home

winload.exe

OS Loader

JG

Publisher:
Microsoft Corporation  (signed by JG)

Product:
Microsoft® Windows® Operating System

Description:
OS Loader

Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)

MD5:
15b914ee441145b46169bdc2fa87116b

SHA-1:
aa32b9cc39018a914d17028fc7623ca4cbd5cdc3

SHA-256:
d38c7a20f3a83322f90dbcf8f129e90f974d3001b046cf5e49f99e560bc8045c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 11:23:37 PM UTC  (a few moments ago)

File size:
489.1 KB (500,840 bytes)

Product version:
6.1.7601.17514

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
osloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\winload.exe

Digital Signature
Signed by:
JG

Authority:
JG Certificate Authority

Valid from:
10/14/2011 11:28:49 PM

Valid to:
10/14/2041 11:28:49 PM

Subject:
CN=JG

Issuer:
CN=JG Certificate Authority

Serial number:
7135B3B519FCF84E6C1E095498329B06

File PE Metadata
Compilation timestamp:
11/20/2010 9:38:21 AM

OS bitness:
Win32

Subsystem:

Linker version:
9.0

CTPH (ssdeep):
12288:ZRJoNPhhM2TvaCAzn1ctf3a9Koj32V8QVhUJiDybd8ljnXqn66:ZRJo142TCv1sVybyX+66

Entry address:
0x1000

Entry point:
8B, FF, 55, 8B, EC, 83, E4, F8, 83, EC, 54, 53, 56, 8B, 75, 08, 8B, 56, 34, 57, 03, D6, 6A, 07, 59, 33, C0, 8B, FA, F3, AB, C7, 02, 01, 00, 00, 00, 8B, 5E, 28, 03, DE, 6A, 08, BF, 84, BB, 46, 00, 8B, F3, 59, 33, C0, F3, A6, 89, 54, 24, 18, 74, 0D, B8, F7, 00, 00, C0, 89, 42, 04, E9, 78, 01, 00, 00, BF, 01, 00, 00, 80, E8, 18, 7B, 00, 00, 84, C0, 74, 1C, 8D, 44, 24, 20, 50, 6A, 00, 57, E8, 7E, 73, 04, 00, F7, 44, 24, 2C, 00, 00, 10, 00, C6, 44, 24, 13, 01, 75, 05, C6, 44, 24, 13, 00, 33, FF, 47, E8, EB, 7A...
 
[+]

Code size:
398 KB (407,552 bytes)

Scan winload.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.