» setup-akmall.exe
Overview
Analysis
File Details
Downloads (5)

setup-akmall.exe

LiveIconSetup

TCOMMS Co,Ltd

This is a setup and installation application. The file has been seen being downloaded from api.liveicon.kr and multiple other hosts.

File name:

setup-akmall.exe

Publisher:

Product:

LiveIconSetup

Version:

2.05

MD5:

a8de3bb775121cd14ef1b5a5ef21fe9b

SHA-1:

54c51d706225c722ca7e9960ac07d6539d78d0b3

SHA-256:

4a028b966eeb58b59d99cca7d5377e90c3f79b32f364d6502209ef87d00c0a1b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/18/2025 1:06:09 AM UTC (today)

File size:

809.9 KB (829,384 bytes)

Product version:

2.05

Original file name:

LiveIconSetup.EXE

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\setup-akmall.exe

Digital Signature

Signed by:

TCOMMS Co,Ltd

Authority:

thawte, Inc.

Valid from:

3/20/2015 9:00:00 AM

Valid to:

4/19/2017 8:59:59 AM

Subject:

CN="TCOMMS Co,Ltd", OU=Dev. Team, O="TCOMMS Co,Ltd", L=Geumcheon-gu, S=SEOUL, C=KR

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

751BCB92FE300D140F413132F00719C5

File PE Metadata

Compilation timestamp:

6/6/2016 7:44:43 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:ucft2jeSgvLzB12wMY8vMBp1UiDRc8J5lSbxQo3Th3kdGBl:ucl2jeVvLT2wl6MBUiD2IExQojBkY

Entry address:

0x108CC

Entry point:

55, 8B, EC, 6A, FF, 68, 50, A4, 42, 00, 68, 36, 0A, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, EC, 95, 42, 00, 59, 83, 0D, F0, 51, 43, 00, FF, 83, 0D, F4, 51, 43, 00, FF, FF, 15, F0, 95, 42, 00, 8B, 0D, C0, 48, 43, 00, 89, 08, FF, 15, F4, 95, 42, 00, 8B, 0D, BC, 48, 43, 00, 89, 08, A1, F8, 95, 42, 00, 8B, 00, A3, EC, 51, 43, 00, E8, 28, 01, 00, 00, 39, 1D, 28, 2D, 43, 00, 75, 0C, 68, 60, 0A, 41, 00, FF, 15, FC, 95... 
[+]

Entropy:

7.2729

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

160 KB (163,840 bytes)

The file setup-akmall.exe has been seen being distributed by the following 5 URLs.

http://api.liveicon.kr/GetSetupFile.api?PID=halfclub

http://api.liveicon.kr/GetSetupFile.api?PID=gshs

http://api.liveicon.kr/.../setup-kyobobook.exe

http://api.liveicon.kr/GetSetupFile.api?PID=jestina

http://api.liveicon.kr/GetSetupFile.api?PID=akmall

Scan setup-akmall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.