwOpenSection
- ZwUnmapViewOfSection
- ZwWriteFile
- PsGetProcessId
- NtBuildNumber
- RtlFillMemoryUlong
- ZwCreateFile
- memset
- memcpy
- MmGetPhysicalMemoryRanges
- IoWriteErrorLogEntry
- memmove
- IoAllocateErrorLogEntry
- IofCompleteRequest
- IoDeleteDevice
- RtlAppendUnicodeStringToString
- RtlIntegerToUnicodeString
- RtlAppendUnicodeToString
- ObfDereferenceObject
- RtlQueryRegistryValues
- ZwOpenKey
- _snwprintf_s
- RtlWriteRegistryValue
- KeWaitForSingleObject
- IofCallDriver
- IoBuildDeviceIoControlRequest
- KeInitializeEvent
- IoCreateSymbolicLink
- ObReferenceObjectByPointer
- IoGetDeviceObjectPointer
- IoCreateDevice
- wcscpy_s
- wcsrchr
- DbgPrintEx
- KeQueryActiveProcessors
- KeRevertToUserAffinityThread
- KeSetSystemAffinityThread
- KeTickCount
- KeBugCheckEx
- ZwClose
- DbgPrint
- RtlInitUnicodeString
- ExAllocatePoolWithTag
- ZwQueryValueKey
- ExFreePoolWithTag
- IoDeleteSymbolicLink
- RtlAssert
- READ_PORT_USHORT
- READ_PORT_UCHAR
- WRITE_PORT_ULONG
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- KeGetCurrentIrql
- READ_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- INIT
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": false,
"SerialNumber": "79a2a585f9d1154213d9b83ef6b68ded",
"Signature": "1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3",
"TBS": {
"MD5": "e6d820afb23af20a65cf0b03247ea05e",
"SHA1": "7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7",
"SHA256": "7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27",
"SHA384": "7e14609969a388d38d227df1dbb9ce086c9a820142c94fd1a28ef2835a8aa528aef4c6399bce344d79adb5f3dad86afa"
},
"ValidFrom": "2012-05-01 00:00:00",
"ValidTo": "2012-12-31 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Signature": "b7f68f477ab8836d5a2eaa9eaf9449186c71f90679d58058c558928f1ad7c76398511ce520afd6dce66540f536c377f824cf5b84fd60f83ead01a592fbce29cc51cca7da2fe8b50e89bc6999104fb406db3b878a7f9f148c767b668b84fcba161c1c14215de332cfcfc2fa52bce1543341231dd345b41da888372d4a2f82711f6125e029fd71859711bccd6b600247a440b6603296cfa9451e6ec81d51b1b7512705461af59e23e0423ba441c68025359a6e591c6370fa516188f8d720a16c6c7b24e975a204fbe5a3b8236443813e993d717df40642fe7d88d85aa1a51b47a3a05232da19c8f2de4144aa11d4577379c794ef9a48d60fc40f8793d5273a25da",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=AU, ST=NSW, O=PassMark Software Pty Ltd, OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=PassMark Software Pty Ltd",
"TBS": {
"MD5": "159feaed9447c7d71653069c337ec2b3",
"SHA1": "5079a8aa946ee016c86153d4456f58277360c036",
"SHA256": "e76ee5754b8da5b514befb3a89eed638de08605326a1e611ddbed9e864551abf",
"SHA384": "9830194c19654f1196e74505a987588c36aa700489f3f482f1ad017bba6e39ebf9be18ab153da8cd9f8a672801820a87"
},
"ValidFrom": "2009-09-22 00:00:00",
"ValidTo": "2012-10-18 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "38e7fa0db1a398f805bb85a69171dc9d",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2024-04-09
