96c8fe71-3acc-41bc-9402-ebd69a961d74
phydmaccx64.sys
Description
Confirmed vulnerable driver from Microsoft Block List
Use Case | Privileges | Operating System |
---|---|---|
Elevate privileges | kernel | Windows |
Detections
YARA 🏹
Expand
Resources
CVE
Known Vulnerable Samples
Property | Value |
---|---|
Filename | |
Creation Timestamp | 2010-02-03 21:52:49 |
MD5 | 4c2a43fb610d0f51a9531ebe8420c20a |
SHA1 | 177b541412a45646177b2352fa2d9e89e0eefe5a |
SHA256 | f7b3112b9745b766c8359d25e315975d3159935a8ddb3e3035d21ed124a9013f |
Authentihash MD5 | 3b4459e6c42722801310a634fefe6f24 |
Authentihash SHA1 | 200abd07303234fc114360d9dabc38da1f1f2a22 |
Authentihash SHA256 | 743302af4224d5f44489290c01391c03b928126d726b72e7602fe5760e6d9519 |
RichPEHeaderHash MD5 | fd3ff6f19d8f48f4ebb41ec41760ff6b |
RichPEHeaderHash SHA1 | 171275b21878d14f213c4526ffac615b6803155c |
RichPEHeaderHash SHA256 | 085baff27391704e8c8747b9328b8bf76dc63310daedd45cf5421fb0a775791d |
Certificates
Expand
Certificate 040000000001239e0facb3
Field | Value |
---|---|
ToBeSigned (TBS) MD5 | 5ccf05e4dec10d9d6fe15d8778325272 |
ToBeSigned (TBS) SHA1 | 79f0a648bd7f1184f86bff43ae47c9ecc3ed3cec |
ToBeSigned (TBS) SHA256 | 33ea31b892ba274a4aefe545de45c42c218b6dff78146655cdea892545c2cccc |
Subject | C=BE, O=GlobalSign nv,sa, OU=Primary Object Publishing CA, CN=GlobalSign Primary Object Publishing CA |
ValidFrom | 1999-01-28 13:00:00 |
ValidTo | 2017-01-27 12:00:00 |
Signature | b578a6a27c04b77fc97f7d6abc71fa293060c2f4621efe7f431e9b6ee2b21f730b85765b7df54e49062fd4fab79140efed6f8d8e138354c52a023d0aa4dc990b7abd772fcc40c18ff3c48c4e72ba107ce6ff642bc7ce6ca7fcd79a7c8e468d01834d423bdb9c3f9f326157d717b0b33666f0b3fd446f8137b1944ea7562589f58ad66d116262795c42900218d39c23fc08e86445b92d7e805b4eafc38a299283781f914134af85c5fd07994e2c5cfec7fd17bb2525314d72b5b5294b489a376f13c7114e4a451e7e2f319cabe852afd6679734885f0e276a6652d15ac7ac302c2038dd2bff3aebce104582a27b1ba12073569b2a93e60451066c1bdc2f899493 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 040000000001239e0facb3 |
Version | 3 |
Certificate 0400000000012019c19066
Field | Value |
---|---|
ToBeSigned (TBS) MD5 | 42023b9487cafe46c1b6a49c369a362e |
ToBeSigned (TBS) SHA1 | 7c7b524d269334b9f073c32e888e09544c6acd98 |
ToBeSigned (TBS) SHA256 | b7126567833f3daa4085ff41e73112daad3d1e3808a942c1936520e2d6c46c78 |
Subject | OU=Timestamping CA, O=GlobalSign, CN=GlobalSign Timestamping CA |
ValidFrom | 2009-03-18 11:00:00 |
ValidTo | 2028-01-28 12:00:00 |
Signature | 5df6cb2b0d0140849f857a43706ae0c5e7aa0600d76713c9089131654f14a8a905dc389e6aa0300abd8dc78028ee4245ca94f3de5845a9803204f5595c6a70003927944df5b44634e81c5331b2b35416e9cc42abd5d959301cfb462725b88723b1e8758824831ec876377b01494548a4ede25dd27c9ca2dc2dba105a126265abae00c710343bcb72bd14240cdcc37627b4a7fee15829f20e169f91391d89a6e60f1c878ce258ac927e243eaaec14e73a33348bc63bac83ab0f14627aba1a2d4d4b1bc530f00b92797d3c78e0f8e6d215965999392b3061e8b8f8c0a1e9221411787dc4dc89bec0bb94e172aeebb540404fef171e585ed0a88996ac9228e9babf |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 0400000000012019c19066 |
Version | 3 |
Certificate 01000000000125b0b4cc01
Field | Value |
---|---|
ToBeSigned (TBS) MD5 | e3369c8e5aec0504b3a50455f615d9f9 |
ToBeSigned (TBS) SHA1 | 13c244a894b40ecd18aaf97c362f20385bd005a7 |
ToBeSigned (TBS) SHA256 | 26da721a670c72836926032fee6920118bfb9bff89cc8d0ce30d9452c33f2532 |
Subject | C=BE, O=GlobalSign NV, CN=GlobalSign Time Stamping Authority |
ValidFrom | 2009-12-21 09:32:56 |
ValidTo | 2020-12-22 09:32:56 |
Signature | bc89ecfee63655935c79d4117a86808f17b693b26d9b91a1561811c655eaf608edad9b9ef52b81c8bbdd607b1b47991e6d403e1d80c213d58e04052fdbe7ae529e688472a1e54a603cf89bd52f46d8c3b2b79353ac9b6c432424d1f1fce9562e3411581843eaefff34746ca0c06c7fad031969881e9560cabbbd0cbb76efc724b081c63831cf36ad0c38b89020849b2e8f28b99ff6ca9427cdac396157e0e3955a9c769230f5dea6973d721c2a6032a8334d8635338a5cf3a4fdf7062ce16b4b30f5cbd34362f841b9de7d20cb058c8e2cf65f35fd338d42896508362ca389f45a858bb0b97bdb6ccba1f8d20e1bbb977cd12779be9d7c3be6a75634d8c991a9 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 01000000000125b0b4cc01 |
Version | 3 |
Certificate 010000000001224e6689d6
Field | Value |
---|---|
ToBeSigned (TBS) MD5 | ca2389fcfbf20e5e06a93095a11e2969 |
ToBeSigned (TBS) SHA1 | 560b2b09d374366d82385c34f5af32f90a36e4ff |
ToBeSigned (TBS) SHA256 | 8145484fe1f9827a0473717e15ff7ebe86c39d6e1659f294dacedf863c149ee0 |
Subject | C=CN, O=Suzhou Ind. Park ShiSuanKeJi Co., Ltd., CN=Suzhou Ind. Park ShiSuanKeJi Co., Ltd., emailAddress=support@winmount.com |
ValidFrom | 2009-07-06 03:56:35 |
ValidTo | 2010-07-06 03:56:35 |
Signature | 85c9779e6b59736985b385e0e41542c8ad4d0549dde97d7fe57f28b7c94d9213ee3a5b930cda11d5ec31ad7af91301be188686cbea8509d053c737650684c16a46cd6ea0ee4ab8145b4a8b290a83abb754e43282f154a581c2c97d4ae4efc0f74e61197a74c6ff9edf4a73eda9f2bb8823db91718bdd114e195f07cdb5e2d20adb72e878920c26bad4a9cb400f0b5c2d1dbba924d0430a0bdb80a83d95961beff2c242a2f3da9838971caeb92395892174f7579bee52fb234887a3871c117751187c2fa334171aaf7a14e1dcd05aa8930e37f82c0aac6c514881f4ba1dc6c4aca3f2e59ef3a4de8744df815ee34333185aa3225675e20d60d7ae838f51937132 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | False |
SerialNumber | 010000000001224e6689d6 |
Version | 3 |
Certificate 040000000001239e0faf24
Field | Value |
---|---|
ToBeSigned (TBS) MD5 | 7dd2351a85d3665eeb6720a21f4f7dee |
ToBeSigned (TBS) SHA1 | 77838c4d7f36958a581841d28f481d61ce0696ed |
ToBeSigned (TBS) SHA256 | 846725f4b0193468c1079d6127e9e6e420fc6ed66019ed02d732ba644decad57 |
Subject | C=BE, O=GlobalSign nv,sa, OU=ObjectSign CA, CN=GlobalSign ObjectSign CA |
ValidFrom | 2004-01-22 10:00:00 |
ValidTo | 2017-01-27 10:00:00 |
Signature | 1e6af36df48ea922fe7008652ea15dab3330dd6c78fa4beaadc58dec107a6ac55897396b92f391e20ca7281cd15d768e8b077c136fadc43643b3c1bc3159cf1838d8a33bceffca6758bfe0f1ac613ea23b1ebc025b41ac446bf526f3ed5ea865f6ca65a63fcaf577eba5862a582956f8be161040e9d2fc572c636137662539202e0703a036032594bd7ceb7ed3a3c2c57616753092b9ff7641352168d10e5e5c8ec30360e68040fcc05da2546e6e9267a7811287a2a32bdbb74dffe4d5c7e505e6d5f1aefccd661821f33e47c9e59542612c9d2680b20fa83d0ec9a778df6e748c2c46f672e93c646b2855c44b6433cb78541338f0d57106d43e0d0a350ee0b3 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 040000000001239e0faf24 |
Version | 3 |
Certificate 610b7f6b000000000019
Field | Value |
---|---|
ToBeSigned (TBS) MD5 | 4798d55be7663a75649cda4dedc686ef |
ToBeSigned (TBS) SHA1 | 0f1ab2937b245d9466ea6f9bf056a5942e3989cf |
ToBeSigned (TBS) SHA256 | ef14ea05bb066ee9f4188196dd69cd769b283ac4d7555db52f5e76922d3456e1 |
Subject | C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA |
ValidFrom | 2006-05-23 17:00:51 |
ValidTo | 2016-05-23 17:10:51 |
Signature | 13c56c5e077f3c57ff9b315f3fbd955425c679f92c31034d64694b56d95b976f7cf3f0d024657538639813701613f7a701f1c623e085866c0bf080945a75e87ce41e92b473bfc1b3a7b00bd31884cbcc09a35c9c4f3eb03a9c2d1bc404ef9737966fe5ecbaac6ab3d4e23cdf8b25e7acbc624531dda40a72e41bf8784301ccba3914de5d90aed85acf5eca46815133d5a60e5867d3d8665888169beeb11acaad91138421da9a6e20efda007428bac95ff34d5dc3da25692554ea44bcc39b29331cd63c961f8781c553d72a2733d42e197c08586ddb4e1999a9ea5ff39a9d8c513a5a5cbd2fa908359b54a7db351a521633343aa380046afdb4838cad90cf0c3a6596ec334e1826b849bbeb8192ff134d324b23c733e7b6716b15f69c80e6bcb76cbe41d5033a7133150050743b0e5df996aaed903eab134c809926bc38a5eb0236891db620be83ab10f8199ed76379d4aeb12f6136f94a4ba833c70e7241f9f1b1907eae46efde397b75a0411459041d42bc4788b8130e05fa1df0808dff70c677d84bdc460e231a72d5bfdefeaaae69583cfc5c46e4d5819a8b6e6559771a32a590a6b6649364fd0753c9a0de28ad2a6cc638d181ce98f54019e92c1743a4265fd3443053e41d02baa40a2f16dd7a60275242bbad98372897e4b8d27911e3108c48d5305d0a0c52def588ea8d1a2d67c9f4801484b7850cd16628a5c66f2461 |
SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
IsCertificateAuthority | True |
SerialNumber | 610b7f6b000000000019 |
Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
Imported Functions
Expand
- MmUnmapIoSpace
- MmMapIoSpace
- IofCompleteRequest
- IoDeleteDevice
- IoCreateDevice
- KeBugCheckEx
- RtlInitUnicodeString
- IoCreateSymbolicLink
- IoDeleteSymbolicLink
- __C_specific_handler
- HalSetBusDataByOffset
- HalGetBusDataByOffset
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- INIT
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "040000000001239e0facb3",
"Signature": "b578a6a27c04b77fc97f7d6abc71fa293060c2f4621efe7f431e9b6ee2b21f730b85765b7df54e49062fd4fab79140efed6f8d8e138354c52a023d0aa4dc990b7abd772fcc40c18ff3c48c4e72ba107ce6ff642bc7ce6ca7fcd79a7c8e468d01834d423bdb9c3f9f326157d717b0b33666f0b3fd446f8137b1944ea7562589f58ad66d116262795c42900218d39c23fc08e86445b92d7e805b4eafc38a299283781f914134af85c5fd07994e2c5cfec7fd17bb2525314d72b5b5294b489a376f13c7114e4a451e7e2f319cabe852afd6679734885f0e276a6652d15ac7ac302c2038dd2bff3aebce104582a27b1ba12073569b2a93e60451066c1bdc2f899493",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, OU=Primary Object Publishing CA, CN=GlobalSign Primary Object Publishing CA",
"TBS": {
"MD5": "5ccf05e4dec10d9d6fe15d8778325272",
"SHA1": "79f0a648bd7f1184f86bff43ae47c9ecc3ed3cec",
"SHA256": "33ea31b892ba274a4aefe545de45c42c218b6dff78146655cdea892545c2cccc",
"SHA384": "1350ebc11fd20f5f141bc545786506e6a154be054da7a6e603cb276a6d60a24f2a4016ecc2f5cabd1088e1905f60aabf"
},
"ValidFrom": "1999-01-28 13:00:00",
"ValidTo": "2017-01-27 12:00:00",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "0400000000012019c19066",
"Signature": "5df6cb2b0d0140849f857a43706ae0c5e7aa0600d76713c9089131654f14a8a905dc389e6aa0300abd8dc78028ee4245ca94f3de5845a9803204f5595c6a70003927944df5b44634e81c5331b2b35416e9cc42abd5d959301cfb462725b88723b1e8758824831ec876377b01494548a4ede25dd27c9ca2dc2dba105a126265abae00c710343bcb72bd14240cdcc37627b4a7fee15829f20e169f91391d89a6e60f1c878ce258ac927e243eaaec14e73a33348bc63bac83ab0f14627aba1a2d4d4b1bc530f00b92797d3c78e0f8e6d215965999392b3061e8b8f8c0a1e9221411787dc4dc89bec0bb94e172aeebb540404fef171e585ed0a88996ac9228e9babf",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "OU=Timestamping CA, O=GlobalSign, CN=GlobalSign Timestamping CA",
"TBS": {
"MD5": "42023b9487cafe46c1b6a49c369a362e",
"SHA1": "7c7b524d269334b9f073c32e888e09544c6acd98",
"SHA256": "b7126567833f3daa4085ff41e73112daad3d1e3808a942c1936520e2d6c46c78",
"SHA384": "0ee4f63d6f157ec4f6990c3ebb411ccd76cb1e2123c7f692459e43f96c0da2dbf60a2bce6afeacc60621d3055028baea"
},
"ValidFrom": "2009-03-18 11:00:00",
"ValidTo": "2028-01-28 12:00:00",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "01000000000125b0b4cc01",
"Signature": "bc89ecfee63655935c79d4117a86808f17b693b26d9b91a1561811c655eaf608edad9b9ef52b81c8bbdd607b1b47991e6d403e1d80c213d58e04052fdbe7ae529e688472a1e54a603cf89bd52f46d8c3b2b79353ac9b6c432424d1f1fce9562e3411581843eaefff34746ca0c06c7fad031969881e9560cabbbd0cbb76efc724b081c63831cf36ad0c38b89020849b2e8f28b99ff6ca9427cdac396157e0e3955a9c769230f5dea6973d721c2a6032a8334d8635338a5cf3a4fdf7062ce16b4b30f5cbd34362f841b9de7d20cb058c8e2cf65f35fd338d42896508362ca389f45a858bb0b97bdb6ccba1f8d20e1bbb977cd12779be9d7c3be6a75634d8c991a9",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign NV, CN=GlobalSign Time Stamping Authority",
"TBS": {
"MD5": "e3369c8e5aec0504b3a50455f615d9f9",
"SHA1": "13c244a894b40ecd18aaf97c362f20385bd005a7",
"SHA256": "26da721a670c72836926032fee6920118bfb9bff89cc8d0ce30d9452c33f2532",
"SHA384": "1524902f0e25addc6d74039d439366d2b06199e215004fd8e145369f50ea94a021ce6312e8a62b35470da0309ccb975c"
},
"ValidFrom": "2009-12-21 09:32:56",
"ValidTo": "2020-12-22 09:32:56",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "010000000001224e6689d6",
"Signature": "85c9779e6b59736985b385e0e41542c8ad4d0549dde97d7fe57f28b7c94d9213ee3a5b930cda11d5ec31ad7af91301be188686cbea8509d053c737650684c16a46cd6ea0ee4ab8145b4a8b290a83abb754e43282f154a581c2c97d4ae4efc0f74e61197a74c6ff9edf4a73eda9f2bb8823db91718bdd114e195f07cdb5e2d20adb72e878920c26bad4a9cb400f0b5c2d1dbba924d0430a0bdb80a83d95961beff2c242a2f3da9838971caeb92395892174f7579bee52fb234887a3871c117751187c2fa334171aaf7a14e1dcd05aa8930e37f82c0aac6c514881f4ba1dc6c4aca3f2e59ef3a4de8744df815ee34333185aa3225675e20d60d7ae838f51937132",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=CN, O=Suzhou Ind. Park ShiSuanKeJi Co., Ltd., CN=Suzhou Ind. Park ShiSuanKeJi Co., Ltd., emailAddress=support@winmount.com",
"TBS": {
"MD5": "ca2389fcfbf20e5e06a93095a11e2969",
"SHA1": "560b2b09d374366d82385c34f5af32f90a36e4ff",
"SHA256": "8145484fe1f9827a0473717e15ff7ebe86c39d6e1659f294dacedf863c149ee0",
"SHA384": "bd262827636c18b70299e8e96ccc2e61284352309d9c7da197ba51914c52adb3248d784f411fac6d884750f9d8f02a06"
},
"ValidFrom": "2009-07-06 03:56:35",
"ValidTo": "2010-07-06 03:56:35",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "040000000001239e0faf24",
"Signature": "1e6af36df48ea922fe7008652ea15dab3330dd6c78fa4beaadc58dec107a6ac55897396b92f391e20ca7281cd15d768e8b077c136fadc43643b3c1bc3159cf1838d8a33bceffca6758bfe0f1ac613ea23b1ebc025b41ac446bf526f3ed5ea865f6ca65a63fcaf577eba5862a582956f8be161040e9d2fc572c636137662539202e0703a036032594bd7ceb7ed3a3c2c57616753092b9ff7641352168d10e5e5c8ec30360e68040fcc05da2546e6e9267a7811287a2a32bdbb74dffe4d5c7e505e6d5f1aefccd661821f33e47c9e59542612c9d2680b20fa83d0ec9a778df6e748c2c46f672e93c646b2855c44b6433cb78541338f0d57106d43e0d0a350ee0b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, OU=ObjectSign CA, CN=GlobalSign ObjectSign CA",
"TBS": {
"MD5": "7dd2351a85d3665eeb6720a21f4f7dee",
"SHA1": "77838c4d7f36958a581841d28f481d61ce0696ed",
"SHA256": "846725f4b0193468c1079d6127e9e6e420fc6ed66019ed02d732ba644decad57",
"SHA384": "aaa45fe704bc66bb1842a2123c6e45e016dfbc7ba2ce07d7d2ee0b5d488a39c68bc6db582cb45d51f5fa52e60be8efd6"
},
"ValidFrom": "2004-01-22 10:00:00",
"ValidTo": "2017-01-27 10:00:00",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "610b7f6b000000000019",
"Signature": "13c56c5e077f3c57ff9b315f3fbd955425c679f92c31034d64694b56d95b976f7cf3f0d024657538639813701613f7a701f1c623e085866c0bf080945a75e87ce41e92b473bfc1b3a7b00bd31884cbcc09a35c9c4f3eb03a9c2d1bc404ef9737966fe5ecbaac6ab3d4e23cdf8b25e7acbc624531dda40a72e41bf8784301ccba3914de5d90aed85acf5eca46815133d5a60e5867d3d8665888169beeb11acaad91138421da9a6e20efda007428bac95ff34d5dc3da25692554ea44bcc39b29331cd63c961f8781c553d72a2733d42e197c08586ddb4e1999a9ea5ff39a9d8c513a5a5cbd2fa908359b54a7db351a521633343aa380046afdb4838cad90cf0c3a6596ec334e1826b849bbeb8192ff134d324b23c733e7b6716b15f69c80e6bcb76cbe41d5033a7133150050743b0e5df996aaed903eab134c809926bc38a5eb0236891db620be83ab10f8199ed76379d4aeb12f6136f94a4ba833c70e7241f9f1b1907eae46efde397b75a0411459041d42bc4788b8130e05fa1df0808dff70c677d84bdc460e231a72d5bfdefeaaae69583cfc5c46e4d5819a8b6e6559771a32a590a6b6649364fd0753c9a0de28ad2a6cc638d181ce98f54019e92c1743a4265fd3443053e41d02baa40a2f16dd7a60275242bbad98372897e4b8d27911e3108c48d5305d0a0c52def588ea8d1a2d67c9f4801484b7850cd16628a5c66f2461",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=BE, O=GlobalSign nv,sa, OU=Root CA, CN=GlobalSign Root CA",
"TBS": {
"MD5": "4798d55be7663a75649cda4dedc686ef",
"SHA1": "0f1ab2937b245d9466ea6f9bf056a5942e3989cf",
"SHA256": "ef14ea05bb066ee9f4188196dd69cd769b283ac4d7555db52f5e76922d3456e1",
"SHA384": "6e7450a139856aeda6fa6284ff89b3752a9b646e096b4d33dd7e8e727742a2111481531581c0aa2cda0338e22cfdbad3"
},
"ValidFrom": "2006-05-23 17:00:51",
"ValidTo": "2016-05-23 17:10:51",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=BE, O=GlobalSign nv,sa, OU=ObjectSign CA, CN=GlobalSign ObjectSign CA",
"SerialNumber": "010000000001224e6689d6",
"Version": 1
}
],
"SignerInfo": ""
}
last_updated: 2024-09-26