Gridinsoft Logo
File Icon

The setup.exe (Image Burner Wizard) File Analysis

Updated 1 month ago
Checked by Malware Check
setup.exe

Technical Analysis

File Name setup.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
98304:YAVXFuqC3bKr1lRMxQ6D2UsiiUlDyOIZMi+2IfdbsZKrlbm1m9Af6dYG9laZZbfg:YAV1GQ8V7IZMiypZH/6mOPA0c
Scanner Version 1.0.230.174
Database Version 2025-12-08 04:00:17 UTC

Suspicious File Detected

Detected by 7 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
10%
Detection Rate
12,033,072
File Size (bytes)
7/70
Engines Detected
2025-12-08
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
d8376cf9f048b4babe249ab1888502d3
SHA1
15ac0aef37a55f57e5323bd7dbf3b468781d624f
SHA256
5df808815931ac016dbbac8a1508f5f44af836db671fe1b4f836f63a611439e1
SHA512
5efdb669ad9e391cb754d843e80b891c378c98cb6550225278c17b4743ade7028e2555ac5ce4daf41a4cae946135ea310d64d2b342bd4b74aa53085563a1fa79
ImpHash
b391f1e4fbc7cbe018c7e3d295973f23

Security Engines with Detections (7 of 70)

CrowdStrike
win/malicious_confidence_70% (W) Malicious
VirIT
Trojan.Win32.GenHeur.B Malicious
DrWeb
Program.Unwanted.5621 Malicious
huorong
TrojanDownloader/Agent.bbx Malicious
Microsoft
Trojan:Win32/Sonbokli.A!cl Malicious
TrendMicro-HouseCall
Trojan.Win32.VSX.PE04C9t Malicious
Rising
Trojan.Injector!1.127AD (CLASSIC) Malicious
63 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: cf1ae99724010a8bddaf8bddd92091c6
Fuzzy: b968bd3b8219fb988fc2dfe597605726
dHash: f0d89869e9b0f0f0
Image Base 0x00400000
Entry Point 0x0053d53e
Compilation Time 2014-02-22 11:14:23
Checksum 0x00302ecb (Actual: 0x00b824d7)
OS Version 5.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path D:\StarBurnSDK\Samples\StarBurn Core\MSVC\ImageBurner\Win32\Release Static libcmt\ImageBurner.pdb
Digital Signature The expected hash does not match the digest in SpcInfo
Imports 17 libraries
Exports 1 functions
Resources 89 Resources
Sections 5 Sections

Version Information

CompanyName Rocket Division Software
FileDescription Image Burner Wizard
FileVersion V12 'Trident II'
InternalName ImageBurner.exe
LegalCopyright Copyright (c) Rocket Division Software 2001-2008
OriginalFilename ImageBurner.exe
ProductName Rocket Division StarBurn SDK
ProductVersion V12 'Trident II'
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,503,063 bytes 1,503,232 bytes 6.57 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 32CA64447911B15852F4CA64366BB558
SPTD 0x00170000 921 bytes 1,024 bytes 5.31 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ AFE3387330B2FD24C1613DA058DEC561
.rdata 0x00171000 457,587 bytes 457,728 bytes 5.94 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 11C091390D09C17532A7246D6F7C9C74
.data 0x001e1000 148,224 bytes 44,544 bytes 6.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A2584C6F60C96DE8825E82D032C34DDB
.rsrc 0x00206000 1,122,816 bytes 1,122,816 bytes 6.88 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7ECCBFFC885C82A88620116B2D704B55
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 89 (835,466 bytes)
Resource Type Count Total Size Percentage
GIF 1 1,924 bytes
0.2%
XML 7 751,746 bytes
90%
RT_CURSOR 17 5,108 bytes
0.6%
RT_BITMAP 4 34,628 bytes
4.1%
RT_ICON 5 18,632 bytes
2.2%
RT_DIALOG 13 7,286 bytes
0.9%
RT_STRING 23 13,780 bytes
1.6%
RT_GROUP_CURSOR 16 334 bytes
0%
RT_GROUP_ICON 1 76 bytes
0%
RT_VERSION 1 888 bytes
0.1%
RT_MANIFEST 1 1,064 bytes
0.1%

Certificate Chain Analysis

Certificate Information
Product Rocket Division StarBurn SDK
Description Image Burner Wizard
File Version V12 'Trident II'
Original Name ImageBurner.exe
Signing Date 05:51 PM 01/23/2025 (350 days ago)
Verification Status The digital signature of the object did not verify.
Signers RealDefense LLC; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert Timestamp 2024; DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA; DigiCert Trusted Root G4; DigiCert
Internal Name ImageBurner.exe
Copyright Copyright (c) Rocket Division Software 2001-2008
Certificate Chain Summary
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #1 Primary
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
RealDefense LLC #2 Chain
Validity Period: 2024-03-06 00:00:00 → 2027-05-10 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 09 2A FC 56 C5 BA FB E9 77 37 AE 12 3B 02 4A A7
DigiCert Timestamp 2024 #3 Chain
Validity Period: 2024-09-26 00:00:00 → 2035-11-25 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0B AE 66 BC 5A BA 7F 95 87 C6 F9 E9 04 E3 33 04
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #4 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #5 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
7 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware