drvinst.exe

  • File Path: C:\Windows\system32\drvinst.exe
  • Description: Driver Installation Module

Hashes

Type Hash
MD5 D433E04D84BD440BE8EF7AD6049EFB65
SHA1 2DE3263C0AAC35367B7DB9DE2B2CA05F20068A52
SHA256 4F26A96F6533A909C74A369E98D8909D966A1C3B5FA8E1F775E9B4777150A08C
SHA384 34F9D17DC60510B85D83C01FB0D4C060AEFD36C6D74CAF33885D98811757C66B32A6EE066DC08868586A6BC7E877D6E0
SHA512 2E25E50B7717A6E8AFBDC13E34BAF8F40AADBA5AC59BAAD327F8DBC66F5B65C59EE6A76B6F8994931ACA2F5814A6779C946343D2AA1BF8B86FEE5B65A05EE2DD
SSDEEP 6144:ip5oi1C9HWVWDfD6NdoAC5pwIikg5+PVj1TTlu:Xi1ccWD76f3C5pw491TJu
IMP 37C2EEFB3520B215B888C1EC5675E7BD
PESHA1 EE59308EB6F44BB2A6D0FF03039208386BABDAB1
PE256 93797289666AA74BB459EA5367E19324E72316DA97C5057188FB71913A0A25A7

Runtime Data

Loaded Modules:

Path
C:\Windows\system32\drvinst.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002EC6579AD1E670890130000000002EC
  • Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: DrvInst.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1202 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1202
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/4f26a96f6533a909c74a369e98d8909d966a1c3b5fa8e1f775e9b4777150a08c/detection

Possible Misuse

The following table contains possible examples of drvinst.exe being misused. While drvinst.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .DrvInst.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.