75a933b4-82d8-4eb8-8ed5-a0a2178630a3
fiddrv.sys
We were not able to verify the hash of this driver successfully, it has not been confirmed.
Description
fiddrv.sys is a vulnerable driver and more information will be added as found.
- UUID: 75a933b4-82d8-4eb8-8ed5-a0a2178630a3
- Created: 2023-01-09
- Author: Michael Haag
Block fiddrv.sys across your endpoints
Add this driver to your block policy in minutes with MagicSword, threat-driven application control. Free for up to 100 endpoints.
Start Blocking for FreeCommands
sc.exe create fiddrv.sys binPath=C:\windows\temp\fiddrv.sys type=kernel && sc.exe start fiddrv.sys
| Use Case | Privileges | Operating System |
|---|---|---|
| Elevate privileges | kernel | Windows 10 |
Detections
YARA 🏹
Expand
with header and size limitation
without header and size limitation
for renamed driver files
Resources
Known Vulnerable Samples
| Property | Value |
|---|---|
| Filename | fiddrv.sys |
| Creation Timestamp | |
| MD5 | |
| SHA1 | |
| SHA256 | |
| Authentihash MD5 | |
| Authentihash SHA1 | 8cc8974a05e81678e3d28acfe434e7804abd019c |
| Authentihash SHA256 | 97b976f7e7e5df7af0781bbbb33cb5f3f7a59efdd07995253b31de8123352a67 |
Imports
Expand
Imported Functions
Expand
Exported Functions
Expand
Sections
Expand
Signature
Expand
| Property | Value |
|---|---|
| Filename | fiddrv.sys |
| Creation Timestamp | |
| MD5 | |
| SHA1 | |
| SHA256 | |
| Authentihash MD5 | |
| Authentihash SHA1 | 8cc8974a05e81678e3d28acfe434e7804abd019c |
| Authentihash SHA256 | 97b976f7e7e5df7af0781bbbb33cb5f3f7a59efdd07995253b31de8123352a67 |
Imports
Expand
Imported Functions
Expand
Exported Functions
Expand
Sections
Expand
Signature
Expand
last_updated: 2026-05-04