home

ImageBuilder.exe

BurnSuite

Serhiy Horobets

This is installed with BurnSuite.
Publisher:
KLLabs  (signed by Serhiy Horobets)

Product:
BurnSuite

Description:
Image Builder Wizard

Version:
1.00.01

MD5:
b927f3b9a76551db9fff0d5e2c555d2f

SHA-1:
e83e2e15cb1e1eb7aa4060fcdb78e9feee87f05a

SHA-256:
97f002f97c868689f7b7f86d48bf65642f70484949c7948f0fe6adca138e3322

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 4:53:47 PM UTC  (today)

File size:
887.3 KB (908,608 bytes)

Product version:
1.00.01

Copyright:
Copyright (c) 2008 KLLabs

Original file name:
ImageBuilder.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Serhiy Horobets

Authority:
The USERTRUST Network

Valid from:
12/21/2007 12:00:00 AM

Valid to:
12/20/2009 11:59:59 PM

Subject:
CN=Serhiy Horobets, O=Serhiy Horobets, STREET="Sechenova st, 7a - 38", L=Kiev, S=Goloseevsky rn, PostalCode=03127, C=UA

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
4C32525A6D5872086E77D646377BEA94

File PE Metadata
Compilation timestamp:
12/28/2008 2:34:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:niJzDuzA+lOwDvVuiMB4GwJX14DSO/lODG/Zc60vZs1t6dI+RKDEPKL4L1WFCtc:iRwHlBvVQBVGl4Dn6YZcXZAtEXkYVtc

Entry address:
0x40249E

Entry point:
E8, 3B, FF, FF, FF, 05, D4, 12, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, 30, 11, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, A9, B4, 49, 0D, AD, A3, 3F, 93, 6D, 16, 9A, 4E, 72, 40, 2C, B7, 09, A1, 47, 48, C7, A9, B7, 53, BD, A1, AD, F3, 19, F9, 84, C5, 45, A1, E0, 75, 7A, ED, 86, 1D, 2D, 9D, 39, F4, 0C, BE, 3E, 7B, DD, 29, 95, 56, 6D, 85, 2B, 52, FD, 2C, 40, 26, 56, 38, C6, 50, 6D, 7D, D6, 45, 5E, 08, 12, 96, 1F, 68, DD, 7E, 40, A2, F0, FF, 66, 81, 54, F5, 61, 9C, 1F, 4B, C2, CE, 59, EB...
 
[+]

Entropy:
7.9483  (probably packed)

Code size:
1.6 MB (1,666,048 bytes)

The file ImageBuilder.exe has been discovered within the following program.

BurnSuite  by KLLabs
www.kllabs.com
About 8% of users remove it
 
Powered by Should I Remove It?

Scan ImageBuilder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.