Skip to content
MalwareWiki

Loader

FastLoader

FastLoader is a small .NET downloader, which name comes from PDB strings seen in samples.

FastLoader is a Windows loader.

Background

FastLoader is a compact .NET downloader whose name derives from PDB strings found in its samples. Its usual payload is TrickBot. The malware can enumerate running processes and exfiltrate that list along with screenshots. Later builds add basic anti-analysis measures such as VM detection, as well as string obfuscation.

Source: Malpedia (Fraunhofer FKIE).