free_usb_disk_security.exe

Free USB Disk Security

AVD SOFT, Inc.

The executable free_usb_disk_security.exe, “Free USB Disk Security Setup ” has been detected as malware by 9 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from free-usb-disk-security.en.softonic.com.
Publisher:
AVD SOFT, Inc.

Product:
Free USB Disk Security

Description:
Free USB Disk Security Setup

MD5:
17df882a9ad96512dcf1f5a897e061c3

SHA-1:
85da68ebf04b0e844e8c0a73e37a8f16d985dbe2

SHA-256:
0aa947e54e744c101ef57c858b235a5d1f7bac7ac899d1fa51e56f85ac73f2ba

Scanner detections:
9 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
12/25/2024 2:48:25 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

Dr.Web
Win32.Sector.30
9.0.1.05190

Emsisoft Anti-Malware
Win32.Sality
11.5.0.6191

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Kaspersky
Virus.Win32.Sality
15.0.0.562

McAfee
Virus.W32/Sality.gen.z
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.2544.0

Norman
Win32.Sality.3
28.05.2016 15:32:18

File size:
1.3 MB (1,406,656 bytes)

Product version:
2.1

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\free_usb_disk_security.exe

File PE Metadata
Compilation timestamp:
1/15/2016 3:22:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:dxG12uoH9cDLxZ5D9DIh0q7xliBmojLi76SR4GbCBVLj9o6k1vh/BZS0hUX:2QS3ghL7PiK7tdbC/fmDJo

Entry address:
0x113BC

Entry point:
21, ED, 70, 12, 8D, 05, 5A, 98, EF, 8D, 80, DD, 98, FE, C2, C7, C6, A0, DA, 30, 5D, 41, 0F, AF, D3, 0F, BE, CD, 35, 3C, C1, 5C, 0C, 84, FE, 68, BF, 01, 00, 00, 81, FE, 36, 67, 00, 00, 70, 06, 8B, C5, 88, DB, 89, C6, 5F, 3B, C3, 71, 05, 0F, B6, F2, 24, 5A, 81, EF, BF, 01, 00, 00, F7, D2, 28, C1, 81, FF, D5, 73, 00, 00, 77, 02, 0F, CA, 8D, 35, 7B, F4, FF, FF, 69, C9, 09, 99, 9B, 3A, 81, C6, D1, 03, 00, 00, 0F, C9, 3B, D1, 84, C4, B8, 43, 76, 01, 00, 4A, 35, D4, DB, 00, 00, 00, FD, 35, 97, AD, 01, 00, 8B, C6...
 
[+]

Entropy:
7.9436  (probably packed)

Code size:
63.5 KB (65,024 bytes)

The file free_usb_disk_security.exe has been seen being distributed by the following URL.

Remove free_usb_disk_security.exe - Powered by Reason Core Security