home

winload_patched.efi

OS Loader (Prerelease)

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
OS Loader (Prerelease)

Version:
6.4.9841.0 (fbl_release.140912-1613)

MD5:
bc3980669e6a502de64b7ba72abddd06

SHA-1:
e1564c9da5a0b4bae26dd5c43980066104ff29e3

SHA-256:
0260c2b05f77ec66e37e1c4625278ffad3716d43b06657aba91d64faed4affec

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/26/2024 6:10:43 AM UTC  (today)

File size:
1.7 MB (1,789,824 bytes)

Product version:
6.4.9841.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
osloader.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
8/4/2014 11:33:34 PM

Valid to:
4/30/2015 11:33:34 PM

Subject:
CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000001364C4ED9674670DA3B000000000136

File PE Metadata
Compilation timestamp:
9/13/2014 7:15:59 AM

OS bitness:
Win64

Subsystem:

Linker version:
12.10

CTPH (ssdeep):
24576:y4Zsw3jV37YQKD710yXoBAZM8anlRBUYcPWuDomOCam2gs3iHRPQ+aELbcBXQBfx:9snQm7qPBAZmnrcRDDOCat7aPQOICpn

Entry address:
0x6240

Entry point:
48, 89, 5C, 24, 18, 48, 89, 74, 24, 20, 55, 57, 41, 57, 48, 8B, EC, 48, 81, EC, 80, 00, 00, 00, 8B, 79, 34, 83, 65, B0, 00, 48, 83, 65, B8, 00, 0F, 10, 4D, B0, 0F, 11, 4D, E0, 83, 65, C0, 00, 48, 83, 65, C8, 00, 41, BF, 01, 00, 00, 00, 41, B8, 00, 04, 00, 00, 48, 8D, 05, 80, 4A, 17, 00, 48, 03, F9, 44, 89, 45, A8, 44, 89, 7D, A4, C7, 45, A0, 14, 00, 00, 00, C7, 45, AC, 00, 00, 20, 00, 48, 8D, 55, D0, 44, 89, 3F, 0F, 10, 45, A0, C7, 45, E0, 00, 00, 02, 00, 0F, 11, 45, D0, 0F, 10, 45, C0, 44, 89, 7D, D4, 0F...
 
[+]

Code size:
1.5 MB (1,522,688 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.