Description
IOMap64.sys is a vulnerable driver and more information will be added as found.
- UUID: f4990bdd-8821-4a3c-a11a-4651e645810c
- Created: 2023-01-09
- Author: Michael Haag
Download
This download link contains the vulnerable driver!
Block IOMap64.sys across your endpoints
Add this driver to your block policy in minutes with MagicSword, threat-driven application control. Free for up to 100 endpoints.
Start Blocking for FreeCommands
sc.exe create IOMap64.sys binPath=C:\windows\temp\IOMap64.sys type=kernel && sc.exe start IOMap64.sys
| Use Case | Privileges | Operating System |
|---|
| Elevate privileges | kernel | Windows 10 |
Detections
Sigma 🛡️
Expand
Names
detects loading using name only
Hashes
detects loading using hashes only
Resources
https://github.com/elastic/protections-artifacts/search?q=VulnDriverhttps://www.asus.com/content/asus-product-security-advisory/CVE
CVE-2024-41498Known Vulnerable Samples
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 655226e1b22e18e1590f2985ac22e75c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 650704c342850095f3288eaf791147d4 |
| ToBeSigned (TBS) SHA1 | 4cdc38c800761463749c3cbd94a12f32e49877bf |
| ToBeSigned (TBS) SHA256 | 07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA |
| ValidFrom | 2009-05-21 00:00:00 |
| ValidTo | 2019-05-20 23:59:59 |
| Signature | 8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 655226e1b22e18e1590f2985ac22e75c |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 12d5c9e2949d48abaccd3514f0fb22ad
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a8e2727ca2cb8705c02aaef015feb372 |
| ToBeSigned (TBS) SHA1 | 94a0711ecebe96729e048ae1c7de9c4ba5c25ec4 |
| ToBeSigned (TBS) SHA256 | dd670882ef38bfeecfb2865ad06f52e36b07f99fbf5937b2ede58178d2221961 |
| Subject | C=TW, ST=Taiwan, L=Taipei / Peitou, O=ASUSTeK Computer Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Quality Testing Department, CN=ASUSTeK Computer Inc. |
| ValidFrom | 2009-08-03 00:00:00 |
| ValidTo | 2012-08-03 23:59:59 |
| Signature | bdc1dedf888c617c55af86763028f36094aeaadb7ebe82208e02d910305a252b4156a62a7f17366536fde06c13ff2bd8891e303a1e8c5c3cdb5fb257627367e3b6446b76c8080f61feac4424c5ef89467a79dc55fcb929805b727a10b39493038f97535686250f46e169bc85a02fb1f8a2626235a540e058084d1b17dbb7c426e76a8d3c2b3e2c0c4f33b9d6cc8d7a3590f8f61358ea5380ee0af3df7197dc4a615bcef1bcd119dba007d955d1acd14b42ab89d3539047d13d3e767de04ab5aa289fa0a698a582e84a5a65a1c9fabed2f75576629e8ad1826b68f2fca2baa751745f5ec968ed91cdf9761244a80b8c0d957900297ac3523c7a20c64e35be1b0a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 12d5c9e2949d48abaccd3514f0fb22ad |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeInitializeMutex
- RtlInitUnicodeString
- IoDeleteDevice
- MmUnmapIoSpace
- MmMapIoSpace
- PoStartNextPowerIrp
- IofCompleteRequest
- ExFreePoolWithTag
- IoCreateSymbolicLink
- IoCreateDevice
- IofCallDriver
- KeReleaseMutex
- KeWaitForSingleObject
- KeBugCheckEx
- IoDeleteSymbolicLink
- PoCallDriver
- ExAllocatePoolWithTag
- HalTranslateBusAddress
- KeStallExecutionProcessor
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
- .rsrc
Signature
Expand
{
"Certificates": [
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "3825d7faf861af9ef490e726b5d65ad5",
"Signature": "50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2",
"TBS": {
"MD5": "d6c7684e9aaa508cf268335f83afe040",
"SHA1": "18066d20ad92409c567cdfde745279ff71c75226",
"SHA256": "a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff",
"SHA384": "35c249d6ad0261a6229b2a727067ac6ba32a5d24b30b9249051f748c7735fbe2ec2ef26a702c50df1790fbe32a65aee7"
},
"ValidFrom": "2007-06-15 00:00:00",
"ValidTo": "2012-06-14 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "12d5c9e2949d48abaccd3514f0fb22ad",
"Signature": "bdc1dedf888c617c55af86763028f36094aeaadb7ebe82208e02d910305a252b4156a62a7f17366536fde06c13ff2bd8891e303a1e8c5c3cdb5fb257627367e3b6446b76c8080f61feac4424c5ef89467a79dc55fcb929805b727a10b39493038f97535686250f46e169bc85a02fb1f8a2626235a540e058084d1b17dbb7c426e76a8d3c2b3e2c0c4f33b9d6cc8d7a3590f8f61358ea5380ee0af3df7197dc4a615bcef1bcd119dba007d955d1acd14b42ab89d3539047d13d3e767de04ab5aa289fa0a698a582e84a5a65a1c9fabed2f75576629e8ad1826b68f2fca2baa751745f5ec968ed91cdf9761244a80b8c0d957900297ac3523c7a20c64e35be1b0a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei / Peitou, O=ASUSTeK Computer Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Quality Testing Department, CN=ASUSTeK Computer Inc.",
"TBS": {
"MD5": "a8e2727ca2cb8705c02aaef015feb372",
"SHA1": "94a0711ecebe96729e048ae1c7de9c4ba5c25ec4",
"SHA256": "dd670882ef38bfeecfb2865ad06f52e36b07f99fbf5937b2ede58178d2221961",
"SHA384": "508037c851d72d2bf8f35ba25436903a510d02d58f923b6d2c694a9a27f4a82b0b0953ee7b3c68078faafe3886a64aa4"
},
"ValidFrom": "2009-08-03 00:00:00",
"ValidTo": "2012-08-03 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "12d5c9e2949d48abaccd3514f0fb22ad",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 08ad40b260d29c4c9f5ecda9bd93aed9
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 5d8003a64dfa5a4d88365da1566038cb |
| ToBeSigned (TBS) SHA1 | 79465b56bc7ad55a37bdf633943da8bfc84db228 |
| ToBeSigned (TBS) SHA256 | 84bdc82e2f2a7f7aaa782667dac556ffcb2b33240c1f9c0a00a3264526a98332 |
| Subject | C=US, O=DigiCert, Inc., CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 |
| ValidFrom | 2021-04-29 00:00:00 |
| ValidTo | 2036-04-28 23:59:59 |
| Signature | 3a23443d8d0876ee8fbc3a99d356e0021aa5f84834f32cb6e67466f79472b100caaf6c302713129e90449f4bfd9ea37c26d537bc3a5d486d95d53f49f427bb16814550fd9cbdb685e0767e3771cb22f75aaa90cff5936ae3eb20d1d55079889a8a8ac1b6bda148187edcd8801a111918cd61998156f6c9e376e7c4e41b5f43f83e94ff76393d9ed499cf4add28eb5f26a1955848d51afed7273ffd90d17686dd1cb0605cf30da8eee089a1bd39e1384eda6ebb369dfbe521535ac3cae96af1a23edb43b833c84f38149299f5ddce546dd95d02141f40337c03e295b2c221757352cb46d8c4341ca2a54b8dcd6f76372c853f1ace26e918be9007b0437f9588208270f0cccaeffd29355c1f893855f7378a8b09a1cb0be9311aff2e195c3971e1be9ca70a06d62667b792e64e5fde7aac49cf2ea47492addb3ca49c861fe3c1561b2b23ff8fb5ea887b706be6a0bafd3a3f45a6c4e81691528b41c048844b964dab4440e38df01528ceedf11856072a2f10c40c08643c338fae288c3ccb8f880b0dbf3bf4ce1e7b8eefb5ebcbb7f07713e6e7283fac12aea52f226c41f9825c1566cc6c0ecac586c3f626330c074ba0d307026a6a4030484b34a85120bbad1b8508e2590d6dca05502bea4a1c9ea5fda0a71f0674e7f2d65290fdaf854821f9573bb49c03ed8645f4b4616ebf68e2266086eac8afa9fe941de7631b3a8656784e |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.12 |
| IsCertificateAuthority | True |
| SerialNumber | 08ad40b260d29c4c9f5ecda9bd93aed9 |
| Version | 3 |
Certificate 0414dcf7ac18be7b0e5d1db9a3fee469
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 57dbc9dba7e9561f375fcc5b9033b319 |
| ToBeSigned (TBS) SHA1 | f85e6de5d479506c2a3dabab8491d9e0bba33603 |
| ToBeSigned (TBS) SHA256 | 86107afeccad1c24431c5ed73b3621705c4eaaf93ab68fa9360ff50c44e94a4a |
| Subject | JURISDICTION_OF_INCORPORATION_C=TW, BUSINESS_CATEGORY=Private Organization, serialNumber=23638777, C=TW, ST=Taipei City, L=Beitou District, O=ASUSTeK COMPUTER INC., CN=ASUSTeK COMPUTER INC. |
| ValidFrom | 2022-04-08 00:00:00 |
| ValidTo | 2025-03-27 23:59:59 |
| Signature | 937c645145253f3315a6d3da886d6ee5f03621a74b2266721cc6d71f96dbc73b7b0e9ce33a2a887118c3282c254f2d3686d322edc371b3845b542efecf88f147532486206aa7e887e71d296535fc034117402f30740b99f9f12edc3328e8ce2f6ca4544bcb475e0893206bec0bb5f9948fef5c677d9c056be02531ee23d35f5933de8bcd98650d722d445a797d0278cc990f0102999307cade1d224bc7c7f46cd5c12130a5e1b6eb8849b6f00a994c575ba29baa67e850d85d8488916e2ae52565ee22bbe71b7e3d3fa623e9f228879a679b1c538a676b4b79475ddb5b78da076197d294fb90a5cc8036611aa1d6809ea85ccf5e6e5473537812eaaeab322951447fcf35a1be2ba84f31b264e4bb61b4382a978627632f9155d62560a11e5210d5888b31faa79bb71a51201e281c1ac36380f5e8fa2a87df333969912400ac7a6bbe93592e28726a9688585c44f030917615e1bd11f7c3aa863eb05e30831fff9a624db6a1233db9ac2b46ec1fc8bb7a8104ff049621d9ef61be13d76eda0a573de6a370d185fc7ce4c522f2450b26b4cf5a9d804778c4ad05e0c782502187dd7c090c18c3b001d60a21e89f76be044d1ce40cd6e7ff40fd9d9ec8557fe275cea2d78b5bdc8b0359a9f4403c9923385dd5fdf865e6fff883ecdb5b12d185691411e2fb37077571f738b95736ce34a7fc276a1462a25f521bf5c9091a5941911f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.11 |
| IsCertificateAuthority | False |
| SerialNumber | 0414dcf7ac18be7b0e5d1db9a3fee469 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- ExAllocatePoolWithTag
- ExFreePoolWithTag
- MmMapIoSpace
- MmUnmapIoSpace
- IofCompleteRequest
- IoCreateSymbolicLink
- KeInitializeMutex
- IoDeleteSymbolicLink
- PoCallDriver
- PoStartNextPowerIrp
- KeReleaseMutex
- KeWaitForSingleObject
- KeBugCheckEx
- ZwCreateKey
- RtlInitUnicodeString
- IoDeleteDevice
- __C_specific_handler
- MmGetSystemRoutineAddress
- ZwClose
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- ObOpenObjectByPointer
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- _snwprintf
- RtlLengthSecurityDescriptor
- SeExports
- RtlCreateSecurityDescriptor
- _wcsnicmp
- wcschr
- RtlAbsoluteToSelfRelativeSD
- RtlAddAccessAllowedAce
- RtlLengthSid
- IoIsWdmVersionAvailable
- RtlSetDaclSecurityDescriptor
- ZwOpenKey
- ZwSetValueKey
- ZwQueryValueKey
- RtlFreeUnicodeString
- KeStallExecutionProcessor
- HalTranslateBusAddress
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": false,
"SerialNumber": "3825d7faf861af9ef490e726b5d65ad5",
"Signature": "50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2",
"TBS": {
"MD5": "d6c7684e9aaa508cf268335f83afe040",
"SHA1": "18066d20ad92409c567cdfde745279ff71c75226",
"SHA256": "a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff",
"SHA384": "35c249d6ad0261a6229b2a727067ac6ba32a5d24b30b9249051f748c7735fbe2ec2ef26a702c50df1790fbe32a65aee7"
},
"ValidFrom": "2007-06-15 00:00:00",
"ValidTo": "2012-06-14 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "47bf1995df8d524643f7db6d480d31a4",
"Signature": "4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA",
"TBS": {
"MD5": "518d2ea8a21e879c942d504824ac211c",
"SHA1": "21ce87d827077e61abddf2beba69fde5432ea031",
"SHA256": "1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7",
"SHA384": "53e346bbde23779a5d116cc9d86fdd71c97b1f1b343439f8a11aa1d3c87af63864bb8488a5aeb2d0c26a6a1e0b15f03f"
},
"ValidFrom": "2003-12-04 00:00:00",
"ValidTo": "2013-12-03 23:59:59",
"Version": 3
},
{
"CertificateType": "CA",
"IsCA": true,
"IsCertificateAuthority": true,
"IsCodeSigning": true,
"SerialNumber": "655226e1b22e18e1590f2985ac22e75c",
"Signature": "8b03c0dd94d841a26169b015a878c730c6903c7e42f724b6e4837317047f04109ca1e2fa812febc0ca44e772e050b6551020836e9692e49a516ab43731dca52deb8c00c71d4fe74d32ba85f84ebefa675565f06abe7aca64381a101078457631f3867a030f60c2b35d9df68b6676821b59e183e5bd49a53856e5de41770e580f",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"TBS": {
"MD5": "650704c342850095f3288eaf791147d4",
"SHA1": "4cdc38c800761463749c3cbd94a12f32e49877bf",
"SHA256": "07b8f662558ec85b71b43a79c6e94698144f4ced2308af21e7ba1e5d461da214",
"SHA384": "2a271d052213438467d09d60eaa4010c8642fff3eb0070e0cf9969428713c8fdc066b90996d594dd3136f5bd0af5a22a"
},
"ValidFrom": "2009-05-21 00:00:00",
"ValidTo": "2019-05-20 23:59:59",
"Version": 3
},
{
"CertificateType": "Intermediate",
"IsCA": false,
"IsCertificateAuthority": true,
"IsCodeSigning": false,
"SerialNumber": "610c120600000000001b",
"Signature": "01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority",
"TBS": {
"MD5": "53c41bc1164e09e0cd1617a5bf913efd",
"SHA1": "93c03aac8951d494ecd5696b1c08658541b18727",
"SHA256": "40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b",
"SHA384": "f51d4e75ba638f7314cd59b8d6d45f3b34d35ce6986e9d205cd6f333e8e8d8e9c91f636e6bc84731b6661673f40963d8"
},
"ValidFrom": "2006-05-23 17:01:29",
"ValidTo": "2016-05-23 17:11:29",
"Version": 3
},
{
"CertificateType": "Leaf (Code Signing)",
"IsCA": false,
"IsCertificateAuthority": false,
"IsCodeSigning": true,
"SerialNumber": "12d5c9e2949d48abaccd3514f0fb22ad",
"Signature": "bdc1dedf888c617c55af86763028f36094aeaadb7ebe82208e02d910305a252b4156a62a7f17366536fde06c13ff2bd8891e303a1e8c5c3cdb5fb257627367e3b6446b76c8080f61feac4424c5ef89467a79dc55fcb929805b727a10b39493038f97535686250f46e169bc85a02fb1f8a2626235a540e058084d1b17dbb7c426e76a8d3c2b3e2c0c4f33b9d6cc8d7a3590f8f61358ea5380ee0af3df7197dc4a615bcef1bcd119dba007d955d1acd14b42ab89d3539047d13d3e767de04ab5aa289fa0a698a582e84a5a65a1c9fabed2f75576629e8ad1826b68f2fca2baa751745f5ec968ed91cdf9761244a80b8c0d957900297ac3523c7a20c64e35be1b0a",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei / Peitou, O=ASUSTeK Computer Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=Quality Testing Department, CN=ASUSTeK Computer Inc.",
"TBS": {
"MD5": "a8e2727ca2cb8705c02aaef015feb372",
"SHA1": "94a0711ecebe96729e048ae1c7de9c4ba5c25ec4",
"SHA256": "dd670882ef38bfeecfb2865ad06f52e36b07f99fbf5937b2ede58178d2221961",
"SHA384": "508037c851d72d2bf8f35ba25436903a510d02d58f923b6d2c694a9a27f4a82b0b0953ee7b3c68078faafe3886a64aa4"
},
"ValidFrom": "2009-08-03 00:00:00",
"ValidTo": "2012-08-03 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009,2 CA",
"SerialNumber": "12d5c9e2949d48abaccd3514f0fb22ad",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2026-05-04
