home

loader.exe

GamingOnSteroids

This is a setup program which is used to install the application. The file has been seen being downloaded from download2003.mediafire.com and multiple other hosts.
Publisher:
GamingOnSteroids

Product:
GamingOnSteroids

Description:
Loader

Version:
2.0.0.0

MD5:
579d96dda6948af934c120dc830b5337

SHA-1:
f990d7de8553e6f8d5a857b70e8be6ecc5270f5c

SHA-256:
6c49f4f76c85e550705a586c25e5ba209a538bbec153e246ce2619cbb0551271

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 8:24:11 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.7400

F-Prot
W32/Downloader.K.gen
v6.4.7.1.166

Vba32 AntiVirus
Malware-Cryptor.General.6
3.12.26.4

File size:
2.5 MB (2,621,440 bytes)

Product version:
2.0.0.0

Original file name:
Loader

File type:
Executable application (Win32 EXE)

Language:
Bulgarian (Bulgaria)

Common path:
C:\users\{user}\downloads\loader.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:aaH/p+LrorXL8OLEKud8jlyhZ1Jjg8AlHb72cizHv7AmK3+7dufpMw1ca9DwF1Du:nH/p4U78OluQIrT88Q772TFK3O4f76aD

Entry address:
0x5D4761

Entry point:
EB, 08, 49, 41, 24, 00, 00, 00, 00, 00, E9, 5F, F0, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
2.4 MB (2,512,896 bytes)

The file loader.exe has been seen being distributed by the following 3 URLs.

http://download2003.mediafire.com/4l91dmdiy2gg/.../Loader.exe

http://goo.gl/BLf2Md

http://gamingonsteroids.com/forum/.../

Scan loader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.