winload.exe

File Path: C:\Windows\system32\winload.exe
Description: OS Loader

Hashes

Type	Hash
MD5	`5FE7EDEF3632AA57B80C3F0EAAC591E3`
SHA1	`60D9BFF6A349632E6409CF0C9BF308D61B0B429C`
SHA256	`0E2DB883E483794631804947D433F29D0D469C9585935E052166076C71BA4495`
SHA384	`A867C8F94F53C4A30E864C0F6E92F491A4622BBF65ED95DDD8FAC7963813ED9CFC3D685869E3BB8276CB170ACBFE8651`
SHA512	`D553272A1B2AF5070D13928C909BD5AC37AF26ECE458F791F712B40E3CD5D6DE3A6F07DE6CEA88FDE06697DB9095166A80F1AD87CD62ED6E46018E87B19D6C6A`
SSDEEP	`24576:bYubtHAB35alfGc7z5tZR8H1ylp9IVmJPmqd7pktYzpM2K7W6J4DOVD:bY30LbD9ZmqxM5WC`
PESHA1	`2C61C614D6B7B96BD6CC2FFA73B5AB9C5776B77D`
PE256	`A57E1B5C30A198B26BD3F00A9A0694EFF13C13A411672F11298EEC9BA889DC8F`

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: osloader.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.662 (WinBuild.160101.0800)
Product Version: 10.0.19041.662
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/76
VirusTotal Link: https://www.virustotal.com/gui/file/0e2db883e483794631804947d433f29d0d469c9585935e052166076c71ba4495/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\Boot\winload.exe	100

MIT License. Copyright (c) 2020-2021 Strontic.