home

lvsetupx64.exe

CoolMoon Corp Setup Application

CoolMoon Corp.

This is a setup and installation application. The file has been seen being downloaded from software.thaiware.com and multiple other hosts.
Publisher:
CoolMoon Corp  (signed by CoolMoon Corp.)

Product:
CoolMoon Corp Setup Application

Version:
2, 2, 0, 0

MD5:
acfea31bd43b811e705d71890fffe0d5

SHA-1:
525a8cec2bc0b4fd1d6081c0d52f89eb6be4d9fa

SHA-256:
ea8d8c471a3e0b7cabbdd7fd240490d82c6f48888a6b1a7d09e82cea17d7e336

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:51:49 PM UTC  (today)

File size:
4.3 MB (4,502,112 bytes)

Product version:
2, 2, 0, 0

Copyright:
Copyright © 1993-2006 Leonardo H Loureiro, All Rights Reserved

Original file name:
Setup.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\lvsetupx64.exe

Digital Signature
Signed by:
CoolMoon Corp.

Authority:
VeriSign, Inc.

Valid from:
3/14/2007 1:00:00 AM

Valid to:
4/11/2008 1:59:59 AM

Subject:
CN=CoolMoon Corp., OU=Software Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CoolMoon Corp., L=Hollywood, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
00D72F9E5F45FE211E0C9289F49A556E

File PE Metadata
Compilation timestamp:
4/4/2007 4:44:30 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:Pget7Hu44LpVAsOgnlvVawHxb272WEedvMXzX1qa:nt7HuN0gnl9dUirs

Entry address:
0x38CB0

Entry point:
48, 83, EC, 28, E8, F7, A3, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 4C, 89, 4C, 24, 20, 4C, 89, 44, 24, 18, 48, 89, 54, 24, 10, 48, 89, 4C, 24, 08, 55, 41, 54, 41, 56, 48, 83, EC, 60, 4D, 8B, E0, 4D, 8B, D1, 4C, 8B, F1, 4D, 85, E4, 4C, 8B, C2, 48, 8B, EA, 74, 29, 4D, 85, C9, 74, 24, 48, 85, C9, 75, 2B, E8, B0, 2B, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 4C, 89, 74, 24, 20, C7, 00, 16, 00, 00, 00, E8, 36, 2A, 00, 00, 33, C0, 48, 83, C4, 60...
 
[+]

Code size:
314 KB (321,536 bytes)

The file lvsetupx64.exe has been seen being distributed by the following 2 URLs.

http://software.thaiware.com/download_url.php?id=13423

http://www.lview.com/LVSetupx64.exe

Scan lvsetupx64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.