» global loader.exe
Overview
Analysis
File Details

global loader.exe

SmartFTP Client

The executable global loader.exe has been detected as malware by 28 anti-virus scanners.

File name:

global loader.exe

Publisher:

Tomb Raider: Anniversary (signed by SmartFTP Client)

Product:

Tomb Raider: Anniversary

Version:

1.0.9

MD5:

5848743d7c5f0d89603a210ee8b61e48

SHA-1:

8bb51a98535d37621684ed9f3dbcee581fdd6604

SHA-256:

98b64734e2ce0c69363e005a1ff990805dce6e32f27e2ae3d099e3e79ac67531

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

1/13/2025 4:38:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.MSIL.Androm.3

-39

AegisLab AV Signature

Troj.W32.Gen.lXhm

2.1.4+

AhnLab V3 Security

Trojan/Win32.Injector.R154309

3.8.2.16

Avira AntiVirus

TR/Inject.owpanjt

8.3.3.4

Arcabit

Trojan.MSIL.Androm.3

1.0.0.793

avast!

MSIL:GenMalicious-DZ [Trj]

2014.9-170314

AVG

MSIL4

2018.0.2439

Baidu Antivirus

MSIL.Trojan.Injector

4.0.3.17314

Bitdefender

Gen:Heur.MSIL.Androm.3

1.0.20.365

Dr.Web

BackDoor.Comet.1783

9.0.1.073

Emsisoft Anti-Malware

Gen:Heur.MSIL.Androm

8.17.03.14.02

ESET NOD32

MSIL/Injector.ESI (variant)

11.14766

Fortinet FortiGate

MSIL/Injector.ESI!tr

3/14/2017

F-Prot

W32/S-5ee74cca

v6.4.7.1.166

F-Secure

Gen:Heur.MSIL.Androm.3

11.2017-14-03_3

G Data

Gen:Heur.MSIL.Androm

17.3.25

IKARUS anti.virus

Trojan.MSIL4

0.1.3.4

K7 AntiVirus

Trojan

13.248.22099

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-1308

Malwarebytes

Backdoor.Agent.TMPGen

v2017.03.14.02

McAfee

Artemis!5848743D7C5F

5600.6095

Microsoft Security Essentials

Trojan:MSIL/Toauta

1.1.13407.0

MicroWorld eScan

Gen:Heur.MSIL.Androm.3

18.0.0.219

NANO AntiVirus

Trojan.Win32.Comet.dfkpgi

1.0.70.14475

Panda Antivirus

Trj/CI.A

17.03.14.02

Qihoo 360 Security

Win32/Trojan.1f1

1.0.0.1120

Sophos

Troj/MSILInj-HE

4.98

VIPRE Antivirus

Trojan.MSIL.Toauta.b

55210

File size:

85.9 KB (87,944 bytes)

Product version:

1.0.9

Trademarks:

Crystal Dynamics(R), the Crystal Dynamics(R) logo and the Eidos(R) logo are registered trademarks of the Eidos Group of Companies

Original file name:

server.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Digital Signature

Signed by:

SmartFTP Client

Authority:

SmartFTP Client

Valid from:

1/2/2014 10:56:32 AM

Valid to:

1/2/2114 10:56:32 AM

Subject:

CN=SmartFTP Client

Issuer:

CN=SmartFTP Client

Serial number:

6C7C1723381A15A44161851A894BF545

File PE Metadata

Compilation timestamp:

1/13/2017 8:57:34 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

Entry address:

0x15E0E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

80 KB (81,920 bytes)

Remove global loader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.