winload.exe

• File Path: C:\windows\system32\winload.exe
• Description: OS Loader

Hashes

Type	Hash
MD5	A4B90B0ABC8C0C4CCABC3485BB91B683
SHA1	34E38A81F1ACF3E55E99CE529660D5914F9751ED
SHA256	218D7BD238755B14CC3CBADA3EA566EC2A1134B0442307385C5010BEF90072BB
SHA384	CDFE8E9A9C15A637FF554E4BE636661BA647EC6D2DB28AFEE618DCC7DCB6BB5FAC4ADAC53F77E1FFE0E3F32D1CD6CF51
SHA512	E03460040AEB88AD334AD241950DB75AE9DFAF977F111C5BEA09EBC76F2350FC3033BA42B179AC7C01245E486396C0AE0FDB1051E7DA3C17BEDA1F233727D213
SSDEEP	24576:1woYsBdRzJ9HXIvYHWuqm1oreMqlzWKEk5xWMOTh1GNo23W5BQ1cBFA:2+1J5IwHbpMqBWKL5x5Oqo21L

Signature

• Status: Signature verified.
• Serial: 330000023241FB59996DCC4DFF000000000232
• Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: osloader.exe
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 6.3.9600.19629 (winblue_ltsb_escrow.200127-1700)
• Product Version: 6.3.9600.19629
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File	Score
C:\windows\system32\Boot\winload.exe	36
C:\windows\system32\Boot\winresume.exe	33
C:\windows\system32\winresume.exe	35

MIT License. Copyright (c) 2020-2021 Strontic.