FoxKeDriver64.sys - Vulnerable (78/100) - DriverShield Analysis
Analysis of FoxKeDriver64.sys: vulnerable verdict, risk score 78/100. 2 YARA matches, 0/57 multi-engine detections. SHA256 eb81e127e7a46c80. Kernel imports, IOCTL codes, MITRE ATT&CK, and code-signing details.
FoxKeDriver64.sys - Analysis Report
DriverShield analyzed the Windows kernel driver FoxKeDriver64.sys and assigned a verdict of Vulnerable with a composite risk score of 78/100, indicating a known or likely vulnerability surface (60-79 band).
| Verdict | Vulnerable (78/100) |
| YARA matches | 2 |
| Multi-engine detections | 0 / 57 |
| File size | 22616 bytes |
| Code-signing signer | VeriSign Time Stamping Services Signer - G2 |
| Analyzed | 2026-06-17 |
| SHA256 | eb81e127e7a46c80acdf8a3fc24a350381f24acb06f0fdf9fdcd34ce9b08d084 |
| SHA1 | ec06cb3a837d710f60ed8800c3be650317cb25ae |
| MD5 | 0215d56bfbc9a947b095aff1c31b53ad |
The full report includes the kernel Import Address Table, extracted IOCTL dispatch codes, YARA rule names, MITRE ATT&CK technique mapping, and the Authenticode certificate chain. See the analysis methodology for how the risk score is computed, or browse the driver database for related samples.
Related:
Other drivers signed by VeriSign Time Stamping Services Signer - G2 · Browse the full driver database · CVE library · code signing atlas · BYOVD research index · security glossary
DriverShield © 2025-2026 · Terms · Privacy · Contact