home

loader.exe

MD5:
8a56027cdb92cc8835bd21720bf762f9

SHA-1:
f0d0518c3bc8fc91b5c8e40820be713da8e88b16

SHA-256:
fc067a5722416a396134c494d342d5409cea837c46cabfca94d3c2099a839570

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 4:57:19 AM UTC  (today)

File size:
108.2 KB (110,794 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\loader.exe

File PE Metadata
OS bitness:
Win16

CTPH (ssdeep):
768:XlkPdi7+C1hSofKsj+OzsX3LtXdCwYq7ZrzuUiWQRojQOeBNS2:0QpS3t3hdZrzDiWQRojQOeBNS2

Entry point:
4D, 5A, 30, 00, 9D, 00, 03, 00, 20, 00, 00, 00, FF, FF, 5B, 13, 80, 00, 00, 00, 00, 00, 00, 00, 3E, 00, 00, 00, 01, 00, FB, 50, 6A, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, D0, 0E, A3, 04, E8, 0E, A3, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.6706

The file loader.exe has been seen being distributed by the following URL.

http://www.bipom.com/files/mm51c/.../loader.exe

Scan loader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.