home

7souls_loader.exe

nloader Application

Nival, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from 7souls-updates.nivalnetwork.com.
Publisher:
Nival  (signed by Nival, Inc.)

Product:
nloader Application

Version:
1, 0, 0, 291

MD5:
8d10625e1e99973882cbd776a2cab4cd

SHA-1:
611f64bd9f471fbb11e1a22ee414ca4c8b3c4972

SHA-256:
f2d7a7d8092ed2df2c02653b9f91e4736eb193bb0c3589b0202f11116764b2b4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 7:39:26 PM UTC  (today)

File size:
2.3 MB (2,432,848 bytes)

Product version:
1, 0, 0, 291

Copyright:
Copyright (C) Nival 2012

Original file name:
nloader.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\7souls_loader.exe

Digital Signature
Signed by:
Nival, Inc.

Authority:
Thawte, Inc.

Valid from:
12/12/2011 4:00:00 AM

Valid to:
12/12/2013 3:59:59 AM

Subject:
CN="Nival, Inc.", O="Nival, Inc.", L=Los Angeles, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1B881C15021886A6326611639B86C13A

File PE Metadata
Compilation timestamp:
4/10/2013 6:46:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:GXJfvPUzkobbjZFOSjLnnPaq+ycBl1URV18CV7dbIp/xnU8wRFAxee80SpB4eBTy:0NobRF3sycBlqh3Vmhxacxez0SsetjCJ

Entry address:
0x17149E

Entry point:
E8, FF, F3, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, 58, 0B, 5F, 00, A3, 5C, 0B, 5F, 00, A3, 60, 0B, 5F, 00, A3, 64, 0B, 5F, 00, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 8B, 0D, 64, 69, 5E, 00, 56, 39, 50, 04, 74, 0F, 8B, F1, 6B, F6, 0C, 03, 75, 08, 83, C0, 0C, 3B, C6, 72, EC, 6B, C9, 0C, 03, 4D, 08, 5E, 3B, C1, 73, 05, 39, 50, 04, 74, 02, 33, C0, 5D, C3, FF, 35, 60, 0B, 5F, 00, E8, 72, 7D, 00, 00, 59, C3, 6A, 20, 68, F0, A3, 5C, 00, E8, EE, 9C, 00, 00, 33, FF, 89, 7D, E4, 89, 7D, D8...
 
[+]

Code size:
1.7 MB (1,764,352 bytes)

The file 7souls_loader.exe has been seen being distributed by the following URL.

http://7souls-updates.nivalnetwork.com/7souls_loader_q8c9t7.exe

Scan 7souls_loader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.