» setup_bw70_1.exe
Overview
Analysis
File Details
Downloads (1)

setup_bw70_1.exe

LivePlex Corp

The application setup_bw70_1.exe by LivePlex Corp has been detected as a potentially unwanted program by 24 anti-malware scanners. The file has been seen being downloaded from soft.chupiao365.com.

File name:

setup_bw70_1.exe

Publisher:

LivePlex Corp (signed and verified)

Version:

1.0.0.216

MD5:

a3563bccfa6f04a787b207002eef0bcf

SHA-1:

a773fb0e93d229f765bd908f4a1f38afcc7f07c2

SHA-256:

cbd195a690c54fc889e716a77669a6aa6eaf7245567419f08c2aff99b4f1628d

Scanner detections:

24 / 68

Status:

Potentially unwanted

Analysis date:

5/10/2024 8:48:56 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2098766

-10

Agnitum Outpost

PUA.Agent

7.1.1

avast!

Win32:Malware-gen

2014.9-170214

AVG

Win32/DH{gQwTICQiJYESV04}

2018.0.2468

Bitdefender

Trojan.GenericKD.2098766

1.0.20.225

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

UnclassifiedMalware

21993

Emsisoft Anti-Malware

Trojan.GenericKD.2098766

8.17.02.14.02

Fortinet FortiGate

PossibleThreat.SB!tr.dldr

2/14/2017

F-Secure

Trojan.GenericKD.2098766

11.2017-14-02_3

G Data

Trojan.GenericKD.2098766

17.2.25

IKARUS anti.virus

Trojan.Click

t3scan.1.8.9.0

Kaspersky

not-a-virus:AdWare.Win32.Agent

14.0.0.-1165

McAfee

Artemis!A3563BCCFA6F

5600.6124

MicroWorld eScan

Trojan.GenericKD.2098766

18.0.0.135

NANO AntiVirus

Trojan.Win32.Generic.dmmnke

0.30.24.1357

Norman

Troj_Generic.YFKND

11.20170214

nProtect

Trojan.GenericKD.2098766

15.05.04.01

Panda Antivirus

Trj/CI.A

17.02.14.02

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Trend Micro House Call

TROJ_GEN.R03EC0EB715

7.2.45

Trend Micro

TROJ_GEN.R03EC0EB715

10.465.14

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39928

File size:

1.1 MB (1,192,512 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\My documents\downloads\setup_bw70_1.exe

Digital Signature

Signed by:

LivePlex Corp

Authority:

Thawte, Inc.

Valid from:

4/9/2012 9:00:00 AM

Valid to:

6/9/2014 8:59:59 AM

Subject:

CN=LivePlex Corp, O=LivePlex Corp, L=Gangnam-gu, S=Seoul, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3F5542E2E71D8DB357041C9DD45B950A

File PE Metadata

Compilation timestamp:

1/21/2014 1:05:49 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xEAFB8

Entry point:

55, 8B, EC, 83, C4, F0, B8, E8, 37, 4E, 00, E8, 38, EF, F1, FF, A1, 6C, FD, 4E, 00, 8B, 00, E8, 18, 09, FB, FF, A1, 6C, FD, 4E, 00, 8B, 00, B2, 01, E8, 22, 25, FB, FF, 8B, 0D, FC, FE, 4E, 00, A1, 6C, FD, 4E, 00, 8B, 00, 8B, 15, D0, 2D, 4E, 00, E8, 0A, 09, FB, FF, A1, 6C, FD, 4E, 00, 8B, 00, E8, 4E, 0A, FB, FF, E8, 61, AE, F1, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.5726

Developed / compiled with:

Microsoft Visual C++

Code size:

933.5 KB (955,904 bytes)

The file setup_bw70_1.exe has been seen being distributed by the following URL.

http://soft.chupiao365.com/setup_BW70_1.exe

Remove setup_bw70_1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.