home

usbformattoolsetup.exe

USB Disk Storage Format Tool

Authorsoft Corporation

The executable usbformattoolsetup.exe, “USB Disk Storage Format Tool Setup ” has been detected as malware by 4 anti-virus scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.authorsoft.com.
Publisher:
Authorsoft Corporation

Product:
USB Disk Storage Format Tool

Description:
USB Disk Storage Format Tool Setup

Version:
5.2

MD5:
ffaf4af329228894e37d91a84aaf1bad

SHA-1:
c5d901d29171b35ab8e96afb1a079d05612a04b1

SHA-256:
f6b0f2e8b8cc6f79c706a3f2b2fbf5a1065003a520b4d126a66ce7a6637b4537

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
12/27/2024 8:46:09 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160708-3

Dr.Web
Win32.HLLW.Tazebama
9.0.1.05190

Kaspersky
Worm.Win32.Mabezat
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.225.1756.0

File size:
716.3 KB (733,455 bytes)

Product version:
5.2

Copyright:
Copyright © 2006-2016 Authorsoft Corporation

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\documents and settings\pc\mes documents\downloads\usbformattoolsetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 10:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ZnauD4YGWzqNKYu+pmUg0VtNliGF4O2DnM2xk/O2xKCb+p:ZnaK4NWWNXu+pmJ0VzliGQJxkTq

Entry address:
0x9C40

Entry point:
BB, B3, 29, 53, 73, 93, E9, 20, 01, 00, 00, AB, 51, B4, B0, 5C, E0, B4, B0, D4, CD, 3C, 34, 34, B4, 34, 34, BF, 34, 34, 34, 93, 65, 6A, 65, 64, 65, 6D, 6B, 6A, 34, 34, 34, A8, 95, AE, 99, 96, 95, A1, 95, 62, 98, A0, A0, 34, 34, 34, 34, 90, 34, 34, 34, 7A, A6, 99, 99, 80, 9D, 96, A6, 95, A6, AD, 34, 77, A6, 99, 95, A8, 99, 78, 9D, A6, 99, 97, A8, A3, A6, AD, 75, 34, 34, 34, 34, 7B, 99, A8, 8B, 9D, A2, 98, A3, AB, A7, 78, 9D, A6, 99, 97, A8, A3, A6, AD, 75, 34, 34, 34, 34, 7B, 99, A8, 81, A3, 98, A9, A0, 99...
 
[+]

Code size:
37 KB (37,888 bytes)

The file usbformattoolsetup.exe has been seen being distributed by the following URL.

http://www.authorsoft.com/USBFormatToolSetup.exe

Remove usbformattoolsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.