home

liveshow.exe

Liveshow

Lanet Ltd

The application liveshow.exe, “Liveshow Notifier” by Lanet has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. While running, it connects to the Internet address 91.226.182.236.unconfigured.2town.net on port 443.
Publisher:
Lanet  (signed by Lanet Ltd)

Product:
Liveshow

Description:
Liveshow Notifier

Version:
1,2,3,12

MD5:
bdd32a556f0a831a4a85e60e028f4498

SHA-1:
d25f51ff5642a39f78060bf9d985532582fa4c4d

SHA-256:
bf7e26899860a279751e2a7b93ec71bfa79d250f9274ceadf0fb486c2a0ed4b3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/18/2024 7:38:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Lanet (L)
16.12.16.20

File size:
16.4 MB (17,170,048 bytes)

Product version:
1,2,3,12

Copyright:
Lanet Copyright c 2016

Original file name:
liveshow.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\liveshow\liveshow.exe

Digital Signature
Signed by:
Lanet Ltd

Authority:
Symantec Corporation

Valid from:
6/13/2016 2:00:00 AM

Valid to:
6/14/2019 1:59:59 AM

Subject:
CN=Lanet Ltd, O=Lanet Ltd, L=Sofia, S=Sofia, C=BG, SERIALNUMBER=203609282, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=BG

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4358006905A03AB196FFBEFFD207DC8F

File PE Metadata
Compilation timestamp:
12/9/2016 8:21:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x89411D

Entry point:
E8, 47, E1, 00, 00, E9, 89, FE, FF, FF, B8, AE, 2D, CA, 00, A3, 08, 72, 3F, 01, C7, 05, 0C, 72, 3F, 01, A4, 24, CA, 00, C7, 05, 10, 72, 3F, 01, 58, 24, CA, 00, C7, 05, 14, 72, 3F, 01, 91, 24, CA, 00, C7, 05, 18, 72, 3F, 01, FA, 23, CA, 00, A3, 1C, 72, 3F, 01, C7, 05, 20, 72, 3F, 01, 26, 2D, CA, 00, C7, 05, 24, 72, 3F, 01, 16, 24, CA, 00, C7, 05, 28, 72, 3F, 01, 78, 23, CA, 00, C7, 05, 2C, 72, 3F, 01, 04, 23, CA, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, 58, EC, 00, 00, DB...
 
[+]

Code size:
11.4 MB (11,965,952 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):
Connects to 91.226.182.236.unconfigured.2town.net  (91.226.182.236:443)

Remove liveshow.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.