[lwf]

There are a bunch of reasons this could've happened -- corrupted downloads are not unheard of on poor connections. Maybe the file was truncated.

Or maybe it was the NSA. Without any further analysis, this isn't particularly noteworthy.

[wolfgke]

The first step is to detect the wrong signature. The next step is to compare the files to see whether truncation, bitswap etc. happened or whether the manipulation went deeper. Or for the more paranoid people: See what dangerous attack code can be introduced into the software by such an innocent-looking manipulation and whether the modification that happened did introduce such an exploit or not.

[djsumdog]

You can those questions in the reply thread (Is it the right file size? Can you mount it?)

This will only be interesting if it isn't just a corrupted image. If it isn't a corrupt image, I hope there a follow-up with a diff-tree between the two.