File name:

lmc-1.2.39-win32.exe

Full analysis: https://app.any.run/tasks/83cc97a8-052b-4621-89c5-8edad4b7adde
Verdict: Malicious activity
Analysis date: October 27, 2024, 18:33:27
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
MD5:

536914EACC5B37601FC15F97F5D35143

SHA1:

B022CAF3863F0CA7C288EE3DF489F2D8300801A9

SHA256:

B38068DA0BC1847E787441FBA89C3BB1C3D6C2B8D15189B91332FD39E1459714

SSDEEP:

98304:lCyusgDgz4166+R8U01I99YtTJekx4+O84fRVtIBPTiepsyaeLDE0rC3OMhHOd8/:tGHrU21hctyKN/px

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

  • SUSPICIOUS

    • The process creates files with name similar to system file names

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Executable content was dropped or overwritten

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Malware-specific behavior (creating "System.dll" in Temp)

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Creates a software uninstall entry

      • lmc-1.2.39-win32.exe (PID: 6572)

  • INFO

    • Creates files in the program directory

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Reads the computer name

      • lmc-1.2.39-win32.exe (PID: 6572)
      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

    • Create files in a temporary directory

      • lmc-1.2.39-win32.exe (PID: 6572)
      • lmc.exe (PID: 1068)

    • Checks supported languages

      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)
      • lmc-1.2.39-win32.exe (PID: 6572)

    • Creates files or folders in the user directory

      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6568)
      • lmc.exe (PID: 6420)

    • Sends debugging messages

      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

    • Checks proxy server information

      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

    • Manual execution by a user

      • lmc.exe (PID: 6568)
      • mspaint.exe (PID: 6392)
      • mspaint.exe (PID: 696)

    • Reads the machine GUID from the registry

      • lmc.exe (PID: 6568)
      • lmc.exe (PID: 6420)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable MS Visual C++ (generic) (67.4)
.dll | Win32 Dynamic Link Library (generic) (14.2)
.exe | Win32 Executable (generic) (9.7)
.exe | Generic Win/DOS Executable (4.3)
.exe | DOS Executable Generic (4.3)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2018:12:15 22:24:32+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 25088
InitializedDataSize: 118784
UninitializedDataSize: 1024
EntryPoint: 0x3328
OSVersion: 4
ImageVersion: 6
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.2.3.9
ProductVersionNumber: 1.2.3.9
FileFlagsMask: 0x0000
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Windows, Latin1
CompanyName: LAN Messenger
FileDescription: LAN Messenger Installer
FileVersion: 1.2.39
LegalCopyright: Copyright (c) 2010-2011 Dilip Radhakrishnan.
ProductName: LAN Messenger
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
148
Monitored processes
10
Malicious processes
1
Suspicious processes
3

Behavior graph

Click at the process to see the details
start lmc-1.2.39-win32.exe lmc.exe lmc.exe lmc.exe mspaint.exe no specs sppextcomobj.exe no specs slui.exe mspaint.exe no specs slui.exe no specs lmc-1.2.39-win32.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
696"C:\WINDOWS\system32\mspaint.exe" "C:\Users\admin\Desktop\thattheory.png"C:\Windows\System32\mspaint.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Paint
Exit code:
0
Version:
10.0.19041.3758 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\mspaint.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\acgenral.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
1068"C:\Program Files (x86)\LAN Messenger\lmc.exe" /silent /sync /quitC:\Program Files (x86)\LAN Messenger\lmc.exe
lmc-1.2.39-win32.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
HIGH
Description:
LAN Messenger
Exit code:
0
Version:
1.2.35
Modules
Images
c:\program files (x86)\lan messenger\lmc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\imm32.dll
2796"C:\WINDOWS\System32\SLUI.exe" RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEventC:\Windows\System32\slui.exe
SppExtComObj.Exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
4340C:\WINDOWS\system32\SppExtComObj.exe -EmbeddingC:\Windows\System32\SppExtComObj.Exesvchost.exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
KMS Connection Broker
Version:
10.0.19041.3996 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\sppextcomobj.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\oleaut32.dll
5240"C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exe" C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exeexplorer.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
MEDIUM
Description:
LAN Messenger Installer
Exit code:
3221226540
Version:
1.2.39
Modules
Images
c:\users\admin\appdata\local\temp\lmc-1.2.39-win32.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
5588C:\WINDOWS\System32\slui.exe -EmbeddingC:\Windows\System32\slui.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
6392"C:\WINDOWS\system32\mspaint.exe" "C:\Users\admin\Desktop\archivesvacation.png"C:\Windows\System32\mspaint.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Paint
Exit code:
0
Version:
10.0.19041.3758 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\mspaint.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\acgenral.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
6420"C:\Program Files (x86)\LAN Messenger\lmc.exe"C:\Program Files (x86)\LAN Messenger\lmc.exe
lmc-1.2.39-win32.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
HIGH
Description:
LAN Messenger
Version:
1.2.35
Modules
Images
c:\program files (x86)\lan messenger\lmc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\imm32.dll
6568"C:\Program Files (x86)\LAN Messenger\lmc.exe" C:\Program Files (x86)\LAN Messenger\lmc.exe
explorer.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
MEDIUM
Description:
LAN Messenger
Version:
1.2.35
Modules
Images
c:\program files (x86)\lan messenger\lmc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\imm32.dll
6572"C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exe" C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exe
explorer.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
HIGH
Description:
LAN Messenger Installer
Exit code:
0
Version:
1.2.39
Modules
Images
c:\users\admin\appdata\local\temp\lmc-1.2.39-win32.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
Total events
3 088
Read events
3 013
Write events
73
Delete events
2

Modification events

(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LAN Messenger\LAN Messenger
Operation:writeName:InstallDir
Value:
C:\Program Files (x86)\LAN Messenger
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LAN Messenger\LAN Messenger
Operation:writeName:Version
Value:
1.2.39
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LAN Messenger\LAN Messenger
Operation:writeName:FirstRun
Value:
0
(PID) Process:(1068) lmc.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Operation:writeName:LAN Messenger
Value:
C:\Program Files (x86)\LAN Messenger\lmc.exe
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:DisplayName
Value:
LAN Messenger
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:UninstallString
Value:
C:\Program Files (x86)\LAN Messenger\uninst.exe
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:InstallLocation
Value:
C:\Program Files (x86)\LAN Messenger
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:DisplayIcon
Value:
C:\Program Files (x86)\LAN Messenger\lmc.exe,0
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:DisplayVersion
Value:
1.2.39
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:Publisher
Value:
LAN Messenger
Executable files
7
Suspicious files
28
Text files
10
Unknown types
0

Dropped files

PID
Process
Filename
Type
6572lmc-1.2.39-win32.exeC:\Users\admin\AppData\Local\Temp\nskBA04.tmp\modern-header.bmpimage
MD5:610C5FF9FCD6932735A0BD99B3E1AE88
SHA256:3A6DB5E57A18B31C14DEA70E54577AE7E3065A9360C811C06341B56FBE43FD9B
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\lang\ar_SA.qmbinary
MD5:9B588D1178396DA87046BFBD933482AC
SHA256:C0729AA71302F40CA808BC1673A9911948670229DC4E101430A06A3875F46E66
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\lang\en_US.qmbinary
MD5:4AEF4415F2E976B2CC6F24B877804A57
SHA256:307CEF95DD5B36FF215055D427E1885B7FC3650C9224CF76D63056545996FF60
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\sounds\filedone.wavbinary
MD5:09B86DB836A6D16A6637740AB49185DF
SHA256:56103EEF3DA6D0870CE78A92609E2C37AF42EB558AFC7ED5968ABB1285BEA63D
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\sounds\newmessage.wavbinary
MD5:A81DABD1E18835D8A3F9D9426280D88C
SHA256:D24453F373120494869999F55B3AB667D0F39F88C78B8E167EA4C76E9F1C6426
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\libeay32.dllexecutable
MD5:DE484D5DAFE3C1208DA6E24AF40E0A97
SHA256:007342C6B9B956F416F556B4BD6F1077E25BD077CC4F4AC136E3FCCB803746E3
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\sounds\useronline.wavbinary
MD5:F787454B23023EE4CA41306110252861
SHA256:29154A6C903806F64ADD4FBA458E832BEA7A3FA99A8A448B9E5ADEC6B64E1134
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\license.txttext
MD5:FE06497ACAF4F45999925D348C2605F9
SHA256:B3D1EAE7F524FC9DDD48562A4652EFD2BCD848E38B03F05E388BCCE943E73DF2
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\sounds\useroffline.wavbinary
MD5:677B85344D04F886FCFD2AF8381BE79D
SHA256:CBFF0A08594C0CD2179AB5F7D38CDA08168CDC8C93C17A3099DA9AD7B6539DC8
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\ssleay32.dllexecutable
MD5:284E004B654306F8DB1A63CFF0E73D91
SHA256:2D11228520402EF49443AADC5D0F02C9544A795A4AFC89FB0434B3B81EBDD28C
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
9
TCP/UDP connections
50
DNS requests
28
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4360
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
6944
svchost.exe
GET
200
23.218.209.163:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
6944
svchost.exe
GET
200
23.48.23.143:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
2776
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
6792
SIHClient.exe
GET
200
23.218.209.163:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
6792
SIHClient.exe
GET
200
23.218.209.163:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
4360
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
4360
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEA77flR%2B3w%2FxBpruV2lte6A%3D
unknown
whitelisted
612
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
5488
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6944
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
864
RUXIMICS.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
6944
svchost.exe
23.48.23.143:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
6944
svchost.exe
23.218.209.163:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
5488
MoUsoCoreWorker.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4360
SearchApp.exe
104.126.37.171:443
www.bing.com
Akamai International B.V.
DE
whitelisted
4360
SearchApp.exe
192.229.221.95:80
ocsp.digicert.com
EDGECAST
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 51.124.78.146
whitelisted
google.com
  • 142.250.185.174
whitelisted
crl.microsoft.com
  • 23.48.23.143
  • 23.48.23.176
whitelisted
www.microsoft.com
  • 23.218.209.163
whitelisted
www.bing.com
  • 104.126.37.171
  • 104.126.37.170
  • 104.126.37.128
  • 104.126.37.137
  • 104.126.37.131
  • 104.126.37.160
  • 104.126.37.123
  • 104.126.37.130
  • 104.126.37.129
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
login.live.com
  • 40.126.31.67
  • 40.126.31.71
  • 20.190.159.2
  • 40.126.31.73
  • 20.190.159.71
  • 20.190.159.4
  • 40.126.31.69
  • 20.190.159.75
whitelisted
th.bing.com
  • 104.126.37.130
  • 104.126.37.179
  • 104.126.37.123
  • 104.126.37.129
  • 104.126.37.139
  • 104.126.37.186
  • 104.126.37.178
  • 104.126.37.144
  • 104.126.37.177
whitelisted
go.microsoft.com
  • 23.218.210.69
whitelisted
slscr.update.microsoft.com
  • 172.202.163.200
whitelisted

Threats

No threats detected
Process
Message
lmc.exe
libpng warning: iCCP: known incorrect sRGB profile
lmc.exe
QPixmap::scaled: Pixmap is a null pixmap
lmc.exe
libpng warning: iCCP: known incorrect sRGB profile
lmc.exe
QPixmap::scaled: Pixmap is a null pixmap
lmc.exe
libpng warning: iCCP: known incorrect sRGB profile
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
lmc-1.2.39-win32.exe