drvinst.exe

• File Path: C:\WINDOWS\system32\drvinst.exe
• Description: Driver Installation Module

Hashes

Type	Hash
MD5	100997A8B475B1D1B173BE8941DFE1A6
SHA1	D40F3CB1012FA7DE0FB05977775C1B7DF067F7E4
SHA256	8AA128B9019439D525442BCAC7849DEF30976EBC9EE72965AC42260D18D190B3
SHA384	5DCC629CE7CC8BE2949CF941564B053322F99225C8EBA640F6E8FB4EFD22113F45E41D7974D7C3D0768C92539A0C1E57
SHA512	0812072EECF910F9CE6EDBAB3B4B7F1D1557986CBBB8B5DF3A14C4960E32C164B2D6D13D518A49C4AFF970FF7F0587BC7C5BA17A481D00E9979099DFF4E2F403
SSDEEP	3072:m2hSnc/gTJrTuNZxhfoyDigOqtJ+tGfOijamuJ4/0NZdY5s:acYd6Txhf0g1++uJ4/sZY

Signature

• Status: Signature verified.
• Serial: 330000023241FB59996DCC4DFF000000000232
• Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: DrvInst.EXE.MUI
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.18362.1 (WinBuild.160101.0800)
• Product Version: 10.0.18362.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of drvinst.exe being misused. While drvinst.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
malware-ioc	nukesped_lazarus	.DrvInst.exe``{:.highlight .language-cmhg}	© ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.