burnsetup.exe

ExpressBurn

NCH Software

This is a setup and installation application. This is installed with Express Burn Disc Burning Software. The file has been seen being downloaded from share2.earthlinktele.com and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
ExpressBurn

Description:
Express Burn Disc Burning Software

Version:
4.98+

MD5:
90b7d76ca757af731d159489e35f8f86

SHA-1:
d96ffae6ef9b024d255e91f4eb817322ee9386d6

SHA-256:
714514664d7d422ff09f749689b6008524108466161381cbcc3f9a7fa2c56364

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:37:59 AM UTC  (today)

File size:
839.8 KB (859,920 bytes)

Product version:
4.98+

Copyright:
NCH Software

Original file name:
ExpressBurn.exe

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\users\{user}\appdata\local\temp\burnsetup.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
7/6/2015 1:00:00 AM

Valid to:
8/7/2017 12:59:59 AM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
58D9B9D38780932DD1CBC58A2AD28B1C

File PE Metadata
Compilation timestamp:
1/24/2016 11:09:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:oB10IRb1B92Qlqe0wuOUACh60NKeAdf36U/F5En9l8SZ:E0Cb1z2QI7KK+93DN5E9l8SZ

Entry address:
0x11D4

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, FC, 16, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, DF, 03, 00, 00, 6A, 06, 53, FF, 15, 8C, 20, 40, 00, FF, 15, 48, 20, 40, 00, 68, 6C, 24, 40, 00, 8B, F0, E8, CB, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 24, 40, 00, 68, 80, 24, 40, 00, FF, 15, 50, 20, 40, 00, 68, 90, 24, 40, 00, 8B, C6, E8, AB, 03, 00, 00, 3B, C3, 74, 49, 83, C0, 0E, EB, 08, 66, 83, F9, 20, 75, 0A, 40, 40, 0F, B7, 08, 66, 3B, CB, 75, F0, 0F, B7, 08, 33, F6, 66, 3B, CB, 74, 20...
 
[+]

Entropy:
7.9927

Developed / compiled with:
Microsoft Visual C++

Code size:
2 KB (2,048 bytes)

The file burnsetup.exe has been discovered within the following programs.

Publisher's description - “Express Burn is a free CD burning program. With Express Burn you can record a data or audio discs quickly and easily by dragging the files you want onto the icon and clicking Burn CD. The software then does the rest, including converting the files if required.”
www.nchsoftware.com
25% remove it
 
Powered by Should I Remove It?

The file burnsetup.exe has been seen being distributed by the following 22 URLs.

http://share2.earthlinktele.com/download.aspx?file=287710167&sig=MjIvMDkvMjAxNiAxNjo1Mzo0NA==

http://lb.cdn.m6web.fr/d/c/a/514ac8f5dea298abb5daf6d4731a8c24/5732088b/soft/.../express-burn_4-98_fr_182456.exe

http://lb.cdn.m6web.fr/d/c/a/970a47d4f353f2917d78c1da84217e0d/57269054/soft/.../express-burn_4-98_fr_182456.exe

http://ppdjs.brothersoft.com/ppd_stat.php?url=/d.php?soft_id=317687&url=http://www.nch.com.au/components/burnsetup.exe&c=d535I81deuCDYAybGh/3SQgzaEz/.../avfK27lgDcZcmwVtqni1aIfop bYInPnSPLcDtEqckLUArFpGcyGJiuqPjcVEEkRZieNybKwabt0zyVmnmTPUretsmsODTCXDARPRCHPliCyJpgkKDFn2F26KvtKvB6z7ZzDlWJBvS

&onid=18554&oid=3001-18554_4-10337879&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=video/dvd-burners&topicbrcrm=&pid=14500411&mfgid=10012381&merid=10012381&ctype=dm&cval=NONE&devicetype=desktop&pguid=0d24725ba0c0b5282b6270fa&viewguid=bJnk5rumhaQ4q6BRWH6nbZwMkNYmtX4KpfDd&destUrl=http://files.downloadnow-2.com/s/software/14/50/04/.../burnsetup.exe

Scan burnsetup.exe - Powered by Reason Core Security