drvinst.exe

  • File Path: C:\Windows\system32\drvinst.exe
  • Description: Driver Installation Module

Hashes

Type Hash
MD5 7CE4D740E3B60338CB4ABDEA9744371C
SHA1 5AEDE130F364410373B91D10FC767F2C32B1D5C9
SHA256 FA4BE1F424EC5B2D68C54652C3ED3E9C0189F5B4E1BE532B07807E2817B03F2D
SHA384 C79507A9628FC1979DFCC660946F8D9AE2D185E02BA751BC407FC17C649A47870E92E35D262904E16F8171AE5FFB8E41
SHA512 074382CAD5D5F43CF2302FFBAB6677B437023F73FD47C7ED91C273C57D37B453C0E4DF636CD89898B8D8661AE4A80FC1D5E449F98E2B0AF671C60DE3386C7E5F
SSDEEP 6144:Md+YnIoLzaX8Bx8iW+ACHgpGh++IOWjYTll:e+EIwzRv8f+ACAsh0OWjYJl
IMP C403B07CA1498FF165F2D0545FAF0C57
PESHA1 F2E3357691E712BCF511B0D0885641F72A8F1FA4
PE256 F5EA3C8D2FDA2220EF37F595D2E395B11430E701F57E94811DE00ACB0037D264

Runtime Data

Loaded Modules:

Path
C:\Windows\system32\drvinst.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: DrvInst.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/76
  • VirusTotal Link: https://www.virustotal.com/gui/file/fa4be1f424ec5b2d68c54652c3ed3e9c0189f5b4e1be532b07807e2817b03f2d/detection

Possible Misuse

The following table contains possible examples of drvinst.exe being misused. While drvinst.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .DrvInst.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.