» UsbFix.exe
Overview
Analysis
File Details
Downloads (20)

UsbFix.exe

UsbFix- www.SosVirus.net - www.UsbFix.net

El Desaparecido - SosVirus.net - UsbFix.net

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from download.fosshub.com and multiple other hosts.

File name:

UsbFix.exe

Publisher:

El Desaparecido - SosVirus.net - UsbFix.net

Product:

UsbFix- www.SosVirus.net - www.UsbFix.net

Description:

UsbFix - Remove Malware From Your Drive!

Version:

8.2.2.8

MD5:

7a87765073939fc574ef08855088a235

SHA-1:

26ad4c8298d68450934cebfa2ec90f5495176bb4

SHA-256:

acc3258c8cbe5ef333d23047f6122c54a73dabeff8564a4fb6b3c2910d781e6e

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/22/2024 10:46:01 PM UTC (today)

File size:

3 MB (3,124,346 bytes)

Product version:

Trademarks:

Original file name:

UsbFix.exe

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\documents and settings\nour\mes documents\downloads\programs\usbfix.exe

File PE Metadata

Compilation timestamp:

4/2/2016 5:20:13 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:Y04tGOfnTMFvgsJu8DbFthIrSlwgxn8U1TPVfYK3R++ixPr/2IFsup/RnVJiDuG2:Y04tGinTwLumnhIrGJD9RYCRiPaDK5VV

Entry address:

0x312A

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 57, 33, DB, 68, 01, 80, 00, 00, 89, 5C, 24, 20, C7, 44, 24, 14, 68, 91, 40, 00, 89, 5C, 24, 1C, C6, 44, 24, 18, 20, FF, 15, B0, 70, 40, 00, FF, 15, AC, 70, 40, 00, 66, 3D, 06, 00, 74, 11, 53, E8, EF, 2D, 00, 00, 3B, C3, 74, 07, 68, 00, 0C, 00, 00, FF, D0, BE, 80, 72, 40, 00, 56, E8, 6B, 2D, 00, 00, 56, FF, 15, 08, 71, 40, 00, 8D, 74, 06, 01, 38, 1E, 75, EB, 6A, 0D, E8, C3, 2D, 00, 00, 6A, 0B, E8, BC, 2D, 00, 00, A3, 24, EC, 42, 00, FF, 15, 38, 70, 40, 00, 53, FF, 15, 6C... 
[+]

Entropy:

7.8672

Packer / compiler:

Nullsoft install system v2.x

Code size:

24 KB (24,576 bytes)

The file UsbFix.exe has been seen being distributed by the following 20 URLs.

https://download.fosshub.com/Protected/expiretime=1462086324;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/0baee0bb3edb350bd6d2f1eff6a1bc0dbab5f7aecd51110fd1b8ea6a29eb873e/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462135565;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/0e4b7ce899ae6332db9394a0f1f105694ad9be3ea4a6e363d01d6211f8ecee25/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462195929;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/a03be46e10b7263a1023fc66d5a80ce934ba5d28070e2ab3949e2de10eca2886/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1461869616;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/28c0d1f4c81927b0e39a819d0aa3ec7e025f8b9f3a0ea5bcb074dce434a26afd/.../UsbFix_2016_8.230.exe

https://www.sosvirus.net/telecharger/.../?wpdmdl=7070

https://download.fosshub.com/Protected/expiretime=1462060923;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/be5a284b084132df5239abc10b1917d6a6e6ea491f7d31c58a3ad112ea630cd6/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462039662;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/4018dde05c1208871cd215654e54140b0026aed2575978c3908aec68684d1108/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462010444;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/d36c28ed2c2de883e700bd5eb8c8637d979fe7123d2289a5d6e6c388fe16fba1/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1461864769;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/e93da31125c4bc214b96d9fed9e2c847d49ea27d746fece5628c5f50737adca3/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462111775;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/3664ec08e25e9ca9ee684bb8dd138f09b642189d0cecbc05ef9b1abfd8dea71f/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462110537;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/411d20d91581d1ac3455db3fec5c49ac38e9b3d99ecacb25cad20656f457a1a3/.../UsbFix_2016_8.230.exe

http://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=cvbk00o7pda593jtsqdj4g40u7

http://share2.earthlinktele.com/download.aspx?file=297177009&sig=MDMvMDUvMjAxNiAxMjo0MzowNw==

https://download.fosshub.com/Protected/expiretime=1461968344;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/dbaa41ff2e8b091d0eededa3d663bbba7abfde05425c7676606e090548b30749/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1461953174;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/9b71381bd5b786e29cc715f5d92ef6a1b3afebf63039b0ca8d57dbbc02a3d56b/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462142561;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/822c5a7834df7c31f6da5002494216657653583da2cc5475fee51ab9eaa04c28/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1461883839;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/f6f79aa7bad5f3ca9ba3651ebfbb054c2b3f108d2d0340ff2ecd1628bb50bb2b/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1461851988;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/1e918df9a6855c714eb5ccd096c0a5ae662a08df97842484892c292f0852656e/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1462089037;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/bb97f4174046dc554bb7879676886581d9ef9fecec72b7cbe5beca166a1a5cd4/.../UsbFix_2016_8.230.exe

https://download.fosshub.com/Protected/expiretime=1461876607;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Vc2JGaXguaHRtbA==/f0ab214e1a8ef0609785d2f533b0e37fa3109df63b1c46d3b18afdc8f3a60b47/.../UsbFix_2016_8.230.exe

Scan UsbFix.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.