» setup_cp26_1.exe
Overview
Analysis
File Details

setup_cp26_1.exe

LivePlex Corp

The application setup_cp26_1.exe by LivePlex Corp has been detected as a potentially unwanted program by 30 anti-malware scanners.

File name:

setup_cp26_1.exe

Publisher:

LivePlex Corp (signed and verified)

Version:

1.0.0.459

MD5:

398d623ec39ce2064ee7fe2318769315

SHA-1:

394f294c8726dadb422b7f75f0f2e1a9b54ab024

SHA-256:

abe60628f27d2c434ece5e17e34ce4d485ad7297fef35a9cb4f6bfc9a7d86e5b

Scanner detections:

30 / 68

Status:

Potentially unwanted

Analysis date:

5/7/2024 10:37:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2085894

120

Agnitum Outpost

Trojan.CL.Agent

7.1.1

AhnLab V3 Security

Trojan/Win32.Gen

2015.04.10

avast!

Win32:Dropper-gen [Drp]

2014.9-161007

AVG

Crypt3

2017.0.2598

Baidu Antivirus

PUA.Win32.Kryptik

4.0.3.16107

Bitdefender

Trojan.GenericKD.2085894

1.0.20.1405

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

ApplicUnwnt

21703

Emsisoft Anti-Malware

Trojan.GenericKD.2085894

8.16.10.07.12

ESET NOD32

Win32/Adware.SBYinYing (variant)

10.11448

Fortinet FortiGate

W32/Agent.CCZD!tr

10/7/2016

F-Secure

Trojan.GenericKD.2085894

11.2016-07-10_6

G Data

Trojan.GenericKD.2085894

16.10.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.202.15541

Kaspersky

not-a-virus:AdWare.Win32.Agent

14.0.0.-515

McAfee

Artemis!398D623EC39C

5600.6254

MicroWorld eScan

Trojan.GenericKD.2085894

17.0.0.843

NANO AntiVirus

Trojan.Win32.DangerousObject.dmklrx

0.30.10.952

Norman

Suspicious_Gen4.HPOLO

11.20161007

nProtect

Trojan.GenericKD.2085894

15.04.09.02

Panda Antivirus

Trj/Genetic.gen

16.10.07.12

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Quick Heal

TrojanClicker.Agent.gc

10.16.14.00

Trend Micro House Call

TROJ_GEN.F0C2C00AN15

7.2.281

Trend Micro

TROJ_GEN.F0C2C00AN15

10.465.07

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39192

Zillya! Antivirus

Trojan.Agent.Win32.501543

2.0.0.2132

File size:

2.1 MB (2,226,240 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setup_cp26_1.exe

Digital Signature

Signed by:

LivePlex Corp

Authority:

Thawte, Inc.

Valid from:

4/9/2012 8:00:00 AM

Valid to:

6/9/2014 7:59:59 AM

Subject:

CN=LivePlex Corp, O=LivePlex Corp, L=Gangnam-gu, S=Seoul, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3F5542E2E71D8DB357041C9DD45B950A

File PE Metadata

Compilation timestamp:

1/1/2014 1:15:06 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:cJbi5QbTBNuk4y9qQKw+5zUTSjcPf+DnYazdNeqB3aE:+bi5aTBNl1Kw+Kmjif+DnYaz/b

Entry address:

0x32B001

Entry point:

60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, B0, 32, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72... 
[+]

Entropy:

7.9976

Packer / compiler:

ASPack v2.12

Code size:

1.2 MB (1,263,616 bytes)

Remove setup_cp26_1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.