» loader.exe
Overview
Analysis
File Details
Programs (1)

loader.exe

ExploitShield

ZeroVulnerabilityLabs, Inc.

This is installed with ZeroVulnerabilityLabs ExploitShield version 0.8.1 beta.

File name:

loader.exe

Publisher:

ZeroVulnerabilityLabs, Inc. (signed and verified)

Product:

ExploitShield

Description:

ExploitShield Loader

Version:

1.0.0.1

MD5:

d23b1e1f79827e4fb845c0d2c1a42e6f

SHA-1:

609c351ad357a49c67630ccd55c692bba097c936

SHA-256:

93b91c37f042f6a1c4a33929e804a0fdb9dfb04b4fafc042f2848453fe92ce60

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/12/2025 10:53:38 PM UTC (today)

File size:

51.7 KB (52,952 bytes)

Product version:

1.0.0.1

Original file name:

Loader

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\Program Files\zerovulnerabilitylabs\exploitshield\loader.exe

Digital Signature

Signed by:

ZeroVulnerabilityLabs, Inc.

Authority:

DigiCert Inc

Valid from:

5/28/2012 7:00:00 PM

Valid to:

6/3/2013 7:00:00 AM

Subject:

CN="ZeroVulnerabilityLabs, Inc.", O="ZeroVulnerabilityLabs, Inc.", L=San Jose, S=California, C=US

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

07CA76C80E17FD2CA42587E9B14D22CE

File PE Metadata

Compilation timestamp:

9/16/2012 7:59:50 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

768:5+xpW2jibI2ZZ0+PeeXUenxU0ee+ukaKgH:59XIc0NeXUekYh

Entry address:

0x110C3

Entry point:

E9, 88, 2F, 00, 00, E9, 23, 2E, 00, 00, E9, 78, 4B, 00, 00, E9, A3, 2A, 00, 00, E9, 48, 2E, 00, 00, E9, 2F, 2B, 00, 00, E9, 98, 2D, 00, 00, E9, 15, 3D, 00, 00, E9, 3C, 4B, 00, 00, E9, A3, 42, 00, 00, E9, 76, 10, 00, 00, E9, 97, 2D, 00, 00, E9, B8, 4B, 00, 00, E9, 33, 45, 00, 00, E9, 76, 2D, 00, 00, E9, 85, 4B, 00, 00, E9, 86, 2A, 00, 00, E9, D3, 3A, 00, 00, E9, FE, 2C, 00, 00, E9, 19, 43, 00, 00, E9, 3C, 2A, 00, 00, E9, 5B, 4B, 00, 00, E9, 32, 4B, 00, 00, E9, BF, 3E, 00, 00, E9, A0, 2C, 00, 00, E9, 5B, 37... 
[+]

Entropy:

5.3817

Developed / compiled with:

Microsoft Visual C++ 8.0 (Debug)

Code size:

23 KB (23,552 bytes)

The file loader.exe has been discovered within the following program.

ZeroVulnerabilityLabs ExploitShield version 0.8.1 beta by ZeroVulnerabilityLabs

Publisher's description - “Every week new financial, state-sponsored and commercial espionage targeted attacks are discovered. These sophisticated advanced persistent threats use arsenals of vulnerability exploits that are weaponized to steal confidential information and trade secrets.”

www.zerovulnerabilitylabs.com

About 13% of users remove it

Scan loader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.