» kakaotalk_setup.exe
Overview
Analysis
File Details
Downloads (16)

kakaotalk_setup.exe

KakaoTalk Setup

Kakao corp.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from software.naver.com and multiple other hosts.

File name:

kakaotalk_setup.exe

Publisher:

Kakao corp. (signed and verified)

Product:

KakaoTalk Setup

Version:

2.1.0.1072

MD5:

89ee32b2eff2cbfd36709edfde56cb71

SHA-1:

ace87fc1c5495a06d2f1de0d23ce9e38eb93a333

SHA-256:

c759bb8b3b3ba52787e2e453c3aff322153a756897adf4a4a9a4e6b6fd965b85

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

6/17/2024 5:21:48 AM UTC (today)

File size:

29.8 MB (31,207,544 bytes)

Product version:

2.1.0.1072

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Korean (Korea)

Digital Signature

Signed by:

Kakao corp.

Authority:

Symantec Corporation

Valid from:

11/9/2015 7:00:00 AM

Valid to:

11/9/2017 6:59:59 AM

Subject:

CN=Kakao corp., O=Kakao corp., L=Jeju-si, S=Jeju-do, C=KR

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

7FF53B37ED385DF86B79FFAAE15EE85B

File PE Metadata

Compilation timestamp:

2/25/2012 2:20:04 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

786432:8XduXGELTAiuVmopCKPHx4R2ZAYfCCNQ+tVkhpP:qd+AiuVmyRUyJRPLkhR

Entry address:

0x38AF

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, C0, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 36, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 84, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 18, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 06, 27, 00, 00... 
[+]

Entropy:

7.9974

Packer / compiler:

Nullsoft install system v2.x

Code size:

29 KB (29,696 bytes)

The file kakaotalk_setup.exe has been seen being distributed by the following 16 URLs.

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=dae79b844bf6185e734d884cf621cd7decbe034dbb3a02c380f50e0cbb31a083a6465192c2f6238ea82004ff2bb2870373e29b24a1d21d4f5338d2dc7de741e851a84c0f3ee96d27eacd75bae6efebb0283f03dd54ba43ef67238a7b76fdf3deb11d07e3fa67bf368302860d97a2b01b1cf5f903079c2b45267ee9de3840d5be8a9491b4e3678e80c3f3211e03b444016131ec58ffdf0eea11a2ec7f9d5b13dd889f4d79ddf47d20026aa846999ff48b0def38ea3ae9fe580b351afcb1f25eb0f285acd1b4ea82f224a03f95c854f6620abea192dd1d110d119052b7214dc72f00f6e167d06ae32e24656eabe3bde135721276d24d24064537016675b8f35cb4

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=dae79b844bf6185e734d884cf621cd7decbe034dbb3a02c380f50e0cbb31a083a6465192c2f6238ea82004ff2bb2870373e29b24a1d21d4f5338d2dc7de741e851a84c0f3ee96d27eacd75bae6efebb0283f03dd54ba43ef67238a7b76fdf3deb11d07e3fa67bf368302860d97a2b01ba2892184bbc570d120fee799841b522e9925caf076b42111936fb9f412306710fa530e1f60ecd68a4782e5455f18f8954a5a405b7ec245d707d2bf7e79220fc2df717dbb8682c424411671174c291d3225834bedc41e555afd1b064ea4e38980dbb8a3c8007ab9f0f84d6ef1f7766db3388c3f9ebbc13fcac72a87b9c2d8873786f0b433c1f3cab270a034f794c99c65

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=b9d0a19938fc354d78688c22c8077f6ec02f98989daeb57b4ef80a07bd5191aeadb001a2e9a1ce70232e88325616d9ab6c1aae397ca96cad281f8253dbbeb68dcb65c2bd8ed49a449d923a80e6211e2d21f68c1175b6dfe12a5770593260989c068ada6b2bacd352c5a7c58998f584df2341bd01ea5975cb16bc82ecbd806bcd3122bb7b09b0f4956c55dfd5fb7240dba467298ed77e4d1b6f10e33778669905b04dc131750a4d50284f5e0e32f35ab11de817c1dc8ac85588f6f04afd14ae7ad706acbe7a0cda372ab2d623c09e2ac6debd617224809a978850c0e7e6de8fdc24a9788e8735a4aa1225d50a92b5dd17a8895d8507f67b50eb5610d3dc536d96

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=b9d0a19938fc354d78688c22c8077f6ec02f98989daeb57b4ef80a07bd5191aeadb001a2e9a1ce70232e88325616d9ab6c1aae397ca96cad281f8253dbbeb68dcb65c2bd8ed49a449d923a80e6211e2d21f68c1175b6dfe12a5770593260989c068ada6b2bacd352c5a7c58998f584dfa9a5ede9f8e5500508ea1b542068721ca045e3b30400ad51ba9874540ee11402dd0e1cf1f77d7617a5a44a9cc53a27951a2685f8420d7de9d0fc81fea839c263bc9ff722ad9c04dab9ab5af1208e54981b6625bb1daf67e779e928fdbbe6b3d3a76a10a6583cf3fcb8758aa8870345d44f1cb967f508cc842c6bc7159e06f546ad1c505cee9cca29da09e65b00149476

http://lnkr.us/get?sourceId=15&uid=49544x680x&format=go&out=http://app.pc.kakao.com/talk/win32/KakaoTalk_Setup.exe&ref=http://.../talk

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=dae79b844bf6185e734d884cf621cd7decbe034dbb3a02c380f50e0cbb31a083a6465192c2f6238ea82004ff2bb2870373e29b24a1d21d4f5338d2dc7de741e851a84c0f3ee96d27eacd75bae6efebb0283f03dd54ba43ef67238a7b76fdf3deb11d07e3fa67bf368302860d97a2b01b3dfa0bb1a3a3838b7c962557807d4120366ec7c14c65d07ba02e63234ea943654b82fe17a0e88622f2da04b1235e4b9d6f3bbbd6814389d5e8d63188956ff2f0bf6c0b7632193c9aaeabf2fbeb5b539abbcbfe601b303c5a7ae55cdbab6bb8dbd15a342ca4c9ff575fc0148ff42b860a79f3950483261211e4aa6c6e76c28b852668e19909062080ccf967410871460f

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=dae79b844bf6185e734d884cf621cd7decbe034dbb3a02c380f50e0cbb31a083a6465192c2f6238ea82004ff2bb2870373e29b24a1d21d4f5338d2dc7de741e851a84c0f3ee96d27eacd75bae6efebb0283f03dd54ba43ef67238a7b76fdf3deb11d07e3fa67bf368302860d97a2b01b3dfa0bb1a3a3838b7c962557807d41201c98b02cab1cab5b46eb2865c899c1591d6b6d706d3c1a623cb12ed37dcf5270d678348552f8e80df8c6bdce983da20adc1288ad76f6a329b0bbe66fc771ee104c370d69840e7fbc34e189699e57ae70118099261ea22d2c3f30b516b280c849aaf268ba6dfece09744c9102b05aefa2e47abbdf5ec999aba46e0fa365ef4a22

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=b9d0a19938fc354d78688c22c8077f6ec02f98989daeb57b4ef80a07bd5191aeadb001a2e9a1ce70232e88325616d9ab6c1aae397ca96cad281f8253dbbeb68dcb65c2bd8ed49a449d923a80e6211e2d21f68c1175b6dfe12a5770593260989c068ada6b2bacd352c5a7c58998f584df046d7f81db2c94856b51b87f06b2de90d082a1df67490ca02b861db815e14184d915483645c38c299824e4a7cb926522309018b2f64990536049e5eceeb76b30628ff2b27f0eb68887ed9a7afa42d5f3c2bdb9492b6923309d23ef58fa320e6cc1d30ec6cb54b5edd1af67aa21c2ba28e5b63598eadcdf6e39d2f7a412bf2ade946a42ddec5da0b6d6084c42e2198c9a

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=dae79b844bf6185e734d884cf621cd7decbe034dbb3a02c380f50e0cbb31a083a6465192c2f6238ea82004ff2bb2870373e29b24a1d21d4f5338d2dc7de741e851a84c0f3ee96d27eacd75bae6efebb0283f03dd54ba43ef67238a7b76fdf3deb11d07e3fa67bf368302860d97a2b01b160c3271dfe4b3a3bd2b945a2e77eea70901ed98a2ad646b392dc45f0e1a2394e17785c6eedda7043dd6ee832edfb4af88a5a3a3687a5913604be551ac6d36fa6d6a972b7d2603d2dcbdeb3a4d8f802e106bf89261818e5473a46bffd3d72e7595c29dbfacb964f32e301bffe99d131250c272fa9dadd516f14087f537c6ab93ff95e802a54cfaf458ecd09f8725dc8c

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=dae79b844bf6185e734d884cf621cd7decbe034dbb3a02c380f50e0cbb31a083a6465192c2f6238ea82004ff2bb2870373e29b24a1d21d4f5338d2dc7de741e851a84c0f3ee96d27eacd75bae6efebb0283f03dd54ba43ef67238a7b76fdf3deb11d07e3fa67bf368302860d97a2b01bab5a423967fab330095eaee0f8be28f38e98b6aac1a13202c78350cdfd24a70e4d9dd0b9653ffdc6fe236d537308a527fb8adcda62d17355fe9caaf8cfac1effabc8dde995689a6df35d0aacd1fb7513029bcda5fc7742873f1bedcb96baafd7a06d8976338eb8ceb05ec772bbab0c32248eb043ddb21afdb948f06b928470b6885ac325e4c11e129e974ee2d0a04671

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=b9d0a19938fc354d78688c22c8077f6ec02f98989daeb57b4ef80a07bd5191aeadb001a2e9a1ce70232e88325616d9ab6c1aae397ca96cad281f8253dbbeb68dcb65c2bd8ed49a449d923a80e6211e2d21f68c1175b6dfe12a5770593260989c068ada6b2bacd352c5a7c58998f584dfc68f41734537445b5a83f5645dc3462728f6001c45a77ef39949e7be7c23f19a50ddc4db9dd2121545ea0090a3b0dd8e100aacb824fd87419ab39013f79e7e8094e998914f11fc2048b774da1d6908adb1b2884c2dec05ce08ffaab87632a7bccf12a0d67d060479b881550e4f6ef407c69aedf989b8c9aabdf50e8324bdb148b0cabd701e7725a5dc30f448f370cc79

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=b9d0a19938fc354d78688c22c8077f6ec02f98989daeb57b4ef80a07bd5191aeadb001a2e9a1ce70232e88325616d9ab6c1aae397ca96cad281f8253dbbeb68dcb65c2bd8ed49a449d923a80e6211e2d21f68c1175b6dfe12a5770593260989c068ada6b2bacd352c5a7c58998f584dfbed24bb6e3ce2b61ede77691696363c84e9c6fd8eb76bb7ef66fba0962c69c5e5dfd21ecb00523e3de1c024079b8fe3b06d8c4f95be25cd63982805585b27b1902cc9e7e32d978bf41177d18dcfe047dfa2debd582194f3994d7809d8d59b4848846d6b1bf2d485cc5afbb1c082c9514830ae90cb8a87e7f166a9b5d0465b58a0522cf667c057e4f5b2c40d84581ee2a

http://software.naver.com/api/.../httpDown.nhn?softwareId=GWS_000083|all|GWV_007871&key=b9d0a19938fc354d78688c22c8077f6ec02f98989daeb57b4ef80a07bd5191aeadb001a2e9a1ce70232e88325616d9ab6c1aae397ca96cad281f8253dbbeb68dcb65c2bd8ed49a449d923a80e6211e2d21f68c1175b6dfe12a5770593260989c068ada6b2bacd352c5a7c58998f584df47ea0c426d16f6e2de9b90679487d56925413f2e41a577bedb82f968e2f27389e144fcc8559640da7133b501509f1620ba868e1abce8e3a63fe9256248554807687efe5d455e3c0548e9f297a67efb88112dc1e5db73df652e396defca6f0de0e6885109f579e5d5a546c6821b06459ef62a4ba3f8f6f0f8df6633648b3e7e3a2451aa8a381f217b4b0642b2ea877635

http://low.software.dn.naver.com/f4b6ad4977ab8009690176bd4ebbf8c8/.../KakaoTalk_Setup.exe

http://high.software.dn.naver.com/f4b6ad4977ab8009690176bd4ebbf8c8/.../KakaoTalk_Setup.exe

http://app.pc.kakao.com/talk/.../KakaoTalk_Setup.exe

Scan kakaotalk_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.