354a9fcf-acf1-4151-94d2-af88116f605c
piddrv.sys
We were not able to verify the hash of this driver successfully, it has not been confirmed.
Description
piddrv.sys is a vulnerable driver and more information will be added as found.
- UUID: 354a9fcf-acf1-4151-94d2-af88116f605c
- Created: 2023-01-09
- Author: Michael Haag
Block piddrv.sys across your endpoints
Add this driver to your block policy in minutes with MagicSword, threat-driven application control. Free for up to 100 endpoints.
Start Blocking for FreeCommands
sc.exe create piddrv.sys binPath=C:\windows\temp\piddrv.sys type=kernel && sc.exe start piddrv.sys
| Use Case | Privileges | Operating System |
|---|---|---|
| Elevate privileges | kernel | Windows 10 |
Detections
YARA 🏹
Expand
with header and size limitation
without header and size limitation
for renamed driver files
Resources
Known Vulnerable Samples
| Property | Value |
|---|---|
| Filename | piddrv.sys |
| Creation Timestamp | |
| MD5 | |
| SHA1 | |
| SHA256 | |
| Authentihash MD5 | |
| Authentihash SHA1 | 877c6c36a155109888fe1f9797b93cb30b4957ef |
| Authentihash SHA256 | 4e19d4ce649c28dd947424483796beace3656284fb0379d97dddd320aa602bbc |
Imports
Expand
Imported Functions
Expand
Exported Functions
Expand
Sections
Expand
Signature
Expand
| Property | Value |
|---|---|
| Filename | piddrv.sys |
| Creation Timestamp | |
| MD5 | |
| SHA1 | |
| SHA256 | |
| Authentihash MD5 | |
| Authentihash SHA1 | 877c6c36a155109888fe1f9797b93cb30b4957ef |
| Authentihash SHA256 | 4e19d4ce649c28dd947424483796beace3656284fb0379d97dddd320aa602bbc |
Imports
Expand
Imported Functions
Expand
Exported Functions
Expand
Sections
Expand
Signature
Expand
last_updated: 2026-04-28