Gridinsoft Logo
File Icon

The setup.exe (Setup) File Analysis

Updated 13 days ago
Checked by Malware Check
setup.exe

Technical Analysis

File Name setup.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-27 08:00:40 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
691,216
File Size (bytes)
2025-12-27
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
d6abc09eab4ce2079195a154da668e11
SHA1
6cd067ccbcc963c5579a716b6bc333aae5cae763
SHA256
56e754713e00b2e3c87761f734536dcb8812cf33052384bcae42ed786595a9d9
SHA512
505cd8fe6ccfa145a5e3da9ae04e3c6983c57fa577b208cea08e772d50e2dd2abdd19ee1c875d7c65fbd0e034a654ab48b37cc22cce4a0f27669506e11387267
ImpHash
d90c5f63eb809bc37f835a735e1e9181

PE Analysis

Basic Information

Icon
Hash: dbdd6eaba195bca14300979d9a647ef0
Fuzzy: c5977609debe99c8f0f031f0a62182df
dHash: cc8c396b2963cecc
Image Base 0x00400000
Entry Point 0x00436fc0
Compilation Time 2025-01-16 18:19:34
Checksum 0x000b79ff (Actual: 0x000b79ff)
OS Version 5.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path D:\dbs\el\ddvsm\out\binaries\x86ret\bin\i386\Bootstrapper\Engine\setup.pdb
Digital Signature Chain verification from CN=WIN-4NFSE1QOBMS\\Administrator (serial:59055345147391298128606108583890259770, sha1:c57cea0d7652059bd1aea2ee68bf925168ae23b1) failed: The X.509 certificate provided is self-signed - "Common Name: WIN-4NFSE1QOBMS\Administrator"
Imports 10 libraries
KERNEL32, GDI32, ole32, Secur32, SHELL32, USER32, CRYPT32, WININET, msi, SHLWAPI
Exports 2 functions
Resources 126 Resources
Sections 6 Sections

Version Information

CompanyName
FileDescription Setup
FileVersion 17.0.35716.53 built by: d17.13
InternalName setup.exe
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename setup.exe
ProductName
ProductVersion 17.0.35716.53
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 382,408 bytes 382,464 bytes 6.42 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 424EC8C0E407B0B95BBFEEE5B18E9657
.data 0x0005f000 9,708 bytes 5,120 bytes 3.31 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE ACB34B8A88F38824FEF939D39DE86913
.idata 0x00062000 5,640 bytes 6,144 bytes 5.31 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4B05A0DFF026D0C588B7EE8D5DC98238
.didat 0x00064000 112 bytes 512 bytes 1.19 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5D61C5AA378FF451AA729D4A989FDA81
.rsrc 0x00065000 280,020 bytes 280,064 bytes 5.65 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6FF07810B9318E9C8FEBCED157001F68
.reloc 0x000aa000 14,380 bytes 14,848 bytes 6.56 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ C7799450F22BDADE87D858588821A63A
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 126 (272,505 bytes)
Resource Type Count Total Size Percentage
RT_ICON 18 98,143 bytes
36%
RT_DIALOG 3 1,000 bytes
0.4%
RT_GROUP_ICON 2 264 bytes
0.1%
RT_VERSION 1 736 bytes
0.3%
RT_MANIFEST 1 1,378 bytes
0.5%
None 101 170,984 bytes
62.7%

Certificate Chain Analysis

Certificate Information
Description Setup
File Version 17.0.35716.53 built by: d17.13
Original Name setup.exe
Verification Status A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signers WIN-4NFSE1QOBMS\Administrator
Internal Name setup.exe
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Corporation #1 Primary
Validity Period: 2020-03-04 18:39:47 → 2021-03-03 18:39:47
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 87 72 17 72 15 59 40 C7 09 00 00 00 00 01 87
Microsoft Code Signing PCA 2011 #2 Chain
Validity Period: 2011-07-08 20:59:09 → 2026-07-08 21:09:09
Signature Algorithm: sha256RSA
Serial Number: 61 0E 90 D2 00 00 00 00 00 03
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2019-12-19 01:15:04 → 2021-03-17 01:15:04
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 2D 2E 4D 41 CA 63 65 33 A0 00 00 00 00 01 2D
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2010-07-01 21:36:55 → 2025-07-01 21:46:55
Signature Algorithm: sha256RSA
Serial Number: 61 09 81 2A 00 00 00 00 00 02
WIN-4NFSE1QOBMS\Administrator #5 Chain
Validity Period: 2025-08-08 19:55:27 → 2026-08-09 01:55:27
Signature Algorithm: sha256RSA
Serial Number: 2C 6D A5 50 7F 6D 9A BA 4A AA 71 24 ED 58 0F 3A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from CN=WIN-4NFSE1QOBMS\\Administrator (serial:59055345147391298128606108583890259770, sha1:c57cea0d7652059bd1aea2ee68bf925168ae23b1) failed: The X.509 certificate provided is self-signed - "Common Name: WIN-4NFSE1QOBMS\Administrator"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware