a9d9cbb7-b5f6-4e74-97a5-29993263280e

CorsairLLAccess64.sys :inline

Description

CorsairLLAccess64.sys is a vulnerable driver and more information will be added as found.

  • UUID: a9d9cbb7-b5f6-4e74-97a5-29993263280e
  • Created: 2023-05-06
  • Author: Nasreddine Bencherchali
  • Acknowledgement: |

DownloadBlock

This download link contains the vulnerable driver!

Commands

sc.exe create CorsairLLAccess64.sys binPath=C:\windows\temp\CorsairLLAccess64.sys type=kernel && sc.exe start CorsairLLAccess64.sys
Use CasePrivilegesOperating System
Elevate privilegeskernelWindows 10

Detections

YARA 🏹

Expand

Exact Match

with header and size limitation

Threat Hunting

without header and size limitation

Renamed

for renamed driver files

Sigma 🛡️

Expand

Names

detects loading using name only

Hashes

detects loading using hashes only

Sysmon 🔎

Expand

Block

on hashes

Alert

on hashes

Resources


  • Internal Research

  • Known Vulnerable Samples

    PropertyValue
    FilenameCorsairLLAccess64.sys
    Creation Timestamp2019-09-05 21:33:31
    MD5b34361d151c793415ef92ee5d368c053
    SHA189656051126c3e97477a9985d363fbdde0bc159e
    SHA25629a90ae1dcee66335ece4287a06482716530509912be863c85a2a03a6450a5b6
    Authentihash MD57158180c7f219093d504d695240c2173
    Authentihash SHA10302854ea87dc07a493aca60e8e7e63422932e42
    Authentihash SHA256b5606dc2a76350916cd77348cfdfe502256d759a4743dd4af503d2f7f348eb70
    RichPEHeaderHash MD509623177d73b03f02ff61716a62d38b6
    RichPEHeaderHash SHA1fc2c790bf9784da7780d70f55636f2f322103f3e
    RichPEHeaderHash SHA256ea3ff622c09db0daef057ac5c3d82ffbf16b6da419c63adf30bd26a81f2135be
    CompanyCorsair Memory, Inc.
    DescriptionCorsair LL Access
    ProductCorsair LL Access
    OriginalFilenameCorsair LL Access

    Download

    Certificates

    Expand
    Certificate 33000000319479a318f5522d06000000000031
    FieldValue
    ToBeSigned (TBS) MD55b81fd0f706522a8d7c9f2957283c0b4
    ToBeSigned (TBS) SHA184d894599653a8ed0e0b2802db3197dc177908cc
    ToBeSigned (TBS) SHA2564fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher
    ValidFrom2019-06-05 18:34:00
    ValidTo2020-06-03 18:34:00
    Signature312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityFalse
    SerialNumber33000000319479a318f5522d06000000000031
    Version3
    Certificate 330000000d690d5d7893d076df00000000000d
    FieldValue
    ToBeSigned (TBS) MD583f69422963f11c3c340b81712eef319
    ToBeSigned (TBS) SHA10c5e5f24590b53bc291e28583acb78e5adc95601
    ToBeSigned (TBS) SHA256d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014
    ValidFrom2014-10-15 20:31:27
    ValidTo2029-10-15 20:41:27
    Signature96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityTrue
    SerialNumber330000000d690d5d7893d076df00000000000d
    Version3

    Imports

    Expand
    • ntoskrnl.exe
    • HAL.dll

    Imported Functions

    Expand
    • RtlInitUnicodeString
    • KeInitializeMutex
    • KeReleaseMutex
    • KeWaitForSingleObject
    • ExQueryDepthSList
    • ExpInterlockedPopEntrySList
    • ExpInterlockedPushEntrySList
    • ExInitializeNPagedLookasideList
    • ExDeleteNPagedLookasideList
    • MmBuildMdlForNonPagedPool
    • MmMapLockedPagesSpecifyCache
    • wcsncmp
    • MmMapIoSpace
    • MmUnmapIoSpace
    • IoAllocateMdl
    • IofCompleteRequest
    • IoCreateDevice
    • IoCreateSymbolicLink
    • IoDeleteDevice
    • IoDeleteSymbolicLink
    • IoFreeMdl
    • IoGetRequestorProcessId
    • __C_specific_handler
    • KeBugCheckEx
    • wcsncat_s
    • MmUnmapLockedPages
    • wcscpy_s
    • HalSetBusDataByOffset
    • HalGetBusDataByOffset

    Exported Functions

    Expand

    Sections

    Expand
    • .text
    • .rdata
    • .data
    • .pdata
    • INIT
    • .rsrc
    • .reloc

    Signature

    Expand
    {
      "Certificates": [
        {
          "IsCertificateAuthority": false,
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Signature": "312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher",
          "TBS": {
            "MD5": "5b81fd0f706522a8d7c9f2957283c0b4",
            "SHA1": "84d894599653a8ed0e0b2802db3197dc177908cc",
            "SHA256": "4fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4",
            "SHA384": "0b89dc122fc7ebf80881a5047ffbbcb0bec30636516aff4f43307e2a925a476cabfc26e2cc392ad748d655f6ec4c8b75"
          },
          "ValidFrom": "2019-06-05 18:34:00",
          "ValidTo": "2020-06-03 18:34:00",
          "Version": 3
        },
        {
          "IsCertificateAuthority": true,
          "SerialNumber": "330000000d690d5d7893d076df00000000000d",
          "Signature": "96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "TBS": {
            "MD5": "83f69422963f11c3c340b81712eef319",
            "SHA1": "0c5e5f24590b53bc291e28583acb78e5adc95601",
            "SHA256": "d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae",
            "SHA384": "260ad59ba706420f68ba212931153bd89f760c464b21be55fba9d014fff322407859d4ebfb78ea9a3330f60dc9821a63"
          },
          "ValidFrom": "2014-10-15 20:31:27",
          "ValidTo": "2029-10-15 20:41:27",
          "Version": 3
        }
      ],
      "CertificatesInfo": "",
      "Signer": [
        {
          "Issuer": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Version": 1
        }
      ],
      "SignerInfo": ""
    }
    

    PropertyValue
    FilenameCorsairLLAccess64.sys
    Creation Timestamp2019-09-05 21:33:16
    MD53b9698a9ee85f0b4edf150deef790ccd
    SHA1fbfabf309680fbf7c0f6f14c5a0e4840c894e393
    SHA2565fad3775feb8b6f6dcbd1642ae6b6a565ff7b64eadfc9bf9777918b51696ab36
    Authentihash MD52c91bc52c8cda89db47907b88590a2a0
    Authentihash SHA12129fd9cf3839001abea6bab0bbde224abad967c
    Authentihash SHA256a52a6fe55bd1c294d6f26b68839770d97850e9ccd5ecfd7f96b9dc4386e0ff08
    RichPEHeaderHash MD52bd9998d5a3d752be9fda27c05556bf0
    RichPEHeaderHash SHA122bc82c127fad9e77e36eba619c52e4bf09bdf9a
    RichPEHeaderHash SHA2564964d8c6bdbd9500a657897213fb509c83b324af6304964f422080ba3068d4a3
    CompanyCorsair Memory, Inc.
    DescriptionCorsair LL Access
    ProductCorsair LL Access
    OriginalFilenameCorsair LL Access

    Download

    Certificates

    Expand
    Certificate 33000000319479a318f5522d06000000000031
    FieldValue
    ToBeSigned (TBS) MD55b81fd0f706522a8d7c9f2957283c0b4
    ToBeSigned (TBS) SHA184d894599653a8ed0e0b2802db3197dc177908cc
    ToBeSigned (TBS) SHA2564fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher
    ValidFrom2019-06-05 18:34:00
    ValidTo2020-06-03 18:34:00
    Signature312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityFalse
    SerialNumber33000000319479a318f5522d06000000000031
    Version3
    Certificate 330000000d690d5d7893d076df00000000000d
    FieldValue
    ToBeSigned (TBS) MD583f69422963f11c3c340b81712eef319
    ToBeSigned (TBS) SHA10c5e5f24590b53bc291e28583acb78e5adc95601
    ToBeSigned (TBS) SHA256d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014
    ValidFrom2014-10-15 20:31:27
    ValidTo2029-10-15 20:41:27
    Signature96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityTrue
    SerialNumber330000000d690d5d7893d076df00000000000d
    Version3

    Imports

    Expand
    • ntoskrnl.exe
    • HAL.dll

    Imported Functions

    Expand
    • WRITE_REGISTER_ULONG
    • KeInitializeMutex
    • KeReleaseMutex
    • KeWaitForSingleObject
    • InterlockedPopEntrySList
    • InterlockedPushEntrySList
    • ExInitializeNPagedLookasideList
    • ExDeleteNPagedLookasideList
    • MmBuildMdlForNonPagedPool
    • MmMapLockedPagesSpecifyCache
    • MmUnmapLockedPages
    • WRITE_REGISTER_USHORT
    • MmUnmapIoSpace
    • IoAllocateMdl
    • IofCompleteRequest
    • IoCreateDevice
    • IoCreateSymbolicLink
    • IoDeleteDevice
    • IoDeleteSymbolicLink
    • IoFreeMdl
    • IoGetRequestorProcessId
    • KeBugCheckEx
    • WRITE_REGISTER_UCHAR
    • RtlUnwind
    • READ_REGISTER_ULONG
    • READ_REGISTER_USHORT
    • READ_REGISTER_UCHAR
    • RtlInitUnicodeString
    • wcsncmp
    • wcsncat_s
    • MmMapIoSpace
    • wcscpy_s
    • WRITE_PORT_ULONG
    • WRITE_PORT_USHORT
    • WRITE_PORT_UCHAR
    • READ_PORT_ULONG
    • READ_PORT_USHORT
    • READ_PORT_UCHAR
    • HalSetBusDataByOffset
    • HalGetBusDataByOffset

    Exported Functions

    Expand

    Sections

    Expand
    • .text
    • .rdata
    • .data
    • INIT
    • .rsrc
    • .reloc

    Signature

    Expand
    {
      "Certificates": [
        {
          "IsCertificateAuthority": false,
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Signature": "312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher",
          "TBS": {
            "MD5": "5b81fd0f706522a8d7c9f2957283c0b4",
            "SHA1": "84d894599653a8ed0e0b2802db3197dc177908cc",
            "SHA256": "4fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4",
            "SHA384": "0b89dc122fc7ebf80881a5047ffbbcb0bec30636516aff4f43307e2a925a476cabfc26e2cc392ad748d655f6ec4c8b75"
          },
          "ValidFrom": "2019-06-05 18:34:00",
          "ValidTo": "2020-06-03 18:34:00",
          "Version": 3
        },
        {
          "IsCertificateAuthority": true,
          "SerialNumber": "330000000d690d5d7893d076df00000000000d",
          "Signature": "96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "TBS": {
            "MD5": "83f69422963f11c3c340b81712eef319",
            "SHA1": "0c5e5f24590b53bc291e28583acb78e5adc95601",
            "SHA256": "d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae",
            "SHA384": "260ad59ba706420f68ba212931153bd89f760c464b21be55fba9d014fff322407859d4ebfb78ea9a3330f60dc9821a63"
          },
          "ValidFrom": "2014-10-15 20:31:27",
          "ValidTo": "2029-10-15 20:41:27",
          "Version": 3
        }
      ],
      "CertificatesInfo": "",
      "Signer": [
        {
          "Issuer": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Version": 1
        }
      ],
      "SignerInfo": ""
    }
    

    PropertyValue
    FilenameCorsairLLAccess64.sys
    Creation Timestamp2019-10-28 17:18:58
    MD530efb7d485fc9c28fe82a97deac29626
    SHA185941b94524da181be8aad290127aa18fc71895c
    SHA256a334bdf0c0ab07803380eb6ef83eefe7c147d6962595dd9c943a6a76f2200b0d
    Authentihash MD5e5c1ddfd9df7a473d9394ec219ffaa15
    Authentihash SHA1c0e1d74e70c5350e23c51209aa8b5df87bdf5642
    Authentihash SHA256cff3fc66d54279b755ceedf89268847dbb5139227739e4689f5d9271b1d7923b
    RichPEHeaderHash MD5b3c51d93de6657ea03bfded31907268d
    RichPEHeaderHash SHA14b863e10ff72c56d9f5092920beae2ef1c060a29
    RichPEHeaderHash SHA2568cce9adc0a3123b98608fd0a4bd3ed9249390fbaf9962b59c431833a7d1a12dc
    CompanyCorsair Memory, Inc.
    DescriptionCorsair LL Access
    ProductCorsair LL Access
    OriginalFilenameCorsair LL Access

    Download

    Certificates

    Expand
    Certificate 33000000319479a318f5522d06000000000031
    FieldValue
    ToBeSigned (TBS) MD55b81fd0f706522a8d7c9f2957283c0b4
    ToBeSigned (TBS) SHA184d894599653a8ed0e0b2802db3197dc177908cc
    ToBeSigned (TBS) SHA2564fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher
    ValidFrom2019-06-05 18:34:00
    ValidTo2020-06-03 18:34:00
    Signature312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityFalse
    SerialNumber33000000319479a318f5522d06000000000031
    Version3
    Certificate 330000000d690d5d7893d076df00000000000d
    FieldValue
    ToBeSigned (TBS) MD583f69422963f11c3c340b81712eef319
    ToBeSigned (TBS) SHA10c5e5f24590b53bc291e28583acb78e5adc95601
    ToBeSigned (TBS) SHA256d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014
    ValidFrom2014-10-15 20:31:27
    ValidTo2029-10-15 20:41:27
    Signature96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityTrue
    SerialNumber330000000d690d5d7893d076df00000000000d
    Version3

    Imports

    Expand
    • ntoskrnl.exe
    • HAL.dll

    Imported Functions

    Expand
    • WRITE_REGISTER_USHORT
    • WRITE_REGISTER_ULONG
    • KeInitializeMutex
    • KeReleaseMutex
    • KeWaitForSingleObject
    • InterlockedPopEntrySList
    • InterlockedPushEntrySList
    • ExInitializeNPagedLookasideList
    • ExDeleteNPagedLookasideList
    • MmBuildMdlForNonPagedPool
    • MmMapLockedPagesSpecifyCache
    • WRITE_REGISTER_UCHAR
    • MmMapIoSpace
    • MmUnmapIoSpace
    • IoAllocateMdl
    • IofCompleteRequest
    • IoCreateDevice
    • IoCreateSymbolicLink
    • IoDeleteDevice
    • IoDeleteSymbolicLink
    • IoFreeMdl
    • IoGetRequestorProcessId
    • KeBugCheckEx
    • READ_REGISTER_ULONG
    • RtlUnwind
    • READ_REGISTER_USHORT
    • READ_REGISTER_UCHAR
    • RtlGetVersion
    • RtlInitUnicodeString
    • wcsncmp
    • wcsncat_s
    • MmUnmapLockedPages
    • wcscpy_s
    • WRITE_PORT_ULONG
    • WRITE_PORT_USHORT
    • WRITE_PORT_UCHAR
    • READ_PORT_ULONG
    • READ_PORT_USHORT
    • READ_PORT_UCHAR
    • HalSetBusDataByOffset
    • HalGetBusDataByOffset

    Exported Functions

    Expand

    Sections

    Expand
    • .text
    • .rdata
    • .data
    • INIT
    • .rsrc
    • .reloc

    Signature

    Expand
    {
      "Certificates": [
        {
          "IsCertificateAuthority": false,
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Signature": "312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher",
          "TBS": {
            "MD5": "5b81fd0f706522a8d7c9f2957283c0b4",
            "SHA1": "84d894599653a8ed0e0b2802db3197dc177908cc",
            "SHA256": "4fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4",
            "SHA384": "0b89dc122fc7ebf80881a5047ffbbcb0bec30636516aff4f43307e2a925a476cabfc26e2cc392ad748d655f6ec4c8b75"
          },
          "ValidFrom": "2019-06-05 18:34:00",
          "ValidTo": "2020-06-03 18:34:00",
          "Version": 3
        },
        {
          "IsCertificateAuthority": true,
          "SerialNumber": "330000000d690d5d7893d076df00000000000d",
          "Signature": "96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "TBS": {
            "MD5": "83f69422963f11c3c340b81712eef319",
            "SHA1": "0c5e5f24590b53bc291e28583acb78e5adc95601",
            "SHA256": "d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae",
            "SHA384": "260ad59ba706420f68ba212931153bd89f760c464b21be55fba9d014fff322407859d4ebfb78ea9a3330f60dc9821a63"
          },
          "ValidFrom": "2014-10-15 20:31:27",
          "ValidTo": "2029-10-15 20:41:27",
          "Version": 3
        }
      ],
      "CertificatesInfo": "",
      "Signer": [
        {
          "Issuer": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Version": 1
        }
      ],
      "SignerInfo": ""
    }
    

    PropertyValue
    FilenameCorsairLLAccess64.sys
    Creation Timestamp2019-08-26 01:16:05
    MD5f042e8318cf20957c2339d96690c3186
    SHA12871a631f36cd1ea2fd268036087d28070ef2c52
    SHA256f15ae970e222ce06dbf3752b223270d0e726fb78ebec3598b4f8225b5a0880b1
    Authentihash MD50249d3e10b361ce69d1e7a44889ed8b7
    Authentihash SHA1fc577f0a129354623164e81fd287ebd6546c8ca3
    Authentihash SHA25609bc9d0606d8b96f1d9fb18741bdb43aa5c188981d298df047b8c75351d68653
    RichPEHeaderHash MD52bd9998d5a3d752be9fda27c05556bf0
    RichPEHeaderHash SHA122bc82c127fad9e77e36eba619c52e4bf09bdf9a
    RichPEHeaderHash SHA2564964d8c6bdbd9500a657897213fb509c83b324af6304964f422080ba3068d4a3
    CompanyCorsair Memory, Inc.
    DescriptionCorsair LL Access
    ProductCorsair LL Access
    OriginalFilenameCorsair LL Access

    Download

    Certificates

    Expand
    Certificate 33000000319479a318f5522d06000000000031
    FieldValue
    ToBeSigned (TBS) MD55b81fd0f706522a8d7c9f2957283c0b4
    ToBeSigned (TBS) SHA184d894599653a8ed0e0b2802db3197dc177908cc
    ToBeSigned (TBS) SHA2564fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher
    ValidFrom2019-06-05 18:34:00
    ValidTo2020-06-03 18:34:00
    Signature312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityFalse
    SerialNumber33000000319479a318f5522d06000000000031
    Version3
    Certificate 330000000d690d5d7893d076df00000000000d
    FieldValue
    ToBeSigned (TBS) MD583f69422963f11c3c340b81712eef319
    ToBeSigned (TBS) SHA10c5e5f24590b53bc291e28583acb78e5adc95601
    ToBeSigned (TBS) SHA256d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae
    SubjectC=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014
    ValidFrom2014-10-15 20:31:27
    ValidTo2029-10-15 20:41:27
    Signature96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f
    SignatureAlgorithmOID1.2.840.113549.1.1.11
    IsCertificateAuthorityTrue
    SerialNumber330000000d690d5d7893d076df00000000000d
    Version3

    Imports

    Expand
    • ntoskrnl.exe
    • HAL.dll

    Imported Functions

    Expand
    • WRITE_REGISTER_ULONG
    • KeInitializeMutex
    • KeReleaseMutex
    • KeWaitForSingleObject
    • InterlockedPopEntrySList
    • InterlockedPushEntrySList
    • ExInitializeNPagedLookasideList
    • ExDeleteNPagedLookasideList
    • MmBuildMdlForNonPagedPool
    • MmMapLockedPagesSpecifyCache
    • MmUnmapLockedPages
    • WRITE_REGISTER_USHORT
    • MmUnmapIoSpace
    • IoAllocateMdl
    • IofCompleteRequest
    • IoCreateDevice
    • IoCreateSymbolicLink
    • IoDeleteDevice
    • IoDeleteSymbolicLink
    • IoFreeMdl
    • IoGetRequestorProcessId
    • KeBugCheckEx
    • WRITE_REGISTER_UCHAR
    • RtlUnwind
    • READ_REGISTER_ULONG
    • READ_REGISTER_USHORT
    • READ_REGISTER_UCHAR
    • RtlInitUnicodeString
    • wcsncmp
    • wcsncat_s
    • MmMapIoSpace
    • wcscpy_s
    • WRITE_PORT_ULONG
    • WRITE_PORT_USHORT
    • WRITE_PORT_UCHAR
    • READ_PORT_ULONG
    • READ_PORT_USHORT
    • READ_PORT_UCHAR
    • HalSetBusDataByOffset
    • HalGetBusDataByOffset

    Exported Functions

    Expand

    Sections

    Expand
    • .text
    • .rdata
    • .data
    • INIT
    • .rsrc
    • .reloc

    Signature

    Expand
    {
      "Certificates": [
        {
          "IsCertificateAuthority": false,
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Signature": "312314217055afc1a5751181c7d2d7619b23ba17166e6ae6f358b16921c925c6e3b75c31b93035f357c154fe4d347019e927db1957193b741e3371b46f4d6212b3bec972d6ff2297e8b1f2391f840045471ee31c524d4f5bf1cae4a32b73f6e48f51f777bb5b8a726db2a387c7c8df42289540f4f3d27b37d4ab4854efba809021879f3257d5670d70003a51d62bbc68e345a769f37ccb3ad336b7b3c494f5d56ef8300228d29835e5129b070742a220f83b6c9d5e2589cf2e7a1f7b59cfc81cda3232fc2fa448d736db546dc4b274cad3da83433deaa3eb9919b23ad08dc4055a8026711adcfccdb47d7a7c1adb2671ecc7198a786973807699a0ee236a46771f88913b769693b0b8ce9b002a40c2aa426edfd9a98368f89817b0d174458a390e11628e21f77e751431fae13831228e0e357610a24d89806d85390e9b3831792f62688bf04f91ee9a854b252452de7e752f39e57765a09a4ff41ae96144593a8a99688c6c9ad6b9fcaba1189ef2372b99e96db3fe6402b0e125b17f36c6f70fc1eb83257ce639b6c691a9ec031dddb9fa6536bb8e6080c9db976533f4ddfb73309b6498543cc94d3283d43668d614dd60a4fe707eb3b871da3204c534c8cc73cbc66aeb36cefd765439eef68d7ee9c515eb617f051a72097d0a25003df2dceccc9a0c4be1fd27e473955cc83ee9dba626748b1cb723c3b1c8b8ebc59321a0f5",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher",
          "TBS": {
            "MD5": "5b81fd0f706522a8d7c9f2957283c0b4",
            "SHA1": "84d894599653a8ed0e0b2802db3197dc177908cc",
            "SHA256": "4fa629304df4287c97ae5b7e481974316e9daf776b0cdeffab1671e7dca68fb4",
            "SHA384": "0b89dc122fc7ebf80881a5047ffbbcb0bec30636516aff4f43307e2a925a476cabfc26e2cc392ad748d655f6ec4c8b75"
          },
          "ValidFrom": "2019-06-05 18:34:00",
          "ValidTo": "2020-06-03 18:34:00",
          "Version": 3
        },
        {
          "IsCertificateAuthority": true,
          "SerialNumber": "330000000d690d5d7893d076df00000000000d",
          "Signature": "96b5c33b31f27b6ba11f59dd742c3764b1bca093f9f33347e9f95df21d89f4579ee33f10a3595018053b142941b6a70e5b81a2ccbd8442c1c4bed184c2c4bd0c8c47bcbd8886fb5a0896ae2c2fdfbf9366a32b20ca848a6945273f732332936a23e9fffdd918edceffbd6b41738d579cf8b46d499805e6a335a9f07e6e86c06ba8086725afc0998cdba7064d4093188ba959e69914b912178144ac57c3ae8eae947bcb3b8edd7ab4715bba2bc3c7d085234b371277a54a2f7f1ab763b94459ed9230cce47c099212111f52f51e0291a4d7d7e58f8047ff189b7fd19c0671dcf376197790d52a0fbc6c12c4c50c2066f50e2f5093d8cafb7fe556ed09d8a753b1c72a6978dcf05fe74b20b6af63b5e1b15c804e9c7aa91d4df72846782106954d32dd6042e4b61ac4f24636de357302c1b5e55fb92b59457a9243d7c4e963dd368f76c728caa8441be8321a66cde5485c4a0a602b469206609698dcd933d721777f886dac4772daa2466eab64682bd24e98fb35cc7fec3f136d11e5db77edc1c37e1f6a4a14f8b4a721c671866770cdd819a35d1fa09b9a7cc55d4d728e74077fa74d00fcdd682412772a557527cda92c1d8e7c19ee692c9f7425338208db38cc7cc74f6c3a6bc237117872fe55596460333e2edfc42de72cd7fb0a82256fb8d70c84a5e1c4746e2a95329ea0fecdb4188fd33bad32b2b19ab86d0543fbff0d0f",
          "SignatureAlgorithmOID": "1.2.840.113549.1.1.11",
          "Subject": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "TBS": {
            "MD5": "83f69422963f11c3c340b81712eef319",
            "SHA1": "0c5e5f24590b53bc291e28583acb78e5adc95601",
            "SHA256": "d8be9e4d9074088ef818bc6f6fb64955e90378b2754155126feebbbd969cf0ae",
            "SHA384": "260ad59ba706420f68ba212931153bd89f760c464b21be55fba9d014fff322407859d4ebfb78ea9a3330f60dc9821a63"
          },
          "ValidFrom": "2014-10-15 20:31:27",
          "ValidTo": "2029-10-15 20:41:27",
          "Version": 3
        }
      ],
      "CertificatesInfo": "",
      "Signer": [
        {
          "Issuer": "C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2014",
          "SerialNumber": "33000000319479a318f5522d06000000000031",
          "Version": 1
        }
      ],
      "SignerInfo": ""
    }
    

    source

    last_updated: 2024-09-26