winload.exe

File Path: C:\Windows\system32\winload.exe
Description: OS Loader

Hashes

Type	Hash
MD5	`EF12F554C0A52C9E4663C75148E8E47D`
SHA1	`F5131C79B736B756C6CD6A0FC13D165B2BE9A45F`
SHA256	`892FA34D5E304C7F23BFBD1A89A1DFCEDD3C80C4282DA406D4009456920FF450`
SHA384	`57D044B01D146520A7023A5C600027FD9CA3CA5BA9FEB9C4FC77089805153384A0E5C342AC87F6C5EE60E843CB85D5D6`
SHA512	`755021DCFC5B32A6469C9D5DF34F00253F9C5FD9FB01B40EFD272EDB87F8D80F87EED86846F50D57C3DECB81DCECC626D718C351B102321D894474D09951696F`
SSDEEP	`24576:AaOVkhh9sW+UFPNeG1gtzR+1Ap4qiXlPmVHl2nOiFcRnMX6JCEyb/:AaOAnfzWpQmV1RMXv`
PESHA1	`B41DFCE6B851EBDB32F61901A095D095D67C80E5`
PE256	`D0CCFBF33D2CEC74F5344BC94290DA10629911EBF288E073845BF056BF3A1AD8`

Signature

Status: Signature verified.
Serial: 33000002EC6579AD1E670890130000000002EC
Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: osloader.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1320 (WinBuild.160101.0800)
Product Version: 10.0.19041.1320
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/73
VirusTotal Link: https://www.virustotal.com/gui/file/892fa34d5e304c7f23bfbd1a89a1dfcedd3c80c4282da406d4009456920ff450/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\Boot\winload.exe	100

MIT License. Copyright (c) 2020-2021 Strontic.