WinFlash64.sys - Vulnerable (72/100) - DriverShield Analysis
Analysis of WinFlash64.sys: vulnerable verdict, risk score 72/100. 2 YARA matches, 1/75 multi-engine detections. SHA256 316a27e2bdb86222. Kernel imports, IOCTL codes, MITRE ATT&CK, and code-signing details.
WinFlash64.sys - Analysis Report
DriverShield analyzed the Windows kernel driver WinFlash64.sys and assigned a verdict of Vulnerable with a composite risk score of 72/100, indicating a known or likely vulnerability surface (60-79 band).
| Verdict | Vulnerable (72/100) |
| YARA matches | 2 |
| Multi-engine detections | 1 / 75 |
| File size | 13120 bytes |
| Code-signing signer | VeriSign Time Stamping Services CA |
| Analyzed | 2026-03-24 |
| SHA256 | 316a27e2bdb86222bc7c8af4e5472166b02aec7f3f526901ce939094e5861f6d |
| SHA1 | 48be0ec2e8cb90cac2be49ef71e44390a0f648ce |
| MD5 | a216803d691d92acc44ac77d981aa767 |
The full report includes the kernel Import Address Table, extracted IOCTL dispatch codes, YARA rule names, MITRE ATT&CK technique mapping, and the Authenticode certificate chain. See the analysis methodology for how the risk score is computed, or browse the driver database for related samples.
Related:
Other drivers signed by VeriSign Time Stamping Services CA · Browse the full driver database · CVE library · code signing atlas · BYOVD research index · security glossary
DriverShield © 2025-2026 · Terms · Privacy · Contact