drvinst.exe

  • File Path: C:\WINDOWS\system32\drvinst.exe
  • Description: Driver Installation Module

Hashes

Type Hash
MD5 269E72AD0120CE2217B78B4D2F552E7B
SHA1 E6CD8472FFF2F5927AFC1588D0EB32937B6D4214
SHA256 0F013C349FCE684C14A91D380D6FB936BC2706AB3FBAAC2886097C12BEE6BCDE
SHA384 26143E9DE9A87756758430F3A150624F6A906A27641FA6C9863118B4C660567C031BC8D8259EC69970367E7FC6A26FC0
SHA512 A10CDC3718018329B39D999D32668C2C3113F4E30096627B9B158EE7B556AAB1FA333AAA00A77DC1D48FEC76A5787269F4BA6955D0D917B5BD531B5303A72A7C
SSDEEP 6144:fF0HuO3ynFL/vlO6E1PTsYY9n7Cuib53YAQz+lxQWmbf/A:tquO38jo6E1PTsrZ79ibdRlx9mj/A
IMP 2C750010EFC1FDE3D1B9E744EB43210F
PESHA1 CD869B172602B067922EEA6947B7EDDEABCF493A
PE256 1CDFA5D009BE0A19A5D8FB133982163FEE860995AD482D88AA9DD6A6F0E6E781

Runtime Data

Loaded Modules:

Path
C:\WINDOWS\system32\drvinst.exe
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: DrvInst.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.1 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/0f013c349fce684c14a91d380d6fb936bc2706ab3fbaac2886097c12bee6bcde/detection

Possible Misuse

The following table contains possible examples of drvinst.exe being misused. While drvinst.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .DrvInst.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.