58509acb-50b4-41a0-9de3-76c571a459e3
msio32.sys 
Description
Confirmed vulnerable driver from Microsoft Block List
| Use Case | Privileges | Operating System |
|---|---|---|
| Elevate privileges | kernel | Windows |
Detections
YARA 🏹
Expand
Resources
CVE
Known Vulnerable Samples
| Property | Value |
|---|---|
| Filename | |
| Creation Timestamp | 2018-02-12 00:57:28 |
| MD5 | 9c00a44418a8e719c0034f0d55802693 |
| SHA1 | 7478eb19b453f82ef99734b8aed1e0911aab9d55 |
| SHA256 | c7d4943ddac34e1a38692c624d799e634ad4c4e3ae7e3bb2ae4cf0d8eb8985bc |
| Authentihash MD5 | d7acc8a58b2163f0b070d647e81c49fd |
| Authentihash SHA1 | 0cb0fd5bea730e4eaaec1426b0c15376ccac6d83 |
| Authentihash SHA256 | 0d0962db9dc6879067270134801ad425c1f3e85b0dc39877c02aaa9c54aca14e |
| RichPEHeaderHash MD5 | d1c5b39e151846c2dcb30d3116cba10d |
| RichPEHeaderHash SHA1 | ef12b9e4550f27b0c74b09f9f6c4e1cfa6d757f7 |
| RichPEHeaderHash SHA256 | ace4fba2c26bcc6e806e2ad3abec8dd0852907ccd429053608e3c639a514d1bc |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
Imported Functions
Expand
- ObfDereferenceObject
- ZwUnmapViewOfSection
- IofCompleteRequest
- MmAllocateNonCachedMemory
- MmFreeNonCachedMemory
- Ke386SetIoAccessMap
- ZwOpenSection
- IoGetCurrentProcess
- IoCreateSymbolicLink
- IoCreateDevice
- KeTickCount
- ObReferenceObjectByHandle
- ZwMapViewOfSection
- ZwClose
- DbgPrint
- RtlInitUnicodeString
- IoDeleteSymbolicLink
- Ke386IoSetAccessProcess
- IoDeleteDevice
- WRITE_PORT_USHORT
- WRITE_PORT_UCHAR
- READ_PORT_ULONG
- READ_PORT_USHORT
- READ_PORT_UCHAR
- HalTranslateBusAddress
- WRITE_PORT_ULONG
Exported Functions
Expand
Sections
Expand
- .text
- .rdata
- .data
- INIT
- .reloc
Signature
Expand
last_updated: 2024-09-26