drvinst.exe

  • File Path: C:\Windows\system32\drvinst.exe
  • Description: Driver Installation Module

Hashes

Type Hash
MD5 14ABEDA67965D38555E35B1A09315CFD
SHA1 37F857F6A6CCDBEC61A1420F86874B1F1320F960
SHA256 E14F9DD7D33F19F7ECE9BD23B239043CCC41CFF0BD2CA0CC5B15EF66DD82C7D8
SHA384 13E9C4DEE55C34610E22DA03E722F915F09FDA9998C0DA3613BF8F51D5256E4D2BE4AEB13B77B32EA5CFD4A04D77ECA0
SHA512 F663F7A78E6155059B454EB955AE672EEFF5B3B83FEDF13AA03F1AEA6EA3834202B25037997F0F0549ED5ADAFD3605B3302A7C9BD199AB6BEF361472D7B3201A
SSDEEP 6144:DS0KCMjkeQhgYXnjtx/YyqR8ovhVgBD3+XFQsGfTl3JJ:WFRQdnjXAyqWovhySFnGfJZ
IMP A731DE6D9DA28E5FE6670C4FA7835CE5
PESHA1 9FC7F105E2A5DCF461AF3C566F87D045AE1C7949
PE256 AB85D8544CE976C94877A0E080124FE447B5A57867F21FC0E54374116BEF2F8F

Runtime Data

Loaded Modules:

Path
C:\Windows\system32\drvinst.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: DrvInst.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.662 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.662
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/75
  • VirusTotal Link: https://www.virustotal.com/gui/file/e14f9dd7d33f19f7ece9bd23b239043ccc41cff0bd2ca0cc5b15ef66dd82c7d8/detection

Possible Misuse

The following table contains possible examples of drvinst.exe being misused. While drvinst.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .DrvInst.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.