home

osloadw8.exe

OS Loader

SLI

Publisher:
Microsoft Corporation  (signed by SLI)

Product:
Microsoft® Windows® Operating System

Description:
OS Loader

Version:
6.2.9200.16384 (win8_rtm.120725-1247)

MD5:
3fe2ffd2fadeef162e74f28c2d6abd4d

SHA-1:
1baa53ca7d143d7c04e6a2e05aa1e88a54b24e45

SHA-256:
8a305ab7b3927f572547504bef666ab3edde66c7f7407fa6ad8352a9572f6581

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 1:12:43 PM UTC  (today)

File size:
1.2 MB (1,270,144 bytes)

Product version:
6.2.9200.16384

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
osloader.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\wloaders\x64\eight2012\9200\osloadw8.exe

Digital Signature
Signed by:
SLI

Authority:
SLI

Valid from:
7/31/2011 7:52:10 AM

Valid to:
12/31/2039 11:59:59 PM

Subject:
CN=SLI

Issuer:
CN=SLI

Serial number:
B6D73A057CC856B648BA07BC372E9934

File PE Metadata
Compilation timestamp:
7/26/2012 3:32:58 AM

OS bitness:
Win64

Subsystem:

Linker version:
10.10

CTPH (ssdeep):
24576:tu1lSW9bpuUQ184m1BRSmfMDzkFNAyTVLh4LajXu/B+6nBAGl:KnZQKFKmfaQFN/Lh4LajbZ4

Entry address:
0x11B8

Entry point:
48, 89, 5C, 24, 10, 48, 89, 7C, 24, 18, 55, 48, 8B, EC, 48, 81, EC, 80, 00, 00, 00, 8B, 79, 34, 83, 65, B0, 00, 48, 83, 65, B8, 00, 83, 65, C0, 00, 48, 83, 65, C8, 00, 48, 03, F9, 48, 8B, D9, 48, 8D, 55, A0, 48, 8D, 4D, D0, 41, B8, 30, 00, 00, 00, C7, 07, 01, 00, 00, 00, C7, 45, A0, 14, 00, 00, 00, C7, 45, A4, 01, 00, 00, 00, C7, 45, A8, 00, 04, 00, 00, C7, 45, AC, 00, 00, 20, 00, E8, 23, 9A, 0F, 00, 4C, 8D, 1D, 04, 8A, 10, 00, 48, 8D, 55, D0, 48, 8B, CB, 4C, 89, 5D, F8, C7, 45, D4, 01, 00, 00, 00, C7, 45...
 
[+]

Entropy:
6.4427

Code size:
1 MB (1,052,160 bytes)

Scan osloadw8.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.