» sd-formatter.exe
Overview
Analysis
File Details
Downloads (4)

sd-formatter.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dlgbit.winfuture.de and multiple other hosts.

File name:

sd-formatter.exe

MD5:

73dfcbcd9f970bb4e57c7dce84463f38

SHA-1:

83e49cbe2dd1dac8f0b802dde0f4612d167383e7

SHA-256:

823eeb78b8574d505bae7c37c246fa6388f4f0698e703f08d711c14b91d4f08a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 10:33:17 AM UTC (today)

File size:

6 MB (6,286,748 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\sd-formatter.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

98304:diGhx6W6OiZkRfC1wApwc2j7yMLkRnamU2IywhvqKT3PCU6VzIWiPry38BfJjm6k:d74OiZk9BApwt7XkRapywNqEPCU6V8W5

Entry point:

50, 4B, 03, 04, 14, 00, 08, 00, 08, 00, 0F, 59, 5F, 41, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 09, 00, 10, 00, 73, 65, 74, 75, 70, 2E, 65, 78, 65, 55, 58, 0C, 00, 40, 52, 08, 51, 1E, 69, 91, 50, F6, 01, F6, 01, EC, BD, 7D, 7C, 54, C5, D5, 38, 7E, 77, F7, 26, B9, 24, 9B, EC, 02, 1B, 08, 10, 20, 4A, 50, 2A, 51, 91, 00, 12, 57, 34, 11, 6E, 12, 94, 95, 1B, 57, 36, A4, 98, E0, 0B, C4, B8, B5, 95, 97, BD, 01, 5B, 12, 83, 9B, D8, 5C, AE, AB, B6, 45, 4B, 7D, F0, 85, A7, 5A, DF, 2B, 56, D4, 58, 41, 36, 24... 
[+]

Entropy:

7.9998 (probably packed)

The file sd-formatter.exe has been seen being distributed by the following 4 URLs.

http://dlgbit.winfuture.de/1fc055a4db5bc41f976ed6b2ccb206a0/570aca9b/software/.../SDFormatterv4.zip

https://www.sdcard.org/cht/downloads/formatter_4/.../SDFormatterv4.zip

https://lookaside.fbsbx.com/.../SDFormatterv4.zip?token=AWxbpc5RbZ7XSsjTErTYOGROISzX_0CDP94tsmScKCjSDN8Kgil1GwdKYdZhItg8n71ADo_FOCVweADm3JNvaQ4mVUTgMxipqlNYGPgSgTfnu-rWlee6PiFXwlTtLgL7VwNcCuYOdUDxLRuCyRczAXVa

https://www.sdcard.org/downloads/formatter_4/.../SDFormatterv4.zip

Scan sd-formatter.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.