home

AddLive.exe

AddLive

LiveFoundry Inc

This is a self-extracting archive and installer. The file has been seen being downloaded from d36pfzlm4aixmv.cloudfront.net.
Publisher:
LiveFoundry Inc.  (signed by LiveFoundry Inc)

Product:
AddLive

Description:
AddLive plug-in installer

Version:
3.0.6.3

MD5:
cbe876942bca4413cbece828441b4709

SHA-1:
d5ce93f10b3985d3f72778e7b0d8754029725152

SHA-256:
664b3ff2765e8dd452ee360c1ab2c7f24416998c621ba6b6efa393a7c149aa69

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 7:02:29 PM UTC  (today)

File size:
3.6 MB (3,797,832 bytes)

Product version:
3.0.6.3

Original file name:
AddLive.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\addlive.exe

Digital Signature
Signed by:
LiveFoundry Inc

Authority:
GlobalSign nv-sa

Valid from:
12/14/2015 11:34:34 AM

Valid to:
2/11/2017 10:35:22 AM

Subject:
E=support@addlive.com, CN=LiveFoundry Inc, OU=IT, O=LiveFoundry Inc, L=San Francisco, S=California, C=US

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121753220DB0119A3C11D554FB319B6954A

File PE Metadata
Compilation timestamp:
1/6/2016 6:56:38 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
49152:WHiv6QPvu8RolbLmpvJriKqbVAmVsVTThABRakyW8OoYkGvRyCuM7tS/m52teRwQ:jvMXVsMBkkFzZkO4EhEmkEwBVT0fI

Entry address:
0x68AC2

Entry point:
E8, 54, 0A, 00, 00, E9, 80, FE, FF, FF, E9, 3B, FB, FF, FF, 55, 8B, EC, 5D, E9, 94, F8, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, 1C, D2, 49, 00, FF, 75, 08, FF, 15, 18, D2, 49, 00, 68, 09, 04, 00, C0, FF, 15, 94, D0, 49, 00, 50, FF, 15, 98, D0, 49, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 92, 59, 02, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 28, 54, 4C, 00, 89, 0D, 24, 54, 4C, 00, 89, 15, 20, 54, 4C, 00, 89, 1D, 1C, 54, 4C, 00, 89, 35, 18, 54, 4C, 00, 89, 3D, 14, 54, 4C, 00, 66, 8C, 15, 40...
 
[+]

Entropy:
7.7990  (probably packed)

Code size:
623 KB (637,952 bytes)

The file AddLive.exe has been seen being distributed by the following URL.

https://d36pfzlm4aixmv.cloudfront.net/plugin-release/Release/3.0.6.3/.../AddLive.exe

Scan AddLive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.