home

setup-chunho.exe

LiveIconSetup

TCOMMS Co,Ltd

This is a setup and installation application. The file has been seen being downloaded from api.liveicon.kr and multiple other hosts.
Publisher:
(C) TComms  (signed by TCOMMS Co,Ltd)

Product:
LiveIconSetup

Version:
2.04a

MD5:
d36889ede84e49fb15b2d33ed95baf66

SHA-1:
f7ee2ce8b97609b111548960da4269a1626a4196

SHA-256:
75021a4cde10d171de7b089ce42333edd75064fdbbda705eb7ce04e4bcb39473

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/18/2025 12:29:13 AM UTC  (today)

File size:
785.9 KB (804,808 bytes)

Product version:
2.04a

Copyright:
Copyright TCOMMS Corp. All Rights Reserved.

Original file name:
LiveIconSetup.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\setup-chunho.exe

Digital Signature
Signed by:
TCOMMS Co,Ltd

Authority:
thawte, Inc.

Valid from:
3/20/2015 9:00:00 AM

Valid to:
4/19/2017 8:59:59 AM

Subject:
CN="TCOMMS Co,Ltd", OU=Dev. Team, O="TCOMMS Co,Ltd", L=Geumcheon-gu, S=SEOUL, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
751BCB92FE300D140F413132F00719C5

File PE Metadata
Compilation timestamp:
7/27/2015 1:50:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:8Qyd00oyfgvLzBQ2wMY8vMBpsB8jvZsbz1enRqGtDPdLeAveNt0:pK0/jvLO2wl6MoB8rObzKRqKCe

Entry address:
0xC3E6

Entry point:
55, 8B, EC, 6A, FF, 68, 88, 5D, 42, 00, 68, 72, C5, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 3C, 55, 42, 00, 59, 83, 0D, EC, FF, 42, 00, FF, 83, 0D, F0, FF, 42, 00, FF, FF, 15, 40, 55, 42, 00, 8B, 0D, BC, F6, 42, 00, 89, 08, FF, 15, 44, 55, 42, 00, 8B, 0D, B8, F6, 42, 00, 89, 08, A1, 48, 55, 42, 00, 8B, 00, A3, E8, FF, 42, 00, E8, 1C, 01, 00, 00, 39, 1D, 78, DB, 42, 00, 75, 0C, 68, 6E, C5, 40, 00, FF, 15, 4C, 55...
 
[+]

Entropy:
7.2833

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
144 KB (147,456 bytes)

The file setup-chunho.exe has been seen being distributed by the following 3 URLs.

http://api.liveicon.kr/GetSetupFile.api?PID=himart

http://download.liveicon.co.kr/.../setup-gshs.exe

http://api.liveicon.kr/.../setup-akmall.exe

Scan setup-chunho.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.