winload.exe

File Path: C:\Windows\system32\winload.exe
Description: OS Loader

Hashes

Type	Hash
MD5	`4BD3DA89F470D7940C9DA5F5D992148D`
SHA1	`3C8BCC0DDF13F3BF8BB6D88ED79A2258DBFCD8AA`
SHA256	`5B2AEBAECAC16325CB6E123F06AC882C7C9ADEF6287D2E596F535C24861D6CBB`
SHA384	`9E2D87D96C96FA17ECDAC351BD9D3486F53933986B659E8740D1CDEE0988E848AA798935E9A86520400243A1C54A24D5`
SHA512	`7325E3357CAF17921F857C76A2A011B91E8593B236758077746547471CA2A4DB5FFE436AE9D3B87AC8FB297EE9B3FB178C43B27247313B39583B539F39F0C513`
SSDEEP	`24576:Hwp/jMxeIRsrsLNt2DT32e3tISfi2gD1KPm2+7ly+E+KOXPK4KoI5S+8:HwpwRZm62/m20pPK4faC`
PESHA1	`01F9FD7EEB1A90849F500E7B7AF3AA2EDD39A11D`
PE256	`9983A9945050BBE24B3BAF1D5E7DBC884408E69AF9E7E55DF547B608B25DCE12`

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: osloader.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.546 (WinBuild.160101.0800)
Product Version: 10.0.19041.546
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/75
VirusTotal Link: https://www.virustotal.com/gui/file/5b2aebaecac16325cb6e123f06ac882c7c9adef6287d2e596f535c24861d6cbb/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\Boot\winload.exe	100

MIT License. Copyright (c) 2020-2021 Strontic.