home

fortiloader.sys

Fortinet FortiClient

Fortinet Technologies (Canada) Inc.

It runs as a Windows kernel mode device driver named “fortiloader”.
Publisher:
Fortinet Inc  (signed by Fortinet Technologies (Canada) Inc.)

Product:
Fortinet FortiClient

Description:
FortiClient Fortiloader Driver

Version:
5.2.6.0664 built by: WinDDK

MD5:
03a6707ea8c3b67b74af732461d514a9

SHA-1:
61aa60214bcdc5c3c8298d204ed372bebedcba53

SHA-256:
24cdae1ce130d3590c4163d459b815c4e99fde1e2715e5b0185ebc7dfca02f31

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/14/2025 11:04:30 PM UTC  (a few moments ago)

File size:
13.6 KB (13,904 bytes)

Product version:
5.2.6.0664

Copyright:
2016 Fortinet Inc. All rights reserved.

Original file name:
fortiloader.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\fortiloader.sys

Digital Signature
Signed by:
Fortinet Technologies (Canada) Inc.

Authority:
Symantec Corporation

Valid from:
7/20/2015 3:00:00 AM

Valid to:
7/20/2018 2:59:59 AM

Subject:
CN=Fortinet Technologies (Canada) Inc., O=Fortinet Technologies (Canada) Inc., L=Burnaby, S=British Columbia, C=CA, SERIALNUMBER=BC0928969, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=British Columbia, OID.1.3.6.1.4.1.311.60.2.1.3=CA

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
171DDEEE8742A7732CE7EA7AFB84E1DF

File PE Metadata
Compilation timestamp:
7/20/2016 10:08:35 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

Entry address:
0x4005

Entry point:
8B, FF, 55, 8B, EC, A1, 0C, 30, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1E, 8B, 15, 18, 20, 01, 00, B8, 0C, 30, 01, 00, C1, E8, 08, 33, 02, A3, 0C, 30, 01, 00, 75, 07, 8B, C1, A3, 0C, 30, 01, 00, F7, D0, A3, 10, 30, 01, 00, 5D, E9, BF, CF, FF, FF, CC, 70, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 18, 41, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 94, 40, 00, 00, AA, 40, 00, 00, BA, 40, 00, 00, C6, 40, 00, 00, DA, 40, 00, 00, E6...
 
[+]

Entropy:
6.4037

Code size:
2.5 KB (2,560 bytes)

Driver
Display name:
fortiloader

Description:
fortiloader driver

Type:
Kernel device driver (KernelDriver)

Group:
Boot Bus Extender


Scan fortiloader.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.