Description
ALSysIO64.sys is a vulnerable driver and more information will be added as found.
- UUID: 4d365dd0-34c3-492e-a2bd-c16266796ae5
- Created: 2023-01-09
- Author: Michael Haag
- Acknowledgement: |
DownloadBlock
This download link contains the vulnerable driver!
Commands
sc.exe create ALSysIO64.sys binPath=C:\windows\temp\ALSysIO64.sys type=kernel && sc.exe start ALSysIO64.sys
Use Case | Privileges | Operating System |
---|
Elevate privileges | kernel | Windows 10 |
Detections
Sigma 🛡️
Expand
Names
detects loading using name only
Hashes
detects loading using hashes only
Resources
https://github.com/namazso/physmem_driversKnown Vulnerable Samples
Download
Certificates
Expand
Certificate 0400000000012019c19066
Field | Value |
---|
ToBeSigned (TBS) MD5 | 42023b9487cafe46c1b6a49c369a362e |
ToBeSigned (TBS) SHA1 | 7c7b524d269334b9f073c32e888e09544c6acd98 |
ToBeSigned (TBS) SHA256 | b7126567833f3daa4085ff41e73112daad3d1e3808a942c1936520e2d6c46c78 |
Subject | OU=Timestamping CA, O=GlobalSign, CN=GlobalSign Timestamping CA |
ValidFrom | 2009-03-18 11:00:00 |
ValidTo | 2028-01-28 12:00:00 |
Signature | 5df6cb2b0d0140849f857a43706ae0c5e7aa0600d76713c9089131654f14a8a905dc389e6aa0300abd8dc78028ee4245ca94f3de5845a9803204f5595c6a70003927944df5b44634e81c5331b2b35416e9cc42abd5d959301cfb462725b88723b1e8758824831ec876377b01494548a4ede25dd27c9ca2dc2dba105a126265abae00c710343bcb72bd14240cdcc37627b4a7fee15829f20e169f91391d89a6e60f1c878ce258ac927e243eaaec14e73a33348bc63bac83ab0f14627aba1a2d4d4b1bc530f00b92797d3c78e0f8e6d215965999392b3061e8b8f8c0a1e9221411787dc4dc89bec0bb94e172aeebb540404fef171e585ed0a88996ac9228e9babf |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 0400000000012019c19066 |
Version | 3 |
Certificate 0400000000012f4ee1355c
Field | Value |
---|
ToBeSigned (TBS) MD5 | f6a9e8eb8784f3f694b4e353c08a0ff5 |
ToBeSigned (TBS) SHA1 | 589a7d4df869395601ba7538a65afae8c4616385 |
ToBeSigned (TBS) SHA256 | cbdc9a0ad785d0c2013211746b42234e18bdc7d54a7a260647badc1c9e712ed4 |
Subject | C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2 |
ValidFrom | 2011-04-13 10:00:00 |
ValidTo | 2019-04-13 10:00:00 |
Signature | 225cc5dd3df40b70d8e3f5e7c58e0901bbb196365c5a07adc7a8444951257aae0da4193b929ccfb94226bb3b6c97e7c7ce116d6891da8d6df1534d54388c61f3c8827669be81320b31c36cc99e200a582ff048fe7e4807aad743589473540431a9780d3b8cb070c13d7ed7bd2f2ac3e2f58f0c90dc6ba5c8be685e5d6df878d2be49951e15780891fb34c8be84adbce0c6dd18dbf3caf07bc2143c18b803ba953e211e3f60697a7f6a039e8d4af9f0282c30845eec267242b16dcb64c3128cd6844b67417cb103177809e3ada8b6962da47e80034f88f7c16b5a4615cd2c198bd8709ce52d49886072a8a4195270435edad64603b0680e24ef4af60b2524ef24 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 0400000000012f4ee1355c |
Version | 3 |
Certificate 01000000000125b0b4cc01
Field | Value |
---|
ToBeSigned (TBS) MD5 | e3369c8e5aec0504b3a50455f615d9f9 |
ToBeSigned (TBS) SHA1 | 13c244a894b40ecd18aaf97c362f20385bd005a7 |
ToBeSigned (TBS) SHA256 | 26da721a670c72836926032fee6920118bfb9bff89cc8d0ce30d9452c33f2532 |
Subject | C=BE, O=GlobalSign NV, CN=GlobalSign Time Stamping Authority |
ValidFrom | 2009-12-21 09:32:56 |
ValidTo | 2020-12-22 09:32:56 |
Signature | bc89ecfee63655935c79d4117a86808f17b693b26d9b91a1561811c655eaf608edad9b9ef52b81c8bbdd607b1b47991e6d403e1d80c213d58e04052fdbe7ae529e688472a1e54a603cf89bd52f46d8c3b2b79353ac9b6c432424d1f1fce9562e3411581843eaefff34746ca0c06c7fad031969881e9560cabbbd0cbb76efc724b081c63831cf36ad0c38b89020849b2e8f28b99ff6ca9427cdac396157e0e3955a9c769230f5dea6973d721c2a6032a8334d8635338a5cf3a4fdf7062ce16b4b30f5cbd34362f841b9de7d20cb058c8e2cf65f35fd338d42896508362ca389f45a858bb0b97bdb6ccba1f8d20e1bbb977cd12779be9d7c3be6a75634d8c991a9 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 01000000000125b0b4cc01 |
Version | 3 |
Certificate 112124a45abbf7c551deb213b28633c3dcad
Field | Value |
---|
ToBeSigned (TBS) MD5 | 56627e70a0b871843f4c3244885a29b2 |
ToBeSigned (TBS) SHA1 | 7425308f88b4b3d59f4f15c5b9399ee445142f85 |
ToBeSigned (TBS) SHA256 | 8e1fcd00db7895ff671e93e4e92a98d902ee2afa2c46e0548b3c1bca605b54f0 |
Subject | C=IL, CN=Artur Liberman |
ValidFrom | 2013-03-05 15:18:55 |
ValidTo | 2016-03-05 15:18:55 |
Signature | affd93f5b3dc4e5d57868f2bdf7f88bc14dd94c0de331f2d4fb4712dd259d5636f7c0d06595fec79e3311d63ac012ed643277e63015bc7c87c904efb57e44eef681019638adb464e96dd90f71eee2122664c7e809b11624b1b5e472ed28d55196cfd6d1eeedaa6c1e93a9540675a8047caee8a153cecb97db6ad807061634c8989e44a66675d71ed68cf2261592b3c49e35d111f9c4f3eb290fde4830a92c4d88e65914f5b8c5133138f11ecc6d07c47499016a43ea5fca364f560db7b38337959455928e8ec7940e26dab3f33547b05c6bc73868eb5cb8473dba3f006f07638aa7c29f933d5479f33f611ab8af56350e50254b9de2bfa4be289d0d1abc2133d |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 112124a45abbf7c551deb213b28633c3dcad |
Version | 3 |
Certificate 6129152700000000002a
Field | Value |
---|
ToBeSigned (TBS) MD5 | 0bb058d116f02817737920f112d9fd3b |
ToBeSigned (TBS) SHA1 | fd116235171a4feafedee586b7a59185fb5fd7e6 |
ToBeSigned (TBS) SHA256 | f970426cc46d2ae0fc5f899fa19dbe76e05f07e525654c60c3c9399492c291f4 |
Subject | C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA |
ValidFrom | 2011-04-15 19:55:08 |
ValidTo | 2021-04-15 20:05:08 |
Signature | 5ff8d065746a81c6a6ca5b03b6914ae84bbdef2ba142f0efb4a5adcd3389ec0b9585ac62501108aa58d25aa08310e5a6337af25af2c5fe787cf09c83df190ad97396002dd62ccde914d41d9de83f3c1a76f7904efb01350a6c9313a0c356eb67a0e4d17a96dec267f190f80a7bf5321b94ec5f751f8d1b34da6c58a7cb2d279e2226b7c9aa30cc0777b836e38201b5393ccc8dd9a75f7f23b3877fdb5798918bd7ce2520e39d644fdd87f72b68490318e0a5df7c5f68644d36838d4781f2e9e0a869abfa7b163c05a449ea8830190a6c73055178dfd41ddd3ad47f2de44e54be83431e7a7433b4a4ebd77073bc2a02988966eef6bc8f749378e329025a5a43e258ce7ccf9acad236893be25fda26054ec8d4e72c910e1797c5beee8b13112323294ffa83d050f6bafad53db3173df4ff034aa325dce67561d1fa35086bd62744d068b78d45e0eb852cc8a15d614474160e5958aed2b5eea5bcd6d7076ab62978fd976767dd8d4f17944fd2ed0caf972437c3a29c81da6be143b6577b4cecbf791319e79fe844e94781b75e701e91f83dd17b27f50b7056434805dda92fab86101d0b12e31ad04c6e75ded645b30b748887935c564a41029af7aeb799d8b67f88fa11f2457cf4d71b91c01cf1a0fbd4080a411a142acef4eb34486e66879ed54b7a397fbb0e3d3861cf735706e412066bd96b5308cd7018c22d4f974691bca9f0 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 6129152700000000002a |
Version | 3 |
Imports
Expand
Imported Functions
Expand
- IoDeleteDevice
- ZwClose
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoBuildDeviceIoControlRequest
- RtlAnsiStringToUnicodeString
- MmGetSystemRoutineAddress
- KeInitializeEvent
- RtlInitAnsiString
- RtlFreeUnicodeString
- RtlInitUnicodeString
- KeWaitForSingleObject
- MmIsAddressValid
- ObfDereferenceObject
- DbgPrint
- IofCallDriver
- ExAllocatePoolWithTag
- ExFreePoolWithTag
- strstr
- MmUnmapIoSpace
- MmMapIoSpace
- KeBugCheckEx
- IoGetDeviceObjectPointer
- IoDeleteSymbolicLink
- RtlUnwindEx
- HalGetBusDataByOffset
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
- .rsrc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012019c19066",
"Signature": "5df6cb2b0d0140849f857a43706ae0c5e7aa0600d76713c9089131654f14a8a905dc389e6aa0300abd8dc78028ee4245ca94f3de5845a9803204f5595c6a70003927944df5b44634e81c5331b2b35416e9cc42abd5d959301cfb462725b88723b1e8758824831ec876377b01494548a4ede25dd27c9ca2dc2dba105a126265abae00c710343bcb72bd14240cdcc37627b4a7fee15829f20e169f91391d89a6e60f1c878ce258ac927e243eaaec14e73a33348bc63bac83ab0f14627aba1a2d4d4b1bc530f00b92797d3c78e0f8e6d215965999392b3061e8b8f8c0a1e9221411787dc4dc89bec0bb94e172aeebb540404fef171e585ed0a88996ac9228e9babf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "OU=Timestamping CA, O=GlobalSign, CN=GlobalSign Timestamping CA",
"TBS": {
"MD5": "42023b9487cafe46c1b6a49c369a362e",
"SHA1": "7c7b524d269334b9f073c32e888e09544c6acd98",
"SHA256": "b7126567833f3daa4085ff41e73112daad3d1e3808a942c1936520e2d6c46c78",
"SHA384": "0ee4f63d6f157ec4f6990c3ebb411ccd76cb1e2123c7f692459e43f96c0da2dbf60a2bce6afeacc60621d3055028baea"
},
"ValidFrom": "2009-03-18 11:00:00",
"ValidTo": "2028-01-28 12:00:00",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012f4ee1355c",
"Signature": "225cc5dd3df40b70d8e3f5e7c58e0901bbb196365c5a07adc7a8444951257aae0da4193b929ccfb94226bb3b6c97e7c7ce116d6891da8d6df1534d54388c61f3c8827669be81320b31c36cc99e200a582ff048fe7e4807aad743589473540431a9780d3b8cb070c13d7ed7bd2f2ac3e2f58f0c90dc6ba5c8be685e5d6df878d2be49951e15780891fb34c8be84adbce0c6dd18dbf3caf07bc2143c18b803ba953e211e3f60697a7f6a039e8d4af9f0282c30845eec267242b16dcb64c3128cd6844b67417cb103177809e3ada8b6962da47e80034f88f7c16b5a4615cd2c198bd8709ce52d49886072a8a4195270435edad64603b0680e24ef4af60b2524ef24",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2",
"TBS": {
"MD5": "f6a9e8eb8784f3f694b4e353c08a0ff5",
"SHA1": "589a7d4df869395601ba7538a65afae8c4616385",
"SHA256": "cbdc9a0ad785d0c2013211746b42234e18bdc7d54a7a260647badc1c9e712ed4",
"SHA384": "dcec542f242317863d0b3d23947e17d6982e381003831777b07ed75b46fb18bd0392a89c9beb6862981cd05f3f2fb77b"
},
"ValidFrom": "2011-04-13 10:00:00",
"ValidTo": "2019-04-13 10:00:00",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "01000000000125b0b4cc01",
"Signature": "bc89ecfee63655935c79d4117a86808f17b693b26d9b91a1561811c655eaf608edad9b9ef52b81c8bbdd607b1b47991e6d403e1d80c213d58e04052fdbe7ae529e688472a1e54a603cf89bd52f46d8c3b2b79353ac9b6c432424d1f1fce9562e3411581843eaefff34746ca0c06c7fad031969881e9560cabbbd0cbb76efc724b081c63831cf36ad0c38b89020849b2e8f28b99ff6ca9427cdac396157e0e3955a9c769230f5dea6973d721c2a6032a8334d8635338a5cf3a4fdf7062ce16b4b30f5cbd34362f841b9de7d20cb058c8e2cf65f35fd338d42896508362ca389f45a858bb0b97bdb6ccba1f8d20e1bbb977cd12779be9d7c3be6a75634d8c991a9",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign NV, CN=GlobalSign Time Stamping Authority",
"TBS": {
"MD5": "e3369c8e5aec0504b3a50455f615d9f9",
"SHA1": "13c244a894b40ecd18aaf97c362f20385bd005a7",
"SHA256": "26da721a670c72836926032fee6920118bfb9bff89cc8d0ce30d9452c33f2532",
"SHA384": "1524902f0e25addc6d74039d439366d2b06199e215004fd8e145369f50ea94a021ce6312e8a62b35470da0309ccb975c"
},
"ValidFrom": "2009-12-21 09:32:56",
"ValidTo": "2020-12-22 09:32:56",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "112124a45abbf7c551deb213b28633c3dcad",
"Signature": "affd93f5b3dc4e5d57868f2bdf7f88bc14dd94c0de331f2d4fb4712dd259d5636f7c0d06595fec79e3311d63ac012ed643277e63015bc7c87c904efb57e44eef681019638adb464e96dd90f71eee2122664c7e809b11624b1b5e472ed28d55196cfd6d1eeedaa6c1e93a9540675a8047caee8a153cecb97db6ad807061634c8989e44a66675d71ed68cf2261592b3c49e35d111f9c4f3eb290fde4830a92c4d88e65914f5b8c5133138f11ecc6d07c47499016a43ea5fca364f560db7b38337959455928e8ec7940e26dab3f33547b05c6bc73868eb5cb8473dba3f006f07638aa7c29f933d5479f33f611ab8af56350e50254b9de2bfa4be289d0d1abc2133d",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=IL, CN=Artur Liberman",
"TBS": {
"MD5": "56627e70a0b871843f4c3244885a29b2",
"SHA1": "7425308f88b4b3d59f4f15c5b9399ee445142f85",
"SHA256": "8e1fcd00db7895ff671e93e4e92a98d902ee2afa2c46e0548b3c1bca605b54f0",
"SHA384": "1f0906f566cd9e09ccfa4b5cd6a10ce17755725f49764cd2ca7437a5bd26b7ef970136fb87880814554c3fd4e640aae9"
},
"ValidFrom": "2013-03-05 15:18:55",
"ValidTo": "2016-03-05 15:18:55",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "6129152700000000002a",
"Signature": "5ff8d065746a81c6a6ca5b03b6914ae84bbdef2ba142f0efb4a5adcd3389ec0b9585ac62501108aa58d25aa08310e5a6337af25af2c5fe787cf09c83df190ad97396002dd62ccde914d41d9de83f3c1a76f7904efb01350a6c9313a0c356eb67a0e4d17a96dec267f190f80a7bf5321b94ec5f751f8d1b34da6c58a7cb2d279e2226b7c9aa30cc0777b836e38201b5393ccc8dd9a75f7f23b3877fdb5798918bd7ce2520e39d644fdd87f72b68490318e0a5df7c5f68644d36838d4781f2e9e0a869abfa7b163c05a449ea8830190a6c73055178dfd41ddd3ad47f2de44e54be83431e7a7433b4a4ebd77073bc2a02988966eef6bc8f749378e329025a5a43e258ce7ccf9acad236893be25fda26054ec8d4e72c910e1797c5beee8b13112323294ffa83d050f6bafad53db3173df4ff034aa325dce67561d1fa35086bd62744d068b78d45e0eb852cc8a15d614474160e5958aed2b5eea5bcd6d7076ab62978fd976767dd8d4f17944fd2ed0caf972437c3a29c81da6be143b6577b4cecbf791319e79fe844e94781b75e701e91f83dd17b27f50b7056434805dda92fab86101d0b12e31ad04c6e75ded645b30b748887935c564a41029af7aeb799d8b67f88fa11f2457cf4d71b91c01cf1a0fbd4080a411a142acef4eb34486e66879ed54b7a397fbb0e3d3861cf735706e412066bd96b5308cd7018c22d4f974691bca9f0",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA",
"TBS": {
"MD5": "0bb058d116f02817737920f112d9fd3b",
"SHA1": "fd116235171a4feafedee586b7a59185fb5fd7e6",
"SHA256": "f970426cc46d2ae0fc5f899fa19dbe76e05f07e525654c60c3c9399492c291f4",
"SHA384": "c0df876be008c26ca407fe904e6f5e7ccded17f9c16830ce9f8022309c9e64c97f494810f152811ae43e223b82ad7cc6"
},
"ValidFrom": "2011-04-15 19:55:08",
"ValidTo": "2021-04-15 20:05:08",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2",
"SerialNumber": "112124a45abbf7c551deb213b28633c3dcad",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 0400000000012f4ee152d7
Field | Value |
---|
ToBeSigned (TBS) MD5 | e140543fe3256027cfa79fc3c19c1776 |
ToBeSigned (TBS) SHA1 | c655f94eb1ecc93de319fc0c9a2dc6c5ec063728 |
ToBeSigned (TBS) SHA256 | 3ca71e85908ff67368e4dc00253f5691b9e6d50c966e7784143d75fb92aa3448 |
Subject | C=BE, O=GlobalSign nv,sa, CN=GlobalSign Timestamping CA , G2 |
ValidFrom | 2011-04-13 10:00:00 |
ValidTo | 2028-01-28 12:00:00 |
Signature | 4e5e56901e46b4d94931f3bb1739281bc216ddfd41dc0905049b6fb2a29ad6992e40990055b5ea3fa52076d38634d417cc553ac782eeefa8babcd8069f1550dfcd167b523a02d7191afdaff0785ce04bc518df3a241edaacb8a95804020730dbb0125efe31bef00448f4f070f83a5e5683cf3dfb0dbcf4c5ed979db9d4dba52784e3389b8ba735864420a43b6da46a0ba183fd28ebdaef28f6cc885dfb0a3b00abe021ebe22f356c0f8e344597eba2f79933357ecb9a8abb454de73f9fc2d98afa65b26ec77e65ffe892e12c31a2f7b02736488f266f3bee4d761f79c3e57f9635bc2d0ecc01b08e7fff518080a792d4b34446648c874f166307314b63b0dff3 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 0400000000012f4ee152d7 |
Version | 3 |
Certificate 0400000000012f4ee1355c
Field | Value |
---|
ToBeSigned (TBS) MD5 | f6a9e8eb8784f3f694b4e353c08a0ff5 |
ToBeSigned (TBS) SHA1 | 589a7d4df869395601ba7538a65afae8c4616385 |
ToBeSigned (TBS) SHA256 | cbdc9a0ad785d0c2013211746b42234e18bdc7d54a7a260647badc1c9e712ed4 |
Subject | C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2 |
ValidFrom | 2011-04-13 10:00:00 |
ValidTo | 2019-04-13 10:00:00 |
Signature | 225cc5dd3df40b70d8e3f5e7c58e0901bbb196365c5a07adc7a8444951257aae0da4193b929ccfb94226bb3b6c97e7c7ce116d6891da8d6df1534d54388c61f3c8827669be81320b31c36cc99e200a582ff048fe7e4807aad743589473540431a9780d3b8cb070c13d7ed7bd2f2ac3e2f58f0c90dc6ba5c8be685e5d6df878d2be49951e15780891fb34c8be84adbce0c6dd18dbf3caf07bc2143c18b803ba953e211e3f60697a7f6a039e8d4af9f0282c30845eec267242b16dcb64c3128cd6844b67417cb103177809e3ada8b6962da47e80034f88f7c16b5a4615cd2c198bd8709ce52d49886072a8a4195270435edad64603b0680e24ef4af60b2524ef24 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 0400000000012f4ee1355c |
Version | 3 |
Certificate 112124a45abbf7c551deb213b28633c3dcad
Field | Value |
---|
ToBeSigned (TBS) MD5 | 56627e70a0b871843f4c3244885a29b2 |
ToBeSigned (TBS) SHA1 | 7425308f88b4b3d59f4f15c5b9399ee445142f85 |
ToBeSigned (TBS) SHA256 | 8e1fcd00db7895ff671e93e4e92a98d902ee2afa2c46e0548b3c1bca605b54f0 |
Subject | C=IL, CN=Artur Liberman |
ValidFrom | 2013-03-05 15:18:55 |
ValidTo | 2016-03-05 15:18:55 |
Signature | affd93f5b3dc4e5d57868f2bdf7f88bc14dd94c0de331f2d4fb4712dd259d5636f7c0d06595fec79e3311d63ac012ed643277e63015bc7c87c904efb57e44eef681019638adb464e96dd90f71eee2122664c7e809b11624b1b5e472ed28d55196cfd6d1eeedaa6c1e93a9540675a8047caee8a153cecb97db6ad807061634c8989e44a66675d71ed68cf2261592b3c49e35d111f9c4f3eb290fde4830a92c4d88e65914f5b8c5133138f11ecc6d07c47499016a43ea5fca364f560db7b38337959455928e8ec7940e26dab3f33547b05c6bc73868eb5cb8473dba3f006f07638aa7c29f933d5479f33f611ab8af56350e50254b9de2bfa4be289d0d1abc2133d |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 112124a45abbf7c551deb213b28633c3dcad |
Version | 3 |
Certificate 112106a081d33fd87ae5824cc16b52094e03
Field | Value |
---|
ToBeSigned (TBS) MD5 | a0ac4d48fe852f7b3ed4e623d59a825f |
ToBeSigned (TBS) SHA1 | d4db9846bc4d7db142eeb364286f6de7c102420c |
ToBeSigned (TBS) SHA256 | 78d2e41a13eb4e9171bae2d2adb192cf39210b5231f77cda936bcfbe8c003bdf |
Subject | C=SG, O=GMO GlobalSign Pte Ltd, CN=GlobalSign TSA for MS Authenticode , G2 |
ValidFrom | 2015-02-03 00:00:00 |
ValidTo | 2026-03-03 00:00:00 |
Signature | 8032dc078d1ca09c9d3c2ae83d218b59a14d7ecc44ce03be7eaabcc4e67b73bb4bf188da904e7537283863b9d72b0f54a956ce7739973073cd9bd9d905451c8da4b8035d4fd91c2e98e0e988e6ecd7057e562a7bf7165ba3ad8f972512841bb25c634a0ad2ef10544782843569289c0ce41f141624fa75dc74726e4ecae36a43afcf7d3648d1bde906912c2fa6c871fdcfbdd89d2198fcafdbde228cafa7f377ef9ddca3704b441af078851ef2a58c39b5dc881c37edad14f5070b26bdbe6d025eb1b8b0586c853a0df6ff5a270cc5de53e7543c564cc94e4c30f6f25cfb1a8cc282bead5991f61b4d557bcf5b01dcfd7ad36f235c32479b01f3c15114468a9b |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 112106a081d33fd87ae5824cc16b52094e03 |
Version | 3 |
Certificate 6129152700000000002a
Field | Value |
---|
ToBeSigned (TBS) MD5 | 0bb058d116f02817737920f112d9fd3b |
ToBeSigned (TBS) SHA1 | fd116235171a4feafedee586b7a59185fb5fd7e6 |
ToBeSigned (TBS) SHA256 | f970426cc46d2ae0fc5f899fa19dbe76e05f07e525654c60c3c9399492c291f4 |
Subject | C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA |
ValidFrom | 2011-04-15 19:55:08 |
ValidTo | 2021-04-15 20:05:08 |
Signature | 5ff8d065746a81c6a6ca5b03b6914ae84bbdef2ba142f0efb4a5adcd3389ec0b9585ac62501108aa58d25aa08310e5a6337af25af2c5fe787cf09c83df190ad97396002dd62ccde914d41d9de83f3c1a76f7904efb01350a6c9313a0c356eb67a0e4d17a96dec267f190f80a7bf5321b94ec5f751f8d1b34da6c58a7cb2d279e2226b7c9aa30cc0777b836e38201b5393ccc8dd9a75f7f23b3877fdb5798918bd7ce2520e39d644fdd87f72b68490318e0a5df7c5f68644d36838d4781f2e9e0a869abfa7b163c05a449ea8830190a6c73055178dfd41ddd3ad47f2de44e54be83431e7a7433b4a4ebd77073bc2a02988966eef6bc8f749378e329025a5a43e258ce7ccf9acad236893be25fda26054ec8d4e72c910e1797c5beee8b13112323294ffa83d050f6bafad53db3173df4ff034aa325dce67561d1fa35086bd62744d068b78d45e0eb852cc8a15d614474160e5958aed2b5eea5bcd6d7076ab62978fd976767dd8d4f17944fd2ed0caf972437c3a29c81da6be143b6577b4cecbf791319e79fe844e94781b75e701e91f83dd17b27f50b7056434805dda92fab86101d0b12e31ad04c6e75ded645b30b748887935c564a41029af7aeb799d8b67f88fa11f2457cf4d71b91c01cf1a0fbd4080a411a142acef4eb34486e66879ed54b7a397fbb0e3d3861cf735706e412066bd96b5308cd7018c22d4f974691bca9f0 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 6129152700000000002a |
Version | 3 |
Imports
Expand
Imported Functions
Expand
- IoDeleteDevice
- ZwClose
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoBuildDeviceIoControlRequest
- RtlAnsiStringToUnicodeString
- MmGetSystemRoutineAddress
- KeInitializeEvent
- RtlInitAnsiString
- RtlFreeUnicodeString
- RtlInitUnicodeString
- KeWaitForSingleObject
- MmIsAddressValid
- ObfDereferenceObject
- DbgPrint
- IofCallDriver
- ExAllocatePoolWithTag
- ExFreePoolWithTag
- strstr
- MmUnmapIoSpace
- MmMapIoSpace
- KeBugCheckEx
- IoGetDeviceObjectPointer
- IoDeleteSymbolicLink
- RtlUnwindEx
- HalGetBusDataByOffset
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
- .rsrc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012019c19066",
"Signature": "5df6cb2b0d0140849f857a43706ae0c5e7aa0600d76713c9089131654f14a8a905dc389e6aa0300abd8dc78028ee4245ca94f3de5845a9803204f5595c6a70003927944df5b44634e81c5331b2b35416e9cc42abd5d959301cfb462725b88723b1e8758824831ec876377b01494548a4ede25dd27c9ca2dc2dba105a126265abae00c710343bcb72bd14240cdcc37627b4a7fee15829f20e169f91391d89a6e60f1c878ce258ac927e243eaaec14e73a33348bc63bac83ab0f14627aba1a2d4d4b1bc530f00b92797d3c78e0f8e6d215965999392b3061e8b8f8c0a1e9221411787dc4dc89bec0bb94e172aeebb540404fef171e585ed0a88996ac9228e9babf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "OU=Timestamping CA, O=GlobalSign, CN=GlobalSign Timestamping CA",
"TBS": {
"MD5": "42023b9487cafe46c1b6a49c369a362e",
"SHA1": "7c7b524d269334b9f073c32e888e09544c6acd98",
"SHA256": "b7126567833f3daa4085ff41e73112daad3d1e3808a942c1936520e2d6c46c78",
"SHA384": "0ee4f63d6f157ec4f6990c3ebb411ccd76cb1e2123c7f692459e43f96c0da2dbf60a2bce6afeacc60621d3055028baea"
},
"ValidFrom": "2009-03-18 11:00:00",
"ValidTo": "2028-01-28 12:00:00",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012f4ee1355c",
"Signature": "225cc5dd3df40b70d8e3f5e7c58e0901bbb196365c5a07adc7a8444951257aae0da4193b929ccfb94226bb3b6c97e7c7ce116d6891da8d6df1534d54388c61f3c8827669be81320b31c36cc99e200a582ff048fe7e4807aad743589473540431a9780d3b8cb070c13d7ed7bd2f2ac3e2f58f0c90dc6ba5c8be685e5d6df878d2be49951e15780891fb34c8be84adbce0c6dd18dbf3caf07bc2143c18b803ba953e211e3f60697a7f6a039e8d4af9f0282c30845eec267242b16dcb64c3128cd6844b67417cb103177809e3ada8b6962da47e80034f88f7c16b5a4615cd2c198bd8709ce52d49886072a8a4195270435edad64603b0680e24ef4af60b2524ef24",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2",
"TBS": {
"MD5": "f6a9e8eb8784f3f694b4e353c08a0ff5",
"SHA1": "589a7d4df869395601ba7538a65afae8c4616385",
"SHA256": "cbdc9a0ad785d0c2013211746b42234e18bdc7d54a7a260647badc1c9e712ed4",
"SHA384": "dcec542f242317863d0b3d23947e17d6982e381003831777b07ed75b46fb18bd0392a89c9beb6862981cd05f3f2fb77b"
},
"ValidFrom": "2011-04-13 10:00:00",
"ValidTo": "2019-04-13 10:00:00",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "01000000000125b0b4cc01",
"Signature": "bc89ecfee63655935c79d4117a86808f17b693b26d9b91a1561811c655eaf608edad9b9ef52b81c8bbdd607b1b47991e6d403e1d80c213d58e04052fdbe7ae529e688472a1e54a603cf89bd52f46d8c3b2b79353ac9b6c432424d1f1fce9562e3411581843eaefff34746ca0c06c7fad031969881e9560cabbbd0cbb76efc724b081c63831cf36ad0c38b89020849b2e8f28b99ff6ca9427cdac396157e0e3955a9c769230f5dea6973d721c2a6032a8334d8635338a5cf3a4fdf7062ce16b4b30f5cbd34362f841b9de7d20cb058c8e2cf65f35fd338d42896508362ca389f45a858bb0b97bdb6ccba1f8d20e1bbb977cd12779be9d7c3be6a75634d8c991a9",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign NV, CN=GlobalSign Time Stamping Authority",
"TBS": {
"MD5": "e3369c8e5aec0504b3a50455f615d9f9",
"SHA1": "13c244a894b40ecd18aaf97c362f20385bd005a7",
"SHA256": "26da721a670c72836926032fee6920118bfb9bff89cc8d0ce30d9452c33f2532",
"SHA384": "1524902f0e25addc6d74039d439366d2b06199e215004fd8e145369f50ea94a021ce6312e8a62b35470da0309ccb975c"
},
"ValidFrom": "2009-12-21 09:32:56",
"ValidTo": "2020-12-22 09:32:56",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "112124a45abbf7c551deb213b28633c3dcad",
"Signature": "affd93f5b3dc4e5d57868f2bdf7f88bc14dd94c0de331f2d4fb4712dd259d5636f7c0d06595fec79e3311d63ac012ed643277e63015bc7c87c904efb57e44eef681019638adb464e96dd90f71eee2122664c7e809b11624b1b5e472ed28d55196cfd6d1eeedaa6c1e93a9540675a8047caee8a153cecb97db6ad807061634c8989e44a66675d71ed68cf2261592b3c49e35d111f9c4f3eb290fde4830a92c4d88e65914f5b8c5133138f11ecc6d07c47499016a43ea5fca364f560db7b38337959455928e8ec7940e26dab3f33547b05c6bc73868eb5cb8473dba3f006f07638aa7c29f933d5479f33f611ab8af56350e50254b9de2bfa4be289d0d1abc2133d",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=IL, CN=Artur Liberman",
"TBS": {
"MD5": "56627e70a0b871843f4c3244885a29b2",
"SHA1": "7425308f88b4b3d59f4f15c5b9399ee445142f85",
"SHA256": "8e1fcd00db7895ff671e93e4e92a98d902ee2afa2c46e0548b3c1bca605b54f0",
"SHA384": "1f0906f566cd9e09ccfa4b5cd6a10ce17755725f49764cd2ca7437a5bd26b7ef970136fb87880814554c3fd4e640aae9"
},
"ValidFrom": "2013-03-05 15:18:55",
"ValidTo": "2016-03-05 15:18:55",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "6129152700000000002a",
"Signature": "5ff8d065746a81c6a6ca5b03b6914ae84bbdef2ba142f0efb4a5adcd3389ec0b9585ac62501108aa58d25aa08310e5a6337af25af2c5fe787cf09c83df190ad97396002dd62ccde914d41d9de83f3c1a76f7904efb01350a6c9313a0c356eb67a0e4d17a96dec267f190f80a7bf5321b94ec5f751f8d1b34da6c58a7cb2d279e2226b7c9aa30cc0777b836e38201b5393ccc8dd9a75f7f23b3877fdb5798918bd7ce2520e39d644fdd87f72b68490318e0a5df7c5f68644d36838d4781f2e9e0a869abfa7b163c05a449ea8830190a6c73055178dfd41ddd3ad47f2de44e54be83431e7a7433b4a4ebd77073bc2a02988966eef6bc8f749378e329025a5a43e258ce7ccf9acad236893be25fda26054ec8d4e72c910e1797c5beee8b13112323294ffa83d050f6bafad53db3173df4ff034aa325dce67561d1fa35086bd62744d068b78d45e0eb852cc8a15d614474160e5958aed2b5eea5bcd6d7076ab62978fd976767dd8d4f17944fd2ed0caf972437c3a29c81da6be143b6577b4cecbf791319e79fe844e94781b75e701e91f83dd17b27f50b7056434805dda92fab86101d0b12e31ad04c6e75ded645b30b748887935c564a41029af7aeb799d8b67f88fa11f2457cf4d71b91c01cf1a0fbd4080a411a142acef4eb34486e66879ed54b7a397fbb0e3d3861cf735706e412066bd96b5308cd7018c22d4f974691bca9f0",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA",
"TBS": {
"MD5": "0bb058d116f02817737920f112d9fd3b",
"SHA1": "fd116235171a4feafedee586b7a59185fb5fd7e6",
"SHA256": "f970426cc46d2ae0fc5f899fa19dbe76e05f07e525654c60c3c9399492c291f4",
"SHA384": "c0df876be008c26ca407fe904e6f5e7ccded17f9c16830ce9f8022309c9e64c97f494810f152811ae43e223b82ad7cc6"
},
"ValidFrom": "2011-04-15 19:55:08",
"ValidTo": "2021-04-15 20:05:08",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2",
"SerialNumber": "112124a45abbf7c551deb213b28633c3dcad",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 61204db4000000000027
Field | Value |
---|
ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
ValidFrom | 2011-04-15 19:45:33 |
ValidTo | 2021-04-15 19:55:33 |
Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 61204db4000000000027 |
Version | 3 |
Certificate 0fd092438045aa3e667a4952fd8e429a
Field | Value |
---|
ToBeSigned (TBS) MD5 | c93e319e441fcfedcf9f02f39d65a2fa |
ToBeSigned (TBS) SHA1 | c74ae2671c17ebd0cf2f0177e687f747b1f05de8 |
ToBeSigned (TBS) SHA256 | 8eafc0fd89cba2f9ae664cb54e0b4e6d95d4802b63935cf570faec91e1081438 |
Subject | ??=IL, ??=Business Entity, serialNumber=307609677, C=IL, L=Ramat Gan, O=ALCPU (Arthur Liberman), CN=ALCPU (Arthur Liberman) |
ValidFrom | 2017-06-23 00:00:00 |
ValidTo | 2019-12-31 12:00:00 |
Signature | 56c962d4f516afe5fef5e2e0cc61d68e55253304491c860d686c4efb87705d2bffe8a76f5eac43cd653b71e33ea5ea4b271ba172274bc9dd56b2f4080b5ccdd5e9fabb0aafc281ff8eff90238fe3ac8c1ad0dade04b1fdba18c56f692db61d9c62111866bd91d9212548622002faf0858452e484e272798446ba1afe0667846a532734e12b891a69d27f1e46e241093893f3eb132af927f2c01dc2f420061e29485a84deec9aca85d2b7bd469343764ccd2e70b76bb3845017d600ab5724e2ddf6963ce1e4d94dc19f40aa8f1ee96c2ad17a7c315b9cf7c636436ae3b91524266d3aa917b590cd4ee8e8967e82cbafebb31b5c6f7905c5a21752ef1e6b453ed6 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 0fd092438045aa3e667a4952fd8e429a |
Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
Field | Value |
---|
ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
ValidFrom | 2014-10-22 00:00:00 |
ValidTo | 2024-10-22 00:00:00 |
Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
Version | 3 |
Certificate 0dd0e3374ac95bdbfa6b434b2a48ec06
Field | Value |
---|
ToBeSigned (TBS) MD5 | f92649915476229b093c211c2b18e6c4 |
ToBeSigned (TBS) SHA1 | 2d54c16a8f8b69ccdea48d0603c132f547a5cf75 |
ToBeSigned (TBS) SHA256 | 2cd702a7dec30aa441345672e8992ef9770ce4946f276d767b45b0ed627658fb |
Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert EV Code Signing CA |
ValidFrom | 2012-04-18 12:00:00 |
ValidTo | 2027-04-18 12:00:00 |
Signature | 9e5b963a2e1288acab016da49f75e40187a3a532d7bcbaa97ea3d61417f7c2136b7c738f2b6ae50f265968b08e259b6ceffa6c939208c14dcf459e9c46d61e74a19b14a3fa012f4ab101e1724048111368b9369d914bd7c2391210c1c4dcbb6214142a615d4f387c661fc61bffadbe4f7f945b7343000f4d73b751cf0ef677c05bcd348cd96313aa0e6111d6f28e27fcb47bb8b91120918678ea0ed428ff2ad52438e837b2ec96bb9fbc4a1650e15ebf517d23a032c7c1949e7ac9c026a2cc2587a0127e749f2d8db1c8e784beb9d1e9debb6a4e887371e12238cb2487e9737e51b2ff98eb4e7e2fe0ca0efab35ed1ba0542a8489f83f63fc4caa8df68a05061 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 0dd0e3374ac95bdbfa6b434b2a48ec06 |
Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
Field | Value |
---|
ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
ValidFrom | 2006-11-10 00:00:00 |
ValidTo | 2021-11-10 00:00:00 |
Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
Version | 3 |
Imports
Expand
Imported Functions
Expand
- IoDeleteDevice
- ZwClose
- IofCompleteRequest
- IoCreateSymbolicLink
- IoCreateDevice
- IoBuildDeviceIoControlRequest
- RtlAnsiStringToUnicodeString
- MmGetSystemRoutineAddress
- KeInitializeEvent
- RtlInitAnsiString
- RtlFreeUnicodeString
- IoGetDeviceObjectPointer
- KeWaitForSingleObject
- MmIsAddressValid
- ObfDereferenceObject
- RtlInitUnicodeString
- IofCallDriver
- ExAllocatePoolWithTag
- ExFreePoolWithTag
- KeLeaveCriticalRegion
- strstr
- MmUnmapIoSpace
- KeEnterCriticalRegion
- MmMapIoSpace
- PsGetVersion
- ExAllocatePoolWithQuotaTag
- ZwQuerySystemInformation
- KeBugCheckEx
- __C_specific_handler
- DbgPrint
- IoDeleteSymbolicLink
- HalGetBusDataByOffset
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012019c19066",
"Signature": "5df6cb2b0d0140849f857a43706ae0c5e7aa0600d76713c9089131654f14a8a905dc389e6aa0300abd8dc78028ee4245ca94f3de5845a9803204f5595c6a70003927944df5b44634e81c5331b2b35416e9cc42abd5d959301cfb462725b88723b1e8758824831ec876377b01494548a4ede25dd27c9ca2dc2dba105a126265abae00c710343bcb72bd14240cdcc37627b4a7fee15829f20e169f91391d89a6e60f1c878ce258ac927e243eaaec14e73a33348bc63bac83ab0f14627aba1a2d4d4b1bc530f00b92797d3c78e0f8e6d215965999392b3061e8b8f8c0a1e9221411787dc4dc89bec0bb94e172aeebb540404fef171e585ed0a88996ac9228e9babf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "OU=Timestamping CA, O=GlobalSign, CN=GlobalSign Timestamping CA",
"TBS": {
"MD5": "42023b9487cafe46c1b6a49c369a362e",
"SHA1": "7c7b524d269334b9f073c32e888e09544c6acd98",
"SHA256": "b7126567833f3daa4085ff41e73112daad3d1e3808a942c1936520e2d6c46c78",
"SHA384": "0ee4f63d6f157ec4f6990c3ebb411ccd76cb1e2123c7f692459e43f96c0da2dbf60a2bce6afeacc60621d3055028baea"
},
"ValidFrom": "2009-03-18 11:00:00",
"ValidTo": "2028-01-28 12:00:00",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012f4ee1355c",
"Signature": "225cc5dd3df40b70d8e3f5e7c58e0901bbb196365c5a07adc7a8444951257aae0da4193b929ccfb94226bb3b6c97e7c7ce116d6891da8d6df1534d54388c61f3c8827669be81320b31c36cc99e200a582ff048fe7e4807aad743589473540431a9780d3b8cb070c13d7ed7bd2f2ac3e2f58f0c90dc6ba5c8be685e5d6df878d2be49951e15780891fb34c8be84adbce0c6dd18dbf3caf07bc2143c18b803ba953e211e3f60697a7f6a039e8d4af9f0282c30845eec267242b16dcb64c3128cd6844b67417cb103177809e3ada8b6962da47e80034f88f7c16b5a4615cd2c198bd8709ce52d49886072a8a4195270435edad64603b0680e24ef4af60b2524ef24",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2",
"TBS": {
"MD5": "f6a9e8eb8784f3f694b4e353c08a0ff5",
"SHA1": "589a7d4df869395601ba7538a65afae8c4616385",
"SHA256": "cbdc9a0ad785d0c2013211746b42234e18bdc7d54a7a260647badc1c9e712ed4",
"SHA384": "dcec542f242317863d0b3d23947e17d6982e381003831777b07ed75b46fb18bd0392a89c9beb6862981cd05f3f2fb77b"
},
"ValidFrom": "2011-04-13 10:00:00",
"ValidTo": "2019-04-13 10:00:00",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "01000000000125b0b4cc01",
"Signature": "bc89ecfee63655935c79d4117a86808f17b693b26d9b91a1561811c655eaf608edad9b9ef52b81c8bbdd607b1b47991e6d403e1d80c213d58e04052fdbe7ae529e688472a1e54a603cf89bd52f46d8c3b2b79353ac9b6c432424d1f1fce9562e3411581843eaefff34746ca0c06c7fad031969881e9560cabbbd0cbb76efc724b081c63831cf36ad0c38b89020849b2e8f28b99ff6ca9427cdac396157e0e3955a9c769230f5dea6973d721c2a6032a8334d8635338a5cf3a4fdf7062ce16b4b30f5cbd34362f841b9de7d20cb058c8e2cf65f35fd338d42896508362ca389f45a858bb0b97bdb6ccba1f8d20e1bbb977cd12779be9d7c3be6a75634d8c991a9",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign NV, CN=GlobalSign Time Stamping Authority",
"TBS": {
"MD5": "e3369c8e5aec0504b3a50455f615d9f9",
"SHA1": "13c244a894b40ecd18aaf97c362f20385bd005a7",
"SHA256": "26da721a670c72836926032fee6920118bfb9bff89cc8d0ce30d9452c33f2532",
"SHA384": "1524902f0e25addc6d74039d439366d2b06199e215004fd8e145369f50ea94a021ce6312e8a62b35470da0309ccb975c"
},
"ValidFrom": "2009-12-21 09:32:56",
"ValidTo": "2020-12-22 09:32:56",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "112124a45abbf7c551deb213b28633c3dcad",
"Signature": "affd93f5b3dc4e5d57868f2bdf7f88bc14dd94c0de331f2d4fb4712dd259d5636f7c0d06595fec79e3311d63ac012ed643277e63015bc7c87c904efb57e44eef681019638adb464e96dd90f71eee2122664c7e809b11624b1b5e472ed28d55196cfd6d1eeedaa6c1e93a9540675a8047caee8a153cecb97db6ad807061634c8989e44a66675d71ed68cf2261592b3c49e35d111f9c4f3eb290fde4830a92c4d88e65914f5b8c5133138f11ecc6d07c47499016a43ea5fca364f560db7b38337959455928e8ec7940e26dab3f33547b05c6bc73868eb5cb8473dba3f006f07638aa7c29f933d5479f33f611ab8af56350e50254b9de2bfa4be289d0d1abc2133d",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=IL, CN=Artur Liberman",
"TBS": {
"MD5": "56627e70a0b871843f4c3244885a29b2",
"SHA1": "7425308f88b4b3d59f4f15c5b9399ee445142f85",
"SHA256": "8e1fcd00db7895ff671e93e4e92a98d902ee2afa2c46e0548b3c1bca605b54f0",
"SHA384": "1f0906f566cd9e09ccfa4b5cd6a10ce17755725f49764cd2ca7437a5bd26b7ef970136fb87880814554c3fd4e640aae9"
},
"ValidFrom": "2013-03-05 15:18:55",
"ValidTo": "2016-03-05 15:18:55",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "6129152700000000002a",
"Signature": "5ff8d065746a81c6a6ca5b03b6914ae84bbdef2ba142f0efb4a5adcd3389ec0b9585ac62501108aa58d25aa08310e5a6337af25af2c5fe787cf09c83df190ad97396002dd62ccde914d41d9de83f3c1a76f7904efb01350a6c9313a0c356eb67a0e4d17a96dec267f190f80a7bf5321b94ec5f751f8d1b34da6c58a7cb2d279e2226b7c9aa30cc0777b836e38201b5393ccc8dd9a75f7f23b3877fdb5798918bd7ce2520e39d644fdd87f72b68490318e0a5df7c5f68644d36838d4781f2e9e0a869abfa7b163c05a449ea8830190a6c73055178dfd41ddd3ad47f2de44e54be83431e7a7433b4a4ebd77073bc2a02988966eef6bc8f749378e329025a5a43e258ce7ccf9acad236893be25fda26054ec8d4e72c910e1797c5beee8b13112323294ffa83d050f6bafad53db3173df4ff034aa325dce67561d1fa35086bd62744d068b78d45e0eb852cc8a15d614474160e5958aed2b5eea5bcd6d7076ab62978fd976767dd8d4f17944fd2ed0caf972437c3a29c81da6be143b6577b4cecbf791319e79fe844e94781b75e701e91f83dd17b27f50b7056434805dda92fab86101d0b12e31ad04c6e75ded645b30b748887935c564a41029af7aeb799d8b67f88fa11f2457cf4d71b91c01cf1a0fbd4080a411a142acef4eb34486e66879ed54b7a397fbb0e3d3861cf735706e412066bd96b5308cd7018c22d4f974691bca9f0",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA",
"TBS": {
"MD5": "0bb058d116f02817737920f112d9fd3b",
"SHA1": "fd116235171a4feafedee586b7a59185fb5fd7e6",
"SHA256": "f970426cc46d2ae0fc5f899fa19dbe76e05f07e525654c60c3c9399492c291f4",
"SHA384": "c0df876be008c26ca407fe904e6f5e7ccded17f9c16830ce9f8022309c9e64c97f494810f152811ae43e223b82ad7cc6"
},
"ValidFrom": "2011-04-15 19:55:08",
"ValidTo": "2021-04-15 20:05:08",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=BE, O=GlobalSign nv,sa, CN=GlobalSign CodeSigning CA , G2",
"SerialNumber": "112124a45abbf7c551deb213b28633c3dcad",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2024-09-26