winload.exe

• File Path: C:\windows\system32\Boot\winload.exe
• Description: OS Loader

Hashes

Type	Hash
MD5	18EE6AA6B8AB69F2B94ACB15CE1EF71B
SHA1	DEAF0514A9A6B4376388B40F5079E277112B5897
SHA256	4F612367ACFF85A1D70EFC0458231CFC47FDC567F98C3832E7D032E46EAD31BA
SHA384	00914D2FAB579D749DF5AE9492BB5E89C4029C23BDC488ECAE9FF941530A0697F1E2EE1625886B39322102C117DF2DD4
SHA512	23DE758A318CE638CD69D2A98BB18FA88F103634C5160E7FF41FC5DD28694886E983996F80E230591202A309A6D534B29789B7D8FDAB9C52AD1F07EFA472AA29
SSDEEP	24576:4ct4dJBZ0s3998lOSe9IbMLnDgR6ZsKM85xWMOTh1GAQb2gVBBQAcBY8ojqS:wj0Q8lzVbwsResK75x5OPQbWAp

Signature

• Status: Signature verified.
• Serial: 33000001C422B2F79B793DACB20000000001C4
• Thumbprint: AE9C1AE54763822EEC42474983D8B635116C8452
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: osloader.exe
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 6.3.9600.19345 (winblue_ltsb.190406-0600)
• Product Version: 6.3.9600.19345
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File	Score
C:\windows\system32\Boot\winresume.exe	30
C:\windows\system32\winload.exe	36
C:\windows\system32\winresume.exe	33

MIT License. Copyright (c) 2020-2021 Strontic.