828bb9cb1dd449cd65a29b18ec4605... - Malicious (88/100) - DriverShield Analysis
Analysis of 828bb9cb1dd449cd65a29b18ec46055f.sys: malicious verdict, risk score 88/100. 3 YARA matches, 1/76 multi-engine detections. SHA256 3ec5ad51e6879464. Kernel imports, IOCTL codes, MITRE ATT&CK, and code-signing details.
828bb9cb1dd449cd65a29b18ec46055f.sys - Analysis Report
DriverShield analyzed the Windows kernel driver 828bb9cb1dd449cd65a29b18ec46055f.sys and assigned a verdict of Malicious with a composite risk score of 88/100, indicating malicious indicators (80-100 band).
| Verdict | Malicious (88/100) |
| YARA matches | 3 |
| Multi-engine detections | 1 / 76 |
| File size | 12152 bytes |
| Code-signing signer | VeriSign Time Stamping Services Signer - G2 |
| Analyzed | 2026-03-23 |
| SHA256 | 3ec5ad51e6879464dfbccb9f4ed76c6325056a42548d5994ba869da9c4c039a8 |
| SHA1 | 558aad879b6a47d94a968f39d0a4e3a3aaef1ef1 |
| MD5 | 828bb9cb1dd449cd65a29b18ec46055f |
The full report includes the kernel Import Address Table, extracted IOCTL dispatch codes, YARA rule names, MITRE ATT&CK technique mapping, and the Authenticode certificate chain. See the analysis methodology for how the risk score is computed, or browse the driver database for related samples.
Related:
Other drivers signed by VeriSign Time Stamping Services Signer - G2 · Browse the full driver database · CVE library · code signing atlas · BYOVD research index · security glossary
DriverShield © 2025-2026 · Terms · Privacy · Contact