Act as a "stub" that is smaller and less suspicious than the final malware, allowing it to bypass antivirus (AV) or Endpoint Detection and Response (EDR) solutions.
Recent investigations into malware trends have identified a surge in "loader.exe"—a generic filename often used by threat actors to disguise malicious code that infects systems with stealers, ransomware, and remote access trojans (RATs). Loader.exe
Google Ad Leads To SectopRAT - Reverse Engineering and Analysis Act as a "stub" that is smaller and
Malicious loaders like PrivateLoader are used in a "pay-per-install" model to distribute a wide range of malware, from ransomware to rootkits. How to Protect Your System Loader.exe
Download or drop the final, more malicious file (like a ransomware binary or a stealer) onto the victim's computer.