HW.sys - Vulnerable (78/100) - DriverShield Analysis
Analysis of HW.sys: vulnerable verdict, risk score 78/100. 3 YARA matches, 0/76 multi-engine detections. SHA256 0483b32f9544e9c3. Kernel imports, IOCTL codes, MITRE ATT&CK, and code-signing details.
HW.sys - Analysis Report
DriverShield analyzed the Windows kernel driver HW.sys and assigned a verdict of Vulnerable with a composite risk score of 78/100, indicating a known or likely vulnerability surface (60-79 band).
| Verdict | Vulnerable (78/100) |
| YARA matches | 3 |
| Multi-engine detections | 0 / 76 |
| File size | 53336 bytes |
| Code-signing signer | Microsoft Windows Hardware Compatibility Publisher |
| Analyzed | 2026-03-23 |
| SHA256 | 0483b32f9544e9c3cc3f206e7bc983ea83f5a9ca44864f2af9b8fc10ff45949f |
| SHA1 | 01e74172e10d8b5f589e26ee8e3e4aec485edc6f |
| MD5 | 9347fbeeaf917fc4a1d64a0b4d61187a |
The full report includes the kernel Import Address Table, extracted IOCTL dispatch codes, YARA rule names, MITRE ATT&CK technique mapping, and the Authenticode certificate chain. See the analysis methodology for how the risk score is computed, or browse the driver database for related samples.
Related:
Other drivers signed by Microsoft Windows Hardware Compatibility Publisher · Browse the full driver database · CVE library · code signing atlas · BYOVD research index · security glossary
DriverShield © 2025-2026 · Terms · Privacy · Contact