d9e9fab2-6b64-4c14-b1ec-7af1923c0773

AccelLid.sys

Description

Northwave Cyber Security contributed this driver based on in-house research. The driver has a CVSSv3 score of 5.5, indicating a localdos impact. This vulnerability could potentially be exploited for privilege escalation or other malicious activities.

UUID: d9e9fab2-6b64-4c14-b1ec-7af1923c0773
Created: 2024-09-11
Author: Northwave Cyber Security
Acknowledgement: Northwave Cyber Security |

Download

This download link contains the vulnerable driver!

Commands

sc.exe create AccelLid.sys binPath=C:\windows\temp\AccelLid.sys type=kernel &amp;&amp; sc.exe start AccelLid.sys

Use Case	Privileges	Operating System
Elevate privileges	kernel	Windows 10

Detections

YARA 🏹

Expand

Exact Match

with header and size limitation

Threat Hunting

without header and size limitation

Renamed

for renamed driver files

Sigma 🛡️

Expand

Names

detects loading using name only

Hashes

detects loading using hashes only

Sysmon 🔎

Expand

Block

on hashes

Alert

on hashes

Resources

Known Vulnerable Samples

Property	Value
Filename	AccelLid.sys
Creation Timestamp
MD5	833becd0e4abc9cfff8c835694694f80
SHA1
SHA256

Download

Imports

Expand

Imported Functions

Expand

Exported Functions

Expand

Sections

Expand

Signature

Expand

source

last_updated: 2026-04-23

d9e9fab2-6b64-4c14-b1ec-7af1923c0773

AccelLid.sys

Description

Block AccelLid.sys across your endpoints

Commands

Detections

YARA 🏹

Sigma 🛡️

Sysmon 🔎

Resources

Known Vulnerable Samples

Imports

Imported Functions

Exported Functions

Sections

Signature