× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 47ac96402869b71bf2cbffc5a72f6251289c59350f7227b5ddae7039993e8361
File name: BDUSBImmunizerLauncher.exe
Detection ratio: 0 / 57
Analysis date: 2015-08-28 20:39:55 UTC ( 2 days, 1 hour ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20150828
AVG 20150828
AVware 20150828
Ad-Aware 20150828
AegisLab 20150828
Agnitum 20150828
AhnLab-V3 20150828
Alibaba 20150828
Antiy-AVL 20150828
Arcabit 20150828
Avast 20150828
Avira 20150828
Baidu-International 20150828
BitDefender 20150828
Bkav 20150828
ByteHero 20150828
CAT-QuickHeal 20150828
CMC 20150827
ClamAV 20150828
Comodo 20150828
Cyren 20150828
DrWeb 20150828
ESET-NOD32 20150828
Emsisoft 20150828
F-Prot 20150828
F-Secure 20150828
Fortinet 20150828
GData 20150828
Ikarus 20150828
Jiangmin 20150827
K7AntiVirus 20150828
K7GW 20150828
Kaspersky 20150828
Kingsoft 20150828
Malwarebytes 20150828
McAfee 20150828
McAfee-GW-Edition 20150828
MicroWorld-eScan 20150828
Microsoft 20150828
NANO-Antivirus 20150828
Panda 20150828
Qihoo-360 20150828
Rising 20150826
SUPERAntiSpyware 20150826
Sophos 20150828
Symantec 20150828
Tencent 20150828
TheHacker 20150828
TotalDefense 20150828
TrendMicro 20150828
TrendMicro-HouseCall 20150828
VBA32 20150828
VIPRE 20150828
ViRobot 20150828
Zillya 20150828
Zoner 20150828
nProtect 20150828
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Bitdefender LLC. All rights reserved.

Publisher Bitdefender SRL
Product Bitdefender USB Immunizer
Original name BDUSBImmunizerDropper.exe
Internal name BDUSBImmunizerDropper.exe
File version 2.0.1.9
Description Bitdefender USB Immunizer
Signature verification Signed file, verified signature
Signing date 2:19 PM 10/9/2012
Signers
[+] Bitdefender SRL
Status Certificate out of its validity period
Valid from 1:00 AM 12/14/2011
Valid to 12:59 AM 12/14/2012
Valid usage Code Signing
Algorithm SHA1
Thumbprint 9572E410B5368B5FBB2BA73296EA6275AB10F92E
Serial number 08 10 55 95 FD 14 5F C9 F8 E0 59 4C 7F 02 49 B0
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status Certificate out of its validity period
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-09 10:43:01
Entry Point 0x000F6C03
Number of sections 5
PE sections
Overlays
MD5 1fba32fda5642d31b7dc936256f9ffda
File type data
Offset 1858048
Size 2213624
Entropy 8.00
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
ImageList_GetIconSize
InitCommonControlsEx
GetFileTitleW
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
SetPaletteEntries
OffsetWindowOrgEx
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
ScaleViewportExtEx
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
MoveToEx
GetTextCharsetInfo
TextOutW
CreateFontIndirectW
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
SelectPalette
PtVisible
ExtSelectClipRgn
ScaleWindowExtEx
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
Escape
SetViewportExtEx
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetSystemPaletteEntries
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
IntersectClipRect
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
SetWindowOrgEx
SelectObject
GetViewportExtEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
SetPixelV
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateRectRgn
DeleteObject
SetPolyFillMode
CopyMetaFileW
Ellipse
CreateSolidBrush
Polyline
DPtoLP
CreateCompatibleBitmap
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
GetStdHandle
ReleaseMutex
FileTimeToSystemTime
DeactivateActCtx
WaitForSingleObject
EncodePointer
GetFileAttributesW
lstrcmpW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
InterlockedExchange
FindResourceExW
FormatMessageW
GetSystemTimeAsFileTime
ReleaseActCtx
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
GetProfileIntW
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetFullPathNameW
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
CopyFileW
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
HeapSetInformation
CreateActCtxW
SetThreadPriority
ActivateActCtx
GetVolumeInformationW
InterlockedDecrement
MultiByteToWideChar
GetPrivateProfileStringW
SetFileAttributesW
GlobalAddAtomW
CreateThread
GetSystemDefaultUILanguage
GetSystemDirectoryW
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SearchPathW
SetCurrentDirectoryW
VirtualQuery
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetLastError
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
GlobalFindAtomW
GlobalSize
UnlockFile
GetWindowsDirectoryW
GetFileSize
GlobalDeleteAtom
CreateDirectoryA
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
GetPrivateProfileIntW
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
GetModuleFileNameW
lstrcmpA
FindNextFileW
FindFirstFileW
DuplicateHandle
GetProcAddress
GlobalAlloc
GetTempPathW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GlobalGetAtomNameW
LocalReAlloc
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
HeapQueryInformation
WideCharToMultiByte
HeapSize
WritePrivateProfileStringW
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
LoadLibraryExW
CloseHandle
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
GetLongPathNameW
IsValidCodePage
HeapCreate
WriteFile
CreateProcessW
Sleep
VirtualAlloc
TransparentBlt
AlphaBlend
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantInit
DragQueryFileW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
DragFinish
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
RedrawWindow
GetForegroundWindow
SetWindowRgn
SetMenuItemBitmaps
DrawTextW
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
DrawStateW
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
EndPaint
EndDialog
WindowFromPoint
DrawIcon
GetMessageTime
SendMessageW
SetActiveWindow
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
DefFrameProcW
UnregisterClassW
GetClassInfoW
DefWindowProcW
SetMenuDefaultItem
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
TrackPopupMenu
GetTopWindow
GetWindowTextW
CopyAcceleratorTableW
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
GetKeyState
OpenClipboard
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
SetClassLongW
GetMenuState
MapVirtualKeyExW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
GetCursorPos
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CharUpperW
LoadIconW
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
SetClipboardData
GetIconInfo
SetParent
RegisterClassW
IsZoomed
GetWindowPlacement
DestroyWindow
DrawMenuBar
IsCharLowerW
EnableMenuItem
InvertRect
DrawFocusRect
GetScrollRange
SetTimer
GetActiveWindow
GetKeyboardLayout
FillRect
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetUpdateRect
GetMenuItemInfoW
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
LockWindowUpdate
IsIconic
BeginPaint
OffsetRect
DefMDIChildProcW
GetScrollPos
CopyIcon
KillTimer
MapVirtualKeyW
MapWindowPoints
GetParent
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
DrawTextExW
ShowOwnedPopups
SendDlgItemMessageW
PostMessageW
GetKeyNameTextW
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
PtInRect
DrawIconEx
CharUpperBuffW
SetWindowTextW
CreateMenu
GetDlgItem
RemovePropW
BringWindowToTop
ClientToScreen
GetKeyboardState
PostThreadMessageW
GetMenuItemCount
DestroyAcceleratorTable
GetDesktopWindow
IsDialogMessageW
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetClientRect
NotifyWinEvent
GetMenuStringW
EmptyClipboard
CreateDialogIndirectParamW
MapDialogRect
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
HideCaret
CopyRect
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
GetMenu
UnhookWindowsHookEx
SetRectEmpty
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
RegisterClipboardFormatW
SetScrollInfo
CopyImage
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
ShowScrollBar
WinHelpW
LoadBitmapW
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
ModifyMenuW
SetWindowsHookExW
ValidateRect
IsRectEmpty
IsMenu
GetFocus
EnableWindow
CloseClipboard
IsWindowVisible
SetCursor
SetMenu
TranslateAcceleratorW
PlaySoundW
DocumentPropertiesW
ClosePrinter
OpenPrinterW
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoInitializeEx
IsAccelerator
CoCreateGuid
OleTranslateAccelerator
OleCreateMenuDescriptor
CoLockObjectExternal
OleDestroyMenuDescriptor
DoDragDrop
ReleaseStgMedium
CoUninitialize
RevokeDragDrop
OleGetClipboard
OleDuplicateData
CoTaskMemFree
RegisterDragDrop
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 13
RT_ICON 8
RT_DIALOG 3
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 60
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.1.9

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
701952

EntryPoint
0xf6c03

OriginalFileName
BDUSBImmunizerDropper.exe

MIMEType
application/octet-stream

LegalCopyright
Bitdefender LLC. All rights reserved.

FileVersion
2.0.1.9

TimeStamp
2012:10:09 11:43:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BDUSBImmunizerDropper.exe

ProductVersion
2.0.1.9

FileDescription
Bitdefender USB Immunizer

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bitdefender LLC

CodeSize
1155072

ProductName
Bitdefender USB Immunizer

ProductVersionNumber
2.0.1.9

FileTypeExtension
exe

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed this sample wrote the following files to disk.
Execution parents
Compressed bundles
File identification
MD5 c974343ed2ede2304b85f5b30f88785d
SHA1 99f2bf64f9f0ab4470b363dbd6e8b1dbcd9475af
SHA256 47ac96402869b71bf2cbffc5a72f6251289c59350f7227b5ddae7039993e8361
ssdeep
98304:zrjhl8moQ83/SECnH7Adt2CbEN5oQhkwJPxX9PPz1PdtLLWt6e:zMIHqnO5oQhkwJLz1FtLWMe

authentihash 2cdd6bdc3b71b2990f4f0dd7c360ca961586381bf7507f3b29f1470545ed9da2
imphash f9d2c445816ebc68b164dc5c39f99561
File size 3.9 MB ( 4071672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (78.5%)
Win32 Executable (generic) (11.3%)
Generic Win/DOS Executable (5.0%)
DOS Executable Generic (5.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe overlay signed via-tor software-collection

VirusTotal metadata
First submission 2012-10-09 17:53:17 UTC ( 2 years, 10 months ago )
Last submission 2015-08-28 20:39:55 UTC ( 2 days, 1 hour ago )
File names BDUSBImmunizer.exe
BitDefender USB Immunizer.exe
test.exe
BDUSBImmunizerLauncher (2).exe
BDUSBImmunizer2019Launcher.exe
BDUSBImmunizerLauncher - Copie.exe
usbimmunizer.exe
[auncher.exe
BDUSBImmunizerLauncher.exe
2543879
file-4793921_exe
BDUSBImmunizerLauncher.exe
333355
BDUSBImmunizerLauncher (1).exe
B.exe
BDUSBImmunizerLauncher.exe
BDUSBImmunizerLauncher 19-7-2557 q3.exe
bitdefender-usb-immunizer-6096-jetelecharge.exe
BDUSBImmunizerLauncher(weak soft).exe
download.php
BDUSBimmuniz.exe
bitdefender-usb-immunizer-6096-jetelecharge.exe
BDUSBImmunizerLauncher_2019_portable.exe
BDUSB Immunizer Launcher.exe
BDUSBImmunizerLauncher(Chong virus Autorun).exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.